gfhn.xkgdatabaseiie.top/
198.204.255.142301 Moved Permanently 240 B IP 198.204.255.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d252209c64935da8383dbfae916daa3e
1aecce5f2467fbcceac85abb494b2c18903a6366
3fed9f09dd9da3266254edd94ef57c5830a903202e9c4a455f996d41e95bab28
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 12:06:44 GMT
Server: Apache
Location: https://gfhn.xkgdatabaseiie.top/
Content-Length: 240
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12741
Expires: Mon, 06 Feb 2023 15:39:05 GMT
Date: Mon, 06 Feb 2023 12:06:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21170
Expires: Mon, 06 Feb 2023 17:59:34 GMT
Date: Mon, 06 Feb 2023 12:06:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 11:36:27 GMT
content-type: application/json
age: 1817
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3290
Expires: Mon, 06 Feb 2023 13:01:34 GMT
Date: Mon, 06 Feb 2023 12:06:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7llKDhigpTh6IUTiWG28uIW/TvR16JJi4CXCr6K8/+fk61cPDhZOE2j9r92DlwXmCPdDkbkOmJM=
x-amz-request-id: MKYM1EY6GB6JX5HG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 11:53:41 GMT
age: 783
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:06:44 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5f4d8bd5522ea97ee4e1496f228e0241
ce7243f4e5a99af28721691f1f2fdece6fa5e5fc
c0ad2c73ba613920d9c089a51cb75d83f320349bef7602823faa9d1a1b017bc8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0AD2C73BA613920D9C089A51CB75D83F320349BEF7602823FAA9D1A1B017BC8"
Last-Modified: Mon, 06 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 06 Feb 2023 18:06:44 GMT
Date: Mon, 06 Feb 2023 12:06:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, Pragma, Alert, Cache-Control, Content-Length, Expires, Retry-After, Backoff, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 11:51:19 GMT
age: 926
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11881
Expires: Mon, 06 Feb 2023 15:24:46 GMT
Date: Mon, 06 Feb 2023 12:06:45 GMT
Connection: keep-alive
gfhn.xkgdatabaseiie.top/
198.204.255.142200 OK 7.7 kB IP 198.204.255.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1699), with CRLF, LF line terminators
Hash d6653df3dcb92cb97383c2810c4a1f1b
e9d718f4e3f920b50c25a0b8e0996d9666cf0ec9
dc66b1bf384e74914c873e11e3bd4a65b970ac42f77e1f9cca5e951d9708e0ed
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:45 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34; path=/; domain=.gfhn.xkgdatabaseiie.top; secure; HttpOnly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D2yQbsMBGzg3JvsuPzK6/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6kbACMJ7wFkrOtiH90YGepERTXw=
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/style_categories.css
198.204.255.142200 OK 1.1 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/style_categories.css
IP 198.204.255.142:0
File type ASCII text, with CRLF line terminators
Hash 0e2f31fe4dbb37a62b9b0ca820218b31
88a00678a5f019cb5bcb15b1a6f31d8c6d56605f
5d23a1a4cf8119233bb53d74f745d9c798b7e992d89ee8d18238d9655558ef6a
GET /includes/templates/pc_standard_2208/css/style_categories.css HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:45 GMT
Server: Apache
Last-Modified: Fri, 03 Mar 2017 06:20:02 GMT
ETag: "44c-549cd892b6880"
Accept-Ranges: bytes
Content-Length: 1100
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_css_buttons.css
198.204.255.142200 OK 1.5 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_css_buttons.css
IP 198.204.255.142:0
File type ASCII text, with very long lines (1488), with no line terminators
Hash 5bb2c6438ad6cd9a91c54c46b82c5795
c8f322beb81ed4cb61bc898c71401fdfd5fe3feb
5328c727797af05e447615d3ac0e45f8e7e3e0b06120e5462bb2666c19fdda36
GET /includes/templates/pc_standard_2208/css/stylesheet_css_buttons.css HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:45 GMT
Server: Apache
Last-Modified: Tue, 26 Sep 2017 07:28:20 GMT
ETag: "5d0-55a129e948d00"
Accept-Ranges: bytes
Content-Length: 1488
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_cart.css
198.204.255.142200 OK 9.1 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_cart.css
IP 198.204.255.142:0
File type ASCII text, with very long lines (794), with CRLF line terminators
Hash 37b8deaf86382262d03181432010dd0a
9ec78a89b3d51b82f1b1c894646b1b7e252138b4
bcdf3068d5a476b0d4ce9b300422d31429c04169afaafe6d1d97e0f3bf89928e
GET /includes/templates/pc_standard_2208/css/stylesheet_cart.css HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:45 GMT
Server: Apache
Last-Modified: Fri, 29 Apr 2022 09:57:38 GMT
ETag: "2379-5ddc8128d4880"
Accept-Ranges: bytes
Content-Length: 9081
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_searchtop.css
198.204.255.142200 OK 941 B URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_searchtop.css
IP 198.204.255.142:0
File type ASCII text, with CRLF line terminators
Hash 04848515c322009d3c261a4d1437c5ad
2597bbd84225f7c6cd91571796f9ffaf1d25ab90
8eb44a80537a81f4ddf8c1befb42f2a0fb252c3d167bd211c2c517ebfa50f808
GET /includes/templates/pc_standard_2208/css/stylesheet_searchtop.css HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:45 GMT
Server: Apache
Last-Modified: Fri, 29 Apr 2022 09:55:07 GMT
ETag: "3ad-5ddc8098d34c0"
Accept-Ranges: bytes
Content-Length: 941
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_index_home.css
198.204.255.142200 OK 3.3 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_index_home.css
IP 198.204.255.142:0
File type ASCII text, with very long lines (337), with CRLF line terminators
Hash dfefb91305aa5bce880c7c78daae0c49
602291746dfd18ef4fac0bf1503519fa5a5602ff
8879797f2a4a459c7fffc0eb3d8320d07c0d0b5a4914ffa322d8fbaf9fc4ba43
GET /includes/templates/pc_standard_2208/css/stylesheet_index_home.css HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:45 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 08:01:02 GMT
