| cdn.discordapp.com/attachments/1232354173992042499/1232354189905231892/dfb23.mp4?ex=662926c6&is=6627d546&hm=e85c5087e9f114ac4a64adf377496bd346149fd5a115bf2ae69818e5a8335138& | 162.159.129.233 | | 36 B |
URL cdn.discordapp.com/attachments/1232354173992042499/1232354189905231892/dfb23.mp4?ex=662926c6&is=6627d546&hm=e85c5087e9f114ac4a64adf377496bd346149fd5a115bf2ae69818e5a8335138& IP162.159.129.233:0
File typeASCII text, with no line terminators Hasha1ca4bebcd03fafbe2b06a46a694e29a ffc88125007c23ff6711147a12f9bba9c3d197ed c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65
GET /attachments/1232354173992042499/1232354189905231892/dfb23.mp4?ex=662926c6&is=6627d546&hm=e85c5087e9f114ac4a64adf377496bd346149fd5a115bf2ae69818e5a8335138& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://hoyx38mo.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 27 Apr 2024 00:01:38 GMT
content-type: text/plain;charset=UTF-8
content-length: 36
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cMgwEqTONfcOkGVEgYIhYdF%2BZ8OoL00hayBPi5ZHQN%2BJy4qiWhwwcSno8aNGs35UCpHsBNzUeOP2JbRSZh9iP2WcAd7YG4DSLM%2B%2FGPpH3KgHtIDkuO5FtiMpd8juarDl33jCIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=4YWZJvaRDJ5fUo76qo0QcQrYab8O50PaGgKMr1CEMlI-1714176098-1.0.1.1-2uU6I4sLdkXSRVjQ7Jp9Z96YeDSjS9OoC10pPG492xIdiLreZ6TtRkNX1m6ucg8DWyODwr3FKQX5sV72Lmd6iw; path=/; expires=Sat, 27-Apr-24 00:31:38 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=qChHH.exmr6d79nT6S0T3nW8aA8H_qyJUcAZzqpKzZQ-1714176098001-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87aa8a046fbfb4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hoyx38mo.cc/css/chunk-vendors.c57533e1.css | 104.21.30.211 | 200 OK | 44 kB |
URL GET HTTP/3hoyx38mo.cc/css/chunk-vendors.c57533e1.css IP104.21.30.211:443
CertificateIssuerGoogle Trust Services LLC Subjecthoyx38mo.cc FingerprintA9:20:97:28:E8:3C:C0:C9:33:53:B2:B0:FC:E2:D5:F0:C4:DD:BF:EA ValidityWed, 17 Apr 2024 06:54:04 GMT - Tue, 16 Jul 2024 06:54:03 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashebfffebc1f62c3be51082e6595a0a005 e278fbd6fd48150b3f366b50ed388983d934978c f5ce9e73e1f7cea326eedd4f39d9b2d703ba4ccb31a6078cdc1fb16481298a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/chunk-vendors.c57533e1.css HTTP/1.1
Host: hoyx38mo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hoyx38mo.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:01:37 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 26 Apr 2024 15:57:06 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OcLRDvUaXuzV3WhvdiprgwPzw3gIj5VfCKgI82BBz2gQ%2BArH6ueRU29qkhJIXr2CE%2BJjmy2audHp4KuC0WIMwjRERfZbwsLuXQTOkObDgCT%2BcGpirQRRC7OO%2BAbTOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa8a00acb20b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hoyx38mo.cc/img/icons/apple-touch-icon-152x152.png | 104.21.30.211 | 200 OK | 4.0 kB |
URL GET HTTP/3hoyx38mo.cc/img/icons/apple-touch-icon-152x152.png IP104.21.30.211:443
CertificateIssuerGoogle Trust Services LLC Subjecthoyx38mo.cc FingerprintA9:20:97:28:E8:3C:C0:C9:33:53:B2:B0:FC:E2:D5:F0:C4:DD:BF:EA ValidityWed, 17 Apr 2024 06:54:04 GMT - Tue, 16 Jul 2024 06:54:03 GMT
File typePNG image data, 152 x 152, 8-bit/color RGB, non-interlaced Hash1a034e64d80905128113e5272a5ab95e 92328e60f63d690f33cd4961b9934a539dc29b82 4d9685d610c4411caadd8d36ce94d3303cf5b05c8e04d67fc232c16a4469a135
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: hoyx38mo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hoyx38mo.cc/
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:01:38 GMT
content-type: image/png
content-length: 4046
last-modified: Fri, 26 Apr 2024 15:57:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r9zLWWi76B0CfLvRCOiC7lCNoar9ZaSmrcONi0HaTs%2BhgCgrcYs15GswdPsXN%2FJBnSdvyppvSfEGRFA3GqzA1hOvLQxtjRu6O%2FMNYBhBYK5RF20Aats%2FhzhYMwxAbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa8a05de3b0b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| b.yzcdn.cn/vant/icon-demo-1126.png | 154.85.69.54 | 200 OK | 8.9 kB |
URL GET HTTP/2b.yzcdn.cn/vant/icon-demo-1126.png IP154.85.69.54:443 ASN#139057 LEGEND DYNASTY PTE. LTD.
CertificateIssuersslTrus Subject*.yzcdn.cn Fingerprint6A:A8:BA:7C:D4:B4:86:0B:74:EB:E6:19:C8:69:2E:8B:13:6C:1E:1B ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hashf87c46f346a5548224ccbe0b6bd75df5 8e8b8bd4ba3e6b6c8557d94a726061fdd62492fd b6304eb9b754d38d3ad74d0acce42c156536840351368ed3e4895a6b50cd9370
GET /vant/icon-demo-1126.png HTTP/1.1
Host: b.yzcdn.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hoyx38mo.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 Apr 2024 00:01:38 GMT
content-type: image/png
content-length: 8886
server: openresty
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
access-control-max-age: 2592000
cache-control: public, max-age=2592000
content-disposition: inline; filename="icon-demo-1126.png"; filename*=utf-8''icon-demo-1126.png
content-md5: +HxG80alVIIkzL4La9dd9Q==
content-transfer-encoding: binary
etag: "Fo6Li9S6PmtshVfZSnJgYf3WJJL9"
last-modified: Mon, 26 Nov 2018 11:08:05 GMT
x-reqid: YyIAAAASg9geDiAX
x-svr: IO
x-qiniu-zone: 0
x-log: X-Log
x-ser: BC5_dx-lt-yd-zhejiang-huzhou-3-cache-7, BC165_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, BC46_DE-Frankfurt-Frankfurt-11-cache-4
x-cache: HIT from BC46_DE-Frankfurt-Frankfurt-11-cache-4(baishan)
X-Firefox-Spdy: h2
|
|
| hoyx38mo.cc/img/icons/favicon.svg | 104.21.30.211 | 200 OK | 12 kB |
URL GET HTTP/3hoyx38mo.cc/img/icons/favicon.svg IP104.21.30.211:443
CertificateIssuerGoogle Trust Services LLC Subjecthoyx38mo.cc FingerprintA9:20:97:28:E8:3C:C0:C9:33:53:B2:B0:FC:E2:D5:F0:C4:DD:BF:EA ValidityWed, 17 Apr 2024 06:54:04 GMT - Tue, 16 Jul 2024 06:54:03 GMT
File typeHTML document, ASCII text, with very long lines (2701), with no line terminators Hash7d22070f0ff829d29b0ca07fec977a15 b13f2574199d24c515ceb4f1521ec8240f477719 5110201ad35438dc1ec189583a3afdfd68c727794df4fa50aad3612385d1d831
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icons/favicon.svg HTTP/1.1
Host: hoyx38mo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hoyx38mo.cc/
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:01:38 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 26 Apr 2024 18:51:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSEf5HtXo9uYpSqak6NlgTba5Swx5%2FmvTbzLLTOwIKnLf2h93GO9s3wtWFoIKdJfXKG4b1km7hbSTCXvL4DpvRBiifK3aQq5OQGWjTGVigl1XUsZE9xWMBo9jXF5xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa8a05de3c0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.30.211 | 200 OK | 2.7 kB |
URL User Request GET HTTP/2IP104.21.30.211:443
CertificateIssuerGoogle Trust Services LLC Subjecthoyx38mo.cc FingerprintA9:20:97:28:E8:3C:C0:C9:33:53:B2:B0:FC:E2:D5:F0:C4:DD:BF:EA ValidityWed, 17 Apr 2024 06:54:04 GMT - Tue, 16 Jul 2024 06:54:03 GMT
File typeHTML document, ASCII text, with very long lines (2867), with no line terminators Hashc11f8c59ba27a49dd24be7044d05c075 aa16f81517ea5e6392f7507f0ddb19d7f42d8e74 669554d42a8276bf1d1aa3be2a01c87ba283bbcbb8cede4ec92ec6763e02c074
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: hoyx38mo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 Apr 2024 00:01:37 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 26 Apr 2024 15:57:07 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rzs2JtLafJijQN7zgBrKUbeenqCbJjNbycVQxKAi8fbjg0zR9Ihn6EjswxtEPNvD%2F%2B1TJDO%2FWTONFxgnXqG43kpBHw9carNJDZmOZ1Qd4UERD1DDJMzlSEvKeGZpSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa89fddb2b56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hoyx38mo.cc/js/chunk-vendors.ea790e22.js | 104.21.30.211 | 200 OK | 949 kB |
URL GET HTTP/3hoyx38mo.cc/js/chunk-vendors.ea790e22.js IP104.21.30.211:443
CertificateIssuerGoogle Trust Services LLC Subjecthoyx38mo.cc FingerprintA9:20:97:28:E8:3C:C0:C9:33:53:B2:B0:FC:E2:D5:F0:C4:DD:BF:EA ValidityWed, 17 Apr 2024 06:54:04 GMT - Tue, 16 Jul 2024 06:54:03 GMT
Size949 kB (949174 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/chunk-vendors.ea790e22.js HTTP/1.1
Host: hoyx38mo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hoyx38mo.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:01:37 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 26 Apr 2024 15:57:14 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jTYpVYpVQ0gb7YvqVrk91m4QuUXMa32Ekr8AO%2FxVXcpF3L55PlE1PnqsBMWGBDRi4SMjpAxFKrxvEePxDz%2FS18aRNuZUM324NlPqWfysV0Yx4%2B6oAwsXu7Qd7jVHvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa8a00acb00b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hoyx38mo.cc/css/app.2172c103.css | 104.21.30.211 | 200 OK | 16 kB |
URL GET HTTP/3hoyx38mo.cc/css/app.2172c103.css IP104.21.30.211:443
CertificateIssuerGoogle Trust Services LLC Subjecthoyx38mo.cc FingerprintA9:20:97:28:E8:3C:C0:C9:33:53:B2:B0:FC:E2:D5:F0:C4:DD:BF:EA ValidityWed, 17 Apr 2024 06:54:04 GMT - Tue, 16 Jul 2024 06:54:03 GMT
File typeASCII text, with very long lines (15613), with no line terminators Hasheb7fa3149b7a8b78a934c5c2e47469ee c54356de134f686a004bdc59434dff924145da02 98941054d0768f586959829bbe98b8143b61b01f85dc08ac483be8dbf12a2bab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/app.2172c103.css HTTP/1.1
Host: hoyx38mo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hoyx38mo.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:01:37 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 26 Apr 2024 15:57:06 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8oisOespJs2js5OdssX%2BfThdluPTuZx5L3J1EJFaHCAHCkjXbhVt5F%2FE2z3m8aTfpY1IRRD74pJVXUqXE%2FqRDskD%2F1OfvL%2Bmt%2BzA8Edft4BmEgaOGeBMfqY3zYdDxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa8a00acb40b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.discordapp.com/attachments/1232354173992042499/1232354189905231892/dfb23.mp4?ex=662926c6&is=6627d546&hm=e85c5087e9f114ac4a64adf377496bd346149fd5a115bf2ae69818e5a8335138& | 162.159.129.233 | 404 Not Found | 0 B |
URL GET HTTP/2cdn.discordapp.com/attachments/1232354173992042499/1232354189905231892/dfb23.mp4?ex=662926c6&is=6627d546&hm=e85c5087e9f114ac4a64adf377496bd346149fd5a115bf2ae69818e5a8335138& IP162.159.129.233:443
CertificateIssuerCloudflare, Inc. Subjectdiscordapp.com Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39 ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /attachments/1232354173992042499/1232354189905231892/dfb23.mp4?ex=662926c6&is=6627d546&hm=e85c5087e9f114ac4a64adf377496bd346149fd5a115bf2ae69818e5a8335138& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://hoyx38mo.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 27 Apr 2024 00:01:38 GMT
content-type: text/plain;charset=UTF-8
content-length: 36
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cMgwEqTONfcOkGVEgYIhYdF%2BZ8OoL00hayBPi5ZHQN%2BJy4qiWhwwcSno8aNGs35UCpHsBNzUeOP2JbRSZh9iP2WcAd7YG4DSLM%2B%2FGPpH3KgHtIDkuO5FtiMpd8juarDl33jCIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=4YWZJvaRDJ5fUo76qo0QcQrYab8O50PaGgKMr1CEMlI-1714176098-1.0.1.1-2uU6I4sLdkXSRVjQ7Jp9Z96YeDSjS9OoC10pPG492xIdiLreZ6TtRkNX1m6ucg8DWyODwr3FKQX5sV72Lmd6iw; path=/; expires=Sat, 27-Apr-24 00:31:38 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=qChHH.exmr6d79nT6S0T3nW8aA8H_qyJUcAZzqpKzZQ-1714176098001-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87aa8a046fbfb4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hoyx38mo.cc/js/app.6c52e89b.js | 104.21.30.211 | 200 OK | 178 kB |
URL GET HTTP/3hoyx38mo.cc/js/app.6c52e89b.js IP104.21.30.211:443
CertificateIssuerGoogle Trust Services LLC Subjecthoyx38mo.cc FingerprintA9:20:97:28:E8:3C:C0:C9:33:53:B2:B0:FC:E2:D5:F0:C4:DD:BF:EA ValidityWed, 17 Apr 2024 06:54:04 GMT - Tue, 16 Jul 2024 06:54:03 GMT
Size178 kB (177713 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/app.6c52e89b.js HTTP/1.1
Host: hoyx38mo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hoyx38mo.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:01:37 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 26 Apr 2024 15:57:11 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g9vOdnyODcviNW6J5DrCbWit8R2R3iGX2mwltFpSNsiIe4eY5bz0s16VEpe0XJINEYX2kp6LAAgi9PN0gP1rVxTyii6jSGegHKfFN7PbAJ8pGS%2BzAvnmNMi8j1lScA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa8a00acb10b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hoyx38mo.cc/getlog | 104.21.30.211 | 200 OK | 12 kB |
IP104.21.30.211:443
CertificateIssuerGoogle Trust Services LLC Subjecthoyx38mo.cc FingerprintA9:20:97:28:E8:3C:C0:C9:33:53:B2:B0:FC:E2:D5:F0:C4:DD:BF:EA ValidityWed, 17 Apr 2024 06:54:04 GMT - Tue, 16 Jul 2024 06:54:03 GMT
Hashcf865dd2382cf8678f2ffb29822c06c9 bb172b0a8c696679c6095409f3c689c955ac9499 31c540a67d938575deb3f79d1c5603ebebb4a497b24638ae6639c2b0564827b5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /getlog HTTP/1.1
Host: hoyx38mo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hoyx38mo.cc/enter/register
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:01:38 GMT
content-type: application/json; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=st2WD%2Fxnjpai6tPO8RAbHk%2FX%2FzL5x3T4ahLuaQL8nhR7GAHpBz1xgJHpvUG1AQqcjjWvLT85zJ3%2BNc6fysmtDiwwv%2FN1yrd2GntXktx9E6uNJvi7i1vdsMHIVpEzyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa8a040db00b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hoxy62me.cc/socket.io/?EIO=3&transport=websocket | 104.21.93.213 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1hoxy62me.cc/socket.io/?EIO=3&transport=websocket IP104.21.93.213:443
CertificateIssuerGoogle Trust Services LLC Subjecthoxy62me.cc Fingerprint3C:B3:F4:50:0D:CD:9E:94:BD:85:8A:9B:12:3F:B9:C3:3F:EB:36:77 ValidityFri, 26 Apr 2024 10:08:31 GMT - Thu, 25 Jul 2024 10:08:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: hoxy62me.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://hoyx38mo.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rUS/E1vUqw/KJW9OsjeLAA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 27 Apr 2024 00:01:38 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ucw5txa0/ftKfgL9nPiONfgCSdI=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5Y%2Beinp2o2HXcCtRcUVIWBFRrEJSnocXCDaYfZrtxo1e5Yf871b5WqrKVs6hTX66wxZbYi4VpQarjJIE4HhIX1EhuCsxiO8nQxtIZCTjwq2uQ%2BXO9ccxnssodNx%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa8a044a285696-OSL
alt-svc: h3=":443"; ma=86400
|
|