| jaox62fea.cc/socket.io/?EIO=3&transport=websocket | 188.114.96.1 | | 0 B |
URL jaox62fea.cc/socket.io/?EIO=3&transport=websocket IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: jaox62fea.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://jaox62fea.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7FTr/iJF6n3sAnd2RIxRrg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 19 Apr 2024 01:05:59 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: D8+qNRT9hSJOmmvPQdE1VRjOoB0=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULCWT8le9txlJl%2FfrylnLho2ZX5rrlGgF1w8dYKwlsozf1yklIz1x2SVINbuN1YrQcCKtijUaSe8%2Fnp4s5ThipV1P5ill7OA60fsKXn2R4zGsmo%2Bi0hsLDk%2BxDWX9i0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8768fd4a596d7127-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.discordapp.com/attachments/1230078348571443234/1230078367429034004/dfgdb16er.mp4?ex=663202c0&is=661f8dc0&hm=757c5a5581fb98cf32ef84d27a1f1f73fc08cf43148e73756072854d6c7a38bb& | 162.159.130.233 | | 235 B |
URL cdn.discordapp.com/attachments/1230078348571443234/1230078367429034004/dfgdb16er.mp4?ex=663202c0&is=661f8dc0&hm=757c5a5581fb98cf32ef84d27a1f1f73fc08cf43148e73756072854d6c7a38bb& IP162.159.130.233:0
File typeXML 1.0 document, ASCII text, with no line terminators Hash39cbf2edd9fa50ef1aefda05713a9194 b444d105a3cb42e8d8648776a728e5a3554d2758 d9c4e030bcc9fe5fc5f29fbcbf5bc1456a8c65ab9223cdcacf1e8a6d2df5400f
GET /attachments/1230078348571443234/1230078367429034004/dfgdb16er.mp4?ex=663202c0&is=661f8dc0&hm=757c5a5581fb98cf32ef84d27a1f1f73fc08cf43148e73756072854d6c7a38bb& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://jaox62fea.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 01:05:59 GMT
content-type: application/xml; charset=UTF-8
content-length: 235
cf-ray: 8768fd4a8c6c5687-OSL
cf-cache-status: EXPIRED
accept-ranges: bytes
cache-control: public, max-age=31536000
content-disposition: attachment
expires: Sat, 19 Apr 2025 01:05:59 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-guploader-uploadid: ABPtcPoX93xfppGv-Txh9PElREQo-S16fMNFWXj_OmAWB20lOv6YS-3J7DX7GvR2DtDUCmXm_uBn3TWIVw
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9IWGOlh%2BFhS%2BPoAyM28moznKcgjc7SyNHagIzHFWL2QpnNmEwqCl8oovHoRmcnqpHRlxL8V6WBjamqAA5VGeUxMsSuQ73e7jsVujYtRk%2F%2Bn9aPTZegKg%2FYga53138sZ3fKiDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=5fK2iJt.w0.lFk4PWZBIp3iHVxCg8mHhc5GHZydGF0w-1713488759-1.0.1.1-7vD3LO08w4Cg7V2xGtEAFk8MecApA6mXemwOlzZCfdVIzTdcnvkvr1Xuapf0X5j7Afnr7EKBXdNGSwVxtNFi0g; path=/; expires=Fri, 19-Apr-24 01:35:59 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=XpX_5iwG1Qx2U7Fmt.ZMUxrSBzdxTWnRt2LnEfLV..0-1713488759622-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| jaox62fea.cc/getlog | 188.114.96.1 | 200 OK | 5.3 kB |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectjaox62fea.cc FingerprintB8:C2:50:F3:3E:2D:D0:EB:3E:49:5A:99:F9:4C:21:EF:70:A0:82:5D ValidityMon, 15 Apr 2024 16:54:37 GMT - Sun, 14 Jul 2024 16:54:36 GMT
Hashda9c5ae3a01466625c6944b6ae89443a 6de9d714cf285e8e28f475e061cc923c0495bf2a 0d918bd2373a2f784ace2044d6f080bcf95b261b0793f8e492a18cce9af938df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /getlog HTTP/1.1
Host: jaox62fea.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaox62fea.cc/enter/register
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:05:59 GMT
content-type: application/json; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOC%2B9yPqfstjmjeiXUnTkirMg%2Bzd2ACMhioYc4VHSDJVHn%2FybmaFvT7VqYAsNwQ%2FP1KCfqAgE5lEX72rEk1lx3zfqDxxOKcv4HW471idZeBbKPUVJ%2FNujY5QfJpbic4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8768fd4a1c565687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| b.yzcdn.cn/vant/icon-demo-1126.png | 154.85.69.53 | 200 OK | 8.9 kB |
URL GET HTTP/2b.yzcdn.cn/vant/icon-demo-1126.png IP154.85.69.53:443 ASN#139057 LEGEND DYNASTY PTE. LTD.