ETag: "d0d-58f5a1bee8b80"
Accept-Ranges: bytes
Content-Length: 3341
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_main.css
198.204.255.142200 OK 5.3 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_main.css
IP 198.204.255.142:0
File type ASCII text, with CRLF line terminators
Hash 225dd9e243fb80808bd48edfc21a0ef7
0e2321207b416dfdbb4b9efaa16b33eeaf9672ed
74999fa958ef6e55beeae80bb7bedf3b4a0d118bf11b1f4f4ee335ce835566ad
GET /includes/templates/pc_standard_2208/css/stylesheet_main.css HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:45 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 07:51:52 GMT
ETag: "14cd-58f59fb263600"
Accept-Ranges: bytes
Content-Length: 5325
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_related.css
198.204.255.142200 OK 2.0 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_related.css
IP 198.204.255.142:0
File type ASCII text, with CRLF line terminators
Hash 36e092e62be2610fe37cdb014c51c238
030df65b16d3f08ae9d096feb64c297000b09e1e
834dc6a3caa1e76c58d95b20e6dc7fd00a4b34caf94390994a02a858e38f12c0
GET /includes/templates/pc_standard_2208/css/stylesheet_related.css HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:45 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2016 07:56:32 GMT
ETag: "7e1-53fe832468c00"
Accept-Ranges: bytes
Content-Length: 2017
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet.css
198.204.255.142200 OK 14 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet.css
IP 198.204.255.142:0
File type ASCII text, with very long lines (839), with CRLF line terminators
Hash 5f73dd1e93ee5e76976647045188754d
825dd5989639813b9c87315d7a6d51b7e872f853
d15245e0a111cff6f81f5ca54c6182741ec2099ff48159f475db75f7af55cd03
GET /includes/templates/pc_standard_2208/css/stylesheet.css HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:45 GMT
Server: Apache
Last-Modified: Fri, 01 Nov 2019 06:10:18 GMT
ETag: "3863-59642d1f42680"
Accept-Ranges: bytes
Content-Length: 14435
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_tm.css
198.204.255.142200 OK 23 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_tm.css
IP 198.204.255.142:0
File type Unicode text, UTF-8 text, with very long lines (680), with CRLF line terminators
Hash 907c27c4adf3b7de9edb9b095a633aae
fe28aecbcad83d80ba4db6fc9d24f065aa19e5b3
90605733b6aeaded91e740a88549717970270379687564473d65adffc0f0f5ae
GET /includes/templates/pc_standard_2208/css/stylesheet_tm.css HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:45 GMT
Server: Apache
Last-Modified: Fri, 29 Apr 2022 10:02:50 GMT
ETag: "5b1f-5ddc825260680"
Accept-Ranges: bytes
Content-Length: 23327
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/categories_list.css
198.204.255.142200 OK 1.3 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/categories_list.css
IP 198.204.255.142:0
File type ASCII text, with CRLF line terminators
Hash 89e4c4e9899f6ef887c962628409c3cb
888e7bc907452bc5eb81c1344de5e1eb6734d10c
c9416e14ae095ea9083aba7bfed54e7012621dbf139f6345cb424b86ee85af32
GET /includes/templates/pc_standard_2208/css/categories_list.css HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:45 GMT
Server: Apache
Last-Modified: Fri, 29 Apr 2022 10:03:33 GMT
ETag: "509-5ddc827b62740"
Accept-Ranges: bytes
Content-Length: 1289
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_10.gif
198.204.255.142200 OK 789 B URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_10.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash ba5aa31792e757343133e787184723d2
7f695ddf8ee3a36e3e8dd7b0d98e5108e9afb4dd
e4b75d485b047de1fd5cf388db63672353db7c5e6c6d27324480feb53cd0e948
GET /includes/templates/pc_standard_2208/images/rank_10.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
Last-Modified: Sun, 08 Jun 2014 07:32:34 GMT
ETag: "315-4fb4e191a0880"
Accept-Ranges: bytes
Content-Length: 789
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/present.gif
198.204.255.142200 OK 4.9 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/present.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 190 x 80\012- data
Hash af4f43ae9f7d009fa110dda41aa29a50
f757110ad47d488304d904eba5bdc9d8be34efea
b7fbb244a22017cbe873aefa0029238dbbc2f58d5ae6ce464c4d94ac17bce743
GET /includes/templates/pc_standard_2208/images/present.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 08:22:32 GMT
ETag: "1351-58f5a68d26200"
Accept-Ranges: bytes
Content-Length: 4945
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzg4MjYwNzMwMDhfMS5qcGc=
198.204.255.142200 OK 67 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzg4MjYwNzMwMDhfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x896, components 3\012- data
Hash ba7df32880a12a15bf0996c6764ecce2
7b48a1df9aeb5d6c3838b5f8525ed1b9ce78319e
a088d2e1fc474803414f1f6e214915f87c3a9b28768225048dbbb2d22447063b
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzg4MjYwNzMwMDhfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/logo.gif
198.204.255.142200 OK 13 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/logo.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 545 x 62\012- data
Hash fb0dc75bbe9d75aa560705dddf22e532
62d72bacaadbf171ccfd917ee887583f696bddee
97e2c0ab2f1b479b60ca61154fb81231489ac698acca9f13ca84ccab99614f62
GET /includes/templates/pc_standard_2208/images/logo.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 07:46:00 GMT
ETag: "32d4-58f59e62b1e00"
Accept-Ranges: bytes
Content-Length: 13012
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzQ5MDk1MTA4NjVfMS5qcGc=
198.204.255.142200 OK 67 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzQ5MDk1MTA4NjVfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x720, components 3\012- data
