| 9xbuddy.in/build/291f13891176f90733ca.png | 188.114.97.1 | 200 OK | 2.5 kB |
URL GET HTTP/39xbuddy.in/build/291f13891176f90733ca.png IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typePNG image data, 217 x 55, 8-bit colormap, non-interlaced Hashf19a76e1de03a1ecb9c45dcfb96bce41 2156ba7ed189b2f22b87e87eb9ffcaa7ebb4db0c 55340830b75351b2ad4154871c488f34c0b66c8cef18719f3f7a8f9dc190cd58
GET /build/291f13891176f90733ca.png HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:34 GMT
content-type: image/png
content-length: 2501
last-modified: Sun, 06 Nov 2022 06:05:05 GMT
etag: "63674e91-9c5"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFh%2F2BIMlhMqfon85SrCYV%2F217k7mlR8snzMsyP0CBWcHw5tnab5qFW%2B9Wc%2FnXZRFnT7%2Bn6dZPCjhxi%2BR%2Btl9An5aQosn0VCDm6aA70aPY%2FEALhqbIyZmWQ7Ib%2Ft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87601e2eba4c0b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/cdn-cgi/challenge-platform/scripts/jsd/main.js | 188.114.97.1 | 302 Found | 0 B |
URL GET HTTP/39xbuddy.in/cdn-cgi/challenge-platform/scripts/jsd/main.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 23:15:34 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZV39oYUnUZoTtFvbVsfbBVgExn8dgO%2Bn7sVr7KN3YjJ%2BTa5%2FBraaQUIg2ZMPaZt56iZL3KFQx%2F15qDl9sVhdF5jLJY97pgvAUZy9bwR%2FMxwypmvSxsh0Jgd1vxGz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87601e2f5a6c0b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/build/7.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 8.1 kB |
URL GET HTTP/39xbuddy.in/build/7.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeJavaScript source, ASCII text, with very long lines (8147), with no line terminators Hash5396bcd5858168c1aa0e716e9106284d 8f3ca3fc8ab2fcf56c162058ea6d4e95c0af718d 5c57aba1d68f10be74b7d8c77c3d2313fa36d66854a3831f7586bef5b6619fc3
GET /build/7.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:34 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-1fd3"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MiygSPYangYiRwSNznWSwnwdOdGFiZG4GXohF8arMyLnKyxAqeJgnaQOKhsHt8960lvgugmXjpXGyvRGztTfJQctZW0I%2B9HmzMSrEv5dQtdEAbZLuwTJozJuFfdW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e2f5a690b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/icons/favicon-16x16.png | 188.114.97.1 | 200 OK | 680 B |
URL GET HTTP/39xbuddy.in/icons/favicon-16x16.png IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashf310dc4b30e94e078aa3d8ce14a93a7d f6b2f0419a8bb65aafd4c185079584494439cf4a 5261947833061f72396f2e0f6b27598ae37585d8de6da4bed8df9f683181aaab
GET /icons/favicon-16x16.png HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:34 GMT
content-type: image/png
content-length: 680
last-modified: Sun, 06 Nov 2022 06:05:05 GMT
etag: "63674e91-2a8"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2dvZQ1jyjRq3593ZE1eUUsvGZIUL2N54ZQVoOt2TWNU8%2B9ujp%2FFgqaJPtUJQBefz7oVX1T8gYNbYjAq6%2FS%2FiDjUkL1%2FBSR%2FcFT1EPisml8G%2BdjXCG11R648dWtH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87601e2f6a720b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/build/main.e71f3471065439141487.css | 188.114.97.1 | 200 OK | 6.5 kB |
URL GET HTTP/39xbuddy.in/build/main.e71f3471065439141487.css IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeASCII text, with very long lines (33647) Hash0f5c61890f014772a3dcc7652caef97a a15caaa3f981da78f53c8bfe4d9b694b5eb5e4f6 fce7eae43f856f06c4981570e813855262a6a90c6bff85ed3b96cf21c47d3c23
GET /build/main.e71f3471065439141487.css HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:34 GMT
content-type: text/css
