Report - 9h6ha.top/ZPW2aMFX

Report Overview

Submitted URL
9h6ha.top/ZPW2aMFX
IP
23.225.199.156
ASN
#40065 CNSERVERS
Submitted
2023-03-28 08:25:06
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
6
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	54.200.169.229
9h6ha.top	unknown	2023-03-26T18:28:22Z	2023-03-26T18:28:22Z	796 B	1.1 kB	23.225.199.157
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	56 kB	34.120.237.76
xafvd.top	unknown	2023-03-27T08:06:33Z	2023-03-27T08:06:33Z	8.2 kB	66 kB	23.224.2.204
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.4 kB	6.2 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-28 08:25:15	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-03-28 08:25:16	medium	Client IP	23.225.199.157	ET INFO HTTP Request to a *.top domain
2023-03-28 08:25:17	medium	23.225.199.155	Client IP	ET INFO Observed ZeroSSL Certificate for Suspicious TLD (.top)
2023-03-28 08:25:17	low	23.225.199.155	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-03-28 08:25:18	medium	23.224.2.204	Client IP	ET INFO Observed ZeroSSL Certificate for Suspicious TLD (.top)
2023-03-28 08:25:18	low	23.224.2.204	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-03-28	medium	9h6ha.top	Sinkholed
2023-03-28	medium	9h6ha.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	xafvd.top/ZPW2aMFX	716 B	2023-03-14	2023-09-21
Pretty URL xafvd.top/ZPW2aMFX IP 23.224.2.204 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 06:45:03 Last Seen2023-09-21 15:01:35 Times Seen12 Hash 643c152d0ea7a83e863b2bd2d176dbc4 7a6f52350dac47d6d88a85225abea2a429e908ca e2f5d52173e535be0870f2e67d80ddd2bdeec6d94c47d0e152d68e5aed290338 Loading...

	xafvd.top/ZPW2aMFX	453 B	2023-03-29	2023-09-21
Pretty URL xafvd.top/ZPW2aMFX IP 23.224.2.204 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:32:27 Last Seen2023-09-21 15:01:35 Times Seen11 Hash c94aa5277afbe64b1619be41d4f9c9a7 25f14721a164c24642e86373c645277d1eb58a5b 1a547a8b0262de5d38e9a1731b55ef2564e3254b7f171f15c01af6715ec7eaa9 Loading...

	xafvd.top/static/js/jquery.qrcode.min.js	14 kB	2023-03-07	2024-04-26
Pretty URL xafvd.top/static/js/jquery.qrcode.min.js IP 23.224.2.204 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:13:46 Last Seen2024-04-26 06:55:52 Times Seen354 Hash 7543b3560f7e140d6712b81e37f67169 4402f76af3b3f92e1062fd70979e5d692f1913d1 1381c8c0f9a947b33294e7a9f118e0bb9bfe3d05f090aefeefdb6473fe283fea Loading...

	xafvd.top/static/js/swiper-3.4.2.min.js	96 kB	2023-03-07	2024-03-25
Pretty URL xafvd.top/static/js/swiper-3.4.2.min.js IP 23.224.2.204 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:10:40 Last Seen2024-03-25 08:44:39 Times Seen171 Hash b96515ae167c2ea78d21331e85bce74d 06e3b7d5aa4fcdb240f65472a22c786554d2f8ae 3a74ade399aad09f216a28b22b223bc817e7f5d21d4e0e0017fff92ef5d89e64 Loading...

	xafvd.top/static/js/jquery-3.4.1.min.js	88 kB	2023-03-07	2024-04-26
Pretty URL xafvd.top/static/js/jquery-3.4.1.min.js IP 23.224.2.204 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:01 Last Seen2024-04-26 19:21:22 Times Seen7632 Hash f832e36068ab203a3f89b1795480d0d7 2115753ca5fb7032aec498db7bb5dca624dbe6be 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Loading...

