| | 104.21.29.193 | 200 OK | 1.1 kB |
URL User Request GET HTTP/2IP104.21.29.193:443
CertificateIssuerGoogle Trust Services LLC Subjectkpr38ui452f6.xyz FingerprintE0:16:EF:98:A2:45:9C:A6:14:97:02:68:F0:49:04:AA:83:A8:CE:08 ValidityTue, 19 Mar 2024 07:44:32 GMT - Mon, 17 Jun 2024 07:44:31 GMT
File typeHTML document, ASCII text Hash778f65f6a16b62625e48d50ae8f20d3d 8ccf29dbd9967f8cd1c79aca8fb33d8a8cf6156a 6b84d80f5664a3af294452123fd074e72c1c652c2b0dfe5d83b55140144aa1f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: kpr38ui452f6.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:35:54 GMT
content-type: text/html
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=li7j8v7IK%2FhOQvOK6pwQ9PSi2Ebkde4RfIXOMUlE%2F%2FL%2F%2ByiHZrcUuH05mOVzStYoZzCvn4v9molZ3p4kSUL2M6oK1FAKVHxL854l3zRV9sLh4%2F%2BHMgrbnqkbQx1lUZcRnES1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa0c6d5e7cb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kpr38ui452f6.xyz/assets/js/iframe.js?t=202404151807 | 104.21.29.193 | 200 OK | 9.4 kB |
URL GET HTTP/3kpr38ui452f6.xyz/assets/js/iframe.js?t=202404151807 IP104.21.29.193:443
Requested byhttps://kpr38ui452f6.xyz/ CertificateIssuerGoogle Trust Services LLC Subjectkpr38ui452f6.xyz FingerprintE0:16:EF:98:A2:45:9C:A6:14:97:02:68:F0:49:04:AA:83:A8:CE:08 ValidityTue, 19 Mar 2024 07:44:32 GMT - Mon, 17 Jun 2024 07:44:31 GMT
File typeJavaScript source, ASCII text, with very long lines (9626), with no line terminators Hash921d2c5e4a04aa55dbbe27af7c1d304d 640e5a4b2fa6cef245e33f7f413c5da28dc7d982 c8ad10a675004d0375d959bceaab87a82738f352f2feb60d344054f643f10cf7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/iframe.js?t=202404151807 HTTP/1.1
Host: kpr38ui452f6.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kpr38ui452f6.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:55 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: W/"66266208-259a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1yan3QqX4X54XY6jhE0JnGYQ4gCBogfab5pvDm0R6c0xYIoimBDfapCbeWNWF5XflGNiNSXNocnrOZmaATKnwqcbVpNwmKvGPfJPawszKARb460%2FqTe%2FmCK34WTqG1xxaE8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c7239e0b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zerossl.ocsp.sectigo.com/ | 104.18.38.233 | | 315 B |
URL zerossl.ocsp.sectigo.com/ IP104.18.38.233:0
Hashf1fb3d5e73849a166e624b2363ba83be 46b38daf1cbc87db075e01064c6b76f104131ec8 a01d67cd665dc341885508d26de95ca0d733bcff8117bcb61a4ec172d2031752
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 22:35:56 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 24 Apr 2024 20:05:25 GMT
Expires: Wed, 01 May 2024 20:05:24 GMT
Etag: "46b38daf1cbc87db075e01064c6b76f104131ec8"
Cache-Control: max-age=422367,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87aa0c7e9b57b4fd-OSL
|
|
| zerossl.ocsp.sectigo.com/ | 104.18.38.233 | | 315 B |
URL zerossl.ocsp.sectigo.com/ IP104.18.38.233:0
Hashf1fb3d5e73849a166e624b2363ba83be 46b38daf1cbc87db075e01064c6b76f104131ec8 a01d67cd665dc341885508d26de95ca0d733bcff8117bcb61a4ec172d2031752
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 22:35:56 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 24 Apr 2024 20:05:25 GMT
Expires: Wed, 01 May 2024 20:05:24 GMT
Etag: "46b38daf1cbc87db075e01064c6b76f104131ec8"
Cache-Control: max-age=422367,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87aa0c7e9f9cb50b-OSL
|
|
| kpr38ui452f6.xyz/assets/js/crypto-js.min.js | 104.21.29.193 | 200 OK | 17 kB |
URL GET HTTP/3kpr38ui452f6.xyz/assets/js/crypto-js.min.js IP104.21.29.193:443
Requested byhttps://kpr38ui452f6.xyz/ CertificateIssuerGoogle Trust Services LLC Subjectkpr38ui452f6.xyz FingerprintE0:16:EF:98:A2:45:9C:A6:14:97:02:68:F0:49:04:AA:83:A8:CE:08 ValidityTue, 19 Mar 2024 07:44:32 GMT - Mon, 17 Jun 2024 07:44:31 GMT
File typeJavaScript source, ASCII text, with very long lines (47576), with no line terminators Hashc8b215ef1c396901ab19c41a7ac42cd7 00e971d00ca3e26ef1bc0f7586e16c5e30296ebe 817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/crypto-js.min.js HTTP/1.1
