| sh.gegvnlkv.xyz/?ch=xiu668 | 104.21.93.16 | 200 OK | 8.9 kB |
URL User Request GET HTTP/2sh.gegvnlkv.xyz/?ch=xiu668 IP104.21.93.16:443
CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (824) Hashd4106da43fbc2d30a972498f87ff3c18 ae3066f2d8c7d4edfe2cbcf4e661224c6eebd5fe f571c893100b9e84ee1ea68f18cc75e546bc60a131e6127b07336ee4c19b67b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?ch=xiu668 HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:42:11 GMT
content-type: text/html
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=glUitt9dcLRWrI%2FQ%2FIxSaIf%2FeYyTw4MNCfJR%2BFRouxnAX1wufV%2BRuYXwLs8xS4yGlEMFb0P5fhnkhQHGX3PXkCz47LBycq6S%2BoEdj2nlqyOvZoogQUjbgCEO0aavIvFnB1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaa113795c7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sh.gegvnlkv.xyz/static/js/app.1d854647.js | 104.21.93.16 | 200 OK | 12 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/js/app.1d854647.js IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typeJavaScript source, ASCII text, with very long lines (4462), with no line terminators Hash02bec54904736bd673050c6ae8be5253 d94e0b32c106f3c454fe9c81620e99c8b5d86c89 d888e815bca767786532527331137527cbd64d8e342404c8079b12da7097b5ae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/app.1d854647.js HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:12 GMT
content-type: application/javascript
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: W/"65b4c0ff-116e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2keTp01%2BxoSL3PZrLENRPm%2Bj%2F%2Fp%2Bw5L5Huwdr8i2hhcdhNNQCzNDXkNpaozJMbJVVy4IzeZX3QawHBc0tzKMLOHq7dy%2BhPpWr%2FwzsmsJrJcg5JWCLbvBBpuxgC3fZxtOzHk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa1182ba31c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/img/pc_logo.338ceb4c.png | 104.21.93.16 | 200 OK | 46 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/img/pc_logo.338ceb4c.png IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typePNG image data, 479 x 129, 8-bit/color RGBA, non-interlaced Hash338ceb4cf5fefae66e294fb852e7ee67 27de732fbb880aa8c3731f405c35b5ceee8d669b 1ecd326094e430af675c4723b9ce526e348cbf091d67bf2e5eb0ec112d173515
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/img/pc_logo.338ceb4c.png HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:15 GMT
content-type: image/png
content-length: 46163
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: "65b4c0ff-b453"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2WaqtvAtXgdW50rhPXScKgScNEJrvdSSYv6AMpeJjEsx734aqv%2Fpq8cHoQJTkF67zMz1eIAnRfDpQynvRrYkf09UKAR2aI8wxK7gDGsYcyXk6ca8i6Bqu6M6Qn%2FhSvZEh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa12aaf981c02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/favicon.ico | 104.21.93.16 | 200 OK | 162 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/favicon.ico IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Size162 kB (161527 bytes) Hashe666a53a8e437bafa674b9e54b4d0c20 eb45323061d669acbeabc8c14a9643bf3966f0a6 d94d850893e7a1d07be162cd253fce05cd6a1942f760dbf6fd37d348ee7b049d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:14 GMT
content-type: image/x-icon
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: W/"65b4c0ff-10be"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9wa5QxJb5O1Y%2B5LNr6p9%2FXfxze5dAZS7I8RCjInXkK9p2e%2BXix10CsttoT0pGuQwzy1mg7YOrX%2BLPF0KinY4YtDBuh%2FVJ9KbgL1SD9hj8ne4Jk5ju44eYpMivj9RRrr6438%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa12418471c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/js/chunk-1b2390f2.e9caddf5.js | 104.21.93.16 | 200 OK | 166 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/js/chunk-1b2390f2.e9caddf5.js IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (28238), with no line terminators Size166 kB (165699 bytes) Hash4b9b1d52a60726c8fe46fc05dcb960e4 fa56c24c89b4a7cb2294c679184bce8b6c20c9f9 9a600f3e9abe004d62866efd67bb290f4a6893175e1be640477b74a93a2dcf43
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/chunk-1b2390f2.e9caddf5.js HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:14 GMT
content-type: application/javascript
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: W/"65b4c0ff-6e78"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCkFE2V4ibFJ8hbYBu4sKAyykjVFGM%2Bw501lL%2BOH2dff4cCqg5sSCYIbCQh8WFqj7JDeWD7JblpHZ4U%2FdZ32PUFrMAEbIwptnsVLBL%2Fotrkfv0CouY7ymn4NVFarA1Vu2ts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa1222e111c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/img/pc_bg.5ed4229c.jpg | 104.21.93.16 | 200 OK | 156 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/img/pc_bg.5ed4229c.jpg IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3 Size156 kB (156013 bytes) Hash5ed4229c43c4d6209c59205c311ef5c7 284b876fa34a315e12b777244d62f6fdb0d89b1a 3842c78440e8015e17781bf6d78d33490998fb10cab3384c29d6e23fc4863548
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/img/pc_bg.5ed4229c.jpg HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/static/css/chunk-5d4360e9.eebabd4c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:15 GMT
content-type: image/jpeg
content-length: 156013
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: "65b4c0ff-2616d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKviKTuBIjapiWm33OmVDhMg7wCMYNyll1Ze3ss5R0Be5jlNACV%2BENij0N9btlkA9a11n2E3D34XSS0mkb9OlUbgfUThSp4Nz9FVqvh8DRVsp1nOF8N2jXHQAHoq84iClWw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa12adfd81c02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/css/chunk-4b0db8ec.060d8d2e.css | 104.21.93.16 | 200 OK | 5.1 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/css/chunk-4b0db8ec.060d8d2e.css IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typeASCII text, with very long lines (765), with no line terminators Hash8e6aee87c13a493c0d882304e88f4621 ef11c5240eac6dd0bfb07e20a5f6d73e35d9b460 ad2bf610b4acb8423e1d52b9f5041ad57074dd9c14bacff72f2d4228d714c79c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/css/chunk-4b0db8ec.060d8d2e.css HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:16 GMT
content-type: text/css
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: W/"65b4c0ff-2fd"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pn0Le1zr5zc%2F6OyLCgjxTjEj6pAr0CxpXO39CRpN9%2ByzJhoidljrgW7vHMrIJWVzCuJvoJEBu9i1eCcBQJ83tSdNolNbZEtgH%2BdaSSZrfYjjiKIROE7O4ryilo8cVH%2BPf2o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa133084d1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/js/chunk-vendors.cc62afc9.js | 104.21.93.16 | 200 OK | 222 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/js/chunk-vendors.cc62afc9.js IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
Size222 kB (221462 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/chunk-vendors.cc62afc9.js HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:13 GMT
content-type: application/javascript
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: W/"65b4c0ff-36116"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6jzZW1izouafl6kJ0%2FyJ2xKyyejWs8Y0QN7AQA%2BZsAgSiGD1x7lapwZIhIqdxnNjzhAkK7PMxHsa3X7ILEO8VYu9GEVeaLTLIl2zbS1cSmXiQAJiaMY2ALZ7UGpzc2bJ8BI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa1182ba61c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/img/pc_2.c533e6ab.png | 104.21.93.16 | 200 OK | 160 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/img/pc_2.c533e6ab.png IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typePNG image data, 607 x 914, 8-bit colormap, non-interlaced Size160 kB (160115 bytes) Hashc533e6ab0429bad7b935eacf3a13e66f c68f57ce0f4612eb6e4e7b99ef6c3f1067b5ff9d 6cc196bb7f8ff1bd4c834951804002044750f0770c5701a16ec26912b808db49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/img/pc_2.c533e6ab.png HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:15 GMT
content-type: image/png
content-length: 160115
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: "65b4c0ff-27173"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ql2E%2B1icsXxBhMMZk%2B%2BvE1nIm1nhGOiFdUD%2FYxK%2BhBzW3kRjK7SFXkTGy0CDVZO9R6Ht0cZvhDcqpi%2B6cNMhit88hWgwnxO7B06alhyx3JRg9KMAzswBtUujBzldeTq4UMY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa12aafa11c02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/css/chunk-5d4360e9.eebabd4c.css | 104.21.93.16 | 200 OK | 16 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/css/chunk-5d4360e9.eebabd4c.css IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typeASCII text, with very long lines (16372), with no line terminators Hashd4bf846380c955918705fd4d1973c1fc db3a65a0783680f9bff42ac393f1c8067f8405c5 dbcbbe9fafadd952438de1f7f266c2dca76bf59d38ab9b3088d2bf2523e97ce7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/css/chunk-5d4360e9.eebabd4c.css HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:16 GMT
content-type: text/css
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: W/"65b4c0ff-3ff4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cM1c6qt%2BsPFysmc4E%2FW3%2F13P4YEkF6uYQ%2Bh8hvU0vTCvKq6D6EeK0T8OCbeIEUxNGjtlFQ6QGWeo1mFub79jQo1yMUzMbLL72ot0%2FnKK6qRAA8tA0w%2BZcjPwmhztxzJkcLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa13308561c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/css/chunk-vendors.87ba3b36.css | 104.21.93.16 | 200 OK | 99 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/css/chunk-vendors.87ba3b36.css IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typeASCII text, with very long lines (38507) Hash51e7e874614b4dc481fdaa41ad8e940c 08f67492b6481332961a9c05a8161f0f6d8e7b68 25be70c4089c7a3f2bba18588fc320c74618511183db799fff9d8b28dc1ab81e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/css/chunk-vendors.87ba3b36.css HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:13 GMT
content-type: text/css
