Report - al30.xyz/

Report Overview

Submitted URL
al30.xyz/
IP
104.21.7.185
ASN
#13335 CLOUDFLARENET
Submitted
2023-04-10 09:39:03
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
i.imgur.com	5110	2012-05-21	2023-04-09	2.9 kB	730 kB	151.101.84.193
hm.baidu.com	8254	2012-05-26	2023-04-09	1.1 kB	12 kB	103.235.46.191
sfbx4.xyz	unknown	No data	No data	418 B	0 B	0.0.0.0
ajax.googleapis.com	12905	2013-08-16	2023-04-10	418 B	34 kB	142.250.74.42
www.googletagmanager.com	75	2013-05-22	2023-04-09	409 B	85 kB	142.250.74.40
qc99.xyz	unknown	2017-07-14	2023-03-11	417 B	88 kB	104.21.48.118
social19.xyz	unknown	No data	No data	421 B	88 kB	104.21.19.44
hi16.xyz	unknown	2022-05-14	2023-03-05	417 B	88 kB	172.67.163.196
al30.xyz	unknown	No data	No data	793 B	65 kB	172.67.137.43

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-03-31	medium	al30.xyz/
2023-03-11	medium	qc99.xyz/
2023-03-31	medium	al30.xyz/

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-04-10	medium	al30.xyz/
2023-04-10	medium	al30.xyz/

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	al30.xyz/	514 B	2023-03-07	2024-02-28
Pretty URL al30.xyz/ IP 172.67.137.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:32:36 Last Seen2024-02-28 21:27:24 Times Seen174 Hash 99917f4d4e8791e27959175ed9fb7103 a546d4144c32fc4e6e596e7f55e9852c5563021b 4632b9296140d3ee863e4242ecbb10e9031a8f03f4845add2dc1d8f9c50e9d10 Loading...

	al30.xyz/	86 B	2023-03-07	2024-02-28
Pretty URL al30.xyz/ IP 172.67.137.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:32:36 Last Seen2024-02-28 21:27:24 Times Seen230 Hash 1121be9535fb195bc0151da960838be2 7805561852d164e6a308db6fb1bc3a907b752a10 3d68d78d7f87c0d3425b5f0f9a8928338db6c1daab63c5d0c5c5b256738375e8 Loading...

	social19.xyz/js/jquery.min.js?t=1681119527&_=1681119527468	87 kB	2023-03-07	2024-04-24
Pretty URL social19.xyz/js/jquery.min.js?t=1681119527&_=1681119527468 IP 104.21.19.44 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2024-04-24 09:57:34 Times Seen167419 Hash a46fb81762396b7bf2020774a2fb4d9e fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7 d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Loading...

	unknown	42 B	2023-04-05	2023-04-10
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-05 03:45:18 Last Seen2023-04-10 15:49:54 Times Seen694 Hash 96a90aaa3c3300e3be3ccc991adbacfe 427f487c1ccd1a1a2c1bd07ee6da2f2a9988c8bb 598364de09cc20d4576c7fd26e131284c3548a91c840520749bea44e458212bb Loading...

	unknown	304 B	2023-04-10	2023-04-10
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-10 11:39:04 Last Seen2023-04-10 11:39:04 Times Seen1 Hash dbd6c3a3ed8f601667ac6bc8fbeddbdb 8c976600287cbf95cbb1abdd5316e1ff2e2cbcec a4f90451fe64db810bbe79a8203c58615f896a03d732ce1fecd2ae16a82d681f Loading...

	al30.xyz/	12 kB	2023-04-10	2023-04-10
Pretty URL al30.xyz/ IP 172.67.137.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-10 11:39:04 Last Seen2023-04-10 11:39:04 Times Seen1 Hash cf53a5b1fa1f9f9ccc3672417926b096 285c0b2b151875ea774e19ff096a5543f154684a d9efdf79b73d1a46a841ca71c3705f6fa473572f5fae8167ff9e2577d092fe86 Loading...