	xafvd.top/static/js/download.js?t=1	3.9 kB	2023-03-09	2024-02-27
Pretty URL xafvd.top/static/js/download.js?t=1 IP 23.224.2.204 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:43:43 Last Seen2024-02-27 23:49:13 Times Seen92 Hash f62ee8ea826e7140388ce05a258097cc c8fd4597717c82cd6d572b4f9054d6b808507dda 518d5b8c42230da69c09cf4404ce92f5ddb430ee3f7f0b0dbbfbffb206c4945b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 77606b14e5bbecede235582ce5298be6	566 B	2023-03-14	2023-09-21
Pretty Observations First Seen2023-03-14 06:45:03 Last Seen2023-09-21 15:01:35 Times Seen19 Hash 77606b14e5bbecede235582ce5298be6 02a20ed73092388760975da0b12399955beb87a2 918480f132e3fb04d90856f6616bb9a7aa2f687cebaa00716b0aba8f4f9e22e6 Loading...

	#2 Eval - acc4a35f72db33b109e0606ad4e1b4a4	195 B	2023-03-14	2023-09-21
Pretty Observations First Seen2023-03-14 06:45:03 Last Seen2023-09-21 15:01:35 Times Seen19 Hash acc4a35f72db33b109e0606ad4e1b4a4 785c1173212664a58bfe24d19fe80830b2c734e4 d86b156520d3de0d5bb125d57c37a5b67af1850feb32f755c40c8dfb537d4cc8 Loading...

HTTP Transactions (35)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5154
Expires: Tue, 28 Mar 2023 09:50:49 GMT
Date: Tue, 28 Mar 2023 08:24:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
911d74784325663a0d95b463b0e9ae9b
21e999229be584d8e42696bce71236ad5bcb9a25
f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2885
Expires: Tue, 28 Mar 2023 09:13:00 GMT
Date: Tue, 28 Mar 2023 08:24:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14736
Expires: Tue, 28 Mar 2023 12:30:31 GMT
Date: Tue, 28 Mar 2023 08:24:55 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 08:15:49 GMT
content-type: application/json
age: 546
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8alw9rVPSDh+5esc2Qt9rS4CpX51lAMbNlom6Ul8a9TTEFfMeHteQu3A80dPXPEywliNXc+8eXk=
x-amz-request-id: J6AT96HP7TY8D984
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 08:01:58 GMT
age: 1377
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 08:24:55 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 08:14:35 GMT
age: 620
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16167
Expires: Tue, 28 Mar 2023 12:54:22 GMT
Date: Tue, 28 Mar 2023 08:24:55 GMT
Connection: keep-alive

push.services.mozilla.com/

54.200.169.229

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.200.169.229:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5dxbMYT7+9wXnIyj7koHWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MMB84o2FFSfG2mKeochn1ThNQo4=

9h6ha.top/ZPW2aMFX

23.225.199.157

301 Moved Permanently

166 B

URL HTTP/1.1
9h6ha.top/ZPW2aMFX
IP
23.225.199.157:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /ZPW2aMFX HTTP/1.1
Host: 9h6ha.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 28 Mar 2023 08:24:56 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://9h6ha.top/ZPW2aMFX
Server: Wafddos
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9281
Expires: Tue, 28 Mar 2023 10:59:38 GMT
Date: Tue, 28 Mar 2023 08:24:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9281
Expires: Tue, 28 Mar 2023 10:59:38 GMT
Date: Tue, 28 Mar 2023 08:24:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9281
Expires: Tue, 28 Mar 2023 10:59:38 GMT
Date: Tue, 28 Mar 2023 08:24:57 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6970 bytes)
Hash
e5d955ec5d3a9f655e4ca0523acfd039
e8b2cd28a02a2cee1b4e57c57570f2598721ff57
e7753ef91d6f04dce00f83cb1ba3ea4f1abb52140993fbee375e506597cee529

