Report - bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65

Report Overview

Visited public
2025-06-14 11:26:44
Tags
URL
bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Finishing URL
bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
IP / ASN
54.36.62.103
#16276 OVH SAS
Title
The most popular dating site of this month

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bjicgeg.linksoffrs.com	unknown	2025-05-29	2025-06-11	2025-06-11	49 kB	757 kB	54.36.62.103

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-14	medium	linksoffrs.com	Sinkholed
2025-06-14	medium	linksoffrs.com	Sinkholed
2025-06-14	medium	linksoffrs.com	Sinkholed
2025-06-14	medium	linksoffrs.com	Sinkholed
2025-06-14	medium	linksoffrs.com	Sinkholed
2025-06-14	medium	linksoffrs.com	Sinkholed
2025-06-14	medium	linksoffrs.com	Sinkholed
2025-06-14	medium	linksoffrs.com	Sinkholed
2025-06-14	medium	linksoffrs.com	Sinkholed
2025-06-14	medium	linksoffrs.com	Sinkholed
2025-06-14	medium	linksoffrs.com	Sinkholed
2025-06-14	medium	linksoffrs.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	bjicgeg.linksoffrs.com/bundle/323/assets/js/bootstrap.min.js	ScriptElement	1.0 kB	2023-06-18	2025-06-17
Pretty URL bjicgeg.linksoffrs.com/bundle/323/assets/js/bootstrap.min.js IP 54.36.62.103 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-18 18:10 Last Seen2025-06-17 20:34 Times Seen145 Hash da48b2486e8ad9c811248091d643182c e65c0e69ed65391825b937909eeff00bc44fce32 ad6e1e6fcfc0facc336c769b9554c67a9b4923618b39540ec5a1c97c7f39cae6 Loading...

	bjicgeg.linksoffrs.com/bundle/323/assets/js/jquery.js	ScriptElement	1.0 kB	2023-04-24	2025-06-17
Pretty URL bjicgeg.linksoffrs.com/bundle/323/assets/js/jquery.js IP 54.36.62.103 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-24 18:51 Last Seen2025-06-17 18:00 Times Seen432 Hash 940ab219c3539f4fd349c0acbb57eeab 6f3802b260eedd09e649075bc0eda8a30eee24d7 ce5a6a5e0d3d2e8b24f497de979998450c8c7ce63debd577a88ff5eec87da9dd Loading...

	bjicgeg.linksoffrs.com/bundle/323/assets/js/functions.js	ScriptElement	6.4 kB	2023-03-29	2025-06-14
Pretty URL bjicgeg.linksoffrs.com/bundle/323/assets/js/functions.js IP 54.36.62.103 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:04 Last Seen2025-06-14 11:26 Times Seen18 Hash d521431433e3f187e60b7128388089a7 e919dfb00c2450d0aa8a61ce27f5a2530427170d e61bd1b11e83bb532396f2d942aee3454866137e55b8eef210900a71cb87399c Loading...

HTTP Transactions (12)

URL IP Response Size

bjicgeg.linksoffrs.com/bundle/323/assets/css/bootstrap.min.css

54.36.62.103

200 OK

120 kB

URL GET
bjicgeg.linksoffrs.com/bundle/323/assets/css/bootstrap.min.css
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Requested by
https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
ASCII text, with very long lines (492)
Size
120 kB (119460 bytes)
Hash
6474cddf233f5ac59e674ea5ef009a2d
7a9f493a149fb7bdeaacb52d633b7d22370ee325
9a9f9169d19f544ce396586cc05693ec493e233fccba8fff6c3b2a73891e76fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bundle/323/assets/css/bootstrap.min.css HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=86400, public
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bjicgeg.linksoffrs.com/bundle/323/assets/css/style.css

54.36.62.103

200 OK

5.9 kB

URL GET
bjicgeg.linksoffrs.com/bundle/323/assets/css/style.css
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Requested by
https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
assembler source, ASCII text
Size
5.9 kB (5911 bytes)
Hash
a8d289cfdec2b323320b34e475b5ae4b
febed8bd13483ec1bb4f42e206e8b25e230e45d6
35d1c11bbbcc19dd3010e89bcd2df6e3503a29ad7bcb5135d6ba23ea710602c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bundle/323/assets/css/style.css HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=86400, public
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bjicgeg.linksoffrs.com/bundle/323/assets/js/jquery.js