Host: kpr38ui452f6.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kpr38ui452f6.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:55 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: W/"66266208-b9d8"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n5c1DWpcFqDTd0nrQpuw5lSPkY2AkMqYmXf7XN0jpsXSebGh5XouTEXGOgKToolcMPwGv%2F57CRL2CKEQmvwApN3N5EVNOh84SUn31U33DrnbrHZSEj7wWaVdlsShte7BmF5N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c7239dfb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| may.xz9wasyqwyac.xyz/fast-endecode/main/request | 198.16.61.234 | 200 | 1.9 kB |
URL OPTIONS HTTP/1.1may.xz9wasyqwyac.xyz/fast-endecode/main/request IP198.16.61.234:443
Requested byhttps://kpr38ui452f6.xyz/ CertificateIssuerZeroSSL Subject*.xz9wasyqwyac.xyz Fingerprint1C:F4:30:9C:C3:27:F8:04:DD:AD:B1:9D:11:A8:1E:77:A6:F8:4F:B5 ValidityMon, 15 Apr 2024 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
Hashbc2f4ea7a6ceb2a13a34f16a6e56e7aa 1305f9cdadca19ec556c1293dd7ebf163e8640c8 7d23d5ad8650534dffe589e4e0d262115ea58e335309d47efe79024df65a20a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /fast-endecode/main/request HTTP/1.1
Host: may.xz9wasyqwyac.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kpr38ui452f6.xyz/
Content-Type: application/json
Content-Length: 96
Origin: https://kpr38ui452f6.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.17.6
Date: Fri, 26 Apr 2024 22:35:57 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Origin
|
|
| ios.xl3r2w4x83re.xyz/assets/images/msg.png | 104.21.7.144 | 200 OK | 14 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/images/msg.png IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typePNG image data, 132 x 132, 8-bit/color RGBA, non-interlaced Hasha66654f787c6b7fb5d8451e64531cc27 242ddada957574e0869908cdab4d76aeabcb3ba1 b0f2cd02de4d2a5eccd30f40abacb5224478e521e357994d685cfc8af7301372
GET /assets/images/msg.png HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/web1679/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:58 GMT
content-type: image/png
content-length: 13900
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: "66266208-364c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4638RXCg94eQlQ3PjAWOCvp0arDAkUU1Hu2wsP%2FCnViDScVD4yxNcFowpfMZ2n%2BiOdW85HQd53CckrHOrXhgnesCbquumkpYuW0R3SXhuLzsCPKW9FKN99ZRZH1VA2nsyUEcDeEEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c894d0f56cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ios.xl3r2w4x83re.xyz/assets/images/ios.png | 104.21.7.144 | 200 OK | 1.1 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/images/ios.png IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typePNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced Hash913e924b4bd4f0fa761db9b888327f8c 7bde9ec1ab3d0ad940fd4ad86618fa88a67a93b3 dc426d9c18309ea720c62cd49d2d986f5cd9fd33ac87f4f5de3567bde95bf142
GET /assets/images/ios.png HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/assets/css/index.css?t=202401272331
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:59 GMT
content-type: image/png
content-length: 1101
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: "66266208-44d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ErCC34LU%2Bgh0SHhng48yWIXQdOTSIu6bzeqlZBBBsta%2FXcW7cwe0s2RK6S%2FUROGIfHi10tfB0PLJmzi0ts%2BauqrxxKBT9qRuPjtv%2BW3Hv6Ns4rRIift%2FoEryg7ILXfFPkapXOk85Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c8caf8856cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ios.xl3r2w4x83re.xyz/assets/images/logo.png | 104.21.7.144 | 200 OK | 29 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/images/logo.png IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typePNG image data, 512 x 512, 8-bit colormap, non-interlaced Hashd46ef61ddc789e67cdbea1b2a05b2fe6 ca281184dbc027ba70082736bc43279da27db22e 44d1d363baf54146723410ea2d0b74ec4e17d4abfd4054d9d3f6f0f9d71dd0b1
GET /assets/images/logo.png HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/assets/css/index.css?t=202401272331
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:59 GMT
content-type: image/png
content-length: 28657
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: "66266208-6ff1"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmOg%2BgbcwjbcOTBQ%2BpQWCf1ncg6SUK2hJbJcWNbBZl09SbuDK7yiy%2FFWmTNYUkoPzK%2FlcGQdbxZNEo0j8ShqCF2QcfsNQcCKwRj02o%2FLP5mjnYrgKAGUuw9vBpb7wXgSGhtkmuT0SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c8c9f7b56cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ios.xl3r2w4x83re.xyz/assets/css/index.css?t=202401272331 | 104.21.7.144 | 200 OK | 56 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/css/index.css?t=202401272331 IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
Hash221f469401628d850b1bdac3c1ceca55 f438df35824691db7cab0e5e6623a26939b3b0d8 caa1099631fb10b0c47b2edb10a8f9de068288762a4d77135744cecd90428aa4
GET /assets/css/index.css?t=202401272331 HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/web1679/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:58 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
vary: Accept-Encoding
etag: W/"66266208-d1d"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vebaaoLBtNjZAuPma8pHLHG28vD33QmH0iUBAb2D7mQhzlF4ADNFUShmhX4hSUfhuOCHK0CuMiH2xv6iqZTcaEDEG288QD9lG%2FNZL1H9tF4GHhkMMqtWYXzWtt7anhDcjVyE3NqnHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa0c894d0956cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ios.xl3r2w4x83re.xyz/assets/images/jiaocheng.png | 104.21.7.144 | 200 OK | 458 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/images/jiaocheng.png IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typePNG image data, 750 x 6342, 8-bit colormap, non-interlaced Size458 kB (457510 bytes) Hashf83a8e18a889c4213f4a87beaae81a5e def97eae901d5fefe156af9f57970570c2b10ff3 d5e9ba4da9773ea701d69a76766a061ca75ce51f712e0f487bf101a4605325b6
GET /assets/images/jiaocheng.png HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/web1679/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:59 GMT
content-type: image/png
content-length: 457510
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: "66266208-6fb26"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P9ZDj6ECMIM8sAaNMm9I8tAW3nKcSxJom7rWnk7r4c6YfpnhSynsOT%2BGSWyVzLUry7zsncYNrvKhqLxEmkbWt6j6kM4oaGAfVcE6tCMkSyzFo7hiQsohW5CPMPRIuPGafu4y4Eopxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c894d0d56cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ios.xl3r2w4x83re.xyz/assets/js/setRem.js | 104.21.7.144 | 200 OK | 141 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/js/setRem.js IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typeJavaScript source, Unicode text, UTF-8 text Size141 kB (140840 bytes) Hashc8d03e701578255528b9fb579064124b 6eddc92de9a0fcfa5a5e90e3001b184217efe6c2 a37c3bae88c2475b0f07791accf10692eaed06cb371998ab1761f7e6040a0b21
GET /assets/js/setRem.js HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/web1679/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:58 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: W/"66266208-330"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=311geFXjr4y77zDipLCOk%2BBOdbOusYW%2B307TfrwzeGxaaaKxH7POuy32dRWP7roMbZ4zujy4aLnovAc2zkhVeckrlwQEbfWPBM1quMmkFmy2c%2Bw3XgmJcEDsgh7QOGnTcrqa0GVQ2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c895d2256cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=3Q19uJ3G8VwXTu1j3mGgCaKn6gblCmg9dXtQpAldeYxHBXJLUq5OUnaz1VUyUeXnxS76yNjFjGtq_KaPXETJ3S8FBMumYaeqm7Mxbl_xML3bpdUqXzvg86OC0MDZ2XNH
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Fri, 26 Apr 2024 22:34:56 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 76
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ios.xl3r2w4x83re.xyz/assets/js/public.js | 104.21.7.144 | 200 OK | 26 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/js/public.js IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typeJavaScript source, ASCII text Hasha1d01edc5b68a0e0da6ecb0b3d482388 cf48c76b1408e9f0c653636560c988eb33605f07 be7e76e60cf9a0a86566fb500d7569ef4ad65f9432bb4127d91d72c6485a6e94