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-83af"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=As6N5gW6TD31VwyZ9PFCTJQCY5rQ152olUa7eyRjExwsZUsZf3cjwlnBBwAoLhm6bOZ2xzuu28G70eRo9CMefLIpINk203req%2BwCwfWfncmsY%2FT606Nh5bcqF%2BQ5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e2eba4b0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| video-cdn3.gelbooru.com//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm | 108.181.143.71 | | 145 B |
URL GET video-cdn3.gelbooru.com//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm IP108.181.143.71:0
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerLet's Encrypt Subjectimg3.gelbooru.com Fingerprint3A:5D:00:65:4B:9E:45:C9:DD:1E:F7:9C:3C:85:95:4A:A6:91:F6:51 ValidityWed, 17 Apr 2024 17:26:00 GMT - Tue, 16 Jul 2024 17:25:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashbfe2c1d1b36c62666ce9ba537d324bd4 4d52a7c6d2909a506a4e81559eb24e8af077c741 5216ad883da8fe250db6892c9abca11bae07572d49a4c48a3c42276ffe6a9fb8
GET //images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm HTTP/1.1
Host: video-cdn3.gelbooru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 17 Apr 2024 23:15:35 GMT
content-type: text/html
content-length: 145
location: https://gelbooru.com/hotlink.php?hash=//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm
expires: Wed, 17 Apr 2024 23:15:34 GMT
cache-control: no-cache
strict-transport-security: max-age=3600;
X-Firefox-Spdy: h2
|
|
| 9xbuddy.in/build/19.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 7.8 kB |
URL GET HTTP/39xbuddy.in/build/19.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeJavaScript source, ASCII text, with very long lines (20973), with no line terminators Hash0d89fe65f87cddedad6a912166e53208 a4e8cffd08639b4f3f5b3d86f303dbe6c89548b6 f43c153d7b7585febe16926ed2a6cd72dc6382cadad91d2f187c9a6f5af938c8
GET /build/19.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:34 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-51ed"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MaVBjiGIDs7XfcZmaJ7J6cD8s6p7Xi0Qqn81cjf%2B0ubSg9WRRQdKpxYDkYDJTIpQxMtlDqAuOzfnsAovCIx5y%2F5vJQJ%2FphCGYDFeP6ocXKefS4jeQbzQNnVAPp0O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e2faa7d0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gelbooru.com/hotlink.php?hash=//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm | 104.21.234.102 | | 7.1 kB |
URL GET gelbooru.com/hotlink.php?hash=//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm IP104.21.234.102:0
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerLet's Encrypt Subjectgelbooru.com Fingerprint56:9E:F6:71:D4:0D:54:99:85:72:15:78:61:20:A3:EE:BC:24:93:1F ValiditySat, 30 Mar 2024 06:43:38 GMT - Fri, 28 Jun 2024 06:43:37 GMT
File typegzip compressed data, from Unix Hash75a7d0315a03528311f3d67980d4cf2f 049b376deee00e2212d419a2e1186860b6f02845 a4dc8e908c0a63a6bd123c960b83636a8a16ef58099cd2cf6e270ce37227a6b5
GET /hotlink.php?hash=//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm HTTP/1.1
Host: gelbooru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9xbuddy.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 17 Apr 2024 23:15:36 GMT
content-type: text/html; charset=UTF-8
location: index.php?page=post&s=view&id=9918463
set-cookie: PHPSESSID=f50f5d52dc79b3f0d7b7b917ba529595f04dab3d2607830cdeda7b3d41fea0aaed3ba8b0bbddd2ed6edc4ee8ad960f94e3abc6d5a1842bf226458c2718058622; expires=Thu, 17-Apr-2025 23:15:36 GMT; Max-Age=31536000; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O2EB8qGRN64EzcvCH8JFFFRPMwYJVDsbsceSuLloNb9guXZKtRy1EULjFKlUiPUEN2XUXhK7RteE%2F5EYLQ6j86dibo1s1FqU7sjqF1YUQr2GJIqS9vLSr0%2BdONNGcB4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87601e365a557767-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| whizzerlollard.top/1clkn/9537 | 212.117.187.140 | 200 OK | 26 B |
URL GET HTTP/1.1whizzerlollard.top/1clkn/9537 IP212.117.187.140:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerLet's Encrypt Subjectwhizzerlollard.top Fingerprint0C:44:F6:9E:A8:B1:C5:48:09:B4:21:E4:60:BE:87:6B:89:1A:36:5F ValidityTue, 26 Mar 2024 07:03:24 GMT - Mon, 24 Jun 2024 07:03:23 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1clkn/9537 HTTP/1.1
Host: whizzerlollard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/
Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 23:15:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| 9xbuddy.in/build/main.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 335 kB |
URL GET HTTP/39xbuddy.in/build/main.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
Size335 kB (335349 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /build/main.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:34 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-51df5"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKOLKT%2FpFQ8VXPzfQFnzOXjuTlRFK6FlWvRdg3hxBMIjWz%2B6zENV2%2FeHQ6ax70VzpGmfBphrBhyNGCdes6MCGD6Z%2FesnBnUxloSK5%2Fe5XLFI9hOXXZMjQMZ7atVT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e2eba4d0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ab1.9xbud.com/extract | 188.114.96.1 | 200 OK | 0 B |
IP188.114.96.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerLet's Encrypt Subject9xbud.com FingerprintFB:EA:0D:88:59:40:5B:40:BF:67:3D:22:86:13:05:34:4F:E6:99:FE ValidityTue, 27 Feb 2024 17:44:28 GMT - Mon, 27 May 2024 17:44:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /extract HTTP/1.1
Host: ab1.9xbud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-access-token,x-auth-token,x-requested-domain,x-requested-with
Referer: https://9xbuddy.in/
Origin: https://9xbuddy.in
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:15:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.28
access-control-allow-origin: https://9xbuddy.in
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1728000
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YHtP7y2LNbw9ygzve%2FuEhJZ%2BsZqASFDNv8wbhSSrqTJaBbpAnrI4AS6Ae4RC%2B%2BN69FCWjsXB96QqH3Iusti6MPM7BZmHHZ7QnzSG6FYEHEHo4AGXFp5nt0UWo7rHiVkK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e313f2956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 9xbuddy.in/cdn-cgi/challenge-platform/h/g/jsd/r/87601e2cce487130 | 188.114.97.1 | 200 OK | 0 B |
URL POST HTTP/39xbuddy.in/cdn-cgi/challenge-platform/h/g/jsd/r/87601e2cce487130 IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/g/jsd/r/87601e2cce487130 HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12285
Origin: https://9xbuddy.in
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:35 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=IMU59CksJOFflt9yzVKXEMhO9ds3.krcnb.bKovoiE0-1713395735-1.0.1.1-jaq5psxCOFQX88nr5eaLUtlmnUX3txtguiu1fPh.voG5fJRPgL2tBX_6cbFWwxdeqNSZgxNjEVcfvseBI2aC9Q; path=/; expires=Thu, 17-Apr-25 23:15:35 GMT; domain=.9xbuddy.in; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lICTjFhWYcY8wlJJz7tTsWftK86b0nZd%2Fyxzvby4XqDwrEO7eb6F2DXX%2ByE%2FnUN%2FRq%2BRJ9Nk4wMEw0SR%2BzJ4OGL6fDgIWioSLVDIkA2n4Gw%2BLwD8PVb%2BCYvo7ybq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e30aac80b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/build/24.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 2.7 kB |
URL GET HTTP/39xbuddy.in/build/24.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2762), with no line terminators Hashed061eed2ad4ea9d81ab902dfe53eaa6 e467cd4d5fe4fc4b9be8fdd05c634ba1616d454f 1c1bb8ac8cc7b75c66cbfde1e639131975976ab8a718f04456ed187d4b446b1e
GET /build/24.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:34 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-aa8"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLo%2Ft966%2FJFvz45pVATkRbSDUTepXguBcJnjFHpuYz4N2YIOCT9i1JBBW1WhSjJklSJxcMp0Fos4F8W7ydT4jPU6oz2NfvI62kryY7sonMfZ49xNyXnAkGdwHv7y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e2faa7e0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ | 188.114.97.1 | 200 OK | 20 kB |
URL User Request GET HTTP/29xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeHTML document, ASCII text, with very long lines (12635) Hash193e468e185332b221c6c07497b999e4 026e5fc59b95d94951430bd21676cbb68367bf10 720915a2f5ef61fc441697da50102689028fc0c4106f642c82e523222cdf234d
GET /process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:15:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGElAPe8getJTtEfzapqStmTD4ytFJhL6t4XSqBH4hHoEfvkZ5QllMhvbYEe1o%2FgQI1BN6auDVQ0KT5tTluwa1joVQzAa%2FmytjV7k0oGHLOmKpEmODYGFuRpGrnx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e2cce487130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 9xbuddy.in/build/81.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 41 kB |
URL GET HTTP/39xbuddy.in/build/81.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeJavaScript source, ASCII text, with very long lines (40761), with no line terminators Hash15843e552e3cac1e9e4e9dc191770811 9a132104b73e6f797e4aed760e6035c6ba3c0381 34cabbca08eb2f6adc90e858a0882a1b57d8066f3e37cb12d83d679065f50dd2
GET /build/81.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:34 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-9f39"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UjS3cu%2FvvOD%2FBCHPDCazy%2BX6Da7quP1DTw7BmlvYZLYOE7LFOIJKqL%2B3DyLf8kU4yFcRbeGCbrjPsgVOC0Z9j0q%2B9i8zM4Ns6eeBXlOBx%2FfByl29o8PKL28X7OnZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e2faa800b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| whizzerlollard.top/rHH727qVeN4r6/7972 | 212.117.187.140 | 200 OK | 0 B |
URL GET HTTP/1.1whizzerlollard.top/rHH727qVeN4r6/7972 IP212.117.187.140:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerLet's Encrypt Subjectwhizzerlollard.top Fingerprint0C:44:F6:9E:A8:B1:C5:48:09:B4:21:E4:60:BE:87:6B:89:1A:36:5F ValidityTue, 26 Mar 2024 07:03:24 GMT - Mon, 24 Jun 2024 07:03:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rHH727qVeN4r6/7972 HTTP/1.1
Host: whizzerlollard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 23:15:35 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://9xbuddy.in
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 18-Apr-2024 23:15:35 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 18-Apr-2024 23:15:35 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| ab1.9xbud.com/token | 188.114.96.1 | 200 OK | 0 B |
IP188.114.96.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerLet's Encrypt Subject9xbud.com FingerprintFB:EA:0D:88:59:40:5B:40:BF:67:3D:22:86:13:05:34:4F:E6:99:FE ValidityTue, 27 Feb 2024 17:44:28 GMT - Mon, 27 May 2024 17:44:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /token HTTP/1.1
Host: ab1.9xbud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-access-token,x-auth-token,x-requested-domain,x-requested-with
Referer: https://9xbuddy.in/
Origin: https://9xbuddy.in
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:15:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.28
access-control-allow-origin: https://9xbuddy.in
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1728000
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iyl8fKQ%2FyKAnbEYLQrmqRWA2fAngmKv%2B19akk%2Fk4DoljzulXEVFuLSYoxiMjscFu5j1A1yCJyI%2FElGFj5LRv%2F6VTZ0GeNCF9mac6XNGle1IkgsRFkjL46IHALaYDTUiY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e303eab56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gelbooru.com/index.php?page=post&s=view&id=9918463 | 0.0.0.0 | | 0 B |
URL GET gelbooru.com/index.php?page=post&s=view&id=9918463 IP0.0.0.0:0
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerLet's Encrypt Subjectgelbooru.com Fingerprint56:9E:F6:71:D4:0D:54:99:85:72:15:78:61:20:A3:EE:BC:24:93:1F ValiditySat, 30 Mar 2024 06:43:38 GMT - Fri, 28 Jun 2024 06:43:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?page=post&s=view&id=9918463 HTTP/1.1
Host: gelbooru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9xbuddy.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:15:36 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=5af3af4a516871a4a23ce2b2b0a3fc66f21a38021422694d5b4dc42c0c7503e891c2128a32442588b4be740f351f0c89886979c5689bc10df9d9e63652f947ed; expires=Thu, 17-Apr-2025 23:15:36 GMT; Max-Age=31536000; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ibVQ1l4mG1viHMGrtYJiV4CQ7ZJo%2BN0vwQ9rceFL3%2BaS%2FUhAVZFefaw4lCDqa9qchBuUqzS9e%2F%2BKq1NZ1VGdtm4VVa8zsmLlHnyonmypuRSUyeDq0TLeoL%2FNiedCa3M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e383c787767-LHR
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| whizzerlollard.top/nQNFvR4pfdjHeE/40618 | 212.117.187.140 | 200 OK | 6 B |
URL GET HTTP/1.1whizzerlollard.top/nQNFvR4pfdjHeE/40618 IP212.117.187.140:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerLet's Encrypt Subjectwhizzerlollard.top Fingerprint0C:44:F6:9E:A8:B1:C5:48:09:B4:21:E4:60:BE:87:6B:89:1A:36:5F ValidityTue, 26 Mar 2024 07:03:24 GMT - Mon, 24 Jun 2024 07:03:23 GMT
File typeASCII text, with no line terminators Hash4fc71bf68a1d477bd1523733e34d1e90 15119105cffbe108b6cf290146ab02c9aa8517ba 74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /nQNFvR4pfdjHeE/40618 HTTP/1.1
Host: whizzerlollard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/
Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 23:15:36 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://9xbuddy.in
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| 9xbuddy.in/icons/apple-touch-icon.png | 188.114.97.1 | 200 OK | 5.3 kB |
URL GET HTTP/39xbuddy.in/icons/apple-touch-icon.png IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash2a1f354702de7eb8d63c8f10d2d0beaf 5f42ee8dc3c78184fba322c0288776c86841f25d 447d4a8b2ef5e876f4bf0145893d9f300dd62a3a49ebbc04a49282a6e4c5475a
GET /icons/apple-touch-icon.png HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:34 GMT
content-type: image/png
content-length: 5323
last-modified: Sun, 06 Nov 2022 06:05:05 GMT
etag: "63674e91-14cb"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kq5OQqzkc4W%2BEbd%2Bt2yvkVAOWpPJD7%2BZcb6y7pPM45ZQ4IPbaIrkRUB5m4KPJWEarL75uIE9YSfVPQBAoRi4%2BE61u%2BYaJCLWT1%2FFNIkNExlqfs7%2BWm8ogXXgjnI%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87601e2f6a710b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ab1.9xbud.com/token | 188.114.96.1 | 200 OK | 120 B |
IP188.114.96.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerLet's Encrypt Subject9xbud.com FingerprintFB:EA:0D:88:59:40:5B:40:BF:67:3D:22:86:13:05:34:4F:E6:99:FE ValidityTue, 27 Feb 2024 17:44:28 GMT - Mon, 27 May 2024 17:44:27 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hasha6ec9d77cb177f6a1d0a8c313c6e39a8 9f8baff795b69e695edf85f8bd149d32798fd432 273720251c6270b03e627b8c6170e23c8c54e01299cf77255e97a09f05aa94a1
POST /token HTTP/1.1
Host: ab1.9xbud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: xmlhttprequest
x-auth-token: nq+aqZWYqmecomxuZGJrZWyZZWybZ2lrZWeXamqZYXeafWmfrbJlcLiGioaKk356h3mtrpKmm5isk6dvlmdmal9n
x-requested-domain: 9xbuddy.in
x-access-token: false
Content-Length: 2
Origin: https://9xbuddy.in
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:15:35 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.28
access-control-allow-origin: https://9xbuddy.in
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1728000
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c3nIpUi466Cm26sc081JpC%2BRIGj2vHUeU072Gm4F2ydN1yRM9KP5PRbSZ8E9Qv5KZt6pUzHTXIU42dVa%2BVteWn4GOL515eT8SdPaaTLPhj3alqE%2F4ccz0VZcAF1x27WG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e30def156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ab1.9xbud.com/extract | 188.114.96.1 | 200 OK | 5.4 kB |
IP188.114.96.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerLet's Encrypt Subject9xbud.com FingerprintFB:EA:0D:88:59:40:5B:40:BF:67:3D:22:86:13:05:34:4F:E6:99:FE ValidityTue, 27 Feb 2024 17:44:28 GMT - Mon, 27 May 2024 17:44:27 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (5613), with no line terminators Hash79940eede3ac0a65d9985cc47a4b27ef 5e420f04f1e4a8fe3b7ccb3999bec94221ab2294 0984afd81af6c5504342bd4cb97c04ea84f3f8f41195ee795adf0fb9351e3eb6
POST /extract HTTP/1.1
Host: ab1.9xbud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: xmlhttprequest
x-auth-token: nq+aqZWYqmecomxuZGJrZWyZZWybZ2lrZWeXamqZYXeafWmfrbJlcLiGioaKk356h3mtrpKmm5isk6dvlmdmal9n
x-requested-domain: 9xbuddy.in
x-access-token: bJZlapZhaGlfYWtpnKetoadrY2dwqZKjmpKsk6CfllxUfpaToaRjZWliZGFlaGhRdpeok5nUr2CfaWJnYWRnbQ==
Content-Length: 318
Origin: https://9xbuddy.in
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:35 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.28
access-control-allow-origin: https://9xbuddy.in
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1728000
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bec0%2FWvh5PjBldCAQCOXEHEJ0P69nDnTOIeZK6tINfamtSbIDovUGGsMHuVy%2FcGpqfJdvkLk9IQL0k2e9ctN1cK0Go01PMRJ4eb%2FmLMgLERfrKq73FZpiXc%2FE4ipQIaV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e319a85b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/build/70.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 24 kB |
URL GET HTTP/39xbuddy.in/build/70.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeJavaScript source, ASCII text, with very long lines (23834), with no line terminators Hasha5df48809858975b8647793535e2f75e b86697eda22d3d97d02092fd16470ee61ff5b5fe d83eba8e1787fd738c44d63e007742de66a68c97a513aefbbb21b8ba3c6e6026
GET /build/70.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:34 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-5d1a"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vzozwTMQl%2BN2u%2B9QtHrNMdgRgFYGp0HKWh4IuRoEZwrQQmzewdgsHLXiOKT8Guem05DFAj3mFuVfeaKyKTuc4FJKKkVPN6B3j%2BMCsf%2FXH2QW90KiLuAyqVwo52ka"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e2faa7f0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js | 188.114.97.1 | 200 OK | 7.9 kB |
URL GET HTTP/39xbuddy.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeJavaScript source, ASCII text, with very long lines (7862), with no line terminators Hashae30a06b4b163c20bc06928932e21cea db7988b46e8837463a8a8e6500f03d759ec7bab0 b426fa4dac5b6266f66b81cfe771c09b641c1a67b946c10d3fc825a051434a69
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:15:35 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7fSQhBlJ2ll6hZ4vfHoR3IuYIDPxG97hT05FBnUKu6kgaEWs%2BZhn%2Fa6ccdDlNNLF4fuAK5VJbvxgahJU9VGHak4%2BhNBI1v72gcvF8Wf673tsXVQXeH5%2F3Fli9iH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87601e2fda870b65-OSL
alt-svc: h3=":443"; ma=86400
|
|