	www.googletagmanager.com/gtag/js?id=G-DJL7JFN301	249 kB	2023-04-10	2023-04-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-DJL7JFN301 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-10 11:39:04 Last Seen2023-04-10 11:39:04 Times Seen2 Hash 60b69647f92a2376184c6f25a88b1db8 e820a64ac52a8dfd88c28ea7aa0d81b0abf9f268 6d0db56ba90d033fa8aac8736432e2a5955bcee08ea13e863dc292a4a6fa3cac Loading...

	al30.xyz/	1.7 kB	2023-04-09	2023-04-18
Pretty URL al30.xyz/ IP 172.67.137.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-09 06:40:08 Last Seen2023-04-18 00:36:51 Times Seen5 Hash c803fe6292a32e2b95f629294c818556 abe5e2d0d001994b216f20577c9848aafc587af6 3eac8a52e382566907ae935c47b0379677bc45c05916e69ff4bd934ca48f804a Loading...

	al30.xyz/	254 B	2023-04-07	2023-04-18
Pretty URL al30.xyz/ IP 172.67.137.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 23:16:00 Last Seen2023-04-18 00:36:51 Times Seen6 Hash 906bdb58207be2a0db9ffb671aaa2159 a9630e03014893d406f1617bceeab1ee9d52745e fda7e50836a55dd1a3ec3eaeeb8682210676a8419dac98ec80e09f72670ccf9a Loading...

	hm.baidu.com/hm.js?22e489d9750288b2b14a563a05a1d794	30 kB	2023-04-10	2023-04-10
Pretty URL hm.baidu.com/hm.js?22e489d9750288b2b14a563a05a1d794 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-10 11:39:04 Last Seen2023-04-10 11:39:04 Times Seen2 Hash c3b7857f12a3f26602ab75f0edb79588 86c2f0d2c58f7758f4f62ccd12cccfeeb562ced4 c47115926e380fdc5db50b869baade019033c1e14d9e9b99d1c938f501b5fc40 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	96 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 10:26:04 Times Seen46338 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	al30.xyz/	153 B	2023-03-26	2023-06-09
Pretty URL al30.xyz/ IP 172.67.137.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 01:57:56 Last Seen2023-06-09 01:18:23 Times Seen39 Hash b7ff295c3a6f1af94ce65da4efc36eca 24f1c8e217820230fe3b57464f00cf48a3d82aa2 92db7a1ce864a62350dede3a6ad158baf912da20e840a9dfc2f49886579f2894 Loading...

HTTP Transactions (17)

URL IP Response Size

al30.xyz/

172.67.137.43

200 OK

0 B

URL User Request GET HTTP/2
al30.xyz/
IP
172.67.137.43:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint6D:A6:CC:83:13:9F:95:C3:7F:A9:B6:D0:EF:91:9B:70:44:9F:2A:70
ValiditySat, 21 May 2022 00:00:00 GMT - Sat, 20 May 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: al30.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Mon, 10 Apr 2023 09:38:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 10 Apr 2023 10:38:47 GMT
Location: https://al30.xyz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVKWmIvi4yqUFVFqClgXoMhVXbQ%2BZIcbYWerEsnaoAp6m33fRm0QgsA5OWUFtrZvyG%2FS0qGKftIbRQ7kGbqgeaqfjrhe26yR%2FUqVM586r9LvLikn6KODAMKhJg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b5a04d4b9f8b512-OSL
alt-svc: h2=":443"; ma=60

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.42

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://al30.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint77:43:87:91:D0:0A:64:BD:84:1C:9A:F5:10:86:8E:8E:04:F1:F9:A3
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT

File type
ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 07 Apr 2023 18:05:12 GMT
expires: Sat, 06 Apr 2024 18:05:12 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 228815
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.imgur.com/NGwTAiV.png

151.101.84.193

200 OK

91 kB

URL GET HTTP/2
i.imgur.com/NGwTAiV.png
IP
151.101.84.193:443
ASN
#54113 FASTLY

Requested by
https://al30.xyz/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
PNG image data, 199 x 172, 8-bit/color RGBA, non-interlaced\012- data
Size
91 kB (90596 bytes)
Hash
47e4fcdf01d55744b95e366e1e764ed8
2b3b2e8521de4a0ded84ede86188c7cc83146608
831881b53108e2d7cb65a39adfa8a29e7d81b35e732c7fee8fadc056c316b3e5

