Report - hf8bgngmzb0j48p.xyz/

Report Overview

Submitted URL
hf8bgngmzb0j48p.xyz/
IP
216.18.208.202
ASN
#18450 WEBNX
Submitted
2022-09-10 20:06:14
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
130

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	993 B	2.1 kB	142.250.74.3
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	630 B	86 kB	157.240.200.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.2 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.70.239.215
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
hf8bgngmzb0j48p.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	21 kB	1.9 MB	216.18.208.202
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	977 B	51 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	28 kB	157.240.200.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-10	medium	hf8bgngmzb0j48p.xyz/	Phishing
2022-09-10	medium	hf8bgngmzb0j48p.xyz/index_files/dr-dtime.min.js.%E4%B8%8B%E8%BD%BD	Phishing
2022-09-10	medium	hf8bgngmzb0j48p.xyz/index_files/prognroll.js.%E4%B8%8B%E8%BD%BD	Phishing
2022-09-10	medium	hf8bgngmzb0j48p.xyz/index_files/fbevents.js.%E4%B8%8B%E8%BD%BD	Phishing
2022-09-10	medium	hf8bgngmzb0j48p.xyz/index_files/jquery.min.js.%E4%B8%8B%E8%BD%BD	Phishing
2022-09-10	medium	hf8bgngmzb0j48p.xyz/index_files/758241664861733	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed
2022-09-10	medium	hf8bgngmzb0j48p.xyz	Sinkholed

JavaScript (19)

	URL	Size	First Seen	Last Seen
	hf8bgngmzb0j48p.xyz/?type=really	2.7 kB	2023-03-07	2023-03-17
Pretty URL hf8bgngmzb0j48p.xyz/?type=really IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2023-03-17 12:27:13 Times Seen1 Hash 3c3aca1b00e509315ec875ca58253213 1ac0f33b06374c944c951ca5265d753110b5ee7c cf1c998dd2b1311bc2c7784da25b07fa893e1447a373563b9bec9d3cbd660db2 Loading...

	hf8bgngmzb0j48p.xyz/?type=really	1.0 kB	2023-03-07	2023-08-27
Pretty URL hf8bgngmzb0j48p.xyz/?type=really IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2023-08-27 21:41:50 Times Seen12 Hash 0941af851722e408a16725521da1a083 b19698875db5226cf60dfe7ba3ced20a73f6ae8b 21c25bbe551eb25c0c873acd4f94655f8b41bbb6324ea7fabe2c4dff2f42cf4e Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-07	2023-08-11
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:31 Last Seen2023-08-11 03:38:40 Times Seen44 Hash 026f52d67397fda8ff7ddb28ee932f39 44a56e64bfdba3ceff45066d88f3b8f3db2c9ca3 5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783 Loading...

	hf8bgngmzb0j48p.xyz/index_files/758241664861733	260 kB	2023-03-07	2023-08-27
Pretty URL hf8bgngmzb0j48p.xyz/index_files/758241664861733 IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2023-08-27 21:41:50 Times Seen23 Hash 936774d1e2ee0c789018b1411b4cb4a5 43c92bae13f557efcba988be994290cc7158ebe9 0e84fc140bc4e635dddcf77c85b34455bd7b12ab64668c5a64253ed366ccdf05 Loading...

	hf8bgngmzb0j48p.xyz/?type=really	303 B	2023-03-07	2023-08-27
Pretty URL hf8bgngmzb0j48p.xyz/?type=really IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2023-08-27 21:41:50 Times Seen27 Hash 3bc10ba209395ab2293c136bad5f848d 4928d9093fca7c23a1e7b29047e50065b66f04c9 212a8f8c022a285b35f8a1598063bf817968032e0ab94721f809b2404e082f77 Loading...

	hf8bgngmzb0j48p.xyz/?type=really	464 B	2023-03-07	2023-08-27
Pretty URL hf8bgngmzb0j48p.xyz/?type=really IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2023-08-27 21:41:50 Times Seen12 Hash 7162f809709e0e9361522ef474d6ff3d 1da15d4297dcaa2c465e63a5075297cc9068d2dc 3302de51ffd66e26e93e7a505e5dbe082eea61aae4cae61f8e2f5431c81159c5 Loading...

	hf8bgngmzb0j48p.xyz/?type=really	100 B	2023-03-07	2023-08-27
Pretty URL hf8bgngmzb0j48p.xyz/?type=really IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2023-08-27 21:41:50 Times Seen27 Hash 5070afe1233cc22c90f5fa48da9628dc d76d1fad075da22761f0aa4a226a9476e00336b1 76eac63f224cacac5786e052b694c13c7a5f91bf15c45c19bffa76326cab3907 Loading...

	hf8bgngmzb0j48p.xyz/?type=really	116 B	2023-03-07	2023-08-27
Pretty URL hf8bgngmzb0j48p.xyz/?type=really IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2023-08-27 21:41:50 Times Seen27 Hash fba9aaf4a1f4ff94781c559b5b28c282 739586be27a46c12ff2391f9f0158096dff7182e 262053ee4b86dba7d609ad83422c293b718a0baa5fad97d18b2ff8462cd6defd Loading...

	connect.facebook.net/signals/config/758241664861733?v=2.9.79&r=stable	300 kB	2023-03-07	2024-02-11
Pretty URL connect.facebook.net/signals/config/758241664861733?v=2.9.79&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2024-02-11 09:40:24 Times Seen1 Hash 7ded8024a983d3b6d326e4f953c41d9c 22cc0020bccbeabfc3798efac6ec9b981e54e5c3 16b7b5b734a7664f2a1ddd8cf5c37ab87236ad6ede7ba5cf54a9c526ede01f9e Loading...

	hf8bgngmzb0j48p.xyz/index_files/jquery.min.js.%E4%B8%8B%E8%BD%BD	96 kB	2023-03-07	2024-04-26
Pretty URL hf8bgngmzb0j48p.xyz/index_files/jquery.min.js.%E4%B8%8B%E8%BD%BD IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-04-26 04:11:36 Times Seen10415 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	hf8bgngmzb0j48p.xyz/?type=really	545 B	2023-03-07	2023-08-27
Pretty URL hf8bgngmzb0j48p.xyz/?type=really IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2023-08-27 21:41:50 Times Seen27 Hash 7ca1f97bda798c0adfde5b1d4167a6ad 010ebc641dd79b2910bf026aa1e991e742c6e73f a7e7366b6d741698f9836a58eea9908ed1614186fb978a22e79a43bf997f9549 Loading...

	hf8bgngmzb0j48p.xyz/?type=really	422 B	2023-03-07	2024-03-03
Pretty URL hf8bgngmzb0j48p.xyz/?type=really IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2024-03-03 15:54:11 Times Seen30 Hash 6af8b8c9910d12f022023215c4fc97a6 a7b35dcc707ba905224ef2acfdda8860a9895f0c 7d51c9d80f0219807334bcc8a89489beafc610914fe49213b9f285120ca01a23 Loading...

	hf8bgngmzb0j48p.xyz/?type=really	599 B	2023-03-07	2023-04-05
Pretty URL hf8bgngmzb0j48p.xyz/?type=really IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2023-04-05 01:52:52 Times Seen5 Hash aaf9c7d0a02105b86f233c4fe2d38eca 4724ed74a4622e438d7725db82070f7ea4188d4d 5518faeb74446352465311804a8e44a087a61c1986d29154adb5141c60786ba8 Loading...

	hf8bgngmzb0j48p.xyz/index_files/fbevents.js.%E4%B8%8B%E8%BD%BD	95 kB	2023-03-07	2024-04-14
Pretty URL hf8bgngmzb0j48p.xyz/index_files/fbevents.js.%E4%B8%8B%E8%BD%BD IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2024-04-14 20:19:40 Times Seen105 Hash c2cf87840fa6397b715acf989117a509 56eb4f26e87547dca7ed568d3888c5c5ed36633e ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1 Loading...

	hf8bgngmzb0j48p.xyz/index_files/dr-dtime.min.js.%E4%B8%8B%E8%BD%BD	0 B	2023-03-07	2024-04-26
Pretty URL hf8bgngmzb0j48p.xyz/index_files/dr-dtime.min.js.%E4%B8%8B%E8%BD%BD IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 10:31:05 Times Seen37089797 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	hf8bgngmzb0j48p.xyz/?type=really	814 B	2023-03-07	2023-03-17
Pretty URL hf8bgngmzb0j48p.xyz/?type=really IP 216.18.208.202 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2023-03-17 12:27:13 Times Seen1 Hash 0e218a583c7c345252046db4bf4e52e3 c00cc527569ac317465ed046c8b0bb23d9db0f10 aacace9194e505ff1e0485e2c15ca4158dad3acd55d42940dc20090fd07fcdf2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 87816eb390ebc3ee5a98b70763f600f5	63 B	2023-03-07	2024-04-13
Pretty Observations First Seen2023-03-07 01:07:06 Last Seen2024-04-13 18:14:23 Times Seen313 Hash 87816eb390ebc3ee5a98b70763f600f5 506cd38ead4b9a7c02411247c76da5e8f8db1182 7beb7938591dd375a15a478331d461a56e9e6dc2460a2b886ecdc3e163d11d88 Loading...

		Size	First Seen	Last Seen
	#1 Write - 2b7273dcde59de5422842e62a072eb7e	12 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 14:26:59 Last Seen2023-03-07 16:17:41 Times Seen1 Hash 2b7273dcde59de5422842e62a072eb7e 1d9be15defd6294a082097e7ddfa2674feffd270 f5334bf05095f26d9545850b433e8f193802653a3da11788227ee2a8c64500d1 Loading...

	#2 Write - cee688c5610c987ed14166418eb931fc	26 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 14:26:59 Last Seen2023-03-07 14:26:59 Times Seen1 Hash cee688c5610c987ed14166418eb931fc 187e7522d2a7e9dbfd73b96443ac9be45a4e8906 f36ee8acdfc49faea834562c341a91b2098e18b7204af8f7ab82550d4d07e71e Loading...

HTTP Transactions (87)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14737
Expires: Sun, 11 Sep 2022 00:11:40 GMT
Date: Sat, 10 Sep 2022 20:06:03 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 19:06:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: M0busC2NxkVysJmsVzMXIfcKPZtrGB5hF3kGCtBi50lNWAoeluVgbA==
Age: 3553

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XeejKOKBo2whqF9Y1uQRrEERcrqP9ZPtxo8qID4YVAqcfSARSRFqMQ==
age: 46131
X-Firefox-Spdy: h2

hf8bgngmzb0j48p.xyz/

216.18.208.202

200 OK

168 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
168 B (168 bytes)
Hash
b7949a2c2cec5d0fc76270710f132d4e
a51a1a70d14193182bc1cca339efbf805da63a34
0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:03 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:06:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

hf8bgngmzb0j48p.xyz/favicon.ico

216.18.208.202

200 OK

168 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/favicon.ico
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
168 B (168 bytes)
Hash
b7949a2c2cec5d0fc76270710f132d4e
a51a1a70d14193182bc1cca339efbf805da63a34
0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:03 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 19:56:07 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 20:00:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pm-9oRLaRngWC3g2yx0BfxZlo6CsjvLVLF1FhH5ZmChvRYSKzEeC8w==
Age: 596

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4408
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:06:04 GMT
Last-Modified: Sat, 10 Sep 2022 18:52:36 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

hf8bgngmzb0j48p.xyz/?type=really

216.18.208.202

200 OK

32 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/?type=really
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9743)
Size
32 kB (31663 bytes)
Hash
5d7ccadcf7324aa79fb7ceb78bcd0bc1
25961e90c62e17ff7f67ffa00d710658beccf42a
79b6bdb75625353ea515a9eb51231ce981eb935ce7846dce4485c6ff29ff2ad6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?type=really HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:03 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 31663
Content-Type: text/html; charset=utf-8

push.services.mozilla.com/

54.70.239.215

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.70.239.215:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: laY36p9yHoB7jVZlf3UNVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iTT0Bt37J0wc8fwENyRPn4SplxQ=

hf8bgngmzb0j48p.xyz/index_files/dr-dtime.min.js.%E4%B8%8B%E8%BD%BD

216.18.208.202

200 OK

0 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/dr-dtime.min.js.%E4%B8%8B%E8%BD%BD
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /index_files/dr-dtime.min.js.%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:46 GMT
ETag: "0-5df5388536680"
Accept-Ranges: bytes
Content-Length: 0
Content-Type: application/javascript

hf8bgngmzb0j48p.xyz/index_files/prognroll.js.%E4%B8%8B%E8%BD%BD

216.18.208.202

200 OK

0 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/prognroll.js.%E4%B8%8B%E8%BD%BD
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /index_files/prognroll.js.%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:19 GMT
ETag: "0-5df538a4af0c0"
Accept-Ranges: bytes
Content-Length: 0
Content-Type: application/javascript

hf8bgngmzb0j48p.xyz/index_files/css.css

216.18.208.202

200 OK

286 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/css.css
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
ASCII text
Size
286 B (286 bytes)
Hash
b64822089be4206d56dc4bac85e9de16
85d1d813f5c74bc8234c91a390d9bda29d662187
96dfc9b774facb1608626574ffae925fb1263b6f9a70125261cd033d82b9de70

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/css.css HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:43 GMT
ETag: "223-5df5388259fc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 286
Content-Type: text/css

hf8bgngmzb0j48p.xyz/index_files/fbevents.js.%E4%B8%8B%E8%BD%BD

216.18.208.202

200 OK

24 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/fbevents.js.%E4%B8%8B%E8%BD%BD
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
ASCII text, with very long lines (64343)
Size
24 kB (24219 bytes)
Hash
48e96e3912f50cd406d2a703fc1c5c8f
dc59a8c0460791f74953e4207460591173f8ba5c
f247d0cc1b01eacda3987ab80ad41f2b7eaf2b5b6414c5e20f4f17cd5875d6b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /index_files/fbevents.js.%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:46 GMT
ETag: "171a0-5df5388536680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24219
Content-Type: application/javascript

hf8bgngmzb0j48p.xyz/index_files/jquery.min.js.%E4%B8%8B%E8%BD%BD

216.18.208.202

200 OK

33 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/jquery.min.js.%E4%B8%8B%E8%BD%BD
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
ASCII text, with very long lines (32038)
Size
33 kB (33279 bytes)
Hash
46ed104a51da58b1f8bff2ecab0e898b
3f6098bfd567710a5a5897879b680743d32205ae
7a0cdbe39e6a65c613bdea979908ad28c97eb01c91d576f254fe46ec401c8fd1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /index_files/jquery.min.js.%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:17 GMT
ETag: "176d5-5df538a2c6c40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33279
Content-Type: application/javascript

hf8bgngmzb0j48p.xyz/index_files/2.css

216.18.208.202

200 OK

619 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/2.css
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
assembler source, ASCII text
Size
619 B (619 bytes)
Hash
79e8c67e8c81d94ce8181e5420bf3d16
68411c5459cbeeb6e5ae9cbf61c9218c46e824cf
9ff3474b00dcc6d9dac05515a74101c771cdbaf2d44635f1d6868e644bec102e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/2.css HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:40 GMT
ETag: "d49-5df5387f7d900-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 619
Content-Type: text/css

hf8bgngmzb0j48p.xyz/index_files/1.css

216.18.208.202

200 OK

1.9 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/1.css
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
ASCII text
Size
1.9 kB (1905 bytes)
Hash
745bd52b1ee7971e983589bab13079b9
01a8bc697e7157953e244bed7569d8d2b187f445
dd3dfec7e07a9c78b8a25f14848c910a464ebc90a8286a0f59cc00c8dcb2e12b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/1.css HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:38 GMT
ETag: "2d6d-5df5387d95480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1905
Content-Type: text/css

hf8bgngmzb0j48p.xyz/index_files/758241664861733

216.18.208.202

200 OK

74 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/758241664861733
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
ASCII text, with very long lines (64471)
Size
74 kB (73872 bytes)
Hash
6166005248fda3d1265292709cb0cf56
ac7ed7dd5caffd28250c925c69db36a432e1d651
1fb3a07c0f80f017ee370d14bcef06ccfe3f4529241c063e57412ae6e481ab27

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /index_files/758241664861733 HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:41 GMT
ETag: "3f7e7-5df5388071b40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

hf8bgngmzb0j48p.xyz/index_files/index_files_index.css

216.18.208.202

200 OK

4.5 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_index.css
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
ASCII text, with very long lines (1029)
Size
4.5 kB (4474 bytes)
Hash
32e9e8e111fd3fbb8e719b9268a53b55
b3486fbf29509d9aa7787c0114444bea1a944510
867ce3fa9d0327ce272ceb45aa0b58cf86e8c51c4195a44be8735fa905aba603

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_index.css HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:13 GMT
ETag: "656f-5df5389ef6340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4474
Content-Type: text/css

hf8bgngmzb0j48p.xyz/index_files/index_files_template.css

216.18.208.202

200 OK

3.0 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_template.css
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
Unicode text, UTF-8 text
Size
3.0 kB (3003 bytes)
Hash
e3a2d581a7136eb949c69364bbca5e2f
72e5c203a296e718619539a37a2d841c51a613b8
4c50755297927d80317b89a77be356783dac832af213324c38bb674ed686bfd3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_template.css HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:16 GMT
ETag: "3142-5df538a1d2a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3003
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:06:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:06:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf

142.250.74.163

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2010, 2012, 2014 Adobe Systems Incorporated (http://www.adobe.com/), with Reserved Fon\012- data
Size
21 kB (20810 bytes)
Hash
a7e73321579d15352e0bc55cbc907315
97c1515c1302b370c454ca096143140a6f7ccd82
e9b321b181a443b6d9b4f5580bd39e2d190220a983ed9da0cdb1ac484722bb79

HTTP Headers

GET /s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hf8bgngmzb0j48p.xyz
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20810
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 06:32:43 GMT
expires: Sun, 10 Sep 2023 06:32:43 GMT
cache-control: public, max-age=31536000
age: 48801
last-modified: Tue, 23 Jul 2019 03:45:49 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notoserif/v8/ga6Iaw1J5X9T9RW6j9bNfFcWbQ.ttf

142.250.74.163

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/notoserif/v8/ga6Iaw1J5X9T9RW6j9bNfFcWbQ.ttf
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2012 Google Inc. All Rights Reserved.Noto SerifRegularMonotype Imaging - Noto SerifVer\012- data
Size
28 kB (28523 bytes)
Hash
0eaad3ab6b5d28854ce461693d26b2a9
f1b7dc6fa513dc29c2d937f87ec3fdc9eaf9c3e5
09aa7854817672153ca8f045744ba2d7b1e173d8165d8dcf5504a4cc01227c15

HTTP Headers

GET /s/notoserif/v8/ga6Iaw1J5X9T9RW6j9bNfFcWbQ.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hf8bgngmzb0j48p.xyz
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28523
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 13:55:14 GMT
expires: Tue, 05 Sep 2023 13:55:14 GMT
cache-control: public, max-age=31536000
age: 454250
last-modified: Mon, 22 Jul 2019 19:17:22 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:06:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

hf8bgngmzb0j48p.xyz/index_files/index_files_komment7dlaxtgy.jpg

216.18.208.202

200 OK

936 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_komment7dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
936 B (936 bytes)
Hash
03138cfd1ca96ae441ce44f95a0db81f
122607b6b1ddfdb1726d33c82ee6f3443658afd3
2cc91f3f70ec0f3b769164af2f46c98a9efe2c77c58bad4794205507b27c2daa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_komment7dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:14 GMT
ETag: "3a8-5df5389fea580"
Accept-Ranges: bytes
Content-Length: 936
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_24dlaxtgy.jpg