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: W/"65b4c0ff-1811f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GY%2F5NvGM14jxi9j65sXvVc5LE1BjkLBs0ckJDNmkqds2dy65Jtt5OwAGJOIbNm5C0sEOoTr3myp9fotFpL8ijLbDa5ipcCASzw%2BKilNGxF0TLjDhTptnW7gxzhHKG2F7Rnw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa1182b9c1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/css/chunk-5d4360e9.eebabd4c.css | 104.21.93.16 | 200 OK | 16 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/css/chunk-5d4360e9.eebabd4c.css IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typeASCII text, with very long lines (16372), with no line terminators Hashd4bf846380c955918705fd4d1973c1fc db3a65a0783680f9bff42ac393f1c8067f8405c5 dbcbbe9fafadd952438de1f7f266c2dca76bf59d38ab9b3088d2bf2523e97ce7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/css/chunk-5d4360e9.eebabd4c.css HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:14 GMT
content-type: text/css
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: W/"65b4c0ff-3ff4"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bgc55xavaH92olxLF9pPEeZwEQ6%2FpdIH%2BNfoOw%2FEC5h2hG6wsPrhgTciI4YGvfR5vam5BFwzrDB4Vh0YCUo5RjMgXnVfuRYZSLmnK1SAuqxbuYSJrBbsfzGWofz%2BoI4TOVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa1222e161c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/img/pc_1.200d65c9.png | 104.21.93.16 | 200 OK | 155 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/img/pc_1.200d65c9.png IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typePNG image data, 1047 x 876, 8-bit colormap, non-interlaced Size155 kB (155267 bytes) Hash200d65c9dddb7baf8d7efac22c61f7ed ea30ade5ae20b69f51c7f2c64cc2b8c000f53348 2efc220fe64d87b284aab1679637ede808a820a0c225e8c9f331905215bc23dc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/img/pc_1.200d65c9.png HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:15 GMT
content-type: image/png
content-length: 155267
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: "65b4c0ff-25e83"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=knmh6UxB8gYLX618bLI%2FNFDbm4D7IwRO0qXjd7HdueKajtw3aE0fkL7rqFW3c%2FhrFTkG2DNvd57Xe7Ml5gMIlwZnAjvpzMduBBALg%2FTk2uE50QZ%2FjOcEtXYnbH5SRjOEH9o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa12aaf9c1c02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/js/chunk-5d4360e9.2964c067.js | 104.21.93.16 | 200 OK | 167 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/js/chunk-5d4360e9.2964c067.js IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
Size167 kB (167032 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/chunk-5d4360e9.2964c067.js HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:16 GMT
content-type: application/javascript
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: W/"65b4c0ff-28c78"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9kcv2M1RoYMYuVTdVFowUT9mFaEAKWMA%2FyctrfXY0KxgpEdBh4wspwg9kk1FAAZUq%2ByBAuoDmH4BIIivF2aVjKIksXZ1c2XnnEnp73fFVabK%2FI273OMr0s2HARIOuRqQy4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa13318791c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/js/chunk-5d4360e9.2964c067.js | 104.21.93.16 | 200 OK | 167 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/js/chunk-5d4360e9.2964c067.js IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
Size167 kB (167032 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/chunk-5d4360e9.2964c067.js HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:14 GMT
content-type: application/javascript
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: W/"65b4c0ff-28c78"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6VUwG3R6gxjaWMoRa06qvlvZ%2FvxFPgYEr08mjud72Ks%2BpRsmBHJDxvPLF92TOdprzc%2FJZ2Z5gtgg%2BDbyY%2BgyyvmiWf0txCYfKsrhrqJYaa9nsKetBBJkHBKYJvaPE6iCmVw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa1222e181c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sh.gegvnlkv.xyz/static/js/chunk-4b0db8ec.a8758f5f.js | 104.21.93.16 | 200 OK | 1.1 kB |
URL GET HTTP/3sh.gegvnlkv.xyz/static/js/chunk-4b0db8ec.a8758f5f.js IP104.21.93.16:443
Requested byhttps://sh.gegvnlkv.xyz/?ch=xiu668 CertificateIssuerGoogle Trust Services LLC Subjectgegvnlkv.xyz Fingerprint9E:C7:44:FD:51:32:DA:AB:76:49:07:87:0F:A6:F7:69:F3:CE:53:D2 ValidityFri, 29 Mar 2024 02:56:07 GMT - Thu, 27 Jun 2024 02:56:06 GMT
File typeUnicode text, UTF-8 text, with very long lines (1143), with no line terminators Hashfddec4f838da05580d805dcabedaf7ef bf5450fe97cb508a7ad63a87fdf4993c1173c4c6 34bb846aa389880a334f00dd4187f1f9d1a9cef2d6d9020a06c3505dbb86e138
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/chunk-4b0db8ec.a8758f5f.js HTTP/1.1
Host: sh.gegvnlkv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://sh.gegvnlkv.xyz/?ch=xiu668
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:42:16 GMT
content-type: application/javascript
last-modified: Sat, 27 Jan 2024 08:38:23 GMT
etag: W/"65b4c0ff-43b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ydPGioMZedoS6iqRl8iLBrm2BCq9uagZoACEJClRrYZYBgg%2FPcQSeJYZ81FusVJuAlpXFlz062jWHfgYboG6AqF6EmunYVoPJROVHG0THWELAA2mJ%2FdIElFQygW1xjk8ge0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaa13308641c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|