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6970
x-amzn-requestid: 9f7a82d7-dbba-4c67-a330-6a7f2b68177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdn3zGn7oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64222031-1d97c16f7a9c163c02fe72ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 23:01:05 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tFYFwzjyNtfiOJ3pLPC126YgOclndkmPYWrFTdLcWP9LgP9xjj_snQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 23:12:05 GMT
age: 33172
etag: "e8b2cd28a02a2cee1b4e57c57570f2598721ff57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9859 bytes)
Hash
da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 38087
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10744 bytes)
Hash
ada29e049501b12a35b0bcc5f68e3e57
5c1ba9bffbcc9007e7f119dbb3197db34a12f8da
b45583b5845129386a456e03fbdba25305c8d6d9fb5a8f01d783816ced080629

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10744
x-amzn-requestid: d693d820-7eed-47a3-9b0b-8f43c141bd3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbogF0poAMFTAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-22ab350146e8a3a606f74c42;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: uCaEsILUx4u_fBJ7J9CgQanUW-BmV69mFvGRjZ0roFWluE_joVyVrA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:48:21 GMT
age: 38196
etag: "5c1ba9bffbcc9007e7f119dbb3197db34a12f8da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8553 bytes)
Hash
e828b7227de7aa7a7b7c54c96e0cef9a
9a717142ab25dabf9123485ef51ed586662d2a71
0390f8771432de010cc11e11be2e2dfa7c303664858a5b066e66a628a1f3dd66

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 05cb5115-a27b-485a-89fd-670bdb5bb06f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbofHHPIAMFkQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-774bb5d725336b35088e2527;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: NcKs_URb5dFDbkEoCqy2_fjKWneX7mifmEbd5MA5unqkhiPAIH9GPg==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 38087
etag: "9a717142ab25dabf9123485ef51ed586662d2a71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6542 bytes)
Hash
15e37de1dba62187e1e5f012145813f3
cfe8cd953330252e15594f403e2f38ec56acdfd7
89bf7dbcf5a7fca006545f001b47de0ab6f94014de4bd4c519f6050e6daa5aa0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6542
x-amzn-requestid: 1106a670-cf68-4e3d-b5af-3013407acc5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbsjGAaoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cb6-726c7ba02ddb31182834d82d;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:58 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TTkQTse69m-F42cDPL9Ekonn48FG74B_3jFCpvBEa7au89m0_JE3og==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:06:45 GMT
age: 37092
etag: "cfe8cd953330252e15594f403e2f38ec56acdfd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7426 bytes)
Hash
1da68df9d96e2758e37b9f15daab027b
5ff19ed6dc5752aa4b15fb88da972b736fd55783
ad924425946dbdf309c764e7097e676185516301feb7722b30d95ffd50b4353f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 85a30298-4613-4a96-bdba-0899fe9f9475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdcsgGZsoAMFQkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220e4f-10db431e7632048d7b15e0ec;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:44:47 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: VYUarzUegSCD6A4s7tUQ-0O1mjal3BAW7SiiXSpOnFEDd5-HHoA5Cw==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:55:21 GMT
age: 37776
etag: "5ff19ed6dc5752aa4b15fb88da972b736fd55783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

9h6ha.top/ZPW2aMFX

23.225.199.155

302 Found

49 B

URL HTTP/2
9h6ha.top/ZPW2aMFX
IP
23.225.199.155:0
ASN
#40065 CNSERVERS

File type
HTML document, ASCII text
Size
49 B (49 bytes)
Hash
41c247e17fe6662e7e75ed834e0c02cb
3468880279923d5656f7402969c610f457c51ca6
c41f2c1ec9002d53147a39307f97946b4febc83376740f3eb100a7af71490bfd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /ZPW2aMFX HTTP/1.1
Host: 9h6ha.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 28 Mar 2023 08:24:57 GMT
content-type: text/html; charset=utf-8
content-length: 49
location: https://xafvd.top/ZPW2aMFX
set-cookie: KunKunID=22d38b888819556e0386a6d55f044312; Path=/; Expires=Thu, 27 Apr 2023 08:24:57 GMT; Max-Age=2592000; HttpOnly
_xsrf=bDBmNXE1VGc1Y2tKbnYzRmRiTjRsMEVlRlRDYUlESDU=|1679991897430928568|6dc8f24dd3c28f12bf23c610db8911c1240da1d74267b49fbd026a828cd409ce; Expires=Tue, 28 Mar 2023 20:24:57 UTC; Max-Age=43200; Path=/
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/ZPW2aMFX

23.224.2.204

200 OK

3.0 kB

URL HTTP/2
xafvd.top/ZPW2aMFX
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1675)
Size
3.0 kB (3022 bytes)
Hash
16061188768942c5c7624d5f4764e972
01feee84243f32aa05041a946875109b47ec5cfd
9514e80e1380f2eaa124ce8cad07f36cb36b2787c66cf6f54c7b948bf50c6377

HTTP Headers

GET /ZPW2aMFX HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:24:59 GMT
content-type: text/html; charset=utf-8
content-length: 3022
content-encoding: gzip
set-cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; Path=/; Expires=Thu, 27 Apr 2023 08:24:59 GMT; Max-Age=2592000; HttpOnly
_xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a; Expires=Tue, 28 Mar 2023 20:24:59 UTC; Max-Age=43200; Path=/
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/image/go-safari.png

23.224.2.204

200 OK

5.2 kB

URL HTTP/2
xafvd.top/static/image/go-safari.png
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type
PNG image data, 454 x 88, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5194 bytes)
Hash
daa685805591b827d16dc2d38cc30a62
7d60d47d5411cca1c4a8826b975debf15d1e8281
b36f8d409799249f7253a51f82791e4285ad94e66caf0314328ca5eb297981ac

HTTP Headers

GET /static/image/go-safari.png HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: image/png
content-length: 5194
accept-ranges: bytes
last-modified: Mon, 07 Jun 2021 03:07:53 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/image/stars-gold.jpg

23.224.2.204

200 OK

895 B

URL HTTP/2
xafvd.top/static/image/stars-gold.jpg
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type
PNG image data, 203 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
895 B (895 bytes)
Hash
5ab0c2932087bca4054c280dd1a0082b
0384b03b564f67e67b4460085961db28d5a92952
2a8cc433785ec96da47291d4ef9164561149e4182ea31ab82871411c419d2624

HTTP Headers

GET /static/image/stars-gold.jpg HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: image/jpeg
content-length: 895
accept-ranges: bytes
last-modified: Tue, 14 Jun 2022 04:05:45 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/image/star.png

23.224.2.204

200 OK

961 B

URL HTTP/2
xafvd.top/static/image/star.png
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type
PNG image data, 203 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
961 B (961 bytes)
Hash
15309b3ca40b39a4c35ec0e0247fa0b8
5f7dc4fa0695c057df8a9b092d56cb59e219560a
391b62f76d5449b83bd72111804b362015203ff98435638f0965810e8c758e41

HTTP Headers

GET /static/image/star.png HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: image/png
content-length: 961
accept-ranges: bytes
last-modified: Mon, 07 Jun 2021 03:07:53 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/image/black_close.png

23.224.2.204

200 OK

1.6 kB

URL HTTP/2
xafvd.top/static/image/black_close.png
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1600 bytes)
Hash
4a7e14ceaa6e2174136cd4b78a94e2e8
5cf5f206d26bad46641e0dabe526caee7982188c
b4c26dffd1fb22190f50b0223203729b7a1ab5b3f6f09e91ca17bd7b733507b8

HTTP Headers

GET /static/image/black_close.png HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: image/png
content-length: 1600
accept-ranges: bytes
last-modified: Sun, 31 Jul 2022 01:40:32 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/js/download.js?t=1

23.224.2.204

200 OK

1.5 kB

URL HTTP/2
xafvd.top/static/js/download.js?t=1
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 text, with very long lines (397)
Size
1.5 kB (1535 bytes)
Hash
7196ca7fe79c14b8039bc4649067e694
934394d6f0ccabc3778c64a535b3bc679053aede
7206fcf0d5c6706295d1cac6cde695a33d57fa9816af3ead46ffa596d5e1f827

HTTP Headers

GET /static/js/download.js?t=1 HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: application/javascript
content-length: 1535
accept-ranges: bytes
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 14:54:25 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/upload/gWowQNHILAptTbex/ZPW2aMFX_ipa.png?t=20230328162459

23.224.2.204

200 OK

18 kB

URL HTTP/2
xafvd.top/static/upload/gWowQNHILAptTbex/ZPW2aMFX_ipa.png?t=20230328162459
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18293 bytes)
Hash
8371b6fe39a0ae10bf5930dd64b9fb6b
88efc03c0762e4913169682e21f96c2f31d41fee
f4c3a80c53d55d71808f1bc48bdae71aced22e42f960210e18f743a27b31e66e

HTTP Headers

GET /static/upload/gWowQNHILAptTbex/ZPW2aMFX_ipa.png?t=20230328162459 HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: image/png
content-length: 18293
accept-ranges: bytes
last-modified: Fri, 17 Mar 2023 19:35:39 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/favicon.ico

23.224.2.204

200 OK

0 B

URL HTTP/2
xafvd.top/favicon.ico
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:01 GMT
content-length: 0
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/image/bg1.jpg

23.224.2.204

200 OK

30 kB

URL HTTP/2
xafvd.top/static/image/bg1.jpg
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
30 kB (29928 bytes)
Hash
8136c4e00dcc19d72274696a34067d75
2f7dd0b7adcdc0c018e48fc8838f8ff473be96d5
628ea0113be20ec8d955415bf1622bdede637ef287e2725a51ed4d2717666b11

HTTP Headers

GET /static/image/bg1.jpg HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xafvd.top/static/css/app.css
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:01 GMT
content-type: image/jpeg
content-length: 29928
accept-ranges: bytes
last-modified: Sun, 31 Jul 2022 02:24:00 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/js/jquery.qrcode.min.js

23.224.2.204

200 OK

0 B

URL HTTP/2
xafvd.top/static/js/jquery.qrcode.min.js
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/js/jquery.qrcode.min.js HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: application/javascript
accept-ranges: bytes
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 03:29:57 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/css/index.css

23.224.2.204

200 OK

0 B

URL HTTP/2
xafvd.top/static/css/index.css
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/css/index.css HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: text/css; charset=utf-8
accept-ranges: bytes
content-encoding: gzip
last-modified: Sun, 31 Jul 2022 13:47:14 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/js/swiper-3.4.2.min.js

23.224.2.204

200 OK

0 B

URL HTTP/2
xafvd.top/static/js/swiper-3.4.2.min.js
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/js/swiper-3.4.2.min.js HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: application/javascript
accept-ranges: bytes
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 03:07:53 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/css/swiper-3.4.2.min.css

23.224.2.204

200 OK

0 B

URL HTTP/2
xafvd.top/static/css/swiper-3.4.2.min.css
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/css/swiper-3.4.2.min.css HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: text/css; charset=utf-8
accept-ranges: bytes
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 03:07:53 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/css/app.css

23.224.2.204

200 OK

0 B

URL HTTP/2
xafvd.top/static/css/app.css
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/css/app.css HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: text/css; charset=utf-8
accept-ranges: bytes
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 03:31:20 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

xafvd.top/static/js/jquery-3.4.1.min.js

23.224.2.204

200 OK

0 B

URL HTTP/2
xafvd.top/static/js/jquery-3.4.1.min.js
IP
23.224.2.204:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/js/jquery-3.4.1.min.js HTTP/1.1
Host: xafvd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: KunKunID=02c05994937871841d2a82ba8ce14bfc; _xsrf=aG83eFFBa3VwZGZ4Q3ZweXNMUGY0OVdiNlI0TzJGaDc=|1679991899299549083|a4a2db4e655750de408ff8422c53ce741c02a6146bd1aadc8ed548dd00b0783a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:25:00 GMT
content-type: application/javascript
accept-ranges: bytes
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 03:07:53 GMT
server: Wafddos
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (35)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers