| cn.cctv-baidu-163-sina-sohu.xyz/tj.js | 107.148.14.135 | 200 OK | 21 B |
URL GET HTTP/2cn.cctv-baidu-163-sina-sohu.xyz/tj.js IP107.148.14.135:443
CertificateIssuerLet's Encrypt Subjectcctv-baidu-163-sina-sohu.xyz Fingerprint88:E2:21:D0:5A:EB:82:C8:19:44:03:19:D5:4F:48:AD:AD:21:36:CD ValiditySat, 23 Mar 2024 07:19:32 GMT - Fri, 21 Jun 2024 07:19:31 GMT
File typeASCII text, with no line terminators Hash990ba5e3d9d2eef63fd13e1333b7de44 eeb9ec9a27627e5019a0b047ca950cc4af6f3950 5c28b82d80fd32c972a910cf16b32239f4952fc838fd7e16aede693573709809
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tj.js HTTP/1.1
Host: cn.cctv-baidu-163-sina-sohu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 22:45:54 GMT
content-type: application/javascript
content-length: 21
last-modified: Sat, 20 Apr 2024 04:38:55 GMT
etag: "662346df-15"
expires: Mon, 06 May 2024 10:45:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| | 188.114.96.1 | 200 OK | 6.3 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectavxx-282.xyz FingerprintDE:2B:14:B8:98:4C:2B:62:96:AB:17:1B:CF:20:3E:7B:F1:B8:04:94 ValidityWed, 10 Apr 2024 10:40:21 GMT - Tue, 09 Jul 2024 10:40:20 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1013), with CRLF, LF line terminators Hash83366f3c5b381f189980637878b153ad 0d88197b61bb390f440fa836241449a0916ef8fd 5e50872eb0a718634f23e67083dd57093663375e1efdfc15602ce73851977ecc
GET / HTTP/1.1
Host: avxx-282.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 22:46:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PJVO8p8l2QAc3LIVcgKxMmS3neUTv8LETjGCc0N%2BuyQdalARBJaO9V45ap0sASP4xOfUWV5ORVI4DvA9XKLPIemkmFFT8sr0ZcgwtmGifl5VL%2FsPjeWwWg7Jo6t9EII%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87f4436d9ca956ba-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| avxx-282.xyz/template/mb2/js/jquery-3.0.1.min.js | 0.0.0.0 | | 0 B |
URL GET avxx-282.xyz/template/mb2/js/jquery-3.0.1.min.js IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-282.xyz FingerprintDE:2B:14:B8:98:4C:2B:62:96:AB:17:1B:CF:20:3E:7B:F1:B8:04:94 ValidityWed, 10 Apr 2024 10:40:21 GMT - Tue, 09 Jul 2024 10:40:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/js/jquery-3.0.1.min.js HTTP/1.1
Host: avxx-282.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-282.xyz/template/mb2/css/new.css | 0.0.0.0 | | 0 B |
URL GET avxx-282.xyz/template/mb2/css/new.css IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-282.xyz FingerprintDE:2B:14:B8:98:4C:2B:62:96:AB:17:1B:CF:20:3E:7B:F1:B8:04:94 ValidityWed, 10 Apr 2024 10:40:21 GMT - Tue, 09 Jul 2024 10:40:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/css/new.css HTTP/1.1
Host: avxx-282.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-282.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-282.xyz/template/mb2/css/style.css | 0.0.0.0 | | 0 B |
URL GET avxx-282.xyz/template/mb2/css/style.css IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-282.xyz FingerprintDE:2B:14:B8:98:4C:2B:62:96:AB:17:1B:CF:20:3E:7B:F1:B8:04:94 ValidityWed, 10 Apr 2024 10:40:21 GMT - Tue, 09 Jul 2024 10:40:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/css/style.css HTTP/1.1
Host: avxx-282.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-282.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-282.xyz/static/js/jquery.js | 0.0.0.0 | | 0 B |
URL GET avxx-282.xyz/static/js/jquery.js IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-282.xyz FingerprintDE:2B:14:B8:98:4C:2B:62:96:AB:17:1B:CF:20:3E:7B:F1:B8:04:94 ValidityWed, 10 Apr 2024 10:40:21 GMT - Tue, 09 Jul 2024 10:40:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/jquery.js HTTP/1.1
Host: avxx-282.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-282.xyz/template/mb2/js/lazyload.js | 0.0.0.0 | | 0 B |
URL GET avxx-282.xyz/template/mb2/js/lazyload.js IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-282.xyz FingerprintDE:2B:14:B8:98:4C:2B:62:96:AB:17:1B:CF:20:3E:7B:F1:B8:04:94 ValidityWed, 10 Apr 2024 10:40:21 GMT - Tue, 09 Jul 2024 10:40:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/js/lazyload.js HTTP/1.1
Host: avxx-282.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-282.xyz/img/url.js | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-282.xyz FingerprintDE:2B:14:B8:98:4C:2B:62:96:AB:17:1B:CF:20:3E:7B:F1:B8:04:94 ValidityWed, 10 Apr 2024 10:40:21 GMT - Tue, 09 Jul 2024 10:40:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/url.js HTTP/1.1
Host: avxx-282.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| cn.cctv-baidu-163-sina-sohu.xyz/vip.js | 107.148.14.135 | 200 OK | 1.2 kB |
URL GET HTTP/2cn.cctv-baidu-163-sina-sohu.xyz/vip.js IP107.148.14.135:443
CertificateIssuerLet's Encrypt Subjectcctv-baidu-163-sina-sohu.xyz Fingerprint88:E2:21:D0:5A:EB:82:C8:19:44:03:19:D5:4F:48:AD:AD:21:36:CD ValiditySat, 23 Mar 2024 07:19:32 GMT - Fri, 21 Jun 2024 07:19:31 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1185), with no line terminators Hash276861debbc8b474b73c264a5adc53d7 cec7f3865bb990a114c3e47da0121b4431457aae 1f68088dec5c668a4b430fb930eec4a6f76b2fb6c7f9c3cc4917f15911a4bd58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vip.js HTTP/1.1
Host: cn.cctv-baidu-163-sina-sohu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 22:45:54 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 11:03:09 GMT
vary: Accept-Encoding
etag: W/"663372ed-4b5"
expires: Mon, 06 May 2024 10:45:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| avxx-282.xyz/template/mb2/image/loading.svg | 0.0.0.0 | | 0 B |
URL GET avxx-282.xyz/template/mb2/image/loading.svg IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-282.xyz FingerprintDE:2B:14:B8:98:4C:2B:62:96:AB:17:1B:CF:20:3E:7B:F1:B8:04:94 ValidityWed, 10 Apr 2024 10:40:21 GMT - Tue, 09 Jul 2024 10:40:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/image/loading.svg HTTP/1.1
Host: avxx-282.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-282.xyz/template/mb2/js/script.js | 0.0.0.0 | | 0 B |
URL GET avxx-282.xyz/template/mb2/js/script.js IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-282.xyz FingerprintDE:2B:14:B8:98:4C:2B:62:96:AB:17:1B:CF:20:3E:7B:F1:B8:04:94 ValidityWed, 10 Apr 2024 10:40:21 GMT - Tue, 09 Jul 2024 10:40:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/js/script.js HTTP/1.1
Host: avxx-282.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-282.xyz/template/mb2/js/clipboard.min.js | 0.0.0.0 | | 0 B |
URL GET avxx-282.xyz/template/mb2/js/clipboard.min.js IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-282.xyz FingerprintDE:2B:14:B8:98:4C:2B:62:96:AB:17:1B:CF:20:3E:7B:F1:B8:04:94 ValidityWed, 10 Apr 2024 10:40:21 GMT - Tue, 09 Jul 2024 10:40:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/js/clipboard.min.js HTTP/1.1
Host: avxx-282.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|