GET /assets/js/public.js HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/web1679/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:59 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: W/"66266208-64a2"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fB2tXWTvk63iWK3TmfjpcfB3jHdJghmfwwWHXnKhiUCxwQYbM583t8dvCBmRKURvQOs0yGAh%2FpXhoLwzSsyB1FWw8hR%2B9jRO7iVCbwTJQN7zP1II8OC%2BCt02zCZyZhf2gKRwJ%2FTOIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c895d1f56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ios.xl3r2w4x83re.xyz/assets/js/jquery.min.js | 104.21.7.144 | 200 OK | 96 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/js/jquery.min.js IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /assets/js/jquery.min.js HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/web1679/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:59 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: W/"66266208-1762a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwKKx3ZG2tVdYD04%2F4Kw4I0lfX6LF7Vtoj3ve3J0o%2FlMqHG2RCxYqzu15Nqw4WJtD4tL0zajVMJcZamJc0SnyJPvK2XZXMFzTZYnAEEWm99qoO3mzl6xbNFXQ%2BIn1TyUpzs7ffevEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c895d2156cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kpr38ui452f6.xyz/favicon.ico | 104.21.29.193 | 404 Not Found | 153 B |
URL GET HTTP/3kpr38ui452f6.xyz/favicon.ico IP104.21.29.193:443
Requested byhttps://kpr38ui452f6.xyz/ CertificateIssuerGoogle Trust Services LLC Subjectkpr38ui452f6.xyz FingerprintE0:16:EF:98:A2:45:9C:A6:14:97:02:68:F0:49:04:AA:83:A8:CE:08 ValidityTue, 19 Mar 2024 07:44:32 GMT - Mon, 17 Jun 2024 07:44:31 GMT
File typeHTML document, ASCII text, with no line terminators Hash305bdc98ec6e2316ac27458771c3308a 75a5ed9ebf065c0a9dbbb40cfa3186f3dea4b6da 621fa8ceba6401ee4c366651058204529c4f92565b0196fe9dfa8f972463993e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: kpr38ui452f6.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kpr38ui452f6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 22:35:56 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0fkgruex7VuuGRXB4h1lSFjM6BBT5IeoN9ToAZPFX6Sd603dccuzZ8Kf%2Bukmc5G8WsjaR5Kfahb05qSdl43VtrOJfo4iCMj7HMA%2FeUH1osP5KgbtAMFXWhiQ3ZLVgKGRwFW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa0c7adfa4b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ios.xl3r2w4x83re.xyz/assets/images/title.png | 104.21.7.144 | 200 OK | 55 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/images/title.png IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typePNG image data, 625 x 136, 8-bit/color RGBA, non-interlaced Hashf3f4c276b1db1f99f43458a1fe64b5b5 9de7f662c97574359a9544991ec25645e57ae466 98eb95fab1c69b84297a59003b65c6adf8a0b08b661f55174b59a63d3654d67b
GET /assets/images/title.png HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/assets/css/index.css?t=202401272331
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:59 GMT
content-type: image/png
content-length: 55062
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: "66266208-d716"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w2b9q6C3Ul80pi7vxaR7121GFGCTxYn1K9js52WnAqW1nzysLoKY6abF7S4pEPIS9Hsy77e%2F4fbaDLh4tVk584yxa2Nnlwfm33f5FPX1WIMafEzWrv9LKhJ1%2BpTR7xKv2RAZR%2Bittg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c8c9f7e56cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ios.xl3r2w4x83re.xyz/assets/css/common.css?t=202401272331 | 104.21.7.144 | 200 OK | 516 B |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/css/common.css?t=202401272331 IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typeASCII text, with very long lines (586), with no line terminators Hash70c81a7532f4854a88962543f07fed30 7faec1428e88dbccbda8c79edf9c780cb8363b2f d3c801d2d9ba593b0a4722b3f8f56d64159c2e096adf9b5ee4d72361ecb6f180
GET /assets/css/common.css?t=202401272331 HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/web1679/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:58 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
vary: Accept-Encoding
