Report - bablebao.xyz/

Report Overview

Visited public
2025-05-17 20:39:24
Tags
URL
bablebao.xyz/
Finishing URL
babstractbook.xyz/
IP / ASN
104.21.7.211
#13335 CLOUDFLARENET
Title
_B影院，全球最大影库，永久免费！

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bablebao.xyz	unknown	2024-07-18	2025-05-17	2025-05-17	481 B	52 kB	188.114.96.1
babstractbook.xyz	unknown	2025-04-02	2025-05-17	2025-05-17	2.2 kB	99 kB	104.21.82.11
cc999img.dqsldz.com	unknown	2024-07-01	2025-01-26	2025-05-09	931 B	422 kB	180.163.146.91
tup.okkyg.com	unknown	2025-05-15	2025-05-15	2025-05-15	440 B	492 kB	104.21.21.126
555eee555eee.com	unknown	unknown	No data	No data	464 B	355 kB	104.160.179.195
tpdhuahwduahdinwq.com	unknown	2024-10-28	2024-12-01	2025-05-11	7.6 kB	1.0 MB	23.225.57.203

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	tpdhuahwduahdinwq.com	Sinkholed
2025-05-17	medium	555eee555eee.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	babstractbook.xyz/	ScriptElement	6.7 kB	2025-05-17	2025-05-17
Pretty URL babstractbook.xyz/ IP 104.21.82.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-17 20:39 Last Seen2025-05-17 20:39 Times Seen1 Hash 4913c70ac3826a802e979b18e20b237f 4bd47725044923b559e3998f597d8523d18d3674 eaea0db367ee4f65ac83605527a66f13d704802d5a66010ee4ed62f1dce4401a Loading...

	babstractbook.xyz/	ScriptElement	2.3 kB	2023-04-06	2025-06-17
Pretty URL babstractbook.xyz/ IP 104.21.82.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-06 20:45 Last Seen2025-06-17 02:52 Times Seen86 Hash f36d2491b93e76bf3e689633f41d7133 6e60bfab08d07ce325aa1587f5744147a4c79901 42e48bca26f86b34b3713197ffd9da0907e2ac573cfe617399df40e30076ed1b Loading...

	babstractbook.xyz/static/ad/main.js	ScriptElement	11 kB	2025-05-17	2025-05-17
Pretty URL babstractbook.xyz/static/ad/main.js IP 104.21.82.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-17 20:39 Last Seen2025-05-17 20:39 Times Seen1 Hash 98699310f643cb386056953bd136c959 b2667b541673204e8345bc9cb46e808379a351a1 963696e7111547fa52648f32ec9807f3c8e9535601ac70cef3c8cbe82d188925 Loading...

	babstractbook.xyz/	ScriptElement	360 B	2023-03-08	2025-06-17
Pretty URL babstractbook.xyz/ IP 104.21.82.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:17 Last Seen2025-06-17 02:52 Times Seen129 Hash 0f9d2aa2af5bd1041ddcadb893369f22 beaf5fdc1c6239e9f79c869c49393dfd71c6dddb bd32c236ef1399d2bda786eb8f314136f6d1e5d8a24c61ec08af2c7baa5dd16b Loading...

HTTP Transactions (26)

URL IP Response Size

tpdhuahwduahdinwq.com:1443/p2/083841fa1ab549fd797c530cb571b66d.jpg

23.225.57.203

200 OK

59 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/083841fa1ab549fd797c530cb571b66d.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:04:08 19:06:34], baseline, precision 8, 380x235, components 3
Size
59 kB (59432 bytes)
Hash
eaf496caea0062e9ba9d91f4e1792731
dae4dde2d969da79a9cfee52b5314be55767c3d5
26c8baabd8d5241552cec34e88bb88410aa0e6a136a9a9c0fd7196422229c775

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/083841fa1ab549fd797c530cb571b66d.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:32 GMT
content-type: image/jpeg
content-length: 59432
last-modified: Thu, 01 May 2025 13:26:48 GMT
etag: "68137698-e828"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/71322c49e07d8b2729df7b4ad4868ade.jpg

23.225.57.203

200 OK

45 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/71322c49e07d8b2729df7b4ad4868ade.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:03:18 16:44:35], baseline, precision 8, 380x235, components 3
Size
45 kB (45130 bytes)
Hash
5dedbd817545b554209b6f4d913e4df7
0a35b540a6dca513e5427b77a4eb78ed3fddf189
acb6d68b8d304c666d97f267e5c564f34b74a76743672f9eba5a9ccad14a24f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/71322c49e07d8b2729df7b4ad4868ade.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:32 GMT
content-type: image/jpeg
content-length: 45130
last-modified: Tue, 08 Apr 2025 12:05:38 GMT
etag: "67f51112-b04a"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/8130edc05060e694ebaabfc96a86ca2c.jpg

23.225.57.203

200 OK

55 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/8130edc05060e694ebaabfc96a86ca2c.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:04:18 09:55:50], baseline, precision 8, 380x235, components 3
Size
55 kB (55203 bytes)
Hash
a320fa77c4cad4eab304f2ca2d91de12
5fc4d1a2097808a3f3cb8f5f554897ddc86cc8af
b1de89e192abc262ab83189f921835defe79c0411c42bd05e9c9f2051feb4731

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/8130edc05060e694ebaabfc96a86ca2c.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:33 GMT
content-type: image/jpeg
content-length: 55203
last-modified: Thu, 01 May 2025 13:21:31 GMT
etag: "6813755b-d7a3"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

bablebao.xyz/

188.114.96.1

302 Found

51 kB

URL User Request GET
bablebao.xyz/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectbablebao.xyz
FingerprintE5:F4:92:F5:59:11:8C:89:3D:F2:1E:C1:4C:0A:BE:71:14:E8:D0:A7
ValiditySat, 10 May 2025 10:13:49 GMT - Fri, 08 Aug 2025 11:12:17 GMT

File type

Size
51 kB (51111 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: bablebao.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 17 May 2025 20:39:01 GMT
content-type: text/html
location: https://babstractbook.xyz/
server: cloudflare
x-content-type-options: nosniff
cf-ray: 9415ebf878140b4d-OSL
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxcxGGcgibAJjqjyq9g4l7eBLL3IUJNHxpODZdZCH2dXr37h2syfnSwyKVac0xW4cV%2BXyi29jQAWx9KOvPhQg3j1OJNVMzdJH8cvjj069rfJXaAD6gyHuUQvvVc%2BP10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6382&min_rtt=473&rtt_var=11818&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3276&recv_bytes=1248&delivery_rate=6950400&cwnd=254&unsent_bytes=0&cid=5439f3f02d2e25ee&ts=705&x=0"
X-Firefox-Spdy: h2

babstractbook.xyz/static/ad/main.js

104.21.82.11

200 OK

11 kB

URL GET
babstractbook.xyz/static/ad/main.js
IP
104.21.82.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://babstractbook.xyz/
Certificate
IssuerGoogle Trust Services
Subjectbabstractbook.xyz
Fingerprint16:2D:8F:93:58:9C:C9:DC:BA:27:1A:65:B8:EA:35:EC:B9:E5:68:2F
ValidityWed, 02 Apr 2025 13:28:19 GMT - Tue, 01 Jul 2025 14:25:31 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
11 kB (10606 bytes)
Hash
98699310f643cb386056953bd136c959
b2667b541673204e8345bc9cb46e808379a351a1
963696e7111547fa52648f32ec9807f3c8e9535601ac70cef3c8cbe82d188925

HTTP Headers

GET /static/ad/main.js HTTP/1.1
Host: babstractbook.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 17 May 2025 20:39:02 GMT
content-type: application/javascript
server: cloudflare
x-content-type-options: nosniff
cf-ray: 9415ec030f9056be-OSL
last-modified: Sat, 17 May 2025 06:48:26 GMT
vary: Accept-Encoding
etag: "6828313a-296e"
content-encoding: gzip
age: 6138
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDEWzex14EA%2FReu6y9EI6LGdMA%2BKB%2BOvfcwHo9suB48nDaNOVwN65RaDJH3CRB%2BpFc%2BtodC09JjwO7NvMQduyOzqgyaJXlrKS6RVpppZ%2FjgL%2BF9DY8lmD8GRi9cQwIVF4Hc95A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2430&min_rtt=405&rtt_var=3657&sent=27&recv=18&lost=0&retrans=0&sent_bytes=19750&recv_bytes=1467&delivery_rate=7227953&cwnd=256&unsent_bytes=0&cid=83272ff9181951e6&ts=940&x=0"
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/f4a8a7ce384b18b7c58f0eb78b9d25ec.jpg

23.225.57.203

200 OK

65 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/f4a8a7ce384b18b7c58f0eb78b9d25ec.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:03:18 16:46:36], baseline, precision 8, 380x235, components 3
Size
65 kB (64835 bytes)
Hash
b68dce3b16114bac0d52008339e9f142
c8c7fb09766dfad986af8da5ea583f8dcd7f9434
6dabcf3c44130f68387f6524b1a64bf34d840781d76d976c176ec65ff88dc829

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/f4a8a7ce384b18b7c58f0eb78b9d25ec.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:33 GMT
content-type: image/jpeg
content-length: 64835
last-modified: Tue, 08 Apr 2025 12:04:04 GMT
etag: "67f510b4-fd43"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/50bf8804d2f21be51022f6f25fcd88db.jpg

23.225.57.203

200 OK

91 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/50bf8804d2f21be51022f6f25fcd88db.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:04:17 19:33:26], baseline, precision 8, 380x235, components 3
Size
91 kB (90728 bytes)
Hash
634fe2e8e17d66049650bf9c93c89144
38c19f442f8b26bdd2a6a92a251027ec366c0196
5ee35986a3e32c89a5517eb47317164ce44328d96baa4c5fd8b1d4ef4a9b6657

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/50bf8804d2f21be51022f6f25fcd88db.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:33 GMT
content-type: image/jpeg
content-length: 90728
last-modified: Mon, 21 Apr 2025 12:26:47 GMT
etag: "68063987-16268"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/0fed0ca78a551751b98890f3599b794a.jpg

23.225.57.203

200 OK

47 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/0fed0ca78a551751b98890f3599b794a.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:03:19 10:54:57], baseline, precision 8, 380x235, components 3
Size
47 kB (47064 bytes)
Hash
170d307ccba3771cf34e217893651032
44ac98ebe726cb63113d0628eba960660cdb2ef5
7d3e5a5aaf930f28c60d1fd8a735d5158b2595b876498d250abc140b58a38e7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/0fed0ca78a551751b98890f3599b794a.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:32 GMT
content-type: image/jpeg
content-length: 47064
last-modified: Mon, 14 Apr 2025 08:13:56 GMT
etag: "67fcc3c4-b7d8"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

babstractbook.xyz/static/images/a1.jpg

104.21.82.11

200 OK

19 kB

URL GET
babstractbook.xyz/static/images/a1.jpg
IP
104.21.82.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://babstractbook.xyz/
Certificate
IssuerGoogle Trust Services
Subjectbabstractbook.xyz
Fingerprint16:2D:8F:93:58:9C:C9:DC:BA:27:1A:65:B8:EA:35:EC:B9:E5:68:2F
ValidityWed, 02 Apr 2025 13:28:19 GMT - Tue, 01 Jul 2025 14:25:31 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:02:02 17:57:51], baseline, precision 8, 230x150, components 3
Size
19 kB (19306 bytes)
Hash
79e1930b0a116a5b3cddd033311eac29
65b2d3bd555fa505e11d300cfb0533e90702a3ca
575e67cebf7ea4c16c9d2d167ac27ea1d0390f1d56e3f7351dd2df835ca7b829

HTTP Headers

GET /static/images/a1.jpg HTTP/1.1
Host: babstractbook.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 17 May 2025 20:39:02 GMT
content-type: image/jpeg
content-length: 19306
server: cloudflare
x-content-type-options: nosniff
cf-ray: 9415ec030f8c56be-OSL
last-modified: Wed, 18 Oct 2023 16:25:46 GMT
etag: "6530070a-4b6a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6139
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppSFwrs9xZTgyRn9oiT5hcDDXafiyKidQfjTWy5TIq9%2FHZgcwMn09u7WvASvdMSJgT6C6AP8e1a%2FjAASrChA5ZQfSJa5Q3RnCc74vnJUs7BDkDxcb5hNG0rX2yyeIhTnGlwxZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1800&min_rtt=405&rtt_var=2494&sent=30&recv=21&lost=0&retrans=0&sent_bytes=22891&recv_bytes=1467&delivery_rate=14003868&cwnd=256&unsent_bytes=0&cid=83272ff9181951e6&ts=941&x=0"
X-Firefox-Spdy: h2

cc999img.dqsldz.com/i//2025/02/17/960x150-20240525.gif

180.163.146.91

200 OK

258 kB

URL GET
cc999img.dqsldz.com/i//2025/02/17/960x150-20240525.gif
IP
180.163.146.91:443
ASN
#4812 China Telecom Group

Requested by
https://babstractbook.xyz/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectcc999img.dqsldz.com
FingerprintCA:F5:F3:1D:0E:B1:9E:33:B4:C2:D7:29:44:79:45:BC:C5:30:B3:04
ValidityThu, 20 Mar 2025 00:00:00 GMT - Tue, 17 Jun 2025 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 150
Size
258 kB (258016 bytes)
Hash
840ee9d575dd206830833959b70638b6
eecb492541ee071693dd75779f1e5ec3d8c86e9c
e67c472e9492ce9111a4f87f50330306f56771074fdbd859006d37be8797a8c8

HTTP Headers

GET /i//2025/02/17/960x150-20240525.gif HTTP/1.1
Host: cc999img.dqsldz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 258016
strict-transport-security: max-age=5184000
date: Sat, 19 Apr 2025 13:25:12 GMT
expires: Mon, 19 May 2025 13:25:12 GMT
cache-control: max-age=2592000
last-modified: Mon, 17 Feb 2025 09:17:06 GMT
vary: Accept-Encoding
etag: "67b2fe92-3efe0"
accept-ranges: bytes
via: cache11.l2cn2647[0,0,200-0,H], cache64.l2cn2647[2,0], kunlun10.cn7174[0,0,200-0,H], kunlun10.cn7174[1,0]
age: 2445232
ali-swift-global-savetime: 1745069112
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 14 May 2025 09:31:38 GMT
x-swift-cachetime: 446014
timing-allow-origin: *
eagleid: b4a3921e17475143444398054e
X-Firefox-Spdy: h2

babstractbook.xyz/favicon.ico

104.21.82.11

200 OK

1.2 kB

URL GET
babstractbook.xyz/favicon.ico
IP
104.21.82.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://babstractbook.xyz/
Certificate
IssuerGoogle Trust Services
Subjectbabstractbook.xyz
Fingerprint16:2D:8F:93:58:9C:C9:DC:BA:27:1A:65:B8:EA:35:EC:B9:E5:68:2F
ValidityWed, 02 Apr 2025 13:28:19 GMT - Tue, 01 Jul 2025 14:25:31 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
6638bdb8987cdeed7b65d6685005f90c
cbcb6420214b24f884d36c690045bd3a86ffcd0c
fd637dce9da3d9af759b960be67658e92b2b7573a3b339867f5584f39d67b44d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: babstractbook.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 17 May 2025 20:39:05 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Wed, 18 Oct 2023 16:41:40 GMT
etag: W/"65300ac4-47e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-encoding: br
cf-ray: 9415ec118e76b512-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=478xZKTaU1h0bTxvlrSo84YTE%2By7PAyHf12PJ%2FNxYpMwCAar7V9V3CmdoJbFPxD1YOdixjPly7ZrMzo612UIh1bL36rQd%2BFGm4iwnn7V3nezs5nHP5cT%2Fn%2FyWTW4O0zY5D1u2g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2824&min_rtt=819&rtt_var=1637&sent=160&recv=275&lost=0&retrans=0&sent_bytes=11867&recv_bytes=15084&delivery_rate=2214&cwnd=12000&unsent_bytes=0&cid=7f42d4faa00f0a85&ts=3167&x=16"

tpdhuahwduahdinwq.com:1443/p2/893afeccfc95b296b96534739e1b9b76.jpg

23.225.57.203

200 OK

56 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/893afeccfc95b296b96534739e1b9b76.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:04:17 19:10:24], baseline, precision 8, 380x235, components 3
Size
56 kB (56294 bytes)
Hash
b9bacc2908220462f51e29bcb6d75796
0e48e72ca91cfcff72e33cf0451d60eb16cfc173
2fe3f4c1c897b336b0a226fcadafe7b827e6980138e6860a73c312b55efcf9a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/893afeccfc95b296b96534739e1b9b76.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:33 GMT
content-type: image/jpeg
content-length: 56294
last-modified: Mon, 21 Apr 2025 12:27:22 GMT
etag: "680639aa-dbe6"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/094379666d0f7d364182b12a498b6db1.jpg

23.225.57.203

200 OK

58 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/094379666d0f7d364182b12a498b6db1.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:04:08 19:07:31], baseline, precision 8, 380x235, components 3
Size
58 kB (57619 bytes)
Hash
2650721f5ffeeba2588df062c67ef297
ce397d918b29018c504b665418bb2e1d4243e9cb
b2a20d09120b95d8ba0103464f0b9b795300ae8f5fba518a0d85b904da815989

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/094379666d0f7d364182b12a498b6db1.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:32 GMT
content-type: image/jpeg
content-length: 57619
last-modified: Thu, 01 May 2025 13:26:58 GMT
etag: "681376a2-e113"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/98d3fa576c48ff5fba6b8140f952b44f.jpg

23.225.57.203

200 OK

53 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/98d3fa576c48ff5fba6b8140f952b44f.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:01:15 15:37:53], baseline, precision 8, 380x235, components 3
Size
53 kB (52664 bytes)
Hash
9cc51e563fbc26f6b108a3e32f804ec6
23e566c0be96e5956ed38539c9947cec9aa80537
2676e54b416c882767edb3c9242aaac07f938d650da1fce8048df4e7e72ecb49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/98d3fa576c48ff5fba6b8140f952b44f.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:33 GMT
content-type: image/jpeg
content-length: 52664
last-modified: Fri, 28 Mar 2025 12:23:01 GMT
etag: "67e694a5-cdb8"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/4ebcbca7cc6a4b577da65be4152afaed.jpg

23.225.57.203

200 OK

102 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/4ebcbca7cc6a4b577da65be4152afaed.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2024:07:04 16:02:11], progressive, precision 8, 380x235, components 3
Size
102 kB (101572 bytes)
Hash
7ecb367b30369ec58126cded7b1351e1
7a260f0f34a4ec13eeef58a77b3d64d66c601cf7
8f5be6e36d925178933843741249c3780a7f2b30252a4b321cff04fe6d74e28e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/4ebcbca7cc6a4b577da65be4152afaed.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:33 GMT
content-type: image/jpeg
content-length: 101572
last-modified: Thu, 18 Jul 2024 07:49:10 GMT
etag: "6698c8f6-18cc4"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

cc999img.dqsldz.com/i/2025/02/17/960x150-20240525-1.gif

180.163.146.91

200 OK

163 kB

URL GET
cc999img.dqsldz.com/i/2025/02/17/960x150-20240525-1.gif
IP
180.163.146.91:443
ASN
#4812 China Telecom Group

Requested by
https://babstractbook.xyz/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectcc999img.dqsldz.com
FingerprintCA:F5:F3:1D:0E:B1:9E:33:B4:C2:D7:29:44:79:45:BC:C5:30:B3:04
ValidityThu, 20 Mar 2025 00:00:00 GMT - Tue, 17 Jun 2025 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 150
Size
163 kB (162811 bytes)
Hash
7ba2eb2430d44478c2034050ee4eadd1
99d949c6f8153cdd6cba050051e3feb58a45853b
940f007036093566696467793f9e91bb5197d2f842a5e98034a50c31a0500842

HTTP Headers

GET /i/2025/02/17/960x150-20240525-1.gif HTTP/1.1
Host: cc999img.dqsldz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 162811
strict-transport-security: max-age=5184000
date: Sat, 17 May 2025 04:23:42 GMT
expires: Mon, 16 Jun 2025 04:23:42 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: ens-cache63.l2cn7147[0,0,304-0,H], ens-cache46.l2cn7147[1,0], kunlun10.cn7174[0,0,200-0,H], kunlun10.cn7174[1,0]
last-modified: Mon, 17 Feb 2025 09:16:02 GMT
vary: Accept-Encoding
etag: "67b2fe52-27bfb"
age: 58521
ali-swift-global-savetime: 1747455823
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sat, 17 May 2025 04:23:45 GMT
x-swift-cachetime: 2591998
timing-allow-origin: *
eagleid: b4a3921e17475143444598074e
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/9500afd52beae3f6f2598f32003e6d08.jpg

23.225.57.203

200 OK

62 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/9500afd52beae3f6f2598f32003e6d08.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:04:17 19:32:39], baseline, precision 8, 380x235, components 3
Size
62 kB (62233 bytes)
Hash
3bb51a9aa8a093e598f70ffa7955e4ca
0d1169251549caab82bda1a8f93dcff0c2ae706f
7b8a37f44fed733a757235eb2816a9fb68fb8ff2419e3c45e615e807481c76a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/9500afd52beae3f6f2598f32003e6d08.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:33 GMT
content-type: image/jpeg
content-length: 62233
last-modified: Mon, 21 Apr 2025 12:27:11 GMT
etag: "6806399f-f319"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/3f42927a2341f2e4efe8efde42cd4e9f.jpg

23.225.57.203

200 OK

58 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/3f42927a2341f2e4efe8efde42cd4e9f.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:04:17 19:26:06], baseline, precision 8, 380x235, components 3
Size
58 kB (57989 bytes)
Hash
7aeca32bc1843294d4e00661d799c5bf
1b7422618e720e1d5cdbd0ac39dc89257306cd65
ba9e106a284127ad5f114b1fb02064dd1df81ac82252274a7d107ac1d352684a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/3f42927a2341f2e4efe8efde42cd4e9f.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:33 GMT
content-type: image/jpeg
content-length: 57989
last-modified: Mon, 21 Apr 2025 12:27:26 GMT
etag: "680639ae-e285"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/9c3bf7fa2301f0178da474303377f4a6.jpg

23.225.57.203

200 OK

66 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/9c3bf7fa2301f0178da474303377f4a6.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:04:08 19:07:01], baseline, precision 8, 380x235, components 3
Size
66 kB (65931 bytes)
Hash
91d3e52b581063e8fff77d1d72accc29
741623db16f697fd5084cf7150b4f455a5994344
a603e213dc9e1d037abc577fe224f74e14dc420b40c862473323b9fe4a5b43e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/9c3bf7fa2301f0178da474303377f4a6.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:32 GMT
content-type: image/jpeg
content-length: 65931
last-modified: Thu, 01 May 2025 13:26:53 GMT
etag: "6813769d-1018b"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/bd19b1a4d13e53c47750bfeb4ee0792d.jpg

23.225.57.203

200 OK

42 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/bd19b1a4d13e53c47750bfeb4ee0792d.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:03:19 10:59:54], baseline, precision 8, 380x235, components 3
Size
42 kB (42400 bytes)
Hash
b813d0e6bc460a54d979b55ad471da98
165c4d256e88e064e8f78c07411178039e5904db
1b4d16fa19238c6b346b721f20617331740c896a14c0019a1aa564925e416079

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/bd19b1a4d13e53c47750bfeb4ee0792d.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:32 GMT
content-type: image/jpeg
content-length: 42400
last-modified: Mon, 14 Apr 2025 08:10:18 GMT
etag: "67fcc2ea-a5a0"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tup.okkyg.com/gif/960-150.gif

104.21.21.126

200 OK

492 kB

URL GET
tup.okkyg.com/gif/960-150.gif
IP
104.21.21.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://babstractbook.xyz/
Certificate
IssuerGoogle Trust Services
Subjectokkyg.com
FingerprintB2:76:8C:33:9F:6E:01:AC:AA:F0:34:10:3A:48:12:25:BE:E5:4C:67
ValidityThu, 15 May 2025 15:52:17 GMT - Wed, 13 Aug 2025 16:49:44 GMT

File type
GIF image data, version 89a, 960 x 150
Size
492 kB (491516 bytes)
Hash
fd51253995a5d27451598fdc2b56c5bf
9fad459cf06d9dca865f8fa76229ffdb3ff9910c
ab6aec9b6e3d627594b791a27590fc20b92e7b3f409f0c3885b4d88368b9647f

HTTP Headers

GET /gif/960-150.gif HTTP/1.1
Host: tup.okkyg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 17 May 2025 20:39:03 GMT
content-type: image/gif
content-length: 491516
server: cloudflare
last-modified: Fri, 18 Apr 2025 11:52:00 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "68023ce0-77ffc"
expires: Sun, 15 Jun 2025 18:45:06 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 93236
cf-cache-status: HIT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lZF1KkkRku8GKrro%2FXSmA1qINeuGbQgBf7u05vatBrtJ8gWr54E%2FG9GGpP0pIGXDB00asZxDYV3d%2FQ1NkF2PLZ7Dp4R2XKLkadW7"}]}
cf-ray: 9415ec04493cb505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

babstractbook.xyz/

104.21.82.11

200 OK

51 kB

URL User Request GET
babstractbook.xyz/
IP
104.21.82.11:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectbabstractbook.xyz
Fingerprint16:2D:8F:93:58:9C:C9:DC:BA:27:1A:65:B8:EA:35:EC:B9:E5:68:2F
ValidityWed, 02 Apr 2025 13:28:19 GMT - Tue, 01 Jul 2025 14:25:31 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3110), with CRLF, LF line terminators
Size
51 kB (51111 bytes)
Hash
7216e42669ff0dab25e6f1d1872cbedc
93c18c4b0bfdbb67b7f85c4fae94811087eef5e9
631ae1c51a21286cb8c584766b2b361f748a2512c4503e403b3dd289e328def9

HTTP Headers

GET / HTTP/1.1
Host: babstractbook.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 17 May 2025 20:39:02 GMT
content-type: text/html
cf-ray: 9415ebfd6dfe56be-OSL
server: cloudflare
content-encoding: br
last-modified: Sat, 17 May 2025 06:48:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OTluvjuEF99lLqDY%2B0%2Fz4bXU9RT7Hy8w6so%2FMlwYvUWlJRpeyh5rCt1tH1CDACEqnBfA7yMZtT%2BdD%2FxcTBcvtgzV6lSwpshE81RoSYkO4CYiRahJMUg9VeLKe0JjsyiGrY9UPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=531&min_rtt=405&rtt_var=128&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3219&recv_bytes=1127&delivery_rate=7227953&cwnd=254&unsent_bytes=0&cid=83272ff9181951e6&ts=569&x=0"
X-Firefox-Spdy: h2

babstractbook.xyz/static/style1/style.css

104.21.82.11

200 OK

12 kB

URL GET
babstractbook.xyz/static/style1/style.css
IP
104.21.82.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://babstractbook.xyz/
Certificate
IssuerGoogle Trust Services
Subjectbabstractbook.xyz
Fingerprint16:2D:8F:93:58:9C:C9:DC:BA:27:1A:65:B8:EA:35:EC:B9:E5:68:2F
ValidityWed, 02 Apr 2025 13:28:19 GMT - Tue, 01 Jul 2025 14:25:31 GMT

File type
ASCII text, with CRLF line terminators
Size
12 kB (11592 bytes)
Hash
d786f75c8ff965727a060ea7465e78a8
e0acdfdff8ea65ca142adf883cf6687296f89cc5
ba9cf03b4998566bcf48eccea15b9fc7af92708c8d3e5fdd7d7e4df4c699d2d7

HTTP Headers

GET /static/style1/style.css HTTP/1.1
Host: babstractbook.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 17 May 2025 20:39:02 GMT
content-type: text/css
server: cloudflare
x-content-type-options: nosniff
cf-ray: 9415ec030f8756be-OSL
last-modified: Fri, 20 Sep 2024 07:45:57 GMT
vary: Accept-Encoding
etag: "66ed2835-2d48"
content-encoding: gzip
age: 6138
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WaODQiRxJ8asnK8xuQj3ZjS3tfG%2FWZVK7Bv2K3OraonRkU3Xo7VO%2BjKtj%2FWMr1S7ItnDuRUnhHNxpnWW%2B1QXq8AYm6%2BVPviyVNj7l2iZIRuVI65ukdfSvlmIQtpK5sfFzpsZnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2430&min_rtt=405&rtt_var=3657&sent=22&recv=18&lost=0&retrans=0&sent_bytes=15788&recv_bytes=1467&delivery_rate=7227953&cwnd=256&unsent_bytes=0&cid=83272ff9181951e6&ts=939&x=0"
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/c44469eac6cdda2fd44eab026233a703.jpg

23.225.57.203

200 OK

110 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/c44469eac6cdda2fd44eab026233a703.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:04:17 16:54:26], baseline, precision 8, 380x235, components 3
Size
110 kB (109477 bytes)
Hash
8b490bdcfe63b3b1e08c7c39b4cf5214
1a8fa3845ebde0bab6e6529c5b6906eecb2694c9
9802931c0b88a48ab1ac26f4450667d1766d8790e968cb7b4b3a8a83ac040b00

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/c44469eac6cdda2fd44eab026233a703.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:32 GMT
content-type: image/jpeg
content-length: 109477
last-modified: Mon, 21 Apr 2025 12:19:24 GMT
etag: "680637cc-1aba5"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

tpdhuahwduahdinwq.com:1443/p2/f76aef572e902f488cbe5a0e539c36fb.jpg

23.225.57.203

200 OK

52 kB

URL GET
tpdhuahwduahdinwq.com:1443/p2/f76aef572e902f488cbe5a0e539c36fb.jpg
IP
23.225.57.203:1443
ASN
#40065 CNSERVERS

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subjecttpdhuahwduahdinwq.com
Fingerprint5A:1F:C5:49:10:46:02:3D:81:D2:29:5B:4E:5E:07:8B:AA:B1:4E:1B
ValidityFri, 07 Mar 2025 02:54:35 GMT - Thu, 05 Jun 2025 02:54:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2025:04:08 19:06:11], baseline, precision 8, 380x235, components 3
Size
52 kB (52326 bytes)
Hash
de13e7f511b2571e6030a4c21856d710
0f7e3e5d3120868fd43fca337d4525274af481c7
5274482dca81375cdd332d25c17c05e81e9de8cf7a1a911c10ef721a0122d511

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p2/f76aef572e902f488cbe5a0e539c36fb.jpg HTTP/1.1
Host: tpdhuahwduahdinwq.com:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 18 May 2025 05:16:32 GMT
content-type: image/jpeg
content-length: 52326
last-modified: Thu, 01 May 2025 13:26:41 GMT
etag: "68137691-cc66"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

555eee555eee.com/f5aefe832b80462ead364f2439d8ec2a.gif

104.160.179.195

200 OK

355 kB

URL GET
555eee555eee.com/f5aefe832b80462ead364f2439d8ec2a.gif
IP
104.160.179.195:443
ASN
#46844 SHARKTECH

Requested by
https://babstractbook.xyz/
Certificate
IssuerLet's Encrypt
Subject555eee555eee.com
FingerprintF5:8A:FA:A7:3D:AD:D1:A6:35:C9:B5:D7:AC:88:40:C6:ED:A6:85:35
ValidityWed, 14 May 2025 06:14:12 GMT - Tue, 12 Aug 2025 06:14:11 GMT

File type
GIF image data, version 89a, 960 x 160
Size
355 kB (354706 bytes)
Hash
730e8806826b825dbceada16ea0387be
435b7eeeaf68dc1f89c34986cf66b13e440c0fde
f53bda3568b11846a0e0c3a1dd4c03a3b4f3746fd92b7219411680d8394ea703

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f5aefe832b80462ead364f2439d8ec2a.gif HTTP/1.1
Host: 555eee555eee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babstractbook.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 17 May 2025 20:39:03 GMT
content-type: image/gif
content-length: 354706
last-modified: Mon, 17 Feb 2025 10:36:03 GMT
etag: "67b31113-56992"
psc-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (26)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET