| | 18.165.140.25 | 200 OK | 1.3 kB |
URL User Request GET HTTP/2IP18.165.140.25:443
CertificateIssuerAmazon Subjectti43qczx6nt4.xyz FingerprintE4:2C:24:05:BD:CC:41:3F:D3:B3:05:4A:89:C2:39:D9:ED:DD:7F:62 ValidityTue, 12 Mar 2024 00:00:00 GMT - Fri, 11 Apr 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (935) Hashd5a0f8990c0d44523ea88385e0591e47 ae86881a5d7ff818b5594f6847a278876537f5bb 80be6bb5f2ee57c5ed0fac2b9b6bc66705ed5fabd5cdc335458072060e32913c
GET / HTTP/1.1
Host: cgt1l15y63yi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1318
server: nginx/1.22.0
last-modified: Wed, 17 Apr 2024 07:42:07 GMT
accept-ranges: bytes
date: Tue, 23 Apr 2024 18:44:05 GMT
etag: "661f7d4f-526"
x-cache: Hit from cloudfront
via: 1.1 824bc0c205a304b84f228f6dd849cbba.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: wpYBd9Hje1-NyrRBMYmcXfndRT-8LOisKJ2Xu6OjQn4G-BktKxLyvg==
age: 42895
X-Firefox-Spdy: h2
|
|
| cgt1l15y63yi.xyz/static/20240417154011/js/iframe.js | 18.165.140.25 | 200 OK | 26 kB |
URL GET HTTP/2cgt1l15y63yi.xyz/static/20240417154011/js/iframe.js IP18.165.140.25:443
Requested byhttps://cgt1l15y63yi.xyz/ CertificateIssuerAmazon Subjectti43qczx6nt4.xyz FingerprintE4:2C:24:05:BD:CC:41:3F:D3:B3:05:4A:89:C2:39:D9:ED:DD:7F:62 ValidityTue, 12 Mar 2024 00:00:00 GMT - Fri, 11 Apr 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (25557), with no line terminators Hash3b616982eb33fbf075256bc2f2ca026c b90e098deaccb5e97de66a4e9913717f627424ce 6e1bc2c738356212d70db80f0716e0e92f14b5c8336907c93142b6ea1b6450f6
GET /static/20240417154011/js/iframe.js HTTP/1.1
Host: cgt1l15y63yi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cgt1l15y63yi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 25593
server: nginx/1.22.0
last-modified: Wed, 17 Apr 2024 07:42:07 GMT
accept-ranges: bytes
date: Tue, 23 Apr 2024 16:16:04 GMT
etag: "661f7d4f-63f9"
x-cache: Hit from cloudfront
via: 1.1 824bc0c205a304b84f228f6dd849cbba.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: kTE_W-ajLqInHsQbHFud79tZ6MvOyPyCrR3VHvvCMlWLdbRFvXJIjw==
age: 8881
X-Firefox-Spdy: h2
|
|
| cgt1l15y63yi.xyz/static/20240417154011/css/iframe.css | 18.165.140.25 | 200 OK | 218 B |
URL GET HTTP/2cgt1l15y63yi.xyz/static/20240417154011/css/iframe.css IP18.165.140.25:443
Requested byhttps://cgt1l15y63yi.xyz/ CertificateIssuerAmazon Subjectti43qczx6nt4.xyz FingerprintE4:2C:24:05:BD:CC:41:3F:D3:B3:05:4A:89:C2:39:D9:ED:DD:7F:62 ValidityTue, 12 Mar 2024 00:00:00 GMT - Fri, 11 Apr 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash27a6461b24a4346ecc0c2a30e1a1b6b7 7d6035356a367f58b0eea9ac5241de003cd9b7bb d879d2b39e94be47a92f6f14497900cc4166c25b1975d78b9d60f81af8aaad3a
GET /static/20240417154011/css/iframe.css HTTP/1.1
Host: cgt1l15y63yi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cgt1l15y63yi.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 218
server: nginx/1.22.0
last-modified: Wed, 17 Apr 2024 07:42:07 GMT
accept-ranges: bytes
date: Tue, 23 Apr 2024 18:44:05 GMT
etag: "661f7d4f-da"
x-cache: RefreshHit from cloudfront
via: 1.1 824bc0c205a304b84f228f6dd849cbba.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: m01yAAi3EDrRzy73BhV8VIYRLr_3PJJBRL5Uij_G0PL26k65KOh2Xg==
X-Firefox-Spdy: h2
|
|
| cgt1l15y63yi.xyz/static/20240417154011/js/chunk-vendors.js | 18.165.140.25 | 200 OK | 930 kB |
URL GET HTTP/2cgt1l15y63yi.xyz/static/20240417154011/js/chunk-vendors.js IP18.165.140.25:443
Requested byhttps://cgt1l15y63yi.xyz/ CertificateIssuerAmazon Subjectti43qczx6nt4.xyz FingerprintE4:2C:24:05:BD:CC:41:3F:D3:B3:05:4A:89:C2:39:D9:ED:DD:7F:62 ValidityTue, 12 Mar 2024 00:00:00 GMT - Fri, 11 Apr 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65360), with no line terminators Size930 kB (930035 bytes) Hash5c0f7dd7b1c97dd00e5a54ad1833ae47 c9550f1aca003905bb0a0cb45c85fcba178d3f34 d1ce646edeaf16827f02df79e503b48935929d1c9625dd820f99f961e23f6241
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /static/20240417154011/js/chunk-vendors.js HTTP/1.1
Host: cgt1l15y63yi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cgt1l15y63yi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 930035
server: nginx/1.22.0
last-modified: Wed, 17 Apr 2024 07:42:07 GMT
accept-ranges: bytes
date: Tue, 23 Apr 2024 18:44:05 GMT
etag: "661f7d4f-e30f3"
x-cache: RefreshHit from cloudfront
via: 1.1 824bc0c205a304b84f228f6dd849cbba.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: 5AW-SZyBSMX6ZqdisUy_EZAzY2WgXy7qqUjJ2nSBPXWQBdGPVeSDLg==
X-Firefox-Spdy: h2
|
|
| cgt1l15y63yi.xyz/static/cdn/js/jsjiami.js | 18.165.140.25 | 200 OK | 9.7 kB |
URL GET HTTP/2cgt1l15y63yi.xyz/static/cdn/js/jsjiami.js IP18.165.140.25:443
Requested byhttps://cgt1l15y63yi.xyz/ CertificateIssuerAmazon Subjectti43qczx6nt4.xyz FingerprintE4:2C:24:05:BD:CC:41:3F:D3:B3:05:4A:89:C2:39:D9:ED:DD:7F:62 ValidityTue, 12 Mar 2024 00:00:00 GMT - Fri, 11 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (9736), with CRLF line terminators Hasha5d5ec9a3a04d9699af465b9f4dbd050 9073c5f868284ecdef2bc49d424a50473263f314 0149036c01f4cfee3a50f62969319f2f78b33176543d633a0e56f8ca96735bd8
GET /static/cdn/js/jsjiami.js HTTP/1.1
Host: cgt1l15y63yi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cgt1l15y63yi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9739
server: nginx/1.22.0
last-modified: Wed, 17 Apr 2024 07:42:07 GMT
accept-ranges: bytes
date: Tue, 23 Apr 2024 18:44:05 GMT
etag: "661f7d4f-260b"
x-cache: RefreshHit from cloudfront
via: 1.1 824bc0c205a304b84f228f6dd849cbba.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: 7bcoQZV9p_kgqHy7Oy1ES3nAMHEKB0geQTkTwHxuiN8hdpwln2rSIg==
X-Firefox-Spdy: h2
|
|
| cgt1l15y63yi.xyz/static/20240417154011/css/chunk-vendors.css | 18.165.140.25 | 200 OK | 187 kB |
URL GET HTTP/2cgt1l15y63yi.xyz/static/20240417154011/css/chunk-vendors.css IP18.165.140.25:443
Requested byhttps://cgt1l15y63yi.xyz/ CertificateIssuerAmazon Subjectti43qczx6nt4.xyz FingerprintE4:2C:24:05:BD:CC:41:3F:D3:B3:05:4A:89:C2:39:D9:ED:DD:7F:62 ValidityTue, 12 Mar 2024 00:00:00 GMT - Fri, 11 Apr 2025 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size187 kB (186956 bytes) Hashddc43391b198c6de21ea9e7fc5f0352e 29ddd37a000206a3828f28f3cdedd6404a366daf d791a8aea8829f4e81caef657a18008255ec09e3d54758293f2ca790b26fe90c
GET /static/20240417154011/css/chunk-vendors.css HTTP/1.1
Host: cgt1l15y63yi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cgt1l15y63yi.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 186956
server: nginx/1.22.0
date: Tue, 23 Apr 2024 18:44:05 GMT
last-modified: Wed, 17 Apr 2024 07:42:07 GMT
etag: "661f7d4f-2da4c"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 824bc0c205a304b84f228f6dd849cbba.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: 94SUKLr3_LLsck3WBW6EJ-iBHpsnvoRwXts3CUT-VhUOuugYaNAjWw==
X-Firefox-Spdy: h2
|
|
| cgt1l15y63yi.xyz/favicon.ico | 18.165.140.25 | 200 OK | 3.8 kB |
URL GET HTTP/2cgt1l15y63yi.xyz/favicon.ico IP18.165.140.25:443
Requested byhttps://cgt1l15y63yi.xyz/ CertificateIssuerAmazon Subjectti43qczx6nt4.xyz FingerprintE4:2C:24:05:BD:CC:41:3F:D3:B3:05:4A:89:C2:39:D9:ED:DD:7F:62 ValidityTue, 12 Mar 2024 00:00:00 GMT - Fri, 11 Apr 2025 23:59:59 GMT
File typePNG image data, 90 x 90, 8-bit colormap, non-interlaced Hash47b453539b8944ecdc587a8db88022e0 7867d74e921338dfc1aff0bfa2e6a9ed2b357d34 5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989
GET /favicon.ico HTTP/1.1
Host: cgt1l15y63yi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cgt1l15y63yi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 3760
server: nginx/1.22.0
date: Tue, 23 Apr 2024 06:49:11 GMT
last-modified: Wed, 17 Apr 2024 07:42:07 GMT
etag: "661f7d4f-eb0"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 824bc0c205a304b84f228f6dd849cbba.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: ExLI-Q0RNMz4S_-GbdhY_1SH3dSagF-hLraP6am3Ydb665jltdKbhg==
age: 42896
X-Firefox-Spdy: h2
|
|