Hash 204dd6324138c4ba5d98260dc144b43f
4a950c7e155d65f180aae131bb1c33d08ccb77b0
2f06ba8d0a021233c8c346d552bf5d7a3be262208b742073a74e428b8ca2ca25
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzQ5MDk1MTA4NjVfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/back_p10_080502.jpg
198.204.255.142200 OK 72 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/back_p10_080502.jpg
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9], baseline, precision 8, 90x450, components 3\012- data
Hash 75fdb5ada1077e808207d385a8df48ce
e770c1938cd6527d75cc9a4748c582c7895340a5
acbc6b26e876bf06930be827bcc228d5f6475e5e3f17c91305ff6c3f26190267
GET /includes/templates/pc_standard_2208/images/back_p10_080502.jpg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_tm.css
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2016 02:36:40 GMT
ETag: "11b0b-539ae84e13e00"
Accept-Ranges: bytes
Content-Length: 72459
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/icon_search.png
198.204.255.142200 OK 3.6 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/icon_search.png
IP 198.204.255.142:0
File type PNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced\012- data
Hash e23597d1438fc031aaa277d774974ddf
507efa327d1ab542fcad1e7e148ccc3f2f0b0ef9
fd8c1e9f1059894420036910c36e07e09671e6b12f8a5ba6cd38954f7c17c02d
GET /includes/templates/pc_standard_2208/images/icon_search.png HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_searchtop.css
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
Last-Modified: Tue, 26 Sep 2017 07:30:58 GMT
ETag: "de0-55a12a7ff7080"
Accept-Ranges: bytes
Content-Length: 3552
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/point8.jpg
198.204.255.142200 OK 73 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/point8.jpg
IP 198.204.255.142:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 960x200, components 3\012- data
Hash 22c45adfaabcaf3008ae0878acca6ab7
76d5e1333414115a8eb18417cddb3ca8fc7aaa6b
b1659f8f4d24327346f579ca51b58faee6f93affce316c89ca51c5c71957fe34
GET /includes/templates/pc_standard_2208/images/point8.jpg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
Last-Modified: Fri, 02 Aug 2019 09:07:12 GMT
ETag: "11d8a-58f1eaf09d000"
Accept-Ranges: bytes
Content-Length: 73098
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/icon_heart.gif
198.204.255.142200 OK 307 B URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/icon_heart.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 12 x 14\012- data
Hash f41b46548e9de98cf06a3153e310498a
18b39fd7b8a176d11b5223deee4fe1fd978eb42b
fec157eec892d8b0d613dc18ef2d0e359e3c9fb4f83731c9bf01c58167d105a6
GET /includes/templates/pc_standard_2208/images/icon_heart.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/categories_list.css
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
Last-Modified: Mon, 10 Mar 2014 09:00:06 GMT
ETag: "133-4f43cd46d7180"
Accept-Ranges: bytes
Content-Length: 307
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/arrow02.gif
198.204.255.142200 OK 183 B URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/arrow02.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 10 x 9\012- data
Hash 3ac44a26031155e887bc0531adb7c89b
c245808f8a0726c45ef19524dfd100fa7dbcdf94
0111e5620d5ad5787b58864dfaa8e809b90149e90e1fb3192d5f8744bc3a61c1
GET /includes/templates/pc_standard_2208/images/arrow02.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/categories_list.css
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
Last-Modified: Mon, 13 May 2013 01:56:56 GMT
ETag: "b7-4dc8fd4d4ea00"
Accept-Ranges: bytes
Content-Length: 183
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTI1NzY1MzEzNjhfMS5qcGc=
198.204.255.142200 OK 69 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTI1NzY1MzEzNjhfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Hash 5192c948dcf84a97e7780301a8bc7ac7
49f2d826c91348d939e8efa8944acf62a24ab4ce
c0f1c647cddf43a301a83ca67c16a8ae9a4089f4871647a09dfd4353c1a7742b
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTI1NzY1MzEzNjhfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDg4MjQ1OTkxNTFfMS5qcGc=
198.204.255.142200 OK 140 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDg4MjQ1OTkxNTFfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 140 kB (139678 bytes)
Hash be8b94e54c2d64f43c4590c4b8623202
19117ddaf01723578dfb4020e30d139f760dcb6c
33151d14169df5091f55be574e5ba8be711371a1c3fa4dfda42547241e814b46
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDg4MjQ1OTkxNTFfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTQxNjQwMjAxOTNfMS5qcGc=
198.204.255.142200 OK 16 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTQxNjQwMjAxOTNfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 328x328, components 3\012- data
Hash 1337b47019baf48c8115166ac922809c
0a9fe7b49faaf64d20b5aaa7ae2315e2c136f5ee
ff5e6968ddabece8995afde0ac75ecbe94ac72f9780b58fc013e3b7ce5d01ea8
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTQxNjQwMjAxOTNfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODM1ODYzNzU5ODdfMS5qcGc=
198.204.255.142200 OK 239 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODM1ODYzNzU5ODdfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 239 kB (239181 bytes)
Hash 0d1a543aaece3b18eb009cb3acc6edba
59671c9a06b6ec68ef7d3e4a8ff0a0f27dc68e60
40ede85d4dcd97939e12b6e922eae30d64910d493f6c4f67fc1d3403fb27b894
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODM1ODYzNzU5ODdfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12672
Expires: Mon, 06 Feb 2023 15:37:58 GMT
Date: Mon, 06 Feb 2023 12:06:46 GMT
Connection: keep-alive
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTQ0MDIzNjM3MzJfMS5qcGc=
198.204.255.142200 OK 238 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTQ0MDIzNjM3MzJfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 238 kB (237689 bytes)
Hash c45e4f9300ec1e66364465219b3a7b95
3a06ca0d56a50937ed51e95fc8068820b477ffa0
c1b1f4d812017074e546e4360b573e7b40195e002557422593c0c88592d7ae41
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTQ0MDIzNjM3MzJfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjQ0MzE0MzQzMDJfMS5qcGc=
198.204.255.142200 OK 264 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjQ0MzE0MzQzMDJfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 264 kB (263902 bytes)
Hash 170c0a51b77a843eee814d773e0528de
d06fe39d5f03f4d3e8b63095cb933129956ccc19
f02a31e9b5d2b90fb4af59b5a31c4427b935b4d5546e110d6ecca2ed720ccf1b
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjQ0MzE0MzQzMDJfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzcyMzYyMzcxNzFfMS5qcGc=
198.204.255.142200 OK 19 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzcyMzYyMzcxNzFfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x540, components 3\012- data
Hash 58816acb3872c9af918eb1cfb2243881
cae4d9e42b0818bc877c5e364130e46f1f86c799
56dae1579282f038ee05cb5fa2d2b39b4d803b815906fc5bd719bfdd91e05963
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzcyMzYyMzcxNzFfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/12338536.png
198.204.255.142200 OK 3.5 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/12338536.png
IP 198.204.255.142:0
File type PNG image data, 1100 x 44, 8-bit/color RGB, non-interlaced\012- data
Hash caefc469f336895d320fbd5a913e72f3
7b5da6dcdff1fc28fcbb1ce984a426fb48eed823
bce7dea3d214ae45e989c4ed80f78f3d07ac80d8630883829b08588a04230e01
GET /includes/templates/pc_standard_2208/images/12338536.png HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet.css
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 08:18:00 GMT
ETag: "da6-58f5a589bfe00"
Accept-Ranges: bytes
Content-Length: 3494
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12672
Expires: Mon, 06 Feb 2023 15:37:58 GMT
Date: Mon, 06 Feb 2023 12:06:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzQtnFGhoAMF5Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0Of3BK3VqVMGQGDIODQthVmi7BC8Ney4zgGCpVuzYc1j6D8RRP-AxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 14:15:34 GMT
age: 78672
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F-bdQPU-zYhIlXtxcW_TiqE8ifPg3i0cg8gFuvJSfwoMDTe-Hqy1jg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:47 GMT
age: 50639
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WPChtMRjKafjMFkXCam-m5lHQ-4E-UZ5VwnfjrBKaz6nuOh70Fkunw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:46 GMT
age: 50640
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 50152
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f267c5cee67458c0f6ef42c4feb5217e
f5092ce77834e8f1f245b987204ff6a194c38ef6
84c5cde3d7e06e6dd32d1c98172606c8d912c7032a4677f8851e42e4b195e420
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9451
x-amzn-requestid: 3f95347b-f0bf-43dd-90fc-5087bf0de607
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okJGUCoAMF0sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214d-53d6a2de41af72770b086196;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jmGGGqJoMe4zt4RqNID5Xo7SVaWVAIAYf9s9YcduklkfdFnYniULOA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:03 GMT
age: 51343
etag: "f5092ce77834e8f1f245b987204ff6a194c38ef6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 51397
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDg3Nzc2OTcwMzRfMS5qcGc=
198.204.255.142200 OK 303 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDg3Nzc2OTcwMzRfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 303 kB (302636 bytes)
Hash 567a3bf03bd6a8be74c4e706fc631107
276e19a6b3863fcf6001356f29e55ce2f74c3b3f
75d2ae2873561b14e6b6b032dada6da441ac914037e8a97df0bafb2f5ad457c5
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDg3Nzc2OTcwMzRfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAyMDE2NDE5MDJfMS5qcGc=
198.204.255.142200 OK 46 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAyMDE2NDE5MDJfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x720, components 3\012- data
Hash 868282a08dc7aae7ef2f932cd603bd3a
b50c8298e47641f025abe5b78d2a5ed563974d0e
3f3df745d7b760e416005c75302f7dd72b4562902bbbd06a95f0663fc2da26e9
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAyMDE2NDE5MDJfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTYzMzExNjMwMDFfMS5qcGc=
198.204.255.142200 OK 97 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTYzMzExNjMwMDFfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Hash 9772f4ff37320a0a5037a13dfc557380
7c271777d9aa27003ad1c379ff64856cb43833f7
abf6de3a4012e2a9879ffaf50dcf0740be6d68401c46c0c4af1e7935d5808680
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTYzMzExNjMwMDFfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTU2NjU4NTIzNTFfMS5qcGc=
198.204.255.142200 OK 67 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTU2NjU4NTIzNTFfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 041dcb92d05a0612ce3cf99c1c62dead
0402f0e22310363fa398df83ac5672fd70236f22
25d21205145d8594f166474e934c0f491746f5ac1f13cb79c7aab4fcf6058b64
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTU2NjU4NTIzNTFfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjIwMzA4MjMxNzRfMS5qcGc=
198.204.255.142200 OK 118 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjIwMzA4MjMxNzRfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 118 kB (118138 bytes)
Hash 1ab750e26dbe8cc587287829871fc09f
bf7ced7fffac5b1f403a4b29da2c8bf7f33b846b
66f484de38d34a467784c96f7a03ef3a0872aa7d314feb6ebe6805b8876f2058
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjIwMzA4MjMxNzRfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzA1ODQ0MTgxMjBfMS5qcGc=
198.204.255.142200 OK 97 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzA1ODQ0MTgxMjBfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Hash a6fc231e1f5bfa4a6e86579a99d71e04
fd094e484c0de5903f117311795a9ae1a950f72c
97e3ff50dc78e7862ce4d11280f7de45d1b0e06435ed0bf68678ffe7db3fc0cb
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzA1ODQ0MTgxMjBfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjM5NjU4OTE0NDBfMS5qcGc=
198.204.255.142200 OK 252 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjM5NjU4OTE0NDBfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 252 kB (251502 bytes)
Hash 74840a8540217974af47fff16b4a5c65
9f07ee9f160330b7accf53a6cb1316ec26eaac68
e34a16cecb236b47afc879660fb28d6358f4b492076eaf91fa28f8cd31f2f024
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjM5NjU4OTE0NDBfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDc5MDEzODUyMDVfMS5qcGc=
198.204.255.142200 OK 118 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDc5MDEzODUyMDVfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 118 kB (118544 bytes)
Hash e7c7bcd4fdb57c9546aaa8303fa88f68
25179646d788c8b0444f81818dfcaabf16049f95
27ab46a56bd7fee06100634763f35240fccc47ed0da84573125edf5fe76bd8ce
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDc5MDEzODUyMDVfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjI1ODkyMDg3NTZfMS5qcGc=
198.204.255.142200 OK 29 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjI1ODkyMDg3NTZfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 615x615, components 3\012- data
Hash 736e0fe8baf7fa5713f349181e3db6cc
a0be2c77f1a5d17aeb790c8e8d8a7ee1041c599a
5f68ff336fad10c18cddcbf40c56b48145e61e26cce441b3a05272f3c4431ee8
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjI1ODkyMDg3NTZfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDAwNTY0NDUzOTNfMS5qcGc=
198.204.255.142200 OK 102 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDAwNTY0NDUzOTNfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 708x755, components 3\012- data
Size 102 kB (101471 bytes)
Hash aa58933dc2f71258939bda3bb70f9772
da5257d9d5c8c64802e3bf6efd9409bcb53a5cb1
b73edaa6f31873da8366fbea8affdda62dacd87d2f4167c660e1c702e214cdf7
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDAwNTY0NDUzOTNfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODE3ODUwNTE3NjlfMS5qcGc=
198.204.255.142200 OK 44 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODE3ODUwNTE3NjlfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x720, components 3\012- data
Hash 96aa7a4d7456e759a9c44fd5f33c7213
d2f3144267b059b9ecf8955da2aae77ab62146e1
3da923d7d1f24ab2137b734ad0fe9b0420474df888b92d82a92e6e411dc771a3
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODE3ODUwNTE3NjlfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODAyNDMyODAwOTJfMS5qcGc=
198.204.255.142200 OK 404 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODAyNDMyODAwOTJfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 404 kB (404074 bytes)
Hash aa89336602f47ca8a18ed95c8e12abc3
6bbc5c93945bfebb911a7751c9be43bea8d24c73
e28fe84a5ff49d9eafd46238cec6d574a2ce93aed963c8e8feaf45e79a825cc2
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODAyNDMyODAwOTJfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:46 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODA5MDY1NzAyMDdfMS5qcGc=
198.204.255.142200 OK 66 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODA5MDY1NzAyMDdfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1078, components 3\012- data
Hash 1780dda02c73fb89f6667de83cd9cc0c
cf3f4ac73f0ea392f337fd51c26b8588cf44b7ac
5fdc7764d11331dabe72115c5a99d25b70f492e42bceb126b478aac511337549
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODA5MDY1NzAyMDdfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTQwNDQ0NzY3ODhfMS5qcGc=
198.204.255.142200 OK 110 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTQwNDQ0NzY3ODhfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 110 kB (110297 bytes)
Hash 10b6e683db489b6559bab4519f8e342f
6428e1309de4cb107c0215d09683414aed5f53aa
dac994261c32b4b005b4c02b39b54f99ef217171af0fb06bb2d331ae30d186c1
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTQwNDQ0NzY3ODhfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTcwMzQ4ODM2MDNfMS5qcGc=
198.204.255.142200 OK 145 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTcwMzQ4ODM2MDNfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 145 kB (145215 bytes)
Hash 9f62f8dd7a7b37d731a58ec5b9fffa11
bf55135f6cad053fdae0e5dff83fafcc5258f33b
8e5b3aade69f2085dd283768f0a97358e7b2802d75143ce86ddf595b88a3d8a6
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTcwMzQ4ODM2MDNfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjI2MTE2MDUwNjRfMS5qcGc=
198.204.255.142200 OK 118 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjI2MTE2MDUwNjRfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Size 118 kB (117737 bytes)
Hash 8dfad38359850722a9c35c382484819d
a8182fa16b39d7699079bf409435443a59d0d93c
ab05b003f397549c7400a977246208e554aa364b253d693ce10a3bc758a83a59
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjI2MTE2MDUwNjRfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjI5Njk3Nzk1MjhfMS5qcGc=
198.204.255.142200 OK 189 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjI5Njk3Nzk1MjhfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 189 kB (188951 bytes)
Hash 619927612baa6a39dac4ab19300200dd
0c2b4b9acd6a7cdbbc5f3833cb3ebc6e870d4aa2
dbe4a816e49706673049d3fc1e017e4fbaa454202b9fe7ed0fb3bc461c9025bb
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjI5Njk3Nzk1MjhfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzUxMzAyMTMxMDJfMS5qcGc=
198.204.255.142200 OK 70 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzUxMzAyMTMxMDJfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 5289df8a6e77b331d6845fb0c06ad04a
317e025176312734c925a66433b438dff28d3704
