r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15756
Expires: Tue, 31 Jan 2023 11:24:37 GMT
Date: Tue, 31 Jan 2023 07:02:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16138
Expires: Tue, 31 Jan 2023 11:30:59 GMT
Date: Tue, 31 Jan 2023 07:02:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 06:43:17 GMT
content-type: application/json
age: 1124
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7033
Expires: Tue, 31 Jan 2023 08:59:14 GMT
Date: Tue, 31 Jan 2023 07:02:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 05MmJUQT42aWMG0PPoWXxVg6QOkOAZNuKfTsrBNQEqtE1Zu7N5rU39cjjeCLuD22VM5SsnFhiiFq16aT6LjMJQ==
x-amz-request-id: 4MPQMYC6Y5P1AA6Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 06:22:06 GMT
age: 2395
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 07:02:01 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mfzypk.adirectorabm.top/
107.150.63.219301 Moved Permanently 240 B IP 107.150.63.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cdfb42318931d4381347a1f71f10a0b6
848fe6276e1896b9bcd6289927ae2572887984a6
8d37cb1ed8dd447d5fc9809d4d19f951eb642b5d1670d8f787e947fe23fa22b6
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 07:02:01 GMT
Server: Apache
Location: https://mfzypk.adirectorabm.top/
Content-Length: 240
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 06:41:42 GMT
age: 1219
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 06d81f83f73b1c67c4562975fd196764
5b155741737b9e6d4a8f1c711bbfcc5dd0ec524b
80acafd4fcb9639caba73ec5277b54140e1168a1cacff9f09d1ee4cc745d518b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80ACAFD4FCB9639CABA73EC5277B54140E1168A1CACFF9F09D1EE4CC745D518B"
Last-Modified: Mon, 30 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Tue, 31 Jan 2023 13:01:23 GMT
Date: Tue, 31 Jan 2023 07:02:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10465
Expires: Tue, 31 Jan 2023 09:56:27 GMT
Date: Tue, 31 Jan 2023 07:02:02 GMT
Connection: keep-alive
push.services.mozilla.com/
35.163.38.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.38.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gjPU1jG5kVZTv4+K5apOjA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6bLAFzSFIqyQWxYJJzTluG7uKLo=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6771
Expires: Tue, 31 Jan 2023 08:54:54 GMT
Date: Tue, 31 Jan 2023 07:02:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6771
Expires: Tue, 31 Jan 2023 08:54:54 GMT
Date: Tue, 31 Jan 2023 07:02:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6771
Expires: Tue, 31 Jan 2023 08:54:54 GMT
Date: Tue, 31 Jan 2023 07:02:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63486f2a937aa8fd013fc2c2d1b32f2d
e8868de34c2f79348c1edad764259eb70bebd7a6
fa6e5ce374031c0df3b3f2d6de823cf1fe08fdaf9957a0722770867cfdec0ed1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13639
x-amzn-requestid: 8131c878-620a-4972-ba8f-1456859acae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcJSF0SIAMFe1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340a1-18c7280940d508c440c0182c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L6MnX0h8Bn9-ufqI6yOzQAPhqc4SoJKySgzlm756NaiVrfJpnftIWQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 06:29:38 GMT
age: 1945
etag: "e8868de34c2f79348c1edad764259eb70bebd7a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 00:33:02 GMT
age: 23341
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e575f4c5e3aa793f846cadc8baf386c
f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d
09a5bbe4fb7f23ee43228267f30c1ef0cd8747e515e01c963df0756b866f23ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 713e2d23-21a3-4b9f-af7b-497d15494cdc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCYTEBToAMFQMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e434-24782bb73c8760d277497ded;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:12:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _-Hp-dTdgO95bYRa5Y5UkAUHHxHPMM9GFP2qKtbLIIylFOc2SGXjBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 04:10:01 GMT
age: 10322
etag: "f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fc180ec5b99ac357db8775775c3c11
c9856a488e82bc330881377528bf2e53274ef5f3
a31fd6fc84f79b0f5fb79cccf490ddf61eb58bdaf57ca27f57a911332e550d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5394
x-amzn-requestid: 16d876fb-0afd-4b5d-b19e-1029506fd6f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIgq2E4CIAMFiFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce178-1f08dc2105b6e182677004e7;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:10:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 36E3JCGqpkeMmb_fzM0DTb24ElUMGDdikE1IdqQABDlbT28XRs7B-w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 11:52:37 GMT
age: 68966
etag: "c9856a488e82bc330881377528bf2e53274ef5f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b43468b05cd1fd11c398263a80e4edb2
02e964ea5a88c866267ac6c5601bfcde26ffd42b
19783f05297f7ed5d7ca8cec0fc0e1676831275ac48f1510a4f410dbe2802314
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4634
x-amzn-requestid: 2941da94-203c-47d1-99ee-d864bdbf6993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCAHF9kIAMFrUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e39a-78bb7189351d830a7ef70c67;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hWONP8eVA6h5VMyREx_CgRY2zeb9KUxipWiXdx9dHBtU2YDV07lGXQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 05:35:57 GMT
age: 5166
etag: "02e964ea5a88c866267ac6c5601bfcde26ffd42b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 35918
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mfzypk.adirectorabm.top/
107.150.63.219200 OK 7.2 kB IP 107.150.63.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (904), with CRLF, LF line terminators
Hash a1eadcd5a83ac1c1b8e99a974e19fd2a
93194d662724a1421bf22ac1be052f049fa9f3d5
a5a0d213eb6b019f031b687cce9521fa6ec3cb06291a110a90c377010c8f2906
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:02 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62; path=/; domain=.mfzypk.adirectorabm.top; secure; HttpOnly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/style_categories.css
107.150.63.219200 OK 1.7 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/style_categories.css
IP 107.150.63.219:0
File type ASCII text, with CRLF line terminators
Hash 526fa2cc9b223c56f65d47964d85159d
1b6c9693446c98d643f11a7826132471d619b48e
75f44f15ab734864fad32df7cc2b21874069cf06f9082cd6034e5e7d4314e886
GET /includes/templates/linglong-viu04/css/style_categories.css HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:04 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:04:44 GMT
ETag: "6c5-5c65bc2147f00"
Accept-Ranges: bytes
Content-Length: 1733
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet.css
107.150.63.219200 OK 14 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet.css
IP 107.150.63.219:0
File type Unicode text, UTF-8 text, with very long lines (839), with CRLF line terminators
Hash af385eebf1706a7eb76897dc6519a98c
ca9be7e4a17c26a230018fc4eb7bafa23d49b528
b07640762dab8b98a58f8a943ba39a4d1eb43e9728feeb8c24372a8cedecd7f4
GET /includes/templates/linglong-viu04/css/stylesheet.css HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:04 GMT
Server: Apache
Last-Modified: Fri, 01 Nov 2019 05:44:52 GMT
ETag: "38d5-5964276ff3d00"
Accept-Ranges: bytes
Content-Length: 14549
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_tm.css
107.150.63.219200 OK 20 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_tm.css
IP 107.150.63.219:0
File type Unicode text, UTF-8 text, with very long lines (680), with CRLF line terminators
Hash f694a256b5b69026eaeae06eeada5f02
752b313c7bf767af1914b1e33ef04c0ff70d26cc
c3b006ee92b1152eb3405684c47c41885901737c0f6060fca0018fc196bbbfae
GET /includes/templates/linglong-viu04/css/stylesheet_tm.css HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Thu, 29 Aug 2019 02:50:52 GMT
ETag: "4ca9-5913892e17b00"
Accept-Ranges: bytes
Content-Length: 19625
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_cart.css
107.150.63.219200 OK 8.5 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_cart.css
IP 107.150.63.219:0
File type ASCII text, with very long lines (794), with CRLF line terminators
Hash 77bb26ebb453bb24899bec79c1946680
cd2c46e8d329b1dc2ed3e9d6e5906708f7896ef2
35d5f96c4a62f60647b8768dc77f58c22509066451cf10ff9bd43fd4a05488cc
GET /includes/templates/linglong-viu04/css/stylesheet_cart.css HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 06:26:34 GMT
ETag: "214a-5cf63cac25a80"
Accept-Ranges: bytes
Content-Length: 8522
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_index_home.css
107.150.63.219200 OK 3.4 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_index_home.css
IP 107.150.63.219:0
File type ASCII text, with very long lines (337), with CRLF line terminators
Hash 215a85ce12b4c4628115f7f2b227ef12
aee95f20a4a54bd8be7d26a44abb78cd96968bd5
828ead737c606bfe664d069f1f3fd4e625973fbf084fa42082c997b84f8f6db8
GET /includes/templates/linglong-viu04/css/stylesheet_index_home.css HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:06:22 GMT
ETag: "d6b-5c65bc7ebdb80"
Accept-Ranges: bytes
Content-Length: 3435
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_css_buttons.css
107.150.63.219200 OK 1.4 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_css_buttons.css
IP 107.150.63.219:0
File type ASCII text, with very long lines (1363), with no line terminators
Hash 8a25a116b63cd44f57f1a5d79b605a66
3af4c30e02d101d3f5f2fd81a1018ba1cf569da2
95d81437bcf201898e2a9190a600151bbc7e48cc90a358128ed78f89eea9b66d
GET /includes/templates/linglong-viu04/css/stylesheet_css_buttons.css HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Wed, 19 Jul 2017 00:52:16 GMT
ETag: "553-554a10b15d000"
Accept-Ranges: bytes
Content-Length: 1363
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_l_cat.css
107.150.63.219200 OK 221 B URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_l_cat.css
IP 107.150.63.219:0
Hash bd046a4e84a978c63d13d789fddbf3f1
6f27c9363231ea52723e3fb33c2792d2913465e0
8d6a8f6214cc2cd009d1afda866cccc6774e12ad9fb38579f1ac20ebb32cdce7
GET /includes/templates/linglong-viu04/css/stylesheet_l_cat.css HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Fri, 25 Feb 2022 03:56:48 GMT
ETag: "dd-5d8cfb01be000"
Accept-Ranges: bytes
Content-Length: 221
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_related.css
107.150.63.219200 OK 2.2 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_related.css
IP 107.150.63.219:0
File type ASCII text, with CRLF line terminators
Hash 733f84062db944235c7c80c5b3cc9885
190d6157fba9d0e6220b0422f2e3baf337ca4195
e5a2be9e48c7e80aad208da81808d8db4c530dcb5eb7af3416d324bb44352b4f
GET /includes/templates/linglong-viu04/css/stylesheet_related.css HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Wed, 21 Aug 2019 08:56:06 GMT
ETag: "87c-5909cbe539580"
Accept-Ranges: bytes
Content-Length: 2172
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_xt.css
107.150.63.219200 OK 118 B URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_xt.css
IP 107.150.63.219:0
File type ASCII text, with CRLF line terminators
Hash bdb30231f4343c4e592aff36f9dab50f
f71c56bbb1e950642c362783621b84809a447d98
16da8a97403e93fbf96bb9ab31c93948bac10c7520766cdacc63044f7b57f657
GET /includes/templates/linglong-viu04/css/stylesheet_xt.css HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 09:58:14 GMT
ETag: "76-5c803caa7b980"
Accept-Ranges: bytes
Content-Length: 118
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/footerbox.css
107.150.63.219200 OK 2.1 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/footerbox.css
IP 107.150.63.219:0
File type ASCII text, with CRLF line terminators
Hash 009275ec16770c42deb694a6ca9119a5
773bdf3435949547d2f08ea361daea270f3fbee0
0764b9aaeb61c27199d579f3ecff6f1279cd9ab6ca1c34964274e54cfa8b72e4
GET /includes/templates/linglong-viu04/css/footerbox.css HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Tue, 13 Aug 2019 07:20:14 GMT
ETag: "834-58ffa78c00780"
Accept-Ranges: bytes
Content-Length: 2100
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_6.gif
107.150.63.219200 OK 766 B URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_6.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash da350cd90766a340c96b20ff03d127d5
30147fd19b58279252e361375df1d0c8f6d9a568
c865fc772bf6a50a3e408263080ccb0f091da74849c9d3557c17ae17514d3b1a
GET /includes/templates/linglong-viu04/images/rank_6.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:46:56 GMT
ETag: "2fe-54fb37e0bdc00"
Accept-Ranges: bytes
Content-Length: 766
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_8.gif
107.150.63.219200 OK 773 B URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_8.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash 255ef97d3abcea681cd2e8acd77ad0b1
0ca7ae48c40d965bdf794f5c41b5138d335e4e7a
cdcb9869aff9da1a51eb4b97016e57dc9420a4a292d8a88596abd29c94db8e5b
GET /includes/templates/linglong-viu04/images/rank_8.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:46:58 GMT
ETag: "305-54fb37e2a6080"
Accept-Ranges: bytes
Content-Length: 773
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_7.gif
107.150.63.219200 OK 737 B URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_7.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash 5ae938d4c59d6c52efdc9dfa7940037b
a243882381f3e103312242b5ca2eb9b8a295a2b7
4e569edfefd853caf0af7c24d06e242ba6b4a49ddc4775186098688ea8211030
GET /includes/templates/linglong-viu04/images/rank_7.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:46:58 GMT
ETag: "2e1-54fb37e2a6080"
Accept-Ranges: bytes
Content-Length: 737
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/includes/templates/linglong-viu04//jscript/jquery1.9.1.js
107.150.63.219200 OK 93 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04//jscript/jquery1.9.1.js
IP 107.150.63.219:0
File type ASCII text, with very long lines (32089), with CRLF line terminators
Hash 383771ef1692bfcc3f2b6917ca985778
a1ce0bfa507f23cc414a9a7634bd73b994bb3b35
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
Analyzer Verdict Alert fortinet Malware
GET /includes/templates/linglong-viu04//jscript/jquery1.9.1.js HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2016 07:18:10 GMT
ETag: "169d9-53939c08df080"
Accept-Ranges: bytes
Content-Length: 92633
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/body_bg.jpg
107.150.63.219200 OK 9.5 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/body_bg.jpg
IP 107.150.63.219:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=55, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=120], progressive, precision 8, 120x55, components 3\012- data
Hash 53ffc41ee3db83205a2c4709821c6bae
aad72568ddf34c75df56361eddb7abcbcf3c34c7
b72a26de7554b23d6589d55c1e2e9e1451b59d658ae925f61868b0a3de8b8466
GET /includes/templates/linglong-viu04/images/body_bg.jpg HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_tm.css
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Mon, 12 Aug 2019 09:08:36 GMT
ETag: "24ed-58fe7de754d00"
Accept-Ranges: bytes
Content-Length: 9453
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/cart.jpg
107.150.63.219200 OK 4.9 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/cart.jpg
IP 107.150.63.219:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 150x40, components 3\012- data
Hash 3f7b16674159fda74fc6acbe1f15376b
86a630abdeb88163d3bf3fbe22eeb6a3d07f57ce
87ce5995f51129b5296b0b43a4b346eb87e7c802109c1d6e7ca8e6aa1edc87b3
GET /includes/templates/linglong-viu04/images/cart.jpg HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:45:14 GMT
ETag: "131b-54fb377f77680"
Accept-Ranges: bytes
Content-Length: 4891
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/sbtn.jpg
107.150.63.219200 OK 1.6 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/sbtn.jpg
IP 107.150.63.219:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 79x30, components 3\012- data
Hash 9a425db84c7a2b5b73060674f99df2e6
b566bf77e255ec44492b128ec688cc600a378d75
29f67d9b9f65182c619822e6d1cd614c2058de61bdd8cd52cec65590833987e8
GET /includes/templates/linglong-viu04/images/sbtn.jpg HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:47:08 GMT
ETag: "668-54fb37ec2f700"
Accept-Ranges: bytes
Content-Length: 1640
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/logo.jpg
107.150.63.219200 OK 32 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/logo.jpg
IP 107.150.63.219:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2019:08:12 14:23:20], progressive, precision 8, 352x105, components 3\012- data
Hash 1f4af01042d3b99d666eaf60d4d85e96
08eeb80c6508ee1330a19b2bda022a46f571d4e5
71e4d7758ee7a7b9144ffa9b65e6f361dbc77b65fe0f21dc29bf5f0851bf5f9e
GET /includes/templates/linglong-viu04/images/logo.jpg HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Mon, 12 Aug 2019 06:23:24 GMT
ETag: "7e67-58fe58fa82f00"
Accept-Ranges: bytes
Content-Length: 32359
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/head_sokujitu_181017.jpg
107.150.63.219200 OK 16 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/head_sokujitu_181017.jpg
IP 107.150.63.219:0
File type JPEG image data, baseline, precision 8, 478x37, components 3\012- data
Hash b86a9aa9c00c49fba9950413423b0b87
77df1bb9a74fca7bfa93900dee296de0f00b5cfd
5f3013fc58f55e2dd467a54beb2b192be6dfec67203990ad6ee12a596d144896
GET /includes/templates/linglong-viu04/images/head_sokujitu_181017.jpg HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Mon, 12 Aug 2019 07:31:44 GMT
ETag: "3d0d-58fe684093800"
Accept-Ranges: bytes
Content-Length: 15629
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTcyODgwNDM0NzBfMS5qcGc=
107.150.63.219200 OK 43 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTcyODgwNDM0NzBfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 546x720, components 3\012- data
Hash 72cc8fa0b5da017f8251d3281c16b4e2
24a919b300c0c27a690d9e62b83671623ec6962b
31b2aaa1b0a52da5340f2c1058c9f6e618dc2f0abf69b48168d2d3df7fea4e2d
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTcyODgwNDM0NzBfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/marker.png
107.150.63.219200 OK 213 B URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/marker.png
IP 107.150.63.219:0
File type PNG image data, 7 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash e65e388b3e3667ceb71bea93940ef412
6c07bc08c6952d0367b4f9a5687f0b78b24f615a
82341e0a77344d1d733bf644724083004d5186a3d12315ff957edfb44868ea8b
GET /includes/templates/linglong-viu04/images/marker.png HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/style_categories.css
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:46:34 GMT
ETag: "d5-54fb37cbc2a80"
Accept-Ranges: bytes
Content-Length: 213
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTA4MTE0OTIyMTdfMS5qcGc=
107.150.63.219200 OK 106 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTA4MTE0OTIyMTdfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 106 kB (106349 bytes)
Hash e028cbc4b450161846c02fb2f72c61dd
a796d030a43a5d8f4eba11c6b7ed950b188d7a40
6bf5dce8cd6317e0ae547a7f5ef57472875251e87b90c5cc0f1355a8753bb35d
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTA4MTE0OTIyMTdfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjk1OTczNDkyOTdfMS5qcGc=
107.150.63.219200 OK 58 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjk1OTczNDkyOTdfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 452x720, components 3\012- data
Hash 28a4827bc85691aba14ffdf0eff202e8
b3c9e2c62ce134339432b435c830a8523ad0dde5
75327abec01d2c347395500b74e86aea67b7574cba397a7450f416bda36297a7
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjk1OTczNDkyOTdfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODcwMzQxMDE5NzZfMS5qcGc=
107.150.63.219200 OK 37 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODcwMzQxMDE5NzZfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x800, components 3\012- data
Hash 833650e016ad2e54296b4b4b67f70d6c
bcb61ce6823031d0bb605f162e1e80535010ded0
cf018f72921376cd7cd8b758872633bce756d51f2eb81bc09d1b9b93091ef2c7
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODcwMzQxMDE5NzZfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjcwNzMwNjAxNzVfMS5qcGc=
107.150.63.219200 OK 222 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjcwNzMwNjAxNzVfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 222 kB (221905 bytes)
Hash 16c94377d3259062fb05b421c9b5d92e
2783eeb0e10c7bc22d75f3dca5a0930594bcf726
ede44e5a1394d96e36c420055cd8be8d49481f94424320d16c35216d4f03bcb0
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjcwNzMwNjAxNzVfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTU2OTc1NTE0MTBfMS5qcGc=
107.150.63.219200 OK 87 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTU2OTc1NTE0MTBfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 15b79aab05fb1c8eb61c67b1d9f65194
47f554eaa8d1cb0285b096ea068cc864d1f913de
33e4737b01d522b092118d7026ea39a26e78f6776209988b384c6e486f78117f
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTU2OTc1NTE0MTBfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODQ4ODU5MjA1NjVfMS5qcGc=
107.150.63.219200 OK 80 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODQ4ODU5MjA1NjVfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 986x1080, components 3\012- data
Hash b7b4c4975b28967a4aa5adff8323438b
3825cc31250ec8a2af35d9e624980da059ad6799
74e0bf9984711568d520921e939b16c5f19c4fbac307a6d755e8613fdba2f1f0
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODQ4ODU5MjA1NjVfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODk4MDQ2MjA3MTZfMS5qcGc=
107.150.63.219200 OK 185 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODk4MDQ2MjA3MTZfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 185 kB (184748 bytes)
Hash 31d5bf4f22350040b1a223147cb9b782
d40c74bb7ee063b61c7bc88114acfcb711680e2d
11bae7539b0cd58159b4b7b50030c3420dcd3951c86654a44a2bbe0a4e08983d
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODk4MDQ2MjA3MTZfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/new-tbanner.gif
107.150.63.219200 OK 4.5 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/new-tbanner.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 950 x 80\012- data
Hash d9d5eb6a4b13f99c3d9f4828456663a0
48cb14676b6dcaf5dd251d5012510e7bb0b883c3
a224c0ba66b8480052966096e55c7705f1a6caf7499c819e766dd0372fae31b7
GET /includes/templates/linglong-viu04/images/new-tbanner.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_tm.css
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
Last-Modified: Sat, 18 May 2019 07:11:12 GMT
ETag: "119b-5892434402400"
Accept-Ranges: bytes
Content-Length: 4507
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODYwOTYzMjQ4MzFfMS5qcGc=
107.150.63.219200 OK 49 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODYwOTYzMjQ4MzFfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 880x1080, components 3\012- data
Hash c4d86c4c2fb61684e1096c80fb281647
4cb65d7beef262270e3505d2e0f5318b6641dbec
e34bc9a2d513e16f318ec2ba106a98bd5d75f0a9869bdc3af36b240380b41d26
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODYwOTYzMjQ4MzFfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzk2MzY0OTA0NDJfMS5qcGc=
107.150.63.219200 OK 81 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzk2MzY0OTA0NDJfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 810x1080, components 3\012- data
Hash 1a9ff913536796268c35b3f4aa98680f
b22b57839541167f6926035c2231533e56bc9fcd
44c7f362d24cf4194958bf5a32682ee4c2eac3e323b41d939d473bf9b0143698
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzk2MzY0OTA0NDJfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:05 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjg2Mjk4Mjg0NzFfMS5qcGc=
107.150.63.219200 OK 68 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjg2Mjk4Mjg0NzFfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x720, components 3\012- data
Hash d8e93f2ef7527d9e7abeb25da42b65ff
7aec0bb16377504e413638fc51640f95531d36b9
51bb4699b9211dc454c2f6b803206928c08526fb84bd7f971c1979994fdf5da8
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjg2Mjk4Mjg0NzFfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/re-tbanner.gif
107.150.63.219200 OK 4.2 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/re-tbanner.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 950 x 80\012- data
Hash 4bc40ca30ac47f5bd1f3cb38e645a341
fa3896af64bccd557c86ab32597de14e94caa6dd
b8b6dff2a57fa5a62c562e1dc3c768a41c15e146d74a8c5d1246901be862ae3a
GET /includes/templates/linglong-viu04/images/re-tbanner.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/includes/templates/linglong-viu04/css/stylesheet_tm.css
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Sat, 18 May 2019 07:11:26 GMT
ETag: "104a-589243515c380"
Accept-Ranges: bytes
Content-Length: 4170
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDcxMzgzOTA1OTlfMS5qcGc=
107.150.63.219200 OK 64 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDcxMzgzOTA1OTlfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x720, components 3\012- data
Hash 022ecdb2f1511e734e52388dc0d4b758
bcf31c15546ac4b22822f17d61c3fff977b3e375
6d1a8530902c24ddcd330b705deffa86e9e2ed07683c2f90e5da3f07da26b762
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDcxMzgzOTA1OTlfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzM4ODI0MjkwNDVfMS5qcGc=
107.150.63.219200 OK 58 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzM4ODI0MjkwNDVfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash e6493c8f65f6bb8030a7f6d598c5e4ae
112713ce01eab49a6bb1022308a3cbfacbb470fd
fcb003460a706c41d77e1a8a9cf65da8a5a545340a6322f2a260db0400ecc87c
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzM4ODI0MjkwNDVfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTYyMTIxNDU4MThfMS5qcGc=
107.150.63.219200 OK 259 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTYyMTIxNDU4MThfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 259 kB (259403 bytes)
Hash 81ad6e80ef750fd5fbb351313466fa34
29736e5bbef425b10b6bb6f3dc7ea438a6a1fdc5
c00f4dff3b5d1f045d659b058327d3f773194e344af0752f94f3a95d3d76c4a5
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTYyMTIxNDU4MThfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODY3MjQxMjU4NzNfMS5qcGc=
107.150.63.219200 OK 97 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODY3MjQxMjU4NzNfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Hash 0189f676f4a97d38d61019bec16d2d58
cbb597353a941fe8fdcf185acfaddd5b52913aa2
ba1cf9b99cf42f6cf79c72019398b63a71e2bb4d216349e92cfc8bf32b511e54
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODY3MjQxMjU4NzNfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDAzNTA3OTQyMzVfMS5qcGc=
107.150.63.219200 OK 123 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDAzNTA3OTQyMzVfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Size 123 kB (122596 bytes)
Hash f6b4dfc4049b2331d76110cc2e1dbe7d
046f3fcf849e66cef50ea768e64be3e50176e9f4
e3e4e9c6d89d65636f490279f7f6e67865cd308b5fb8cdfe90ae15f2e449fc46
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDAzNTA3OTQyMzVfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjExOTA0NTk2ODlfMS5qcGc=
107.150.63.219200 OK 96 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjExOTA0NTk2ODlfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 98c41f2175d4277af7068bd6aa2dbbb8
c8514777d921c99334b101df1d6b84986c307892
0bb0ea4fe7a7f141e0ce1bb061be3871e0d06174a6b2c3f4cdad11f2dae6e0f4
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjExOTA0NTk2ODlfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjc1OTgwNjk0OTNfMS5qcGc=
107.150.63.219200 OK 52 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjc1OTgwNjk0OTNfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 6019c0daae6aa072d0d543c4d784ffa5
d6e8d29be08739a7cce5c50f2bb880cde4a970f0
0a24930da9ed69404d92b25ec4e70e0e77019fafa5dccb432759813d8b1e2451
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjc1OTgwNjk0OTNfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjg5NTQ4NzIyMjVfMS5qcGc=
107.150.63.219200 OK 44 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjg5NTQ4NzIyMjVfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x1080, components 3\012- data
Hash 83e5f54cb9226b83623e4e180637110e
5f668782e6ec8d246728dab7c9e99d66ed17e933
37479e61d016f91f8c2db8b29283f219d26ef26d11b3a23269095cb881856b17
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjg5NTQ4NzIyMjVfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/fguide-daibiki.gif
107.150.63.219200 OK 3.5 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/fguide-daibiki.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 95 x 30\012- data
Hash 2a35825df231d24bab1936aeb8f79e2f
5178b01f6f8e9b57ba110dfc418e55fb6d4a7d48
cfbb74e07eb205e48aaf1c2ea58f406570d39948cfac078934f302273b973d08
GET /includes/templates/linglong-viu04/images/fguide-daibiki.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Tue, 13 Aug 2019 06:57:48 GMT
ETag: "dc8-58ffa2885b300"
Accept-Ranges: bytes
Content-Length: 3528
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODA2NTE3NjEwMzJfMS5qcGc=
107.150.63.219200 OK 46 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODA2NTE3NjEwMzJfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 483x720, components 3\012- data
Hash 87b50e5f7ddcad2fa68f26eb2f143911
b28f01e81236507e3d11313887e3466834153269
3443f0a980a27acfd7c6495a240ac948931a37145f7aab90d07f7483e712bb8a
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODA2NTE3NjEwMzJfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTEzNDQ1NDY1OTlfMS5qcGc=
107.150.63.219200 OK 86 kB URL HTTP/1.1 mfzypk.adirectorabm.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTEzNDQ1NDY1OTlfMS5qcGc=
IP 107.150.63.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash af8d36f1cd17d8fd3f7b360889b802c6
ddeac932d5da44f03f107ff96973118222e2dfc5
676732f0c6ce276d8a03cec2f1cb41687e630c8fb50bd6b4f348d0d6a47f3b07
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTEzNDQ1NDY1OTlfMS5qcGc= HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_1.gif
107.150.63.219200 OK 2.0 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_1.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash c9c1a377b2465fa88eb90f7f21fc4943
c329224a6ff30a92cb75e8d055d12185c30b54c6
0362db86a76badda7ca8dec6954d760c2bfe7b5c3e438682ff3213926d5a5c08
GET /includes/templates/linglong-viu04/images/rank_1.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:46:52 GMT
ETag: "7e8-54fb37dced300"
Accept-Ranges: bytes
Content-Length: 2024
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_2.gif
107.150.63.219200 OK 605 B URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_2.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash 8192f534aa798503e77cbf8e2eb15d57
24e72796481cfd7395cd43cdeb09edad3cf8446b
3616bc7d39ef97ce96d225530cc04796a283dabf239d3be97a21437f120832b9
GET /includes/templates/linglong-viu04/images/rank_2.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:46:54 GMT
ETag: "25d-54fb37ded5780"
Accept-Ranges: bytes
Content-Length: 605
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_3.gif
107.150.63.219200 OK 2.0 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_3.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash a8a0cf82adfcc5990b7dba0d5156379f
c9ec96160b488a5a1d1a317443926c7bb54563bd
eb9a0139afb41bc80e768ff61a5a3bf3956da00bea0bb6fe6fcde50589b79065
GET /includes/templates/linglong-viu04/images/rank_3.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:46:54 GMT
ETag: "7c6-54fb37ded5780"
Accept-Ranges: bytes
Content-Length: 1990
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/0731_koukan_1050_s.jpg
107.150.63.219200 OK 214 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/0731_koukan_1050_s.jpg
IP 107.150.63.219:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=493, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1050], progressive, precision 8, 1050x443, components 3\012- data
Size 214 kB (214062 bytes)
Hash b58b7e7f8e8fef0303faa4b708acb696
07a718bc8f7b969a7d3a7f50f6b78837808a80eb
18d045a9583be5a269e4f153cd95359c577f59db227ecdb13ba1fa922f0138c4
GET /includes/templates/linglong-viu04/images/0731_koukan_1050_s.jpg HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Mon, 12 Aug 2019 09:09:58 GMT
ETag: "3442e-58fe7e3588580"
Accept-Ranges: bytes
Content-Length: 214062
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_4.gif
107.150.63.219200 OK 726 B URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_4.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash 9e975ea97719e1ad72951890eab538b2
cb425216738dbc4b98ed7f86d2ad939d17922cc0
e5a91abf348d298145f1f237505150cc1f60673b0a21b459cdf4029ba188bcd4
GET /includes/templates/linglong-viu04/images/rank_4.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:46:56 GMT
ETag: "2d6-54fb37e0bdc00"
Accept-Ranges: bytes
Content-Length: 726
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_5.gif
107.150.63.219200 OK 883 B URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_5.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash 02ab4d95ec4727b873675dedf23fcbd6
73fb8ee0b0b7d4e12e2f90812ba109865bd55936
95e544e3858c250b62e09e90ea9b20d4a522b96f3d4658a908182c76cac0ebcc
GET /includes/templates/linglong-viu04/images/rank_5.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:46:56 GMT
ETag: "373-54fb37e0bdc00"
Accept-Ranges: bytes
Content-Length: 883
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_9.gif
107.150.63.219200 OK 763 B URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_9.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash a34576572e69e8448656b2fef0a85091
e36cb983bf59a33b4f2df30a42eea33af7e367a2
4bd758972868ca67bf4c88a6ac29fed015fa9b539a03e09e3540bfc77c992667
GET /includes/templates/linglong-viu04/images/rank_9.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:46:58 GMT
ETag: "2fb-54fb37e2a6080"
Accept-Ranges: bytes
Content-Length: 763
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/imgrc0076950171.jpg
107.150.63.219200 OK 138 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/imgrc0076950171.jpg
IP 107.150.63.219:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=310, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=726], progressive, precision 8, 726x278, components 3\012- data
Size 138 kB (137823 bytes)
Hash e4cb3391c9bedbd37250fae91d59de06
bf510c356b2b8660f87d857407b084400aeeada6
1763a8538879f3398a914d9028957fa891605590dd1c24d43aff4485cae41cca
GET /includes/templates/linglong-viu04/images/imgrc0076950171.jpg HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Tue, 13 Aug 2019 03:40:56 GMT
ETag: "21a5f-58ff76878e200"
Accept-Ranges: bytes
Content-Length: 137823
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_10.gif
107.150.63.219200 OK 789 B URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/rank_10.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash ba5aa31792e757343133e787184723d2
7f695ddf8ee3a36e3e8dd7b0d98e5108e9afb4dd
e4b75d485b047de1fd5cf388db63672353db7c5e6c6d27324480feb53cd0e948
GET /includes/templates/linglong-viu04/images/rank_10.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Wed, 17 May 2017 07:46:52 GMT
ETag: "315-54fb37dced300"
Accept-Ranges: bytes
Content-Length: 789
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/bnr_fes2019.jpg
107.150.63.219200 OK 46 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/bnr_fes2019.jpg
IP 107.150.63.219:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 616x120, components 3\012- data
Hash 85bcef3c8acf7bdcc106b4800f53a456
24c06a669db4bbcfaea275349fff202de56827dc
fac94e3ecebd2941a1dbeb3d42a19f0da839f5b1d1c79701558be1bc382ec70f
GET /includes/templates/linglong-viu04/images/bnr_fes2019.jpg HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Sat, 10 Aug 2019 03:07:26 GMT
ETag: "b2c8-58fba97249780"
Accept-Ranges: bytes
Content-Length: 45768
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/h-bg.jpg
107.150.63.219200 OK 77 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/h-bg.jpg
IP 107.150.63.219:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x400, components 3\012- data
Hash 846e320e2967d05d9c276e98b9469233
b5b4c89f11424901700531a2eeb698529d7d13e2
d3ef2540fb5a5b5d6b05b8ceda988875a68fcc23154d6cba8fb1010438864fc9
GET /includes/templates/linglong-viu04/images/h-bg.jpg HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Fri, 26 Jul 2019 09:26:16 GMT
ETag: "12df7-58e9222563e00"
Accept-Ranges: bytes
Content-Length: 77303
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/logo.gif
107.150.63.219200 OK 6.8 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/logo.gif
IP 107.150.63.219:0
File type GIF image data, version 89a, 352 x 105\012- data
Hash 7632afca7a12b574c2660af5f8ab1083
c0de2f8fcc501e3bb39bae2d96afe062d31343ee
46887b0f9edae5a35d73cea739da6f9ab23028db3263d848d4edac29f5d0719e
GET /includes/templates/linglong-viu04/images/logo.gif HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Mon, 12 Aug 2019 04:01:58 GMT
ETag: "1a98-58fe395da1980"
Accept-Ranges: bytes
Content-Length: 6808
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/gif
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/common/all_yj.png
107.150.63.219200 OK 21 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/common/all_yj.png
IP 107.150.63.219:0
File type PNG image data, 320 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 4193f1572e5a0c95125efbef8399c1f0
e60cb3f02b750ecf1be080eecf75cfbcac54eb36
323709d7cc5d328379211d091df52e375910d7c62009fff85b20e4254880d208
GET /includes/templates/linglong-viu04/images/common/all_yj.png HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Mon, 18 Feb 2019 03:24:16 GMT
ETag: "5152-58222a8cc1800"
Accept-Ranges: bytes
Content-Length: 20818
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/1000300_PATRICK_02.jpg
107.150.63.219200 OK 214 kB URL HTTP/1.1 mfzypk.adirectorabm.top/includes/templates/linglong-viu04/images/1000300_PATRICK_02.jpg
IP 107.150.63.219:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015.5 (Macintosh), datetime=2018:03:12 15:32:12], baseline, precision 8, 1000x300, components 3\012- data
Size 214 kB (214349 bytes)
Hash f7be5fd4a7a2b019df9049d5daf23b60
da3ffefe9cea8c66ce3989fc6090cb58807a17bc
d24c276a6cff235754883589bb5476c84c0fadc268219e10e83e36ad5fc2dc5b
GET /includes/templates/linglong-viu04/images/1000300_PATRICK_02.jpg HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Mon, 12 Aug 2019 07:33:36 GMT
ETag: "3454d-58fe68ab63400"
Accept-Ranges: bytes
Content-Length: 214349
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
mfzypk.adirectorabm.top/favicon.ico
107.150.63.219200 OK 5.4 kB URL HTTP/1.1 mfzypk.adirectorabm.top/favicon.ico
IP 107.150.63.219:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash e3d999162d3300c9a0ccc5ad15f1c178
1a2819cd98932ff9f5fdb9e4db4b6706b7474353
5433b42817d81ae9ffdb614e37e90e757bce6959340c47a3d22ebe99c83c74af
GET /favicon.ico HTTP/1.1
Host: mfzypk.adirectorabm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mfzypk.adirectorabm.top/
Cookie: zenid=trsi4tadd26pkbe8qcr50bsj62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 07:02:06 GMT
Server: Apache
Last-Modified: Thu, 28 Dec 2017 23:11:02 GMT
ETag: "1536-5616ea12e0d80"
Accept-Ranges: bytes
Content-Length: 5430
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d143b65b98551bde96a7f026808d4583
3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7
004be88ebe2a4840bb718a5148fcf7d2dc1400f6c1c880cee4428d66ba91dbd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9972
x-amzn-requestid: 8a609804-1429-4a2d-abdc-7dc74a83a35b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcWB-GO8oAMF5Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4d072-0a0afc9625eb840c0b14b259;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:36:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uOHt5PEtB9XCEUi1eFA_7pTZsZgHQnvadZNw7BiXJTYMmnYgAzZ7pQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:58 GMT
age: 11472
etag: "3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2