HTTP Headers

GET /NGwTAiV.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Mon, 13 Mar 2023 09:48:07 GMT
etag: "47e4fcdf01d55744b95e366e1e764ed8"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 10 Apr 2023 09:38:47 GMT
age: 2418639
x-served-by: cache-iad-kiad7000164-IAD, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 63596, 1
x-timer: S1681119528.577217,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 90596
X-Firefox-Spdy: h2

i.imgur.com/xp1ER6K.jpg

151.101.84.193

200 OK

704 B

URL GET HTTP/2
i.imgur.com/xp1ER6K.jpg
IP
151.101.84.193:443
ASN
#54113 FASTLY

Requested by
https://al30.xyz/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 32x32, components 3\012- data
Size
704 B (704 bytes)
Hash
4ea681c0204fc3156ff7b73272ee4aa7
44a67657661345aa6d939cb1836413c0704e0a4d
2ab23488bfa39196452aab12c8d6e73ddf3f028523f55d63e25a23739d8a5362

HTTP Headers

GET /xp1ER6K.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sun, 24 Apr 2022 02:31:32 GMT
etag: "4ea681c0204fc3156ff7b73272ee4aa7"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 10 Apr 2023 09:38:47 GMT
age: 2940833
x-served-by: cache-iad-kcgs7200088-IAD, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 5002, 42
x-timer: S1681119528.585174,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 704
X-Firefox-Spdy: h2

i.imgur.com/IuSEdFN.jpeg

151.101.84.193

200 OK

39 kB

URL GET HTTP/2
i.imgur.com/IuSEdFN.jpeg
IP
151.101.84.193:443
ASN
#54113 FASTLY

Requested by
https://al30.xyz/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 480x640, components 3\012- data
Size
39 kB (39276 bytes)
Hash
13d2281ab470977a2974a4b61e9a6b1c
eb45343ed7da5ee2b5a10ea4c75230db00f543cc
c3efe6d0acbe6eb1b931117a3ff09a3b43d0827d552ba95320fe01f3fca86d5f

HTTP Headers

GET /IuSEdFN.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 01 Nov 2013 03:25:26 GMT
etag: "13d2281ab470977a2974a4b61e9a6b1c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 10 Apr 2023 09:38:47 GMT
age: 2233128
x-served-by: cache-iad-kjyo7100053-IAD, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 15, 7
x-timer: S1681119528.579891,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 39276
X-Firefox-Spdy: h2

i.imgur.com/NNDIcLM.jpg

151.101.84.193

200 OK

174 kB

URL GET HTTP/2
i.imgur.com/NNDIcLM.jpg
IP
151.101.84.193:443
ASN
#54113 FASTLY

Requested by
https://al30.xyz/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1116x658, components 3\012- data
Size
174 kB (173761 bytes)
Hash
1399966484ddba7712071e11dc0831aa
573be7d641cc9747dee8c8645b0892da7dd23fa5
7a283e42128db3841b2d94304e2c0d72b3d3a2830d849ff45dcee8c320a41f7e

HTTP Headers

GET /NNDIcLM.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 16 Mar 2023 09:07:56 GMT
etag: "1399966484ddba7712071e11dc0831aa"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 10 Apr 2023 09:38:47 GMT
age: 2161850
x-served-by: cache-iad-kjyo7100121-IAD, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 44, 2
x-timer: S1681119528.578261,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 173761
X-Firefox-Spdy: h2

i.imgur.com/hdowCP7.png

151.101.84.193

200 OK

87 kB

URL GET HTTP/2
i.imgur.com/hdowCP7.png
IP
151.101.84.193:443
ASN
#54113 FASTLY

Requested by
https://al30.xyz/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
PNG image data, 181 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size
87 kB (87124 bytes)
Hash
df599ec50bf8e5390e0bdbd46d6e410b
f264492b42e510930923cabcc01a2344b97ddc65
800026cf07499d867678b7266bbf4e8290ef8e5fbffda70d411c783e62faf26b