CertificateIssuersslTrus Subject*.yzcdn.cn Fingerprint6A:A8:BA:7C:D4:B4:86:0B:74:EB:E6:19:C8:69:2E:8B:13:6C:1E:1B ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hashf87c46f346a5548224ccbe0b6bd75df5 8e8b8bd4ba3e6b6c8557d94a726061fdd62492fd b6304eb9b754d38d3ad74d0acce42c156536840351368ed3e4895a6b50cd9370
GET /vant/icon-demo-1126.png HTTP/1.1
Host: b.yzcdn.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaox62fea.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 01:06:00 GMT
content-type: image/png
content-length: 8886
server: openresty
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
access-control-max-age: 2592000
cache-control: public, max-age=2592000
content-disposition: inline; filename="icon-demo-1126.png"; filename*=utf-8''icon-demo-1126.png
content-md5: +HxG80alVIIkzL4La9dd9Q==
content-transfer-encoding: binary
etag: "Fo6Li9S6PmtshVfZSnJgYf3WJJL9"
last-modified: Mon, 26 Nov 2018 11:08:05 GMT
x-reqid: YyIAAAASg9geDiAX
x-svr: IO
x-qiniu-zone: 0
x-log: X-Log
x-ser: BC5_dx-lt-yd-zhejiang-huzhou-3-cache-7, BC165_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, BC46_DE-Frankfurt-Frankfurt-11-cache-4
x-cache: HIT from BC46_DE-Frankfurt-Frankfurt-11-cache-4(baishan)
X-Firefox-Spdy: h2
|
|
| jaox62fea.cc/js/app.6f176239.js | 188.114.96.1 | 200 OK | 175 kB |
URL GET HTTP/3jaox62fea.cc/js/app.6f176239.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectjaox62fea.cc FingerprintB8:C2:50:F3:3E:2D:D0:EB:3E:49:5A:99:F9:4C:21:EF:70:A0:82:5D ValidityMon, 15 Apr 2024 16:54:37 GMT - Sun, 14 Jul 2024 16:54:36 GMT
Size175 kB (174906 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/app.6f176239.js HTTP/1.1
Host: jaox62fea.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaox62fea.cc/f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:05:59 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 18 Apr 2024 20:04:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fymkhH6mAxHO4LlVhP3YpW5hsVPuUtJtAqp1zmmmHw1V3dfGJE9fnWFleMmnNUIxTx5c1khzW0jaqFIIi1qrfb7KKf6EdSCrIM1wukwrIEabZjhClCc9n2YcStsf8L4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768fd3dd9035687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jaox62fea.cc/css/chunk-vendors.c57533e1.css | 188.114.96.1 | 200 OK | 156 kB |
URL GET HTTP/3jaox62fea.cc/css/chunk-vendors.c57533e1.css IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectjaox62fea.cc FingerprintB8:C2:50:F3:3E:2D:D0:EB:3E:49:5A:99:F9:4C:21:EF:70:A0:82:5D ValidityMon, 15 Apr 2024 16:54:37 GMT - Sun, 14 Jul 2024 16:54:36 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size156 kB (156544 bytes) Hashebfffebc1f62c3be51082e6595a0a005 e278fbd6fd48150b3f366b50ed388983d934978c f5ce9e73e1f7cea326eedd4f39d9b2d703ba4ccb31a6078cdc1fb16481298a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/chunk-vendors.c57533e1.css HTTP/1.1
Host: jaox62fea.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaox62fea.cc/f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:05:57 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 18 Apr 2024 20:04:01 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E4QuTSzaX35LCklgaVTswZvn%2FB0jg2FVW%2BAAuEoL6c0rK0HytkeHeBrKjzFyYQ52btWRzm6DfOIOxTlB0HnGOcpgFX8SYKQX%2ByZ%2BNJDL6aDwPZYf6Z7yq6CNM4OA2o0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768fd3dd9045687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.discordapp.com/attachments/1230078348571443234/1230078367429034004/dfgdb16er.mp4?ex=663202c0&is=661f8dc0&hm=757c5a5581fb98cf32ef84d27a1f1f73fc08cf43148e73756072854d6c7a38bb& | 162.159.130.233 | 404 Not Found | 0 B |
URL GET HTTP/2cdn.discordapp.com/attachments/1230078348571443234/1230078367429034004/dfgdb16er.mp4?ex=663202c0&is=661f8dc0&hm=757c5a5581fb98cf32ef84d27a1f1f73fc08cf43148e73756072854d6c7a38bb& IP162.159.130.233:443
CertificateIssuerCloudflare, Inc. Subjectdiscordapp.com Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39 ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /attachments/1230078348571443234/1230078367429034004/dfgdb16er.mp4?ex=663202c0&is=661f8dc0&hm=757c5a5581fb98cf32ef84d27a1f1f73fc08cf43148e73756072854d6c7a38bb& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://jaox62fea.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 01:05:59 GMT
content-type: application/xml; charset=UTF-8
content-length: 235
cf-ray: 8768fd4a8c6c5687-OSL
cf-cache-status: EXPIRED
accept-ranges: bytes
cache-control: public, max-age=31536000
content-disposition: attachment
expires: Sat, 19 Apr 2025 01:05:59 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-guploader-uploadid: ABPtcPoX93xfppGv-Txh9PElREQo-S16fMNFWXj_OmAWB20lOv6YS-3J7DX7GvR2DtDUCmXm_uBn3TWIVw
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9IWGOlh%2BFhS%2BPoAyM28moznKcgjc7SyNHagIzHFWL2QpnNmEwqCl8oovHoRmcnqpHRlxL8V6WBjamqAA5VGeUxMsSuQ73e7jsVujYtRk%2F%2Bn9aPTZegKg%2FYga53138sZ3fKiDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=5fK2iJt.w0.lFk4PWZBIp3iHVxCg8mHhc5GHZydGF0w-1713488759-1.0.1.1-7vD3LO08w4Cg7V2xGtEAFk8MecApA6mXemwOlzZCfdVIzTdcnvkvr1Xuapf0X5j7Afnr7EKBXdNGSwVxtNFi0g; path=/; expires=Fri, 19-Apr-24 01:35:59 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=XpX_5iwG1Qx2U7Fmt.ZMUxrSBzdxTWnRt2LnEfLV..0-1713488759622-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| | 188.114.96.1 | 200 OK | 2.7 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectjaox62fea.cc FingerprintB8:C2:50:F3:3E:2D:D0:EB:3E:49:5A:99:F9:4C:21:EF:70:A0:82:5D ValidityMon, 15 Apr 2024 16:54:37 GMT - Sun, 14 Jul 2024 16:54:36 GMT
File typeHTML document, ASCII text, with very long lines (2868), with no line terminators Hashc6c194ffe06195f4488e0805c2359381 9f599e41044200c13d00c0259ffa698d138bb8cc b5706287d62434aee58f0e3155cef2a79e903e17e406b89a7c1d055d87fed0cc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /f HTTP/1.1
Host: jaox62fea.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 01:05:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKCIn65WnkuzTFD929JSxklvRqgBLpeLDAcT2ZTRrbu7Q0sP%2By8hQ5znjdzf6CF1w9wuRE3Gj22f1D8dBRLdsDRk9XVsm4%2BbF72qZC%2FrpWZc7h9xz2iK9KvbyU4gwlg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8768fd3b7bc156b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| jaox62fea.cc/js/chunk-vendors.ea790e22.js | 188.114.96.1 | 200 OK | 949 kB |
URL GET HTTP/3jaox62fea.cc/js/chunk-vendors.ea790e22.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectjaox62fea.cc FingerprintB8:C2:50:F3:3E:2D:D0:EB:3E:49:5A:99:F9:4C:21:EF:70:A0:82:5D ValidityMon, 15 Apr 2024 16:54:37 GMT - Sun, 14 Jul 2024 16:54:36 GMT
Size949 kB (949174 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/chunk-vendors.ea790e22.js HTTP/1.1
Host: jaox62fea.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaox62fea.cc/f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:05:58 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 18 Apr 2024 20:04:35 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OP%2BS0nHu6HuLA9jdy0YC2NudpvS8oziDIGTHC5WS%2FsKhoZZedmnt5OZYgRhi2tfEZaQyx5PXLnLH%2BtO%2B%2Fmb0lhQBt6wiZeUjwYupeKbT4qZr%2F1J0pCEmb7CoC8YQkcM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768fd3dc9005687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jaox62fea.cc/css/app.abdd66d0.css | 188.114.96.1 | 200 OK | 16 kB |
URL GET HTTP/3jaox62fea.cc/css/app.abdd66d0.css IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectjaox62fea.cc FingerprintB8:C2:50:F3:3E:2D:D0:EB:3E:49:5A:99:F9:4C:21:EF:70:A0:82:5D ValidityMon, 15 Apr 2024 16:54:37 GMT - Sun, 14 Jul 2024 16:54:36 GMT
File typeASCII text, with very long lines (15613), with no line terminators Hash286f3d1254d8f70f6ecb956691e62578 39349158a8f6487212e65d2a3cf487f3670cb485 1b2ad1f2ec300436ebf2c3c579f12f07d00b5ec2f93a9cc692b0bf0ed088e22a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/app.abdd66d0.css HTTP/1.1
Host: jaox62fea.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaox62fea.cc/f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:05:57 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 18 Apr 2024 20:03:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hgbIDwWaZDvME7PZOBe%2FlYhUw1yGNubmbjehqeq5yG1KPmPcYITXMZCHHBaDLxsSlzyF3YmnMn9T5R%2BI8b7Tq1KCX3VTfxUwAp8R7YcgRSDjYtNyOCmdg9DZ%2BxvOQSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768fd3dd9055687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jaox62fea.cc/socket.io/?EIO=3&transport=websocket | 188.114.96.1 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1jaox62fea.cc/socket.io/?EIO=3&transport=websocket IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectjaox62fea.cc FingerprintB8:C2:50:F3:3E:2D:D0:EB:3E:49:5A:99:F9:4C:21:EF:70:A0:82:5D ValidityMon, 15 Apr 2024 16:54:37 GMT - Sun, 14 Jul 2024 16:54:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: jaox62fea.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://jaox62fea.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7FTr/iJF6n3sAnd2RIxRrg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 19 Apr 2024 01:05:59 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: D8+qNRT9hSJOmmvPQdE1VRjOoB0=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULCWT8le9txlJl%2FfrylnLho2ZX5rrlGgF1w8dYKwlsozf1yklIz1x2SVINbuN1YrQcCKtijUaSe8%2Fnp4s5ThipV1P5ill7OA60fsKXn2R4zGsmo%2Bi0hsLDk%2BxDWX9i0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8768fd4a596d7127-OSL
alt-svc: h3=":443"; ma=86400
|
|
| jaox62fea.cc/img/icons/apple-touch-icon-152x152.png | 188.114.96.1 | 200 OK | 4.0 kB |
URL GET HTTP/3jaox62fea.cc/img/icons/apple-touch-icon-152x152.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectjaox62fea.cc FingerprintB8:C2:50:F3:3E:2D:D0:EB:3E:49:5A:99:F9:4C:21:EF:70:A0:82:5D ValidityMon, 15 Apr 2024 16:54:37 GMT - Sun, 14 Jul 2024 16:54:36 GMT
File typePNG image data, 152 x 152, 8-bit/color RGB, non-interlaced Hash1a034e64d80905128113e5272a5ab95e 92328e60f63d690f33cd4961b9934a539dc29b82 4d9685d610c4411caadd8d36ce94d3303cf5b05c8e04d67fc232c16a4469a135
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: jaox62fea.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaox62fea.cc/f
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:05:59 GMT
content-type: image/png
content-length: 4046
last-modified: Thu, 18 Apr 2024 20:04:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1029
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gz9Ap821%2BZ7sCjDeqtV57vHBexT8hHvT4oTDI18rgdVmbQt1YNoc%2FDZ%2BsbXHjEULDLm4sYx4olUYIllem7jQMUEGoZraea1hrDrcVdNULz6FzTUTK99w9BR%2FfgodluQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768fd4c9d285687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| jaox62fea.cc/img/icons/favicon.svg | 188.114.96.1 | 200 OK | 2.7 kB |
URL GET HTTP/3jaox62fea.cc/img/icons/favicon.svg IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectjaox62fea.cc FingerprintB8:C2:50:F3:3E:2D:D0:EB:3E:49:5A:99:F9:4C:21:EF:70:A0:82:5D ValidityMon, 15 Apr 2024 16:54:37 GMT - Sun, 14 Jul 2024 16:54:36 GMT
File typeHTML document, ASCII text, with very long lines (2868), with no line terminators Hashc6c194ffe06195f4488e0805c2359381 9f599e41044200c13d00c0259ffa698d138bb8cc b5706287d62434aee58f0e3155cef2a79e903e17e406b89a7c1d055d87fed0cc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icons/favicon.svg HTTP/1.1
Host: jaox62fea.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaox62fea.cc/f
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:05:59 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-cache-status: HIT
age: 960
last-modified: Fri, 19 Apr 2024 00:49:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KW8PkUEgwEs7ypmOCeh146Kr0GW3ozeNuzczRDDPIYB2PeI%2BNOO07uuGyacPtOMNpZXsDek6kRB4wvSBFZi5A8qrcHfy%2F8SsdKOUKENrhhX891n3enQtoW1UvkPyDAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768fd4c9d2b5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|