etag: W/"66266208-204"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJgNd3RRW5subIVVQR7tU2%2F9bW%2F3YwZ0y22dxbo6%2FDtgOhHuWs%2BM3EuAeV1qkCydHoflsXWj9bD%2B07f9GnmQffNwJ9ggHo82mnZgIJaNEd5syWMXyofCfTzl%2FMl250isIdmV3jKefg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa0c894d0456cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ios.xl3r2w4x83re.xyz/assets/js/taozi.js?t=202404151906 | 104.21.7.144 | 200 OK | 11 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/js/taozi.js?t=202404151906 IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/js/taozi.js?t=202404151906 HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/web1679/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:58 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: W/"66266208-2c0b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A2XutasttWNnK86zSZTMmFx3UV%2FvoczUGeEdH5lqMNAOG0OwHAxGR2N%2BghY8PPTHvfWMxAi5ouPmwHLNlhL16uX%2BZXaGqeF1ftS7EVJqZhpMXvIZPNbvBjBLECYRaYRAR696ZdDLCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c895d2e56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ios.xl3r2w4x83re.xyz/assets/images/bg1.jpg | 104.21.7.144 | 200 OK | 140 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/images/bg1.jpg IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6], baseline, precision 8, 749x1165, components 3 Size140 kB (140443 bytes) Hash857c2c477d43d2a9c9e03258548bbff9 1b53ceda642886459a872c4c8abe2072459cb47a c58c16b12c220fd433846d424dddd9a82d230fd39cd715b30a3b1df98b6a7501
GET /assets/images/bg1.jpg HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/assets/css/index.css?t=202401272331
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:59 GMT
content-type: image/jpeg
content-length: 140443
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: "66266208-2249b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQe0Cw%2F6Z5UcvbV9uQe1iBezXHodJ31TNe8AKFof2IvgH%2BxKJLIpir8UNI5O2d3wEX31puauuDZTD24ObhzpsePGRXhdR7Nke0E1uxMqV23faG9ezXhbQ0doiMFedJqansEJUoVi3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c8c9f7856cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ios.xl3r2w4x83re.xyz/web1679/ | 104.21.7.144 | 200 OK | 2.8 kB |
URL GET HTTP/2ios.xl3r2w4x83re.xyz/web1679/ IP104.21.7.144:443
Requested byhttps://kpr38ui452f6.xyz/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typeHTML document, ASCII text, with very long lines (2908), with no line terminators Hash9905a9250a5f8ceed3e584c6cf8e9908 8c828cf99ad3554a702a8622ce1b49ddbd6b54d7 51dd1c4510a7b40cd32eda09629ec5bdd6bbf9ffdf3732d0446930f6d1bfa08b
GET /web1679/ HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kpr38ui452f6.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:35:58 GMT
content-type: text/html
last-modified: Mon, 22 Apr 2024 13:11:39 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LVcGQsmCdIt756HFA249P6LWafkN214CC66N46%2Fja%2BdRdiPr7J3z%2B%2BB3fDlOixJFPJL17KCIb6RG%2FnU1a3wqKIboVW9mqV%2FdUwu49e9Y%2BjBPUOKDOLT61AfzQpjLrinQcPHNGGo%2Bxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa0c85685856ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ios.xl3r2w4x83re.xyz/assets/js/crypto-js.min.js | 104.21.7.144 | 200 OK | 48 kB |
URL GET HTTP/3ios.xl3r2w4x83re.xyz/assets/js/crypto-js.min.js IP104.21.7.144:443
Requested byhttps://ios.xl3r2w4x83re.xyz/web1679/ CertificateIssuerGoogle Trust Services LLC Subjectxl3r2w4x83re.xyz Fingerprint6E:14:11:5A:6B:C6:22:6E:B2:7D:E4:EE:F4:33:D7:09:67:8E:21:73 ValidityWed, 17 Apr 2024 11:11:10 GMT - Tue, 16 Jul 2024 11:11:09 GMT
File typeJavaScript source, ASCII text, with very long lines (47576), with no line terminators Hashc8b215ef1c396901ab19c41a7ac42cd7 00e971d00ca3e26ef1bc0f7586e16c5e30296ebe 817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010
GET /assets/js/crypto-js.min.js HTTP/1.1
Host: ios.xl3r2w4x83re.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ios.xl3r2w4x83re.xyz/web1679/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:35:59 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 13:11:36 GMT
etag: W/"66266208-b9d8"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQHg%2BCa%2Fr3laYNreV2ido3sgp%2FwEVOZz49RjZUoQkM7NLCk5SY%2FLej%2BTjpUMRQzm1pa5U9wqEqoI956QxOyI6P3XzMdwMMvsQtbtV%2FVHvgnEo20bO%2FdW1BRYLcSLGWod9PSs4XFrGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa0c895d2b56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|