54.36.62.103

200 OK

86 kB

URL GET
bjicgeg.linksoffrs.com/bundle/323/assets/js/jquery.js
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Requested by
https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bundle/323/assets/js/jquery.js HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=86400, public
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bjicgeg.linksoffrs.com/bundle/323/assets/img/favicon.png

54.36.62.103

200 OK

3.0 kB

URL GET
bjicgeg.linksoffrs.com/bundle/323/assets/img/favicon.png
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Requested by
https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
3.0 kB (3003 bytes)
Hash
6b36a0271beb4b7f4f7c2dcbd76e76df
0367ea8b83bbfb9dd42bad6e0d2e4abe02451c0b
d2ae0fb597f3247f0ceb450941dd4b1693c8b7e4800d1850255cad2fb668b305

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bundle/323/assets/img/favicon.png HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: image/png
cache-control: max-age=86400, public
x-cache-status: HIT
X-Firefox-Spdy: h2

bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65

54.36.62.103

200 OK

58 kB

URL User Request GET
bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
HTML document, ASCII text, with very long lines (30569), with CRLF, LF line terminators
Size
58 kB (57778 bytes)
Hash
94d578f45c8eb13075b5516e11366349
afef80499614942f04234277188bb6fcbed228d5
dd0786e53574aad9fde1a1c8418676e32283ceb754af0053e10fad517f7af612

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s/8767cd3b05002?subsource=WZIIB65 HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D; expires=Sun, 15 Jun 2025 11:26:23 GMT; Max-Age=86400; path=/; domain=linksoffrs.com
cache-control: must-revalidate, no-cache, no-store, private
pragma: no-cache
expires: 0
content-encoding: gzip
X-Firefox-Spdy: h2

bjicgeg.linksoffrs.com/bundle/323/assets/img/phone.png

54.36.62.103

200 OK

163 kB

URL GET
bjicgeg.linksoffrs.com/bundle/323/assets/img/phone.png
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Requested by
https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
PNG image data, 942 x 550, 8-bit colormap, non-interlaced
Size
163 kB (162801 bytes)
Hash
c33bc95b6798263b04b6bf0e04ecf399
67c2cd002f114f4517e9da89f323f4d5fc36f2a8
5d1c9ab9458fd1fb1f65ba2bc3098a6bd171114b284734f41ab71286ae9b1fa5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bundle/323/assets/img/phone.png HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: image/png
cache-control: max-age=86400, public
x-cache-status: HIT
X-Firefox-Spdy: h2

bjicgeg.linksoffrs.com/bundle/323/assets/js/functions.js

54.36.62.103

200 OK

6.4 kB

URL GET
bjicgeg.linksoffrs.com/bundle/323/assets/js/functions.js
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Requested by
https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
JavaScript source, ASCII text, with very long lines (4697)
Size
6.4 kB (6370 bytes)
Hash
d521431433e3f187e60b7128388089a7
e919dfb00c2450d0aa8a61ce27f5a2530427170d
e61bd1b11e83bb532396f2d942aee3454866137e55b8eef210900a71cb87399c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bundle/323/assets/js/functions.js HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=86400, public
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bjicgeg.linksoffrs.com/bundle/323/assets/img/radar.gif

54.36.62.103

200 OK

176 kB

URL GET
bjicgeg.linksoffrs.com/bundle/323/assets/img/radar.gif
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Requested by
https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
GIF image data, version 89a, 179 x 179
Size
176 kB (175791 bytes)
Hash
0d3a894b7b00a48996f702d71fe7e7c3
b4f278b2ff6d12f7fb38fdf91c42f3190a69e53c
89495896bcc3deb0b6a643cf55ddfe620ada0cdb66cd09ce4ba801a06396fcef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bundle/323/assets/img/radar.gif HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: image/gif
cache-control: max-age=86400, public
x-cache-status: HIT
X-Firefox-Spdy: h2

bjicgeg.linksoffrs.com/bundle/323/assets/js/bootstrap.min.js

54.36.62.103

200 OK

37 kB

URL GET
bjicgeg.linksoffrs.com/bundle/323/assets/js/bootstrap.min.js
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Requested by
https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
JavaScript source, ASCII text, with very long lines (32033)
Size
37 kB (37045 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bundle/323/assets/js/bootstrap.min.js HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=86400, public
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bjicgeg.linksoffrs.com/bundle/323/assets/img/bg.png

54.36.62.103

200 OK

23 kB

URL GET
bjicgeg.linksoffrs.com/bundle/323/assets/img/bg.png
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Requested by
https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
PNG image data, 1600 x 750, 8-bit/color RGBA, non-interlaced
Size
23 kB (22819 bytes)
Hash
1d90a971e533e9e10f7b662df17255c7
4d1108ea022d16c1270f6ef547cd3a8d6150d18a
e0f2b044b041b0a2c200e09c97005fe21a5bca75539c9f3d26ae032f5d9b9fa2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bundle/323/assets/img/bg.png HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: image/png
cache-control: max-age=86400, public
x-cache-status: HIT
X-Firefox-Spdy: h2

bjicgeg.linksoffrs.com/bundle/323/assets/img/1.jpg

54.36.62.103

200 OK

71 kB

URL GET
bjicgeg.linksoffrs.com/bundle/323/assets/img/1.jpg
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Requested by
https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x750, components 3
Size
71 kB (71353 bytes)
Hash
5041fd8068d33bf04880944d18b6231d
3107493a18b53ad003745202bec8e5d82d905e6e
693c6b4d0ee92a1e1053eb11065b8c3f24bc7d8d5e57d25668021aafa7137add

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bundle/323/assets/img/1.jpg HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjicgeg.linksoffrs.com/bundle/323/assets/css/style.css
Cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache-status: HIT
X-Firefox-Spdy: h2

bjicgeg.linksoffrs.com/bundle/323/assets/img/next.png

54.36.62.103

200 OK

3.0 kB

URL GET
bjicgeg.linksoffrs.com/bundle/323/assets/img/next.png
IP
54.36.62.103:443
ASN
#16276 OVH SAS

Requested by
https://bjicgeg.linksoffrs.com/s/8767cd3b05002?subsource=WZIIB65
Certificate
IssuerLet's Encrypt
Subjectlinksoffrs.com
FingerprintAF:DB:07:AB:7C:42:17:F7:D9:65:65:03:53:67:D9:E1:7D:A6:46:20
ValidityFri, 30 May 2025 07:03:31 GMT - Thu, 28 Aug 2025 07:03:30 GMT

File type
PNG image data, 99 x 57, 8-bit/color RGBA, non-interlaced
Size
3.0 kB (2985 bytes)
Hash
2498174e3282b522aa15eac491757355
64f2366686ce495438d8fd56d04f92a456422d97
e5cb754e37fc47623bbfb3aa6571ec55fda150c9181d30343dfc61dbf4563bb3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bundle/323/assets/img/next.png HTTP/1.1
Host: bjicgeg.linksoffrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjicgeg.linksoffrs.com/bundle/323/assets/css/style.css
Cookie: s=bFQDrqhndLIPQF3ExMfi3Pm2CT1Tyqec2MYDoqYtLeZvQhGp%2BMhOiP6bal8r9LsP3KQ2Tz9LQvQoag6dfx1jVyB%2BNvShHpxV%2Bze4T77oBT4W6w4ExG4UlOxpXVpwkL8ybSEEVPlFDOGODGkpFsrct%2B7eycJO%2BiuHhysoxSVZQAW3TcVR9SdV0pkxaNUfGJTdhbB5xDlPjhmhAQxnXDub2tvZRMy4lCFVg8BxzT9hYmuZmMBbZGPnniVZ7sc1ESFLxBUhzN7mf0wkSjzNHS%2FMsEVCeGKrHvWgVz%2FaZxM9Sl0DMRNXW%2BZhlD5dgIb0aqHEMMJta0ra9Efpmf93av4XT5WQQtEP6KRx1ZMSa0yGC7YS8kgWWkEQjkNw4PXs6qiJ2YeH7CYFiu5hMroZIDUu1clSRjOlvesUVPR88nKIZBJW2t2JjodYRIK5fUqu2%2Boz8dAIeqn8yTx9bN%2B1XrQwWWfuiSvoX6e24X9h1Cn4KL1CT6HldkYtaa5r3lAuZ5I%2FFXaU6V0Augz6no1Gm0Bv6tXR1PPpkjA7ag%2FaCiPbLPHk%2FF%2FEGlsJSbVVtKtg80zxxSiQ8qPNA3pcNvVrehzdIQXtkYGWQ69XB%2F2VZGUZ7Vl2RqGlOx1BbUem6hqrgcNNGWwx%2B8jRHa%2FJ%2BkECDNEb79KE3mF5qGwr22httx23mUYoViKtDHb0xT9YbRKRaKm3I4a2s8IiHxT6jWhT9eF7APJ0IjV%2B9BIAm2aot8qZT%2FoqwtFuefTTlIcOn6qGRq8NNSYC2xYIZzQNpAp1%2F5iCbp4hIxMl5NEj78mZWg2xeFA7ZJ3czngBXMU1QnQ7OkP3nE%2BhbthMsfXdqJ6UMmcYR5ywnYxzaIdStzOG5izTb9o%2FsurnwQ%2BxFxxvnhlQhQ%2BaWKTVi5xqq3Ef2UUgbEL2tVQI3nU9CuLD27aNFq3ZNZEUyUAzn3efzaa5bpOA5fp56zSXcyo7ks2TfavlhVTfHSpo0m3VUXnkHhVIS1LlJBBnE%2BROBKs5JITRh3h%2FP1NgJnW6weHGIu6%2FS26s1T15SCIrXVsx0zkzAUGSOFiqKrISnpG8gbD0yoo53KZBaB3a9wqtOphN4nVKJFAdhsoqYagmi7HQmvXCIULT%2FM20euSzmfxRx914g6D6newBKtqlr6poprot25GMxZ%2Bq2t0Cey5v10mUvRoY%2FqvXrFF8YdKuF8qCHZkX0HbLUebM2oVvor4KOqPWvR5RJwmmVaM%2BRN2rbPdy8EOEKcL8WxaxjrbfN4f7G%2Fq0WEvn2PdKccDYlIIqY8VkTn3IqyZuJXEG%2BaRcbg2S2gJDEF976ProrbyIwVWXyKoUZtPGl7TWBBCaA61POEVZsvNfq%2Fo4gMQSaBG%2FsglXrqSv68J935y7Fw1oLDxa9iR3hXd09vhO%2FpkkA97T%2FSshBTVx%2Fc7OE%2FYePyqmnBcLx37TcZqxIkv61wz2hiND7X%2BXmdRl7OmXy%2FVQ%2Bo1sdQLw46K6PlloRYn0ABp23c0dT55scB85xLt9YWr4j8lfCmmJg5cgV11h4pAL3KODPepWbW80UiBOmFnwZI85MPv2i2bvMWqWautch%2F%2FeFE1C05R5vBJR%2Fm5Cu%2FKkvg%2FLksVq66DleOJTV1vqiXyQQEoIJWrRHcd6XSQNIiYY15C1JrxrWP1S%2B0HOdSZpRlCnXxx0ZaVX5frKuW6XiEtrRezXeka%2FPWIjbqEJLL13JjjA2EnkM5SNdUlQhmh6OFh6QBy%2FnsywJzio91FegOv8e%2BGeqCr2XoIj8Vi2nQnNylPiAgscHLneKEU9bOf2QBy9xbWqwyZienH8Ew7%2BSJY0P9azyusln613eFY5GqXV3gJqKxNtvS33xwx9tDo7R9TMjvmXmc%2F62ZQByymmmKcK%2BQDgWoUsmmKy9dWf28HkHK5WDbrv9OUdtdv%2FEG4KiggZL2OD7CZNigBC6aFhZwH%2B2CN7Jkq%2F1LfFSqukSDxW7HoFCtBIVfwin3Qx%2FW%2B5XJrJGttMR5USMLYnHLdcy1jsVB5RdF5Ks3Ggm6yQBBHE%2FRun0iZcvfH%2Be%2BYyr4ziKIOgBAfUIzWKHRHvLc5pIfKYqs9qPwn5KUM%2BGm1isBk5WBzS7tpiZxBfgYN56%2B0F%2FH4e088Wsd7SqIdXwJwRrrIYro0RnkIAm09IuicydDbi6JD%2FldrHSgpFUfJGyw2MvQSHN9eFn71ayY9zWL8I9r1fY6eepbucO%2BpLAZFBHluXFoonxugzs01CFTq7Gy1ygA60YG7S5zeXb8PybkPeOxcoUZ3Sv61bpQy7DcnxZQh%2FOFzYNxxkYUyCtCyFibfOmRY2LZFnBm%2BCWxP8vFPm7V7IS6J6fV%2B5kAVtNgbqhzgJzFV4Ig%2FkYbR2fUidjidyK77ndgg6qH0%2FmCgg2ugTdGzI8%2BY%2BQ%2B2zaXGVMPT7bP6FuSd7AmEyt8ZmVRWdxQC9stvY2X9uHmj44SjX0lqhFu02RBEY7v0dOZaayWDRqY%2BMFbUdmtkjoV0YYzST3quxwC67vsIGAV7Y1l0D2s2TrH3m5t4bDGBBR42I6hN6si3%2Bwcez9%2FUtrLWd9VH%2FfXbTt8tgvmG%2BPtn9vU7%2F3%2BmHTdwiy0C4jc60EqXBhVcRsAs4q9ZDkMhu4Jvz6C5BM37QwQJlS939yuCuq1c7uHLPWOqdPo4KbfqBb1mCT5QYlWtGoLRyX3Ozk3KSt66ooGhhZQYWwiVJduCO0cs1uNma3ais58f2Fv0rsBk%2FzDdBwpCr%2FmY1uC9nkwApb89DLe8LrHOA9xibDAe7zmW%2Bax4yyaU7DOeAKiupzMP6hUJ1vczwfqo2XVv0QGC2JjTXAYBjY5IAXVjXD7HChJ6l%2BdT8TZdm%2BaBpo53zYRO1s2GxcTRyzCZTfVWlXhlkLDQQmdIn7I9Zkq3uLS0vly20nHw2bG%2BF7tYr7tlAlgEuIrubN%2FhztARf3h9WHb7mBSIymL7ZXh8JTredrnSFZ%2FaT%2FRGePLkXlirUUjbjJOXmN4AH8nh41K47Kad%2FwtySuknT5SsTmltxFQEyoUT1YzIGKN4jw7EcN8ipRmaJoRPS3DlbI93nwDqTp5hNFEv%2BmfTYxmHpyQQm%2Futst6B43ejn5vqR9O7lIIAu3bop7YSY5p2gAC3mh7AD0M2wjLqY9rQujHpTURLJSite9CThwwyKeZw3c8CK3c%2FBKrU2SQowm6H7PjnnWaHIyF094pb6INgC5TdLb9wf5I%2FUjK4cdGEgEIKbMwoBYO597p4kjqYfvcpRN%2BQQOC8HJkJ9uYxPWaA82sQ91l8QLlvJrMY%2F0w%2FE1YhNd%2Fwb1JD1ETXiWXivcVmlKxGgox3Rkc18xAiPTD2eXyDJL2IlUydXRdo2hZl%2Fi2n7JgSf6Frh8dD3f5sTMmINHtZ6KNu5%2FwszEdlnqTKu4JNxgyGN0WhE49XWpJpzG6uGQpPw9zbXgIfcM31cjx3JLvLXSdKxBu7ywlN3LjTWgf5usmJAfvleJLBcsDE3JGJXbVIfCahJyUgYqZixfL5WrawlHIDseTGOJdcri13%2BCtSOk843zesKox%2Fo8bGv7FaoJFYINX1PvikjByD64Y1r%2BJkWYBGShyypYsfEoWLnVb4q4GQzRCIEXs%2BZxZij2AD2Rgv%2FDLmkVZNv6TJ0NPCkGcoEgSmaV2gqoP%2FF6J6XORTNzcp096ze1WL%2F1GRu7cKhTQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 14 Jun 2025 11:26:23 GMT
content-type: image/png
cache-control: max-age=86400, public
x-cache-status: HIT
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (12)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size