90b4a67ec7641fc8d73f7a5b105a2220c376cc8303d68fcc82d32009b7353701
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzUxMzAyMTMxMDJfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDAxNTE1MTkwMjRfMS5qcGc=
198.204.255.142200 OK 62 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDAxNTE1MTkwMjRfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1076, components 3\012- data
Hash 8101621c010372dfe5554679a8371af5
4c605889b8953b55122a52193330a6ae59a80aa8
d3abd60863cc57bd8f15a393b2967fce0af7f7dfe26d5b31a7bc3237b519575e
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDAxNTE1MTkwMjRfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTU3MzQwNTE4MjhfMS5qcGc=
198.204.255.142200 OK 30 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTU3MzQwNTE4MjhfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 404x720, components 3\012- data
Hash 063d4f8c0574c530dd36431bb32cdfe7
cd753cac27dc202074480d32cd9458c2fcb9b164
7cd3449f4a1b099b88bee2f5150ec9f880a5f57808776a94ab10b868db7fdf2d
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTU3MzQwNTE4MjhfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDQ4OTkzMjM4MTFfMS5qcGc=
198.204.255.142200 OK 48 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDQ4OTkzMjM4MTFfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 58ef663763afe8806afb8903835286d9
b8846f940baca4102f889e51c4040cfc2e432177
bd686cf618e3c6824e726ffcc3a6922d236a863fb76dbe3319873e7b8bfa66a5
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDQ4OTkzMjM4MTFfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjIyNzI0OTQ1MjRfMS5qcGc=
198.204.255.142200 OK 24 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjIyNzI0OTQ1MjRfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 474x474, components 3\012- data
Hash 5bcb29de7c0acbd54969340cd183242d
0196c6b3ff7e838338f78d9a54f2cc5bca3dc75a
213aeb5dc89c72e34be5cd2ccb513d3653d68c1c2c2786d4403e3018964e17d6
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjIyNzI0OTQ1MjRfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzMyODc1MzQ4NzFfMS5qcGc=
198.204.255.142200 OK 16 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzMyODc1MzQ4NzFfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x660, components 3\012- data
Hash 352ece29410642c64af5dbdf15fb5cbc
049697cfb9a51a53a3f5998ec2caad5f358c99e1
815649fb1f08e0b717886c21ef4feef4645d1127c1002425a87c70b208c2112a
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzMyODc1MzQ4NzFfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/skp_kanban.jpg
198.204.255.142200 OK 37 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/skp_kanban.jpg
IP 198.204.255.142:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=200, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=950], baseline, precision 8, 469x62, components 3\012- data
Hash 03318d23b9e263c524a6e5b06f9ad97d
d3c05eb84bfb09d531ce2b54443c642174c65b57
e34f84b47623cb579984ff396ca5f26ad4417676e43c2226859de01e82849840
GET /includes/templates/pc_standard_2208/images/skp_kanban.jpg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 07:49:24 GMT
ETag: "9045-58f59f253e900"
Accept-Ranges: bytes
Content-Length: 36933
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTI0MDUyNjI4ODZfMS5qcGc=
198.204.255.142200 OK 134 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTI0MDUyNjI4ODZfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 134 kB (133478 bytes)
Hash 63576d8db144b35df1d0121a956bb314
7029bbc018cf160c40618492b8e64384445ca8d8
cc8344bdb34fc01aa5bb8a38b0543a479448e024e88054b7a5557a3f55a7db0d
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTI0MDUyNjI4ODZfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTUzMzA4MzE5NDRfMS5qcGc=
198.204.255.142200 OK 242 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTUzMzA4MzE5NDRfMS5qcGc=
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 242 kB (242436 bytes)
Hash fd6cfcdfdff667e68bd60a50fd89cada
326e227570dee4b76b12c16f47964c72d5794cc7
d9d53901a93190358dc0118e50d503b3a61f3d5dfc7dd3d7ac5605a63a3b3da9
Analyzer Verdict Alert fortinet Malware
GET /imgspeed.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTUzMzA4MzE5NDRfMS5qcGc= HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/top-02.jpg
198.204.255.142200 OK 61 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/top-02.jpg
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 980x380, components 3\012- data
Hash 664d478356cf27feeb62c18982a773e6
f03216a2e099c8266c82f67918349aa80a0a66ee
1330bd8452c4b3bd0583a4cef107e3579812f32792ebb8291f2ac0d13a80d0f0
GET /includes/templates/pc_standard_2208/images/top-02.jpg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 08:39:04 GMT
ETag: "ecde-58f5aa3f31a00"
Accept-Ranges: bytes
Content-Length: 60638
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/new.jpg
198.204.255.142200 OK 60 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/new.jpg
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 600x300, components 3\012- data
Hash 4f923f13db5eb995e389d8e7317531a4
a8d7287683fdb49b279e35f088e3a9a48e37e0c7
12853951332cce5eceb0b52ae22b0c24ba1c64d0cfb2d4c3721be81f4dc36e36
GET /includes/templates/pc_standard_2208/images/new.jpg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 08:41:26 GMT
ETag: "eb77-58f5aac69d980"
Accept-Ranges: bytes
Content-Length: 60279
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/bn_used_increase_558x279.jpg
198.204.255.142200 OK 65 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/bn_used_increase_558x279.jpg
IP 198.204.255.142:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 558x279, components 3\012- data
Hash 7b04797dba8409b94f73010e01c5b6ce
7a534eb14e90fec9d309300ae2784c686dd33ef8
02ac5a6eed5c37c6c446f6ee5607b8e656ade8535a784fb8d224a5e9ba31e95a
GET /includes/templates/pc_standard_2208/images/bn_used_increase_558x279.jpg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Fri, 26 Jul 2019 06:48:00 GMT
ETag: "fdd6-58e8fec54c800"
Accept-Ranges: bytes
Content-Length: 64982
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_1.gif
198.204.255.142200 OK 2.0 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_1.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash c9c1a377b2465fa88eb90f7f21fc4943
c329224a6ff30a92cb75e8d055d12185c30b54c6
0362db86a76badda7ca8dec6954d760c2bfe7b5c3e438682ff3213926d5a5c08
GET /includes/templates/pc_standard_2208/images/rank_1.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Sun, 08 Jun 2014 07:32:34 GMT
ETag: "7e8-4fb4e191a0880"
Accept-Ranges: bytes
Content-Length: 2024
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_2.gif
198.204.255.142200 OK 605 B URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_2.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash 8192f534aa798503e77cbf8e2eb15d57
24e72796481cfd7395cd43cdeb09edad3cf8446b
3616bc7d39ef97ce96d225530cc04796a283dabf239d3be97a21437f120832b9
GET /includes/templates/pc_standard_2208/images/rank_2.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Sun, 08 Jun 2014 07:32:34 GMT
ETag: "25d-4fb4e191a0880"
Accept-Ranges: bytes
Content-Length: 605
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_3.gif
198.204.255.142200 OK 2.0 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_3.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash a8a0cf82adfcc5990b7dba0d5156379f
c9ec96160b488a5a1d1a317443926c7bb54563bd
eb9a0139afb41bc80e768ff61a5a3bf3956da00bea0bb6fe6fcde50589b79065
GET /includes/templates/pc_standard_2208/images/rank_3.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Sun, 08 Jun 2014 07:32:36 GMT
ETag: "7c6-4fb4e19388d00"
Accept-Ranges: bytes
Content-Length: 1990
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_6.gif
198.204.255.142200 OK 766 B URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_6.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash da350cd90766a340c96b20ff03d127d5
30147fd19b58279252e361375df1d0c8f6d9a568
c865fc772bf6a50a3e408263080ccb0f091da74849c9d3557c17ae17514d3b1a
GET /includes/templates/pc_standard_2208/images/rank_6.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Sun, 08 Jun 2014 07:32:36 GMT
ETag: "2fe-4fb4e19388d00"
Accept-Ranges: bytes
Content-Length: 766
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_4.gif
198.204.255.142200 OK 726 B URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_4.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash 9e975ea97719e1ad72951890eab538b2
cb425216738dbc4b98ed7f86d2ad939d17922cc0
e5a91abf348d298145f1f237505150cc1f60673b0a21b459cdf4029ba188bcd4
GET /includes/templates/pc_standard_2208/images/rank_4.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Sun, 08 Jun 2014 07:32:36 GMT
ETag: "2d6-4fb4e19388d00"
Accept-Ranges: bytes
Content-Length: 726
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_5.gif
198.204.255.142200 OK 883 B URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_5.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash 02ab4d95ec4727b873675dedf23fcbd6
73fb8ee0b0b7d4e12e2f90812ba109865bd55936
95e544e3858c250b62e09e90ea9b20d4a522b96f3d4658a908182c76cac0ebcc
GET /includes/templates/pc_standard_2208/images/rank_5.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Sun, 08 Jun 2014 07:32:36 GMT
ETag: "373-4fb4e19388d00"
Accept-Ranges: bytes
Content-Length: 883
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_7.gif
198.204.255.142200 OK 737 B URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_7.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash 5ae938d4c59d6c52efdc9dfa7940037b
a243882381f3e103312242b5ca2eb9b8a295a2b7
4e569edfefd853caf0af7c24d06e242ba6b4a49ddc4775186098688ea8211030
GET /includes/templates/pc_standard_2208/images/rank_7.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Sun, 08 Jun 2014 07:32:38 GMT
ETag: "2e1-4fb4e19571180"
Accept-Ranges: bytes
Content-Length: 737
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_8.gif
198.204.255.142200 OK 773 B URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_8.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash 255ef97d3abcea681cd2e8acd77ad0b1
0ca7ae48c40d965bdf794f5c41b5138d335e4e7a
cdcb9869aff9da1a51eb4b97016e57dc9420a4a292d8a88596abd29c94db8e5b
GET /includes/templates/pc_standard_2208/images/rank_8.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Sun, 08 Jun 2014 07:32:38 GMT
ETag: "305-4fb4e19571180"
Accept-Ranges: bytes
Content-Length: 773
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_9.gif
198.204.255.142200 OK 763 B URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/rank_9.gif
IP 198.204.255.142:0
File type GIF image data, version 89a, 100 x 39\012- data
Hash a34576572e69e8448656b2fef0a85091
e36cb983bf59a33b4f2df30a42eea33af7e367a2
4bd758972868ca67bf4c88a6ac29fed015fa9b539a03e09e3540bfc77c992667
GET /includes/templates/pc_standard_2208/images/rank_9.gif HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Sun, 08 Jun 2014 07:32:38 GMT
ETag: "2fb-4fb4e19571180"
Accept-Ranges: bytes
Content-Length: 763
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/gif
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/1-sofa.jpg
198.204.255.142200 OK 54 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/1-sofa.jpg
IP 198.204.255.142:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1017x266, components 3\012- data
Hash 97fc2471a96c973c2c2acca49d7b8684
88cea34e1c97f3292aa582b676451c21bf9837c0
f6a31c3703130c97fee19c8fd23a54da32df098c9febdd73b095ffb647c76629
GET /includes/templates/pc_standard_2208/images/1-sofa.jpg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Wed, 31 Jul 2019 03:41:22 GMT
ETag: "d3ab-58ef1e615bc80"
Accept-Ranges: bytes
Content-Length: 54187
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/tairyo763.jpg
198.204.255.142200 OK 110 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/tairyo763.jpg
IP 198.204.255.142:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 766x301, components 3\012- data
Size 110 kB (110381 bytes)
Hash 39b5717994ba4fb306b3ccd4899970d0
783bbf7133cd59f9409bdab5e07b554c18c567db
f8e471039584b5d80c28bc3e6337d15fa03ed112384711c35fb08021dd504a9c
GET /includes/templates/pc_standard_2208/images/tairyo763.jpg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Fri, 02 Aug 2019 09:20:44 GMT
ETag: "1af2d-58f1edf6ff300"
Accept-Ranges: bytes
Content-Length: 110381
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/payment-ico.svg
198.204.255.142200 OK 4.5 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/payment-ico.svg
IP 198.204.255.142:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 7f2239017063c2049707dd42a28330d2
559acfebcbad0aa663d87d88fea760b931bc5bd0
080b20713aeaaae6da2e985de6b79eeb4cef7aed6cbaccc3bb9a80a7f83b5108
Analyzer Verdict Alert fortinet Malware
GET /includes/templates/pc_standard_2208/images/payment-ico.svg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 09:12:10 GMT
ETag: "1186-58f5b1a530e80"
Accept-Ranges: bytes
Content-Length: 4486
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/svg+xml
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/truck-ico.svg
198.204.255.142200 OK 2.4 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/truck-ico.svg
IP 198.204.255.142:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash c2183e2d375fd06660145270d29711db
f88c4b24324807510210fea1850707db6d61da56
58524f8de784a073ce6717eb4b743b33f168bc754e39c9c4d7570de1e01d8c39
Analyzer Verdict Alert fortinet Malware
GET /includes/templates/pc_standard_2208/images/truck-ico.svg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 09:12:16 GMT
ETag: "987-58f5b1aae9c00"
Accept-Ranges: bytes
Content-Length: 2439
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/svg+xml
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/box-ico.svg
198.204.255.142200 OK 1.8 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/box-ico.svg
IP 198.204.255.142:0
File type HTML document text\012- exported SGML document, ASCII text
Hash bf0a5a3a5ecd845c25a7984e4d239b2c
b1e8f2b097b1df4333a85ffcb484148a40ec6d9c
c5f8d2d4c9340cadbd02dd98dbe7a7a6e8c77a1bb78c57b181a487128f14f5f0
Analyzer Verdict Alert fortinet Malware
GET /includes/templates/pc_standard_2208/images/box-ico.svg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 09:12:18 GMT
ETag: "6dd-58f5b1acd2080"
Accept-Ranges: bytes
Content-Length: 1757
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/svg+xml
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/tel-ico.svg
198.204.255.142200 OK 2.1 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/tel-ico.svg
IP 198.204.255.142:0
File type HTML document text\012- exported SGML document, ASCII text
Hash 32eceeaa9f73481b62ace5b4ecbe0560
1ec21354fadcdd624796f1395bca7f9f78f69cf4
cfb4b635e4a8dcaf8baf58928c05b53021c496373dfae9b573dcfa774454263e
Analyzer Verdict Alert fortinet Malware
GET /includes/templates/pc_standard_2208/images/tel-ico.svg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 09:12:22 GMT
ETag: "832-58f5b1b0a2980"
Accept-Ranges: bytes
Content-Length: 2098
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/svg+xml
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/personalinfo-ico.svg
198.204.255.142200 OK 1.2 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/personalinfo-ico.svg
IP 198.204.255.142:0
File type HTML document text\012- exported SGML document, ASCII text
Hash 2014de1353966b712a98c62eaa06e410
b79c11215a4e4e69ceda36d780a47d559de18c1d
e5931b3461eeae8731e525b366c67946f3bf6a4ebc8a58d255871c70f1d7402c
Analyzer Verdict Alert fortinet Malware
GET /includes/templates/pc_standard_2208/images/personalinfo-ico.svg HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Mon, 05 Aug 2019 09:12:24 GMT
ETag: "4bb-58f5b1b28ae00"
Accept-Ranges: bytes
Content-Length: 1211
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/svg+xml
gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/texture_hantoumei-8.png
198.204.255.142200 OK 7.0 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/images/texture_hantoumei-8.png
IP 198.204.255.142:0
File type PNG image data, 300 x 300, 1-bit colormap, non-interlaced\012- data
Hash 24dee4863802eaf5bbb6b85a82af38ea
dbf1403dc69d0a74e89bdb1d0654f2aa14ddc3de
f1d72d1b0c9e8f837cc7d7f8452f81804fc09f28cbc22639b2c28d0c6879d51b
GET /includes/templates/pc_standard_2208/images/texture_hantoumei-8.png HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/includes/templates/pc_standard_2208/css/stylesheet_tm.css
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:47 GMT
Server: Apache
Last-Modified: Fri, 28 Aug 2020 01:22:14 GMT
ETag: "1b4a-5ade5e1fb1d80"
Accept-Ranges: bytes
Content-Length: 6986
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
gfhn.xkgdatabaseiie.top/favicon.ico
198.204.255.142200 OK 5.4 kB URL HTTP/1.1 gfhn.xkgdatabaseiie.top/favicon.ico
IP 198.204.255.142:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash e3d999162d3300c9a0ccc5ad15f1c178
1a2819cd98932ff9f5fdb9e4db4b6706b7474353
5433b42817d81ae9ffdb614e37e90e757bce6959340c47a3d22ebe99c83c74af
GET /favicon.ico HTTP/1.1
Host: gfhn.xkgdatabaseiie.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gfhn.xkgdatabaseiie.top/
Cookie: zenid=s8d70k3mt9mn0bqlouln3nij34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:06:48 GMT
Server: Apache
Last-Modified: Thu, 28 Dec 2017 23:11:02 GMT
ETag: "1536-5616ea12e0d80"
Accept-Ranges: bytes
Content-Length: 5430
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon