Report - www.9jm2oz.icu/2024/12/100563.docx

Report Overview

Visited public
2025-03-29 00:12:06
Tags
Submit Tags
URL
www.9jm2oz.icu/2024/12/100563.docx
Finishing URL
www.9jm2oz.icu/2024/12/100563.docx
IP / ASN
172.67.154.167
#13335 CLOUDFLARENET
Title
Server Error 403 拒绝访问：您没有查看此页面的权限

Detections

urlquery

0

Network Intrusion Detection

1

Threat Detection Systems

0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.9jm2oz.icu	unknown	2024-04-28	2025-03-29	2025-03-29	2.4 kB	99 kB	172.67.154.167

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-03-29 00:11:44	medium	Client IP	104.21.5.143	ET INFO Suspicious Domain (*.icu) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	www.9jm2oz.icu/static/403.js	ScriptElement	4.4 kB	2025-03-03	2025-06-22
Pretty URL www.9jm2oz.icu/static/403.js IP 104.21.5.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-03 10:40 Last Seen2025-06-22 23:34 Times Seen12 Hash 3c992fd54c1c74c2320bac5c3b53417e 90112a29382beb8c6fe688cf10510dd1980fd6fb 6178240ecfa023b3e77d2db46f54a45e418059af005ed99a7fcf9238cdc8f8f0 Loading...

HTTP Transactions (6)

	URL	IP	Response	Size
	GET www.9jm2oz.icu/2024/12/100563.docx	172.67.154.167	403 Forbidden	384 B
URL User Request GET www.9jm2oz.icu/2024/12/100563.docx IP 172.67.154.167:80 ASN #13335 CLOUDFLARENET File type HTML document, Unicode text, UTF-8 text, with very long lines (382), with no line terminators Size 384 B (384 bytes) Hash 4c775241a3dcadd1a7d737c56d4755f4 88e3e58f5dfed7b6c15ad7c3428066a07a807ddf 410c00bacb110de34ea7c5a0835d4b5408d62b33f267b2e9ab44b87dc9a88cb0 HTTP Headers `GET /2024/12/100563.docx HTTP/1.1 Host: www.9jm2oz.icu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Date: Sat, 29 Mar 2025 00:11:45 GMT Content-Type: text/html;charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding cf-cache-status: BYPASS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxh0PquXRozHBP985pskcpbzz%2BSUhlgKdx0TLgSimAJR%2BmBslekKOeHDeiaUsuL5AdMhtJE0SOaCp55EvbGXFNgh%2BMrszMrC%2BTuIK6BxP7%2BObywkbM3P7EvXEC22XlbRBA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 927b26d529cab503-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=451&min_rtt=451&rtt_var=225&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=418&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	GET www.9jm2oz.icu/static/404/base.css	172.67.154.167	200 OK	18 kB
URL GET www.9jm2oz.icu/static/404/base.css IP 172.67.154.167:80 ASN #13335 CLOUDFLARENET Requested by http://www.9jm2oz.icu/2024/12/100563.docx File type Size 18 kB (17982 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /static/404/base.css HTTP/1.1 Host: www.9jm2oz.icu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.9jm2oz.icu/2024/12/100563.docx Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Sat, 29 Mar 2025 00:11:45 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sat, 11 Jan 2025 11:52:15 GMT Vary: Accept-Encoding ETag: W/"67825b6f-463e" Expires: Sat, 29 Mar 2025 12:11:45 GMT Cache-Control: max-age=43200 Content-Encoding: gzip CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V5nE%2FSxgd1pCLvm4XFsXkvXajsDAqxESDQoMQ5ZvMPsY0yiYV4u5J69KLSd0OqOQeDv6qhW9hlHlSGNYCqAN72yzm47llV%2BXrf9tvquO7j0VVqshZYsJosgnOB6YO2HU%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 927b26d7ab45b503-OSL alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=485&min_rtt=451&rtt_var=152&sent=5&recv=7&lost=0&retrans=0&sent_bytes=1153&recv_bytes=791&delivery_rate=6819466&cwnd=252&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	GET www.9jm2oz.icu/static/403.js	104.21.5.143	200 OK	4.4 kB
URL GET www.9jm2oz.icu/static/403.js IP 104.21.5.143:80 ASN #13335 CLOUDFLARENET Requested by http://www.9jm2oz.icu/2024/12/100563.docx File type Unicode text, UTF-8 text, with very long lines (3793), with no line terminators Size 4.4 kB (4442 bytes) Hash 1bccd40c9301238c3a165a875408437d c4acc23d25515a89c7ab3df4ff9b02acb978ef23 f8f4b70850e6cb61a88e3ababb84dc2a65a911646d1a63f6546cc91ec46dc6fe HTTP Headers `GET /static/403.js HTTP/1.1 Host: www.9jm2oz.icu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.9jm2oz.icu/2024/12/100563.docx Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Sat, 29 Mar 2025 00:11:45 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Wed, 26 Feb 2025 10:22:25 GMT Vary: Accept-Encoding ETag: W/"67beeb61-115a" Expires: Sat, 29 Mar 2025 12:11:45 GMT Cache-Control: max-age=43200 Content-Encoding: gzip cf-cache-status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5rzg0%2BUkqXFyJYLPbzflKp6p4X1pYYxv%2BA5FC13IH%2B5kD4ikm5V0Ey03J19VeGnytLID5INT6eK0MqykB5FJjxQjrBfl%2BhKK0mb4cXVC3nuNWKVeZOoNcpktc3uHRuPipA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 927b26d7aafa56bf-OSL alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=530&min_rtt=530&rtt_var=265&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=352&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	GET www.9jm2oz.icu/static/404/style.css?v=23	104.21.5.143	200 OK	70 kB
URL GET www.9jm2oz.icu/static/404/style.css?v=23 IP 104.21.5.143:80 ASN #13335 CLOUDFLARENET Requested by http://www.9jm2oz.icu/2024/12/100563.docx File type Size 70 kB (69926 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /static/404/style.css?v=23 HTTP/1.1 Host: www.9jm2oz.icu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.9jm2oz.icu/2024/12/100563.docx Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Sat, 29 Mar 2025 00:11:45 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sat, 11 Jan 2025 11:52:14 GMT Vary: Accept-Encoding ETag: W/"67825b6e-11126" Expires: Sat, 29 Mar 2025 12:11:45 GMT Cache-Control: max-age=43200 Content-Encoding: gzip cf-cache-status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JHwyKwvz%2BxTtaXl9jL837INzoVWTTWTtKU0CFscgq5Jt8WhAU1GRZTIUpEQE1Z90haL95v4t0vwvsX7l0o0dXKlr8TIaSTCqSbqoNJmGf6dJ105rU7MjEG1pBXEp85xFSw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 927b26d7ade156a8-OSL alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=488&min_rtt=488&rtt_var=244&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=379&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	GET www.9jm2oz.icu/favicon.ico	104.21.5.143	403 Forbidden	384 B
URL GET www.9jm2oz.icu/favicon.ico IP 104.21.5.143:80 ASN #13335 CLOUDFLARENET Requested by http://www.9jm2oz.icu/2024/12/100563.docx File type HTML document, Unicode text, UTF-8 text, with very long lines (382), with no line terminators Size 384 B (384 bytes) Hash 4c775241a3dcadd1a7d737c56d4755f4 88e3e58f5dfed7b6c15ad7c3428066a07a807ddf 410c00bacb110de34ea7c5a0835d4b5408d62b33f267b2e9ab44b87dc9a88cb0 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: www.9jm2oz.icu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.9jm2oz.icu/2024/12/100563.docx Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Date: Sat, 29 Mar 2025 00:11:46 GMT Content-Type: text/html;charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding CF-Cache-Status: BYPASS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FCwpVSCUAqZjoM06T8wSM2No6lWVFvSvgkB1ENJjcyIJsT2Cei1Cf3XHqgcSaONfmgjpvPApQtiBLu1ldeGCyUd9PQ95IqDxjZjLbPfa9lh7oPan47frtGhytlNjCXVeAw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 927b26dabfaa56a8-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=628&min_rtt=488&rtt_var=135&sent=13&recv=15&lost=0&retrans=0&sent_bytes=13956&recv_bytes=751&delivery_rate=19664197&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	GET www.9jm2oz.icu/2024/12/100563.docx	104.21.5.143	403 Forbidden	384 B
URL User Request GET www.9jm2oz.icu/2024/12/100563.docx IP 104.21.5.143:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subject9jm2oz.icu Fingerprint62:10:BC:84:FE:06:A6:35:EE:CD:C9:C4:6E:EE:7E:5E:69:B8:B1:90 ValidityMon, 17 Feb 2025 09:40:33 GMT - Sun, 18 May 2025 10:38:16 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (382), with no line terminators Size 384 B (384 bytes) Hash 4c775241a3dcadd1a7d737c56d4755f4 88e3e58f5dfed7b6c15ad7c3428066a07a807ddf 410c00bacb110de34ea7c5a0835d4b5408d62b33f267b2e9ab44b87dc9a88cb0 HTTP Headers `GET /2024/12/100563.docx HTTP/1.1 Host: www.9jm2oz.icu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 403 Forbidden date: Sat, 29 Mar 2025 00:11:44 GMT content-type: text/html;charset=utf-8 vary: Accept-Encoding cf-cache-status: BYPASS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLD%2Bw99RNcblqvqV%2Fw77RVont48BmrW0VK1ACw4xKkBFBjmaqwNkAgGg7q15FrAudmtl%2F09WR3O0bbTPVst%2FqNuvssq15MrNuByXL52Y%2BBuYS5%2BB2wExXH2GP0G5njAqkg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 927b26d1f91c56c9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=6174&min_rtt=440&rtt_var=11260&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3198&recv_bytes=1138&delivery_rate=6632061&cwnd=254&unsent_bytes=0&cid=e62ad93be702632a&ts=414&x=0" X-Firefox-Spdy: h2