HTTP Headers

GET /hdowCP7.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Mon, 13 Mar 2023 09:49:25 GMT
etag: "df599ec50bf8e5390e0bdbd46d6e410b"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 10 Apr 2023 09:38:47 GMT
age: 2418562
x-served-by: cache-iad-kcgs7200067-IAD, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 1771, 7
x-timer: S1681119528.585805,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 87124
X-Firefox-Spdy: h2

i.imgur.com/KVSxPlB.png

151.101.84.193

200 OK

100 kB

URL GET HTTP/2
i.imgur.com/KVSxPlB.png
IP
151.101.84.193:443
ASN
#54113 FASTLY

Requested by
https://al30.xyz/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
PNG image data, 154 x 243, 8-bit/color RGBA, non-interlaced\012- data
Size
100 kB (100200 bytes)
Hash
b6b79b21819de0e1bacfd881b2f6fa5c
a14817024648f5b4f74422aee74b57c091589743
515fad34dd3614b1e333d2ac791a7d99568e4c71972750650c8ae0f9a40e60ec

HTTP Headers

GET /KVSxPlB.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Mon, 13 Mar 2023 09:34:32 GMT
etag: "b6b79b21819de0e1bacfd881b2f6fa5c"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 10 Apr 2023 09:38:47 GMT
age: 1045360
x-served-by: cache-iad-kiad7000099-IAD, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 16009, 1
x-timer: S1681119528.583984,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 100200
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-DJL7JFN301

142.250.74.40

200 OK

84 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-DJL7JFN301
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://al30.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3C:0B:85:94:2A:86:0A:B3:D0:9E:43:A9:87:6A:FB:56:49:9F:F6:B8
ValidityMon, 20 Mar 2023 08:17:43 GMT - Mon, 12 Jun 2023 08:17:42 GMT

File type
ASCII text, with very long lines (30260)
Size
84 kB (84100 bytes)
Hash
12c8dea231d11c9a30aa6f8469981b5e
7e10fcbe6e1b7568cd821e34b9094cc97a0f6130
05699f715f59b5d33b26945d03f31bb8ee52496167542a6b755565ce22293b15

HTTP Headers

GET /gtag/js?id=G-DJL7JFN301 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 10 Apr 2023 09:38:47 GMT
expires: Mon, 10 Apr 2023 09:38:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.imgur.com/FLUfH79.png

151.101.84.193

200 OK

234 kB

URL GET HTTP/2
i.imgur.com/FLUfH79.png
IP
151.101.84.193:443
ASN
#54113 FASTLY

Requested by
https://al30.xyz/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
PNG image data, 581 x 513, 8-bit/color RGBA, non-interlaced\012- data
Size
234 kB (233927 bytes)
Hash
dd5fc86043dc7f902a8d3882e1031afc
6b8d4d07eb3454111be16f913a4213a3fd662c71
7f6925a246ac59b1fdffc6853f41932e94b0ae01f2d911f338f04a3398265bc6

HTTP Headers

GET /FLUfH79.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 07:20:08 GMT
etag: "dd5fc86043dc7f902a8d3882e1031afc"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 10 Apr 2023 09:38:48 GMT
age: 1099794
x-served-by: cache-iad-kjyo7100030-IAD, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 8582, 1
x-timer: S1681119528.412380,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 233927
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?22e489d9750288b2b14a563a05a1d794

103.235.46.191

200 OK

11 kB

URL GET HTTP/1.1
hm.baidu.com/hm.js?22e489d9750288b2b14a563a05a1d794
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://al30.xyz/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint48:6A:ED:D1:68:52:E5:97:4F:A0:92:46:B3:3C:56:46:3D:D9:9C:D5
ValidityTue, 05 Jul 2022 05:16:02 GMT - Sun, 06 Aug 2023 05:16:01 GMT

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
053156837d2aefe54b5f6da259e37726
366c6b1a710c508ffcb3568843959c5df225ae4e
4bedcb81ea461813fdc7e430b6d6a47dce22114ce1a0080407d246d7cb5cf107

HTTP Headers

GET /hm.js?22e489d9750288b2b14a563a05a1d794 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Mon, 10 Apr 2023 09:38:50 GMT
Etag: 738aba808f2885bd28a7781dcd15409f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F390D5A02D833FBD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=901&et=0&ja=0&ln=en-us&lo=0&rnd=1111845290&si=22e489d9750288b2b14a563a05a1d794&v=1.3.0&lv=1&sn=15711&r=0&ww=1152&u=https%3A%2F%2Fal30.xyz%2F%231681119528001&tt=Ramadan%20Offers%2050GB%20Free%20Internet!

103.235.46.191

200 OK

43 B

URL GET HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=901&et=0&ja=0&ln=en-us&lo=0&rnd=1111845290&si=22e489d9750288b2b14a563a05a1d794&v=1.3.0&lv=1&sn=15711&r=0&ww=1152&u=https%3A%2F%2Fal30.xyz%2F%231681119528001&tt=Ramadan%20Offers%2050GB%20Free%20Internet!
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://al30.xyz/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint48:6A:ED:D1:68:52:E5:97:4F:A0:92:46:B3:3C:56:46:3D:D9:9C:D5
ValidityTue, 05 Jul 2022 05:16:02 GMT - Sun, 06 Aug 2023 05:16:01 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=901&et=0&ja=0&ln=en-us&lo=0&rnd=1111845290&si=22e489d9750288b2b14a563a05a1d794&v=1.3.0&lv=1&sn=15711&r=0&ww=1152&u=https%3A%2F%2Fal30.xyz%2F%231681119528001&tt=Ramadan%20Offers%2050GB%20Free%20Internet! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 10 Apr 2023 09:38:51 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C1F00E539002E854; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

qc99.xyz/js/jquery.min.js?t=1681119527&_=1681119527465

104.21.48.118

200 OK

87 kB

URL GET HTTP/2
qc99.xyz/js/jquery.min.js?t=1681119527&_=1681119527465
IP
104.21.48.118:443
ASN
#13335 CLOUDFLARENET

Requested by
https://al30.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE8:51:9E:21:F1:1E:3E:4F:2B:68:C8:61:21:12:E7:26:CF:8F:56:3C
ValidityWed, 18 May 2022 00:00:00 GMT - Wed, 17 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
87 kB (86927 bytes)
Hash
a46fb81762396b7bf2020774a2fb4d9e
fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing

HTTP Headers

GET /js/jquery.min.js?t=1681119527&_=1681119527465 HTTP/1.1
Host: qc99.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 10 Apr 2023 09:38:48 GMT
content-type: application/javascript
last-modified: Mon, 21 Mar 2022 20:35:22 GMT
vary: Accept-Encoding
etag: W/"6238e18a-1538f"
expires: Mon, 10 Apr 2023 21:38:47 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bU16Ey3DuoIazOk2zumg2hN%2Bn2oEbev3HdlEET6AEqL7sxHw1fJq4jQO4MU3pBTQfvjThrrd4f3kFLcArzlKptkH4YQoB50AwV%2BlhEBtxxcC1SGc8JsLLb%2FpMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b5a04d97bdf1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

social19.xyz/js/jquery.min.js?t=1681119527&_=1681119527468

104.21.19.44

200 OK

87 kB

URL GET HTTP/2
social19.xyz/js/jquery.min.js?t=1681119527&_=1681119527468
IP
104.21.19.44:443
ASN
#13335 CLOUDFLARENET

Requested by
https://al30.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4E:74:82:58:8E:86:1A:2C:A3:78:5D:C3:B5:47:E0:63:3D:4F:B3:BA
ValidityMon, 20 Jun 2022 00:00:00 GMT - Mon, 19 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
87 kB (86927 bytes)
Hash
a46fb81762396b7bf2020774a2fb4d9e
fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

HTTP Headers

GET /js/jquery.min.js?t=1681119527&_=1681119527468 HTTP/1.1
Host: social19.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 10 Apr 2023 09:38:48 GMT
content-type: application/javascript
last-modified: Mon, 21 Mar 2022 20:35:22 GMT
vary: Accept-Encoding
etag: W/"6238e18a-1538f"
expires: Mon, 10 Apr 2023 21:38:48 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFTJ4k%2B8CqZn2ocMGHpahHiWFXbP%2Bbfrn5gizGX5c%2BrxATt%2FUVHYUm4YF%2BaE3Nb9D3y%2FfkMvZW8oY49KMc5PLPM6lv4cXhJbKoYaKJvJj7fU8KpEinvffe%2FxaDHtS8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b5a04d97b28b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

al30.xyz/

172.67.137.43

200 OK

64 kB

URL GET HTTP/3
al30.xyz/
IP
172.67.137.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://al30.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint6D:A6:CC:83:13:9F:95:C3:7F:A9:B6:D0:EF:91:9B:70:44:9F:2A:70
ValiditySat, 21 May 2022 00:00:00 GMT - Sat, 20 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1321), with CRLF, LF line terminators
Size
64 kB (64039 bytes)
Hash
d6546aea78d1aca9c4ee428395ecd3c9
85b1b11b318c89468105495397f76911655f3390
19f43ff52a852ca3371921dcdf6cdcdac4b446c7c188d10495a8e4efa4047c6b

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: al30.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: al30.xyz
Connection: keep-alive
Referer: https://al30.xyz/
Cookie: loclang=en; reg=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 10 Apr 2023 09:38:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: reg=1; expires=Wed, 10-May-2023 09:38:47 GMT; Max-Age=2592000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11uoAr7owWxFa6%2FINrf5HXpn4sJoyU52F6yTjJ%2BRJ6pJxT%2FTEW%2FzYf9rCv1gLwJ6eSgjoXNsE8rf56Yo3ooUKQCWhuR%2BDI1aUCSpgwbrhx987mhpmtufu5V3rA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b5a04d70aa7b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

hi16.xyz/js/jquery.min.js?t=1681119527&_=1681119527466

172.67.163.196

200 OK

87 kB

URL GET HTTP/2
hi16.xyz/js/jquery.min.js?t=1681119527&_=1681119527466
IP
172.67.163.196:443
ASN
#13335 CLOUDFLARENET

Requested by
https://al30.xyz/
Certificate
IssuerLet's Encrypt
Subject*.hi16.xyz
FingerprintD3:62:07:25:A8:8D:FB:EB:A8:D8:05:79:42:E1:B2:B0:C7:F2:F7:28
ValiditySun, 05 Mar 2023 18:43:41 GMT - Sat, 03 Jun 2023 18:43:40 GMT

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
87 kB (86927 bytes)
Hash
a46fb81762396b7bf2020774a2fb4d9e
fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

HTTP Headers

GET /js/jquery.min.js?t=1681119527&_=1681119527466 HTTP/1.1
Host: hi16.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 10 Apr 2023 09:38:48 GMT
content-type: application/javascript
last-modified: Mon, 21 Mar 2022 20:35:22 GMT
vary: Accept-Encoding
etag: W/"6238e18a-1538f"
expires: Mon, 10 Apr 2023 21:38:47 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyBUmU3Dczcpb77a8JDvU%2BqsiXx%2Bz%2FstcB9SNRiuAcI7ZE9h4oKnM4N0r3tzUd7ipduZ5eDan9IFbCB1YfZuhPyi4ks4yVUaxQLI5RnHs3khWXbVff2hpDgL4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b5a04d98a15b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sfbx4.xyz/js/jquery.min.js?t=1681119527&_=1681119527467

0.0.0.0

0 B

URL GET
sfbx4.xyz/js/jquery.min.js?t=1681119527&_=1681119527467
IP
0.0.0.0:0
ASN
#0

Requested by
https://al30.xyz/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/jquery.min.js?t=1681119527&_=1681119527467 HTTP/1.1
Host: sfbx4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al30.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by