216.18.208.202

200 OK

1.2 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_24dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.2 kB (1197 bytes)
Hash
beb227fc21860b3185938dcf46c72619
bb833c90dff6f3a5c4bb675f41b68279d9c1368b
0ff390314ea851e94abdc43fef667b7dc93354a46d74cccede74a089bfd77455

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_24dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:53 GMT
ETag: "4ad-5df5388be3640"
Accept-Ranges: bytes
Content-Length: 1197
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_27dlaxtgy.jpg

216.18.208.202

200 OK

1.3 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_27dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.3 kB (1259 bytes)
Hash
37facf29d0bb1448fe2931b6d1722433
0184d20a2f59f645bec292d180f4f8c0ce838e68
7edede1b8fa9f6f4a9d16deccfeb0076a830036a21bd3279b9df79619aa2df49

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_27dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:55 GMT
ETag: "4eb-5df5388dcbac0"
Accept-Ranges: bytes
Content-Length: 1259
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_231dlaxtgy.jpg

216.18.208.202

200 OK

3.2 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_231dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 92x92, components 3\012- data
Size
3.2 kB (3185 bytes)
Hash
4e903e9acf52c75fda1f114479d978ac
de7377e402acb203dc92864ef1ecf0fbca355d0c
30b0f909f0b4ec8ee235ce80f6d672cd1c466901ca8395b043c4e7a434ddf8c1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_231dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:53 GMT
ETag: "c71-5df5388be3640"
Accept-Ranges: bytes
Content-Length: 3185
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_25dlaxtgy.jpg

216.18.208.202

200 OK

50 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_25dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 605x401, components 3\012- data
Size
50 kB (49792 bytes)
Hash
fcc6b10e88acf2b04003455f640b804f
76254f34bdf6d5f3e0902cbdd381c1bc7581619d
3d6847f242922d0920e55d01f4c28c0ce34a952ce9c8e168630e378c76a8c020

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_25dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:54 GMT
ETag: "c280-5df5388cd7880"
Accept-Ranges: bytes
Content-Length: 49792
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_ob35dlaxtgy.jpg

216.18.208.202

200 OK

70 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_ob35dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 550x389, components 3\012- data
Size
70 kB (70048 bytes)
Hash
039f8e78e07b35821199dfbd2189829d
378418576d4aecce883712debad50913b1c11fa7
2cbdac669b7aac629947115f2a4ec269213f2e99a141df95151cb9ef97bad90a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_ob35dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:04 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:14 GMT
ETag: "111a0-5df5389fea580"
Accept-Ranges: bytes
Content-Length: 70048
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/burger.png

216.18.208.202

200 OK

157 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/burger.png
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
PNG image data, 24 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
157 B (157 bytes)
Hash
c78fcc055018fb31bde0d748622597e3
d55d6b0b9bef2e30e8d8ec4fa8988c4db1ebe84c
e517c5bb3604c7cd0db467280c7cfd5124f2659ce5341ce30f7a5f4627fd85d9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/burger.png HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:05 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:41 GMT
ETag: "9d-5df5388071b40"
Accept-Ranges: bytes
Content-Length: 157
Content-Type: image/png

hf8bgngmzb0j48p.xyz/index_files/166fba4e2a49856b22a27eef39896c.png

216.18.208.202

200 OK

29 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/166fba4e2a49856b22a27eef39896c.png
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
PNG image data, 200 x 379, 8-bit colormap, non-interlaced\012- data
Size
29 kB (29100 bytes)
Hash
8bb1a05884dec36a3ca56a03302fcdc5
df47a619b0fcc3e79a2ad9cc4d179654ab5628f3
1b718a733702cc74da14c0a156ff9b852f97d89ec3eb5cd8cf690aa26e7bd08b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/166fba4e2a49856b22a27eef39896c.png HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:05 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Wed, 29 Jun 2022 09:30:04 GMT
ETag: "71ac-5e292cc491f00"
Accept-Ranges: bytes
Content-Length: 29100
Content-Type: image/png

hf8bgngmzb0j48p.xyz/index_files/sec.png

216.18.208.202

200 OK

1.4 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/sec.png
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
PNG image data, 165 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1421 bytes)
Hash
5147b4db94bdcfea63224ab0a82ef09b
a25c022cb997804944b03aea9cdaa3afc0bd8498
f5afe87a1cc492278fa3bfc9fad5c89c8539760d82478a97222b2b6ab00d4752

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/sec.png HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:05 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:20 GMT
ETag: "58d-5df538a5a3300"
Accept-Ranges: bytes
Content-Length: 1421
Content-Type: image/png

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14349
Expires: Sun, 11 Sep 2022 00:05:14 GMT
Date: Sat, 10 Sep 2022 20:06:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14349
Expires: Sun, 11 Sep 2022 00:05:14 GMT
Date: Sat, 10 Sep 2022 20:06:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14349
Expires: Sun, 11 Sep 2022 00:05:14 GMT
Date: Sat, 10 Sep 2022 20:06:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10950 bytes)
Hash
15249f3dafdd1690bc87ebb4fa6d518d
f930fcb22325e28592bc39b0b1974f5197c19afd
a0b9e88c78e85a037363e0b0e4e03478718f8715fe69e72bfd159922eca28301

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 435fc2f4-fbcb-4eec-81d8-a23154dcec61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFUwZEfvIAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63186802-2348a4000430702d4e9ea132;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 09:44:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORlM8dFTc_iThvJghFakY86D3ToJ5TCmP8Ip2PcvXCCkSKKHpWQ0Zw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:12:29 GMT
age: 78816
etag: "f930fcb22325e28592bc39b0b1974f5197c19afd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
d21a3e07583d9fad4104b6457f7915e7
fdc9453562f993e2545ca99731a7741e748b6082
8ea38264c82c6b544447079cc92eae70d0968a070ba39022af0e18c498916338

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8266
x-amzn-requestid: 3411ec4b-ac18-4b4e-8876-c99b94d3a4a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNitWEjhIAMFWpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb188-4d9e496e7ff141b46748d850;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: vyV1_onImxuLNGp4UI1W5grcuVW3LHJFJjvmO0VXU-OYorF6RVcoDw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:50:11 GMT
age: 80154
etag: "fdc9453562f993e2545ca99731a7741e748b6082"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8626 bytes)
Hash
2b83fa95ed30533299bc754adaced672
27eda8377e1c00c53fb66b4e2fa4f0dd6c7020af
bc59e5ba6abafd8e7b10d6f8ae2269cbf739a4b28f9cbbf3adfc29a9195e6985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: af5e61ab-4f7b-4b03-8413-5d750b17e0df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLj9TH7vIAMFVMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae6bb-309144fb6e02564c4fcdb966;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:09:47 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3gzR4efCGz9QsLoxAMuTUgBAwEc5WdyHBhw_wRPGmfnS9SWm-0vE7w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 07:27:32 GMT
age: 45513
etag: "27eda8377e1c00c53fb66b4e2fa4f0dd6c7020af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8676 bytes)
Hash
e8f11aeba65478b039cfb4100aa23435
88db17a82ea0207ccb4826c2961875c5106b427a
6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 78742
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4477 bytes)
Hash
71bafbee3867c04c3712ff98a123d52c
ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf
58ff1700e0b125caefb73719e2b3d734b2fbcc5ed1aabe5a11bb73b43edab831

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4477
x-amzn-requestid: bbdca46e-5628-4faf-a0fe-ea1b5b39ac2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzaHrIoAMF-iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb348-567e946e7cf77f2e11c17c97;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a0AyKhmYA7WPwciU2nTXwyChZV_riw1QsqI_giBIcdZhi3Nz4jM0Sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:59:11 GMT
age: 79614
etag: "ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9766 bytes)
Hash
7ade70e6dbcfb3ca1765f95112671e69
3768753be084c0e0fc268be5b192d02d769114b6
9670a3bf2476ba193cfeb3153c1254bdcfc980a28503dda0d9b398a3a59f53f4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: 720a4111-91de-4672-88c8-f40db517c07d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHsjRE13oAMFbCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63195ae1-288f1f5456bf4d146dcf774c;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 03:00:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HwwG0Hjf8uZn1AtbLU_wKs3w9lict3tRP31XQY6tIxDz9KDNaBMAqw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 04:00:05 GMT
age: 57960
etag: "3768753be084c0e0fc268be5b192d02d769114b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hf8bgngmzb0j48p.xyz/index_files/mic1.jpg

216.18.208.202

200 OK

25 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/mic1.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 715x429, components 3\012- data
Size
25 kB (25351 bytes)
Hash
e897766e3698a59bf509a42ccb157f11
60aedcc8facd8c42f47f6b619c9a3a066a6167c5
4c171ec1171a260703bb84e327d6396539e5625b8664ddbc6dfe80d472c843d9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/mic1.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:05 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:18 GMT
ETag: "6307-5df538a3bae80"
Accept-Ranges: bytes
Content-Length: 25351
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_top1dlaxtgy.jpg

216.18.208.202

200 OK

62 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_top1dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1180x680, components 3\012- data
Size
62 kB (61589 bytes)
Hash
a450f33a784347238e3d27ab069aa98e
81f90bc7e26088a4fc5dd4d75c3fc5c210c5476e
25a68f579d2360d3e5b98adf19f8875bc2a030d348869b46c3066cd490729633

HTTP Headers

GET /index_files/index_files_top1dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:05 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:17 GMT
ETag: "f095-5df538a2c6c40"
Accept-Ranges: bytes
Content-Length: 61589
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/doposle2.jpg

216.18.208.202

200 OK

56 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/doposle2.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x410, components 3\012- data
Size
56 kB (56176 bytes)
Hash
d47a625764d0b3b4da8364a6812c2733
935387dc4cc2a40452756f248607af685aacc797
b4a66dca99905c256afd25ac9bf097560ed8c096e29f6d3bb53aa41083252718

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/doposle2.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:05 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:44 GMT
ETag: "db70-5df538834e200"
Accept-Ranges: bytes
Content-Length: 56176
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/doposle3.jpg

216.18.208.202

200 OK

59 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/doposle3.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x410, components 3\012- data
Size
59 kB (59367 bytes)
Hash
a8ff522e8efb119596cfdb75ff4650a0
9e5b2a66caae0e9288c31a8fc87d1e87a34698e1
4347629908714c2ed64b65e24d978894f949cf17e7c07930d29c15f85d3eee65

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/doposle3.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:05 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:45 GMT
ETag: "e7e7-5df5388442440"
Accept-Ranges: bytes
Content-Length: 59367
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_img2dlaxtgy.jpg

216.18.208.202

200 OK

26 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_img2dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 604x292, components 3\012- data
Size
26 kB (26383 bytes)
Hash
515282ceee64c261d886638f47bacc6f
c34804b8dbb0e33f73addb00b55b76155d97546c
01396c39cdb5d9a31f92183b1f194c042aa26fb3412d4285f17cd740294abc5e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_img2dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:05 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:10 GMT
ETag: "670f-5df5389c19c80"
Accept-Ranges: bytes
Content-Length: 26383
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_img1dlaxtgy.jpg

216.18.208.202

200 OK

54 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_img1dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x363, components 3\012- data
Size
54 kB (54508 bytes)
Hash
b033055408c76686de112432f08f97a9
da7fa4ca793c9504abe7689449f07465b5b4a379
4e70fc59f7d0218e502e0c771d75b70d50680fcec1c6b9781d220b6cb8d04540

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_img1dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:05 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:09 GMT
ETag: "d4ec-5df5389b25a40"
Accept-Ranges: bytes
Content-Length: 54508
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/doposle1.jpg

216.18.208.202

200 OK

355 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/doposle1.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1109x628, components 3\012- data
Size
355 kB (354928 bytes)
Hash
81c6ef6852c1c1a2dd8ebb193bd85d60
2435fd56e1e13168674bd852e0628bc898b20fd2
e7904fc358644bc6739074c1343ad34c30220faff0b0bb8e7dcb71f539f80b32

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/doposle1.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:05 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:43 GMT
ETag: "56a70-5df5388259fc0"
Accept-Ranges: bytes
Content-Length: 354928
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/checkmark-green-sm.png

216.18.208.202

200 OK

807 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/checkmark-green-sm.png
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
PNG image data, 18 x 20, 8-bit colormap, non-interlaced\012- data
Size
807 B (807 bytes)
Hash
fa06499b53981a61378024e2468510f7
5e495c3277919737797b34ab1efd0773dec81d9c
6d5edd9ea551eba3a6d17c97a32a8540b1574d942b7b4ad74dcd9d19b25640bc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/checkmark-green-sm.png HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:42 GMT
ETag: "327-5df5388165d80"
Accept-Ranges: bytes
Content-Length: 807
Content-Type: image/png

hf8bgngmzb0j48p.xyz/index_files/100-guarantee-seal-1_2.png

216.18.208.202

200 OK

8.5 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/100-guarantee-seal-1_2.png
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
PNG image data, 150 x 132, 8-bit colormap, non-interlaced\012- data
Size
8.5 kB (8452 bytes)
Hash
9f9c77cc82f95762fafda9064a575410
7198aa48d5d81b1e86bddd616214b6c6078c4d25
53c0c450833d22637a4fd87311fe304f78a1fe4987a996a0d309ca64db53982b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/100-guarantee-seal-1_2.png HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:38 GMT
ETag: "2104-5df5387d95480"
Accept-Ranges: bytes
Content-Length: 8452
Content-Type: image/png

hf8bgngmzb0j48p.xyz/index_files/index_files_img3dlaxtgy.jpg

216.18.208.202

200 OK

55 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_img3dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x513, components 3\012- data
Size
55 kB (55034 bytes)
Hash
7177b4ae3ea56768a68044de1d342789
c7d7b44fd2b81c1ea54e32270d3c28a33a548b7a
9cc60f36184004e40e024e838390691a3b341ee30c1306fb936c0d706fb81bea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_img3dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:11 GMT
ETag: "d6fa-5df5389d0dec0"
Accept-Ranges: bytes
Content-Length: 55034
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_doc-kz2-1dlaxtgy.png

216.18.208.202

200 OK

84 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_doc-kz2-1dlaxtgy.png
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
PNG image data, 559 x 440, 8-bit colormap, non-interlaced\012- data
Size
84 kB (83453 bytes)
Hash
362ac16142e2d9f7a41cdb041a8007a8
9ff744f8453c7a9e715acfcfd400608c31171ea9
6697f7c31be9c3a56989136830f97f529b1cbb9dccff8c6a049c013ab2d409e5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_doc-kz2-1dlaxtgy.png HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:09 GMT
ETag: "145fd-5df5389b25a40"
Accept-Ranges: bytes
Content-Length: 83453
Content-Type: image/png

hf8bgngmzb0j48p.xyz/index_files/index_files_ob372dlaxtgy.jpg

216.18.208.202

200 OK

35 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_ob372dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 550x384, components 3\012- data
Size
35 kB (35234 bytes)
Hash
7a536dd21a42a7e15cfc78ad3af2e286
9b37a6d60583b8c41e05f1210d78d43b64b5b010
b6c4bf49242cff2d502d785eda94a1d0bd8f04ec0ed778d8af46258b33d83380

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_ob372dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:15 GMT
ETag: "89a2-5df538a0de7c0"
Accept-Ranges: bytes
Content-Length: 35234
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_img8dlaxtgy.jpg

216.18.208.202

200 OK

21 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_img8dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 504x244, components 3\012- data
Size
21 kB (21357 bytes)
Hash
33e36454eee3f332d5477c7db1d2927b
3b905e3579cb4e0db0c0528dee42a18a53f6d5fc
0e6f6534b9db5a916b71907ed5ae1bc818678de113b63a778e160444b0cc994e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_img8dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:12 GMT
ETag: "536d-5df5389e02100"
Accept-Ranges: bytes
Content-Length: 21357
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_21dlaxtgy.jpg

216.18.208.202

200 OK

38 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_21dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 487x454, components 3\012- data
Size
38 kB (38230 bytes)
Hash
92ef707df9e8a376e41093fe82c204d8
a983836f352487c4a48e9a199ba7f142c0005cfa
c50943a0931cc14b85bf4535a15062943cb54b87afdc904ee16b590617c7a99d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_21dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:51 GMT
ETag: "9556-5df53889fb1c0"
Accept-Ranges: bytes
Content-Length: 38230
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_img9dlaxtgy.jpg

216.18.208.202

200 OK

67 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_img9dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 606x673, components 3\012- data
Size
67 kB (66911 bytes)
Hash
cfdd8757576795dd94632de1ccf9cac4
43caa8ee249a4b8fca8a0e9da614855d4220d352
bbe0b6f2c850032f9d5b9eaa8a68255614b3f734a2aedf1fcbc3c1c845e35f71

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_img9dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:12 GMT
ETag: "1055f-5df5389e02100"
Accept-Ranges: bytes
Content-Length: 66911
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_1072dlaxtgy.jpg

216.18.208.202

200 OK

36 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_1072dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 528x337, components 3\012- data
Size
36 kB (35994 bytes)
Hash
9a64c8ec85f7d5778e3a4afdb314f018
e706ab0eb6d6f0fd28024ac4464dff62c917aeff
072e261bbadc1a56b4adcb4b07b3e33ea835f44a2048c80cdace224d6d39a10a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_1072dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:47 GMT
ETag: "8c9a-5df538862a8c0"
Accept-Ranges: bytes
Content-Length: 35994
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_107dlaxtgy.jpg

216.18.208.202

200 OK

28 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_107dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 528x500, components 3\012- data
Size
28 kB (27741 bytes)
Hash
d9315cf66b01f0cd4eb8f9717c6640cc
0f56365779cbb85a18d5731bf518b1e0e629514d
d3774c2cec83e30634a2ac8af21556ac903ec9ef0542cb1b21616214cf004e87

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_107dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:48 GMT
ETag: "6c5d-5df538871eb00"
Accept-Ranges: bytes
Content-Length: 27741
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_300dlaxtgy.jpg

216.18.208.202

200 OK

1.2 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_300dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.2 kB (1167 bytes)
Hash
67256a75543fac786fe825d59a7dca96
42502135b82c2f1d4522e3a27f390cd3274ef642
342a5692f9b98c663d547539502b930b7e3039457c83f7c17b2d6fb43a9b5a50

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_300dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:56 GMT
ETag: "48f-5df5388ebfd00"
Accept-Ranges: bytes
Content-Length: 1167
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_201dlaxtgy.jpg

216.18.208.202

200 OK

98 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_201dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x800, components 3\012- data
Size
98 kB (98050 bytes)
Hash
307a01a95d145c316800ff606b6f606a
a024a9552aced7da17e6894a606207e2dc308213
62ca6c29685a67a6c60af08079c11cfa7403965e9b8a4915db35ccf388440be8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_201dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:50 GMT
ETag: "17f02-5df5388906f80"
Accept-Ranges: bytes
Content-Length: 98050
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_223dlaxtgy.jpg

216.18.208.202

200 OK

1.0 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_223dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.0 kB (1028 bytes)
Hash
7d76da1acb4567e0e67f4725a981a742
aa9c0d0fda77b5ba70eebaac993205e571f789ab
558175e49223317cd14ad577e38826b00d11279c5038763ac2a79bc56737df08

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_223dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:52 GMT
ETag: "404-5df5388aef400"
Accept-Ranges: bytes
Content-Length: 1028
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_30dlaxtgy.jpg

216.18.208.202

200 OK

1.2 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_30dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 64x64, components 3\012- data
Size
1.2 kB (1226 bytes)
Hash
abf389642cfcead1ce3316bf132e565d
a3e850480d719a730361fd4e2f4925473c87c9bf
533ef9441312a6814ec112698ca06727186800c31d1121d4be49c2a2b5814a0a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_30dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:02 GMT
ETag: "4ca-5df5389478a80"
Accept-Ranges: bytes
Content-Length: 1226
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_28dlaxtgy.jpg

216.18.208.202

200 OK

1.3 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_28dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.3 kB (1257 bytes)
Hash
3c8a37e5efd52b11c6b6ba85a5121da8
82b39ead1620f5451ddd8853929256fdec7f06b9
86fb984f7cfb84d550eed14eeec143b5403dcaefe400f9fe7e56dd9c30879f2a

HTTP Headers

GET /index_files/index_files_28dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:56 GMT
ETag: "4e9-5df5388ebfd00"
Accept-Ranges: bytes
Content-Length: 1257
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_12_00100dlaxtgy.jpg

216.18.208.202

200 OK

824 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_12_00100dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
824 B (824 bytes)
Hash
709621deb6aa9f9466101dff06e0d71d
aa5b833933355c7d9f7f14b8f6f304168ed4a80e
adf33e166455055dc84ae07649c11ea0b86d6295e522374c159a44280a8b7158

HTTP Headers

GET /index_files/index_files_12_00100dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:49 GMT
ETag: "338-5df5388812d40"
Accept-Ranges: bytes
Content-Length: 824
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_302dlaxtgy.jpg

216.18.208.202

200 OK

1.3 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_302dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.3 kB (1299 bytes)
Hash
73b44fae23734d9060ad9b26acc8bdd3
be17951d07d8e00de592b0919994dc259ee0e42d
37b464085cc9a389507ca74a1305dbd60f7c6997e4e9091ce2cc3e862811bfac

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_302dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:57 GMT
ETag: "513-5df5388fb3f40"
Accept-Ranges: bytes
Content-Length: 1299
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_303dlaxtgy.jpg

216.18.208.202

200 OK

1.3 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_303dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.3 kB (1339 bytes)
Hash
7710fd6cf5f06b3755f6d9c71308e8f2
28dc920aa2488825fcbf5109fafbb62d95b8a444
dc49110b123f274d7c695ad8b7a3282d9cfa547ba857da5ca9ed558e2e0318aa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_303dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:58 GMT
ETag: "53b-5df53890a8180"
Accept-Ranges: bytes
Content-Length: 1339
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_305dlaxtgy.jpg

216.18.208.202

200 OK

1.2 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_305dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.2 kB (1197 bytes)
Hash
8d8835d00e5f5390aa3448a8a1565ff3
3fa70ced7fe1520902f0f9bffff4c0ddc4091df3
60e7a2246ed826c54bc0d7efdb26c6387cfac43a831b9830ef71c5cc552d0fde

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_305dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:59 GMT
ETag: "4ad-5df538919c3c0"
Accept-Ranges: bytes
Content-Length: 1197
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_304dlaxtgy.jpg

216.18.208.202

200 OK

3.2 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_304dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data
Size
3.2 kB (3176 bytes)
Hash
da632bceb0ae3627d97652d931204ded
dbb9ba7a39173fa9c0ffe67c3f379a88a16f9453
8bcdb6c350735f612b025dcdccdbda28716b1434b4ba18b2e14e46b0008213ab

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_304dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:59 GMT
ETag: "c68-5df538919c3c0"
Accept-Ranges: bytes
Content-Length: 3176
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_307dlaxtgy.jpg

216.18.208.202

200 OK

1.2 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_307dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.2 kB (1233 bytes)
Hash
6acb0e3dc829918057a7b5aef7a35f80
47c1f46c24ae99828a528a7b8e84470dbd70d76a
339a5512ad50a68684483b84fe8967b0e82440a94ba27ca5255ad103f5a6d0e7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_307dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:01 GMT
ETag: "4d1-5df5389384840"
Accept-Ranges: bytes
Content-Length: 1233
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_308dlaxtgy.jpg

216.18.208.202

200 OK

1.8 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_308dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x74, components 3\012- data
Size
1.8 kB (1792 bytes)
Hash
a481291e97fc53984b991a8318ded102
d789fb28f4e1c33c4220e73e654a845e83c562c0
fa7e6cb3baee417a00f7724b9e5a23faa983fc9a54382b788a4ff567eab1001c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_308dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:01 GMT
ETag: "700-5df5389384840"
Accept-Ranges: bytes
Content-Length: 1792
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_2233dlaxtgy.png

216.18.208.202

200 OK

378 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_2233dlaxtgy.png
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
378 kB (377679 bytes)
Hash
75abeb2fe036d2e3f01de2db96724ea9
f77e5aa9a360a6637fec47e395b0bc576bf5e0a2
565b10bd5bc1f149968452a4adfaf7580d638480167ba1e5419d65826d0b45ac

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_2233dlaxtgy.png HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:06 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:51 GMT
ETag: "5c34f-5df53889fb1c0"
Accept-Ranges: bytes
Content-Length: 377679
Content-Type: image/png

hf8bgngmzb0j48p.xyz/index_files/index_files_314dlaxtgy.jpg

216.18.208.202

200 OK

1.3 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_314dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.3 kB (1304 bytes)
Hash
bea4046c71ef24e7a203095c9adaa757
69bf0ea1dac8a93554adfd19b3b18c51a0f0a4fe
8b596fc99e59b2f9cf13daa769f2adf0798399e6920b1f18d6514594dd3e1461

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_314dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:04 GMT
ETag: "518-5df5389660f00"
Accept-Ranges: bytes
Content-Length: 1304
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_310dlaxtgy.jpg

216.18.208.202

200 OK

1.3 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_310dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.3 kB (1301 bytes)
Hash
025c1109b1a2c4dc35a6bf7bf39d43b7
2950f2ea334e7216115885803443e7a5ac42c64b
3b061ff88eb1e295db0f9499349a2a1e0931434312da3c6869478ea9d1a08d1e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_310dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:03 GMT
ETag: "515-5df538956ccc0"
Accept-Ranges: bytes
Content-Length: 1301
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_312dlaxtgy.jpg

216.18.208.202

200 OK

808 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_312dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 40x40, components 3\012- data
Size
808 B (808 bytes)
Hash
c08948a01fd0d91ed5769e47844aa182
5cfb031a7e85eb6f982613ce9c2d1526c99b0613
6dbb6869e789036dba448f7f2bdf822569a6d81219f7caed1dfe9b95fff690f8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_312dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:04 GMT
ETag: "328-5df5389660f00"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_315dlaxtgy.jpg

216.18.208.202

200 OK

972 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_315dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
972 B (972 bytes)
Hash
e6e175a197ffdec91aa8460a619f0aad
f8bbb759bd82fd83ddbc4042584830ed6ecc0121
9ec06755c75aac7ac552243bc061b1d8620f5b37e6bf45f49bd8fa3683b440dd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_315dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:05 GMT
ETag: "3cc-5df5389755140"
Accept-Ranges: bytes
Content-Length: 972
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_av6dlaxtgy.jpg

216.18.208.202

200 OK

765 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_av6dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
765 B (765 bytes)
Hash
89176654c5d7754a7e938b68a7fe692f
248cc0b2a571181ee9026a51fc5f9f792ff18a0b
d7ff79b20152c857f092775170fb6e501e04e8c65d1a0fdd84f5286c1d813a23

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_av6dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:07 GMT
ETag: "2fd-5df538993d5c0"
Accept-Ranges: bytes
Content-Length: 765
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_av50dlaxtgy.jpg

216.18.208.202

200 OK

806 B

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_av50dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
806 B (806 bytes)
Hash
5d2aa0f5118c044f8b8c103ff8d9e352
cb67156dc18e78b92b91b552a63168deaea0b133
45cdf96fc131618962ace7e5c317f42131b6b91207a7d92264df4150c8924c9f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_av50dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:06 GMT
ETag: "326-5df5389849380"
Accept-Ranges: bytes
Content-Length: 806
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_av7dlaxtgy.jpg

216.18.208.202

200 OK

1.1 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_av7dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.1 kB (1136 bytes)
Hash
2d1f8a98f8cd27871132b433f46b7497
8f95cc59ddbd9c47d22b53e70fa64b13801d2dd6
bea43af77b75111aa3df68fb90c480df4a03a032efa07c2201abe8a1b62b0926

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_av7dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:07 GMT
ETag: "470-5df538993d5c0"
Accept-Ranges: bytes
Content-Length: 1136
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_1111dlaxtgy.jpg

216.18.208.202

200 OK

1.3 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_1111dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.3 kB (1324 bytes)
Hash
d8529ef630886071364f997a13c988c2
18740d55c977142880d98c8b1363b0fbe2d7b7b1
2eea2f146912f980335b9b7fef782194cf03eded62d4164f322bbb867f496479

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_1111dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:45:48 GMT
ETag: "52c-5df538871eb00"
Accept-Ranges: bytes
Content-Length: 1324
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_av8dlaxtgy.jpg

216.18.208.202

200 OK

2.0 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_av8dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3\012- data
Size
2.0 kB (1990 bytes)
Hash
11f92745584114757e86d6dd13341fb2
416df61a4a39918b22f2449fec32b47fab68a054
58497a2344fd779116d28d0bb59681744214cfd0b98f51861a059cf55895eab9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_av8dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:08 GMT
ETag: "7c6-5df5389a31800"
Accept-Ranges: bytes
Content-Length: 1990
Content-Type: image/jpeg

hf8bgngmzb0j48p.xyz/index_files/index_files_306dlaxtgy.jpg

216.18.208.202

200 OK

1.4 kB

URL HTTP/1.1
hf8bgngmzb0j48p.xyz/index_files/index_files_306dlaxtgy.jpg
IP
216.18.208.202:0
ASN
#18450 WEBNX

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 64x64, components 3\012- data
Size
1.4 kB (1362 bytes)
Hash
a7f22cf56668556b330dfe6f2a69cc7c
eda8e2bc7ea46776aed0e38eedfe21a57221bb86
34e2d7f8421286b6fad52bef2aeaee036231d73e971da8d47c2594e6edfcb521

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/index_files_306dlaxtgy.jpg HTTP/1.1
Host: hf8bgngmzb0j48p.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/?type=really

HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:06:07 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 19 May 2022 01:46:00 GMT
ETag: "552-5df5389290600"
Accept-Ranges: bytes
Content-Length: 1362
Content-Type: image/jpeg

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4a8b934802b39ce62326f039ac83cd96
dbfe44bfbec869b99291881ce7c2539d34d7ca9c
c1d5a7058b585d2207c7162b7d0ed62443426b9b2e1262391ad3118884bda651

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2916
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:06:07 GMT
Last-Modified: Sat, 10 Sep 2022 19:17:31 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

157.240.200.14

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26737 bytes)
Hash
8e7e24fb3539746aa8b869558f589615
d8086d86bbd5cfacc3b6a5ef14aa917830e137dd
7304497ee417a664bdea67d7307ca36a36013556b927c3ea5bca6c04b66236ef

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: private
cache-control: private
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-ua-compatible: IE=edge
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: akg1u9R/crgC8njBrzjKYKxwr3IZE/lBCu7gtm4tj56/C8QRAfDKG3kp6V2aCAx0OCPTVGX8a2FYHZWfaX9IbA==
content-length: 26737
x-fb-trip-id: 1679558926
date: Sat, 10 Sep 2022 20:06:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4a8b934802b39ce62326f039ac83cd96
dbfe44bfbec869b99291881ce7c2539d34d7ca9c
c1d5a7058b585d2207c7162b7d0ed62443426b9b2e1262391ad3118884bda651

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2916
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:06:07 GMT
Last-Modified: Sat, 10 Sep 2022 19:17:31 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

www.facebook.com/tr/?id=758241664861733&ev=PageView&dl=http%3A%2F%2Fhf8bgngmzb0j48p.xyz%2F%3Ftype%3Dreally&rl=http%3A%2F%2Fhf8bgngmzb0j48p.xyz%2F&if=false&ts=1662840358283&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662840358281.633446435&it=1662840357919&coo=false&rqm=GET

157.240.200.35

200 OK

86 kB

URL HTTP/2
www.facebook.com/tr/?id=758241664861733&ev=PageView&dl=http%3A%2F%2Fhf8bgngmzb0j48p.xyz%2F%3Ftype%3Dreally&rl=http%3A%2F%2Fhf8bgngmzb0j48p.xyz%2F&if=false&ts=1662840358283&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662840358281.633446435&it=1662840357919&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type
gzip compressed data, from Unix\012- data
Size
86 kB (85995 bytes)
Hash
10498e4e062a5db41d0de0dc558d123e
c595d7a784f35c6c19b00cfe72c48af4cb64d01a
8b12c3d2fe67b1c37a3f34bca59396c228b446a48fa0a1399b1bad6e4e05169a

HTTP Headers

GET /tr/?id=758241664861733&ev=PageView&dl=http%3A%2F%2Fhf8bgngmzb0j48p.xyz%2F%3Ftype%3Dreally&rl=http%3A%2F%2Fhf8bgngmzb0j48p.xyz%2F&if=false&ts=1662840358283&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662840358281.633446435&it=1662840357919&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hf8bgngmzb0j48p.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
date: Sat, 10 Sep 2022 20:06:08 GMT
expires: Sat, 10 Sep 2022 20:06:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: 
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations