Report - m.xzjmtzs.com/

Report Overview

Visited public
2025-01-20 11:41:17
Tags
URL
m.xzjmtzs.com/
Finishing URL
m.xzjmtzs.com/
IP / ASN
172.67.208.82
#13335 CLOUDFLARENET
Title
tp官方网站下载app·(TPWallet)官网下载-2024TP钱包安卓手机下载\tp官方网站下载app|你的通用数字钱包

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

160

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
m.xzjmtzs.com	unknown	2024-06-20	2025-01-20	2025-01-20	40 kB	6.2 MB	172.67.208.82
oudngmslhifnsf.gdmgcyy.com	unknown	2020-05-10	2024-02-01	2025-01-19	404 B	1.1 kB	156.224.2.38

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed
2025-01-20	medium	xzjmtzs.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	From	Size	First Seen	Last Seen
	m.xzjmtzs.com/static/js/jquery-1.12.4.min.js	ScriptElement	97 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/jquery-1.12.4.min.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-14 13:27 Times Seen31554 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	m.xzjmtzs.com/static/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/bootstrap.min.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-14 13:56 Times Seen101932 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	m.xzjmtzs.com/static/js/plugins.js	ScriptElement	760 B	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/plugins.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-06-14 12:40 Times Seen820 Hash 074c4c08f0730c4d4ca76f724355807c 09d6a93af6b87a67c5773163d35f40b993fca3d3 c6129bd3aeb079f5c310d2a9618478ba0d621992c1a5e5ef320917937dc2dbb7 Loading...

	m.xzjmtzs.com/static/js/wow.min.js	ScriptElement	8.4 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/wow.min.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-14 12:40 Times Seen2791 Hash 36050285bfeeb7395752f0f9bbc08273 5924f7bbbf1dfa3f0926851d01f782f23a59e805 0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69 Loading...

	m.xzjmtzs.com/static/js/modernizr-3.5.0.min.js	ScriptElement	8.6 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/modernizr-3.5.0.min.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-06-14 12:40 Times Seen734 Hash d7c97fdd45a562ace6cffddc9437a779 eb6a5e550ab67f95986363a87da875212ba2f139 525ba420f42f72699e059e5c20dd3acd591da3d54d70a319b0e360369482dde8 Loading...

	m.xzjmtzs.com/static/js/popper.min.js	ScriptElement	20 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/popper.min.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-14 12:40 Times Seen1270 Hash a22f3f7e61af6a069aa6b422537c3f49 682fdc625ae80a890d10af2cb16e62540e2186a8 d2b9f29ea1f42a60a8beb1c04f76868287f2a48d6ec50fb39d6b888584a03c49 Loading...

	m.xzjmtzs.com/static/js/owl.carousel.min.js	ScriptElement	43 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/owl.carousel.min.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-14 12:40 Times Seen5530 Hash b7b9c97cd68ec336d01a79d5be48c58d 1a99890b57c9859a622337ed0b2f989d6e30cc0e b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43 Loading...

	m.xzjmtzs.com/static/js/counterup.min.js	ScriptElement	1.1 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/counterup.min.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-14 12:40 Times Seen3256 Hash ef36cca760bf1cd76cfcd0e4dc10cef1 ef38469f60d58850fe55c4de2ec7e289a2415d71 26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29 Loading...

	m.xzjmtzs.com/tj.js	ScriptElement	362 B	2024-09-04	2025-06-13
Pretty URL m.xzjmtzs.com/tj.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-04 08:43 Last Seen2025-06-13 05:15 Times Seen160 Hash 5d3d830acdaadeaff7de7ce0822c3d11 1a09f51cb91558fde445ed7ed306693b30e0856e 0c8716986951d50457d9d3c517f90b78ee0c0cbc43cb5ca3ed011d46ee79ed80 Loading...

	m.xzjmtzs.com/static/js/waypoints.min.js	ScriptElement	8.0 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/waypoints.min.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-06-14 12:40 Times Seen3123 Hash dfe0eedf8da578f4a4c43b05448c51d9 812d7071b4e44b1aa5d5ea6c7ce0b79eb9d46520 a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833 Loading...

	m.xzjmtzs.com/static/js/ajax-form.js	ScriptElement	1.2 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/ajax-form.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-06-14 12:40 Times Seen400 Hash 9fdd4d0f0ab7d63fd10bbc56f73b8874 2895c175d93e8d0a6d205a9d47fc11386db126b1 6f9e9742293db7a493b19c68bc2885796c5f90e6e9449b3e633ea56780e5213d Loading...

	m.xzjmtzs.com/static/js/scrolltop.js	ScriptElement	2.2 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/scrolltop.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-06-14 12:40 Times Seen408 Hash 36e8c3c87020b0ac057fa96463619793 3bab73ad0a2528b80270b2413ab7955f956acee8 8a29dd36263e340e17993bc8a3f8a17c7802b07b36c8592a493c4d0f31bc3fe5 Loading...

	m.xzjmtzs.com/static/js/main.js	ScriptElement	3.4 kB	2024-02-01	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/main.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-01 10:47 Last Seen2025-06-14 12:40 Times Seen392 Hash db57dc1095e0109b2897a1e3e917c020 eb096656b27ff23dabd33e656541a4674c6bfe12 339b0ac6d3fbc1341ab504d41e4abe03e979338783dc2ad9f7d18ccabbc0e101 Loading...

	oudngmslhifnsf.gdmgcyy.com/tj.js	ScriptElement	805 B	2024-06-09	2025-04-29
Pretty URL oudngmslhifnsf.gdmgcyy.com/tj.js IP 156.224.2.38 ASN #133199 SonderCloud Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-09 08:30 Last Seen2025-04-29 12:34 Times Seen280 Hash b91b404e65a6d55f48e3e8929aaa6631 7feb40ab7aa9c2ff7458e6e89a74af63c5f56ae8 d73b625c5e38c3fd1e0d5a113374bec35307dd4cde91aca48167ee3dc33567ee Loading...

	m.xzjmtzs.com/static/js/swiper.min.js	ScriptElement	121 kB	2023-03-08	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/swiper.min.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:01 Last Seen2025-06-14 12:40 Times Seen458 Hash b117060487d6ec17a9af7c5604a2c149 40a26a977cf1c6b060668c9680cf71a6c8e91e0d 34200a216f42b734a9723a5367645bb517c31e036b42e2bf6a480c62880fc12c Loading...

	m.xzjmtzs.com/static/js/meanmenu.min.js	ScriptElement	4.0 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/meanmenu.min.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16 Last Seen2025-06-14 12:40 Times Seen715 Hash 0444feb93a5bb35397275148613d7c07 ffddb012374e39779bd5415080ab9e7ac5afa194 eaf2ccc92a9f802623e6eb69af21a03fc6ba48b509201e2ded5165b58f22957e Loading...

	m.xzjmtzs.com/static/js/magnific-popup.min.js	ScriptElement	20 kB	2023-03-07	2025-06-14
Pretty URL m.xzjmtzs.com/static/js/magnific-popup.min.js IP 172.67.208.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-14 13:10 Times Seen13135 Hash ba6cf724c8bb1cf5b084e79ff230626e f455c5f153f872e52265f87a644ff89fe14a6fb6 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9512450c43a616469513e6f0a3cf0957	611 B	2024-06-09 08:30	2025-04-29 12:34
Pretty Observations First Seen2024-06-09 08:30 Last Seen2025-04-29 12:34 Times Seen275 Hash 9512450c43a616469513e6f0a3cf0957 130557e34c1d4ca4a794977a5855debce59b0156 43fcad7926cd2cef9732d939c76b72f328b561359a542a3d53f67956a67c666c Loading...

	#2 Eval - deab99731237b52d1b60dd7d144a15c0	87 B	2024-04-04 05:50	2025-06-14 12:40
Pretty Observations First Seen2024-04-04 05:50 Last Seen2025-06-14 12:40 Times Seen345 Hash deab99731237b52d1b60dd7d144a15c0 1cd0ca53fbd8c8943a02250ab2e4e47a66e420da e1bfbe54fd1f16ed88120eae9549e8cf7d708eb595d8c787930215b22b4497c2 Loading...

		Size	First Seen	Last Seen
	#1 Write - 0c62e4b2ef2dd122138f49484f5df37e	64 B	2024-04-04 05:50	2025-06-14 12:40
Pretty Observations First Seen2024-04-04 05:50 Last Seen2025-06-14 12:40 Times Seen345 Hash 0c62e4b2ef2dd122138f49484f5df37e ff69377d20545562b648b7607e40251bcb0a004f 97e41672c8ac279bcf8d69500df45bf1b8650ecc272a99d9bcb34872c99edc56 Loading...

HTTP Transactions (81)

URL IP Response Size

m.xzjmtzs.com/static/picture/shape-3.png

172.67.208.82

200 OK

1.5 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/shape-3.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1539 bytes)
Hash
7897206239870928ccadd33798a0c388
c8ebf2f2078d74e3cd70765dd23610fd2e118295
5933313031931d2179d11ecac187502a4e628c63c22f89cae78f1a009d5f2f51

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/shape-3.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/png
content-length: 1539
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-603"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jnu1I9VeteZy9za1kZUEvFF2GWA3x%2B3D7l449SygOO06YYFoZgST5bnsp2lyX4SZ6CEyRVtWLkPKXpCJKRblVpzJ8A2o324bCQcm6Q9XHxopYjnzhab9h7AhB5aZnAd5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabe5c2356be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3036&min_rtt=1533&rtt_var=1501&sent=94&recv=77&lost=0&retrans=0&sent_bytes=24464&recv_bytes=20036&delivery_rate=269918&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=820&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/shape-2.png

172.67.208.82

200 OK

7.3 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/shape-2.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 521 x 267, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7349 bytes)
Hash
23fafbe2054753eb8fbc0378efbd7358
7577b91c4cd1aa99cb58a8f659fc59b2a8a4031e
a05b62d2692f59650a63e51eebe3935050dda23c9bea9420b0864337d9a836bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/shape-2.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/png
content-length: 7349
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-1cb5"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Byr2bL2alNgnXzFKzO8I6%2F4gntKU2bCP%2F3qzE7rgkNYtOQ%2FI03qcykQOmt2OJNiVlcCLq888FWmNayDYIDSlIUgcqPVsa%2BCZ%2FCaHpUG9Cq7TkgA%2FqWCzPkhgiiMzLJf%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabe5c2256be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2897&min_rtt=1533&rtt_var=1109&sent=107&recv=80&lost=0&retrans=0&sent_bytes=34942&recv_bytes=20462&delivery_rate=3323966&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=826&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/logo-1.png

172.67.208.82

200 OK

1.5 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/logo-1.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 108 x 36, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1536 bytes)
Hash
bb0f185735c1e4587da82b7ef4403ace
fc2f1ecd0019f1515e0012d29349b1811a00df5c
7ed24510b42ed7ac5bf0090d5b7c84e10a16633c6113e31d3a41349ea2bed9d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/logo-1.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/png
content-length: 1536
last-modified: Tue, 10 Sep 2024 05:51:07 GMT
etag: "66dfde4b-600"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BxNhmUvccVcwvPOkm1WPT%2FghkMUnx06YfLObQNfjS%2BaTow2niHf9yaMd1w%2F6MLwp48hRVLo7j03%2FFSH1EYdeXaYJlFkxZGCY6w%2F2hClEYPzhXxQNQ5leGHRAWzUFcpRj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabe5c1956be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2184&min_rtt=541&rtt_var=1143&sent=136&recv=86&lost=0&retrans=0&sent_bytes=61247&recv_bytes=20735&delivery_rate=3345&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=870&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/bg-shape-1.png

172.67.208.82

200 OK

6.8 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/bg-shape-1.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 229 x 229, 8-bit/color RGBA, non-interlaced
Size
6.8 kB (6772 bytes)
Hash
d766bbc7dc567b95f8132c8c835ad430
ce7021882547660a54cfc66246acb2050f75ab5f
0797750b854c6127f25fb6a9855ac9fbd0c2a26ad2111cb67b80b26fc5514a1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/bg-shape-1.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/png
content-length: 6772
last-modified: Wed, 01 Nov 2023 14:36:08 GMT
etag: "65426258-1a74"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTVmwenmg9f7zZ1v6tPUva0Dw1PzP2%2BSW87wBK5HJ5MtDBV9m%2F8q%2BZHWoQi1Ajkyr5IAc5cLqyECVBLc1Z3EkI2zZda7jAO%2B0Q%2FussSKbw8xq6og6GrirxPaONd6a7ZC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeac8f56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1849&min_rtt=535&rtt_var=1028&sent=140&recv=89&lost=0&retrans=0&sent_bytes=63575&recv_bytes=20870&delivery_rate=20457&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=874&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/icon-2.png

172.67.208.82

200 OK

3.7 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/icon-2.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 27 x 42, 8-bit/color RGBA, non-interlaced
Size
3.7 kB (3696 bytes)
Hash
db2a1bb07e49376ad9e93001a8a08223
89dea4d507f5d61eacf70c755aef7bac003d92ae
374b798d265fbf16b071275596dc6a5d6915f3ec3bd69d3e453073ad62c495ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/icon-2.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/png
content-length: 3696
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-e70"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2BT9D9P2rlAYKkUuEVXo6aHxXptECszplW2Lpb%2BEWN9OPkJlN3d6jO8VEmX1nLT09WT2XjqrIbsO%2BWwphO%2F0HPxIvsTyz7G7l5x%2FphnJVolTIPRTHJAA0Vgq1llH6ZhT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeac9456be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1656&min_rtt=535&rtt_var=730&sent=151&recv=92&lost=0&retrans=0&sent_bytes=73201&recv_bytes=21006&delivery_rate=31467&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=893&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/gallery-6.jpg

172.67.208.82

200 OK

8.6 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/gallery-6.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3
Size
8.6 kB (8589 bytes)
Hash
939fdd3fe4c3f64694a5c587dcaaff07
dd6ad294a49435f1ec4f6c4c2cbccaf9ce7a62ac
fcfe9fdc32d7f1e3485514b47236004b0dbd09c6d934b69b480d79a660e32675

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/gallery-6.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/jpeg
content-length: 8589
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-218d"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zPsFdrQl90o%2B2zNCNXKp20tvTtrhH7o1%2BzC3njVfj5WFZvkeo3setLUSrJh4UgHt0klBEWY5B8dEA0e7Yq9RMHU7zw%2F0SYSaNiRLHUJCnH8c6fftjYQ3IRZAmQDqw21y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeecee56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1624&min_rtt=535&rtt_var=610&sent=156&recv=93&lost=0&retrans=0&sent_bytes=77720&recv_bytes=21052&delivery_rate=2155927&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=899&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/icon-3.png

172.67.208.82

200 OK

3.0 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/icon-3.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 45 x 42, 8-bit/color RGBA, non-interlaced
Size
3.0 kB (2985 bytes)
Hash
7b771bffd4eb3584002b6ecc876a2146
30295bba792a8eeee1e01669211eca906039a8c3
83228bc5e056a9ea12eef48e95455753d46a5867d5559b4afc52e6fcdda1fd19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/icon-3.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/png
content-length: 2985
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-ba9"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zGUAGCPasQ6pchG6e%2FIqsRWMiiaOqUiYVKt6HHDH2Wh2421tEHITRj7sxmd48AwgKZfu9Ega4MUmCvnm2hYpfO9wAUPn9%2BIy4iBrzAC2bMaR%2FkXNNgAus%2B3P9wbtby9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeac9756be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1624&min_rtt=535&rtt_var=610&sent=164&recv=93&lost=0&retrans=0&sent_bytes=87216&recv_bytes=21052&delivery_rate=2155927&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=900&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/uploads/allimg/250120/191UK329-0-lp.jpg

172.67.208.82

200 OK

6.6 kB

URL GET HTTP/3
m.xzjmtzs.com/uploads/allimg/250120/191UK329-0-lp.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 240x144, components 3
Size
6.6 kB (6637 bytes)
Hash
206f23523cbcf9bcd9183b81ada65477
bbfbfed80007259ee30754e24da3fd3bbc02e92d
558a33230c670a7e1a11308ff84ff009c43435422a6a064673660b881f662a72

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/allimg/250120/191UK329-0-lp.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/jpeg
content-length: 6637
last-modified: Mon, 20 Jan 2025 11:18:57 GMT
etag: "678e3121-19ed"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRQrXDv48X10e3LDCx3JfI40HWQbUH8n%2FsvvCnQrk9RPfcIVHF%2FE3zwQN7RGSlK26DRVNcvm6ZuCDsytmcASjuaA6Kd%2F6L%2BNaOgzpULOHAS6nSyzSFdOYxlh8DW43hgO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeccbf56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1550&min_rtt=535&rtt_var=606&sent=169&recv=94&lost=0&retrans=0&sent_bytes=91029&recv_bytes=21098&delivery_rate=1821850&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=901&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/icon-1.png

172.67.208.82

200 OK

2.5 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/icon-1.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2466 bytes)
Hash
b12ee7f26711f115e8a962d682841331
a1c578afea5339a63ecbe2d1878e4ae201aa8a6c
666713a3f66755c9146819c2099af596bc212ff1a7db0cf981eee0c649ab2b8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/icon-1.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/png
content-length: 2466
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-9a2"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IViqukYXi%2B8Qmu0k2Lzgjt1MjVBWfU4jm%2B6%2BTOIIsnEqiHHAXlUW3Q80Fkw52xKspEXx0XOG5NUwLJgbJ6rUirrKjyAeC%2FEoC8lbj3lAc2JZw%2FpENvpSCRZzI8XWy9%2Fo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeac9156be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1378&min_rtt=535&rtt_var=629&sent=178&recv=98&lost=0&retrans=0&sent_bytes=98603&recv_bytes=21280&delivery_rate=18832&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=906&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/gallery-1.jpg

172.67.208.82

200 OK

8.4 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/gallery-1.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3
Size
8.4 kB (8373 bytes)
Hash
a503b5ea39cc615e9f621d3e3b557c88
1f35790c70b0ba47649e51b0029e5ecfd6ce9567
86e28b1dde1151defcd2156ad46fb88bf142931c26245a3255a68601f49314ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/gallery-1.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/jpeg
content-length: 8373
last-modified: Wed, 01 Nov 2023 14:36:08 GMT
etag: "65426258-20b5"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZHU72Ui5sgWpO3TgluEgTuSZJjJp9CafAfRsT%2FPG3ia4iUYR5nvEQFaReMcU5H5SqnFWOiIky3P5Djbck0MIVa2Qdkad6n1cvcuqCY%2BFByAd4y18IwcQTIXlEd66%2BEn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeece856be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1351&min_rtt=535&rtt_var=526&sent=182&recv=99&lost=0&retrans=0&sent_bytes=101865&recv_bytes=21326&delivery_rate=1821484&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=910&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/shape-1.png

172.67.208.82

200 OK

2.3 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/shape-1.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2335 bytes)
Hash
ec3948b8d36dea60b210b2ab21a92290
4bb53e0c80977f8d95852c6c25a7459568405b4d
3c1ae3164c38144ae661f6b4bffd359f55b36a903aa4714b35a70d3a605a47c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/shape-1.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/png
content-length: 2335
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-91f"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4VU6SQVHVKXw%2BSXnrW2RtMA%2Bqbf9cWLgncT5izdbofAu0qgyjHnQIrfvcDBFy4iWZ%2BGinRy3pxGqSBryARcra%2FIyTVSQtMf5QhuEl5Ax566HGHrm%2Bjnj%2FEocv772dySb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabe5c1d56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2083&min_rtt=535&rtt_var=1859&sent=191&recv=100&lost=0&retrans=0&sent_bytes=111171&recv_bytes=21372&delivery_rate=860120&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=919&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/about-icon-1.png

172.67.208.82

200 OK

2.5 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/about-icon-1.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2548 bytes)
Hash
5787184d0495e46a5557b7aa8957af95
f48a8870e05b6c3cb8278159dfe96bfcd9b9203b
fe2389b7a1ee96ca436b5ed684c94c61d561b1c9af8a463a79b6c19cf84e7413

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/about-icon-1.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/png
content-length: 2548
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-9f4"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TRkxOovjTsBaQDer%2FEQIyolgQxaW4qFsodW8Can2lgOLicoqsyJaizYWGWVUcMjoiUeUVMBvjt1sEHWg9r7bUBY2vnzTjdngJUWNehPMOXwd29yw%2B%2Bh3a%2FWGF19gYCW%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeac8d56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1971&min_rtt=535&rtt_var=1619&sent=195&recv=101&lost=0&retrans=0&sent_bytes=114300&recv_bytes=21418&delivery_rate=1073146&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=922&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/gallery-3.jpg

172.67.208.82

200 OK

8.4 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/gallery-3.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3
Size
8.4 kB (8397 bytes)
Hash
4c1ec4a5c4206f22e37243d99eec884b
aec1d2d2952f0936062d0acc4c2e34641771c872
2d83693d57d7a37fae6fdc5da84cda1b126373f85aafa624ad17ccc35a536a5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/gallery-3.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/jpeg
content-length: 8397
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-20cd"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPocp5%2BygJvoaxZktNGHi6NF4k7NJE0bn3AgAYjJ6VYZK%2FsREmUv3GA2dZBwLACn%2FwGcw1wraBDomwpyjxrAJ9yUs2gFDKeoRtkeUg5aOMTa5PC6oDMIWT%2F0JatGMXYs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeeceb56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1892&min_rtt=535&rtt_var=1373&sent=203&recv=102&lost=0&retrans=0&sent_bytes=122223&recv_bytes=21464&delivery_rate=1640779&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=927&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/gallery-2.jpg

172.67.208.82

200 OK

9.7 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/gallery-2.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3
Size
9.7 kB (9736 bytes)
Hash
80270079ec7950a0b8d5e834e488dd72
38a26bfd822f52b44c7e907fb15b6feef87f9e83
58d810fbaa2f91e3aa5437fb5bf193b65db9c8c67b837755617089a50c72b8d3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/gallery-2.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/jpeg
content-length: 9736
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-2608"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BsT5R6OoYtp1RkUggcGeezIJuEAZqO%2Bhh7fiopOXwH6NhCCdHT166d2FhfoFLwGbezlXjpTF7f2%2Bn4yDsov7TvPrur74XCfSgjVTRIUaET2YaiiHH4B0TmFa7I5v6NE1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeece956be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1809&min_rtt=535&rtt_var=922&sent=212&recv=104&lost=0&retrans=0&sent_bytes=131556&recv_bytes=21556&delivery_rate=3423378&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=931&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/logo-2.png

172.67.208.82

200 OK

3.1 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/logo-2.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 125 x 57, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3097 bytes)
Hash
f7a90ba93e1c08513c6534e6fabb742c
2a1943030890f91f13a8888e2ded5ca6e762f74c
2d86c01f9af1456d681d7852b7c6aac9d4957dc44ec7a53357aa6961c79bef25

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/logo-2.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/png
content-length: 3097
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-c19"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHM6%2FCX5G%2F4rgbsHWckbMGQHuP1MqN%2BTvTjonq8tEt8TLNqOgj3C%2B6xWz5XFCnvN%2FVSuCmOD0H7%2BEnPXubKYzr3QQwDKqM0wZJWJ0i4rAABodIUAjcLrRyRnjHlNzTMj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabedce656be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1721&min_rtt=535&rtt_var=867&sent=222&recv=105&lost=0&retrans=0&sent_bytes=142254&recv_bytes=21602&delivery_rate=1379700&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=936&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/uploads/allimg/250120/1SH35952-0-lp.jpg

172.67.208.82

200 OK

8.0 kB

URL GET HTTP/3
m.xzjmtzs.com/uploads/allimg/250120/1SH35952-0-lp.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 240x144, components 3
Size
8.0 kB (8022 bytes)
Hash
85d3e808ffeb0322625a0a5dd2db9285
e401ce7c107a4c134f76fc1486bbda4290f535b4
a1a14019c38c61232498c97c846406950c37182d098897400357bd993b41f7ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/allimg/250120/1SH35952-0-lp.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/jpeg
content-length: 8022
last-modified: Mon, 20 Jan 2025 10:37:24 GMT
etag: "678e2764-1f56"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m8JEt%2BUU1kRo6Fy1jmaKtvM6E1a6wPMoU0WUgGRzR39kCQjMJ6g4qzZx6FAQDKplRRyBqYYsDmUIqPD3vkHL1mLvk6qSKcPjGQOwinPnn55eMjLgSRADLqYLHRHnucpk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeccd056be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1721&min_rtt=535&rtt_var=867&sent=226&recv=105&lost=0&retrans=0&sent_bytes=146155&recv_bytes=21602&delivery_rate=1379700&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=937&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/gallery-4.jpg

172.67.208.82

200 OK

4.7 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/gallery-4.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3
Size
4.7 kB (4721 bytes)
Hash
3507c2613a89a75b60b04718aaaafec6
8e27a8bd05d333bfbbf4e6b52a7b526164ab5f1b
ba1d60db77681ffa279dfa8dcf6ad57fc25ffaff5fe21854edcf480c73e18fad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/gallery-4.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: image/jpeg
content-length: 4721
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-1271"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7P4nUHzL%2BzV5R4pGrH5n1QJ7EgHWnEG7BDTMzycWQ%2F%2BkoJex7dySZ1AJ6thH8EqEDZE4BbAe3J%2Bp%2B%2FsAsEPRZpmGTyuuJ%2BEi7C5SA4cHuWSHv7tzBctR4DvahW0jGWq7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeecec56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2063&min_rtt=535&rtt_var=1334&sent=234&recv=106&lost=0&retrans=0&sent_bytes=155085&recv_bytes=21648&delivery_rate=1450426&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=944&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/scrolltop.js

172.67.208.82

200 OK

1.3 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/scrolltop.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
gzip compressed data, from Unix
Size
1.3 kB (1294 bytes)
Hash
1772bb2d619ac9798eb4569a7ba5b279
adf03ce5beaacae8c46cdc35424521437b60797a
0e457b3b9914d0f4827289a59d4b958375d04ba31242b7d26c35fa476f1f7207

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/scrolltop.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 01 Nov 2023 14:33:50 GMT
vary: Accept-Encoding
etag: W/"654261ce-8bf"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
cf-ray: 904ecabf0d0d56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

m.xzjmtzs.com/static/js/ajax-form.js

172.67.208.82

200 OK

1.0 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/ajax-form.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
gzip compressed data, from Unix
Size
1.0 kB (1029 bytes)
Hash
32f5de8052f3cdfd086837bd279c1428
8125f7fca41476ac08a992d75eeac2513d4f3b69
bbe7ae648f849d15cac36ab0fff43572b1ab14d5685c2b7f16c8b3390ba818df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/ajax-form.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:54 GMT
vary: Accept-Encoding
etag: W/"654261d2-4bf"
expires: Mon, 20 Jan 2025 23:41:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4rJ%2F%2BQQtvXhk2z7%2FEJdZ6IKdpF67uRRozuXWdaX0VPGx5komgrTmOpw5AQGZOeNcflfZ2UaWUMfcL2vVOUp646IckezSDbfuI7sfC4vu9f%2BO0F2tJYc4JA89SWmH0xF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabf0d0f56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2169&min_rtt=535&rtt_var=1138&sent=252&recv=110&lost=0&retrans=0&sent_bytes=173851&recv_bytes=21831&delivery_rate=667264&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=967&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/waypoints.min.js

172.67.208.82

200 OK

3.3 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/waypoints.min.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
gzip compressed data, from Unix
Size
3.3 kB (3338 bytes)
Hash
455456d59cb7b1a37eb0fdd8126452a5
e93c6e9990c62fe619d23ee2bab482c5c6478c05
b0b0ef0f68672f5c86c6268e7335db4e940ae7ce7834c9772175e22fcf22694e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/waypoints.min.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:44 GMT
vary: Accept-Encoding
etag: W/"654261c8-1f6c"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AaJJGKAV9eGVr3uCEGbRLQfU8I8jNJ1HjzMNz9GY26ki%2BVzwD5fBWkx3eN7hPPSbFnGPm1gNJyAIuGSBmkxrvxni7HSsvfcf1p7JglQgobHxXlevcj8NthNYoq%2FfkIAa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabf0d0356be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2133&min_rtt=535&rtt_var=925&sent=258&recv=111&lost=0&retrans=0&sent_bytes=178917&recv_bytes=21877&delivery_rate=731262&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=980&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/plugins.js

172.67.208.82

200 OK

881 B

URL GET HTTP/3
m.xzjmtzs.com/static/js/plugins.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JavaScript source, ASCII text
Size
881 B (881 bytes)
Hash
074c4c08f0730c4d4ca76f724355807c
09d6a93af6b87a67c5773163d35f40b993fca3d3
c6129bd3aeb079f5c310d2a9618478ba0d621992c1a5e5ef320917937dc2dbb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/plugins.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:34:02 GMT
etag: W/"654261da-2f8"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uJ%2BZ4Cd3A3PKJ42M%2F6pqXJcn7JPmWPeYlebP0ugSEh1tZUb1kAATi5M2zI3I0p9mGVmpt1tjpcff8GonhDofdnIMTsswP%2B2tGgYguO2PCziNYF%2BC6YpHDTGBLx96wEKy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabf1d1556be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2207&min_rtt=535&rtt_var=1266&sent=248&recv=108&lost=0&retrans=0&sent_bytes=169445&recv_bytes=21740&delivery_rate=6403447&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=955&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/video-bg.jpg

172.67.208.82

200 OK

31 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/video-bg.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1140x620, components 3
Size
31 kB (31209 bytes)
Hash
a8550a80611b7d71d05bb74974d69896
a3f06e35b67991287adf1d76bb35bdf373116fa5
4208b4763543d1e81cf875a3f2c5d9ab5c1f9c8bdbf7e806716bb958d589ea5c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/video-bg.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/jpeg
content-length: 31209
last-modified: Wed, 01 Nov 2023 14:36:06 GMT
etag: "65426256-79e9"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cXO4PkZ1suCRju3%2B33Og3vk3jw%2B5RdlZ2wkatwqLRplHY6a2kUI1r4cTwCKcK1lKDkxG104Vflc9Ztp1phdHiAEArZllAKc8ylJpdH%2B%2BbqcQkKXrQfCV4OkBjtZfrzx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeaca056be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1764&min_rtt=535&rtt_var=859&sent=298&recv=115&lost=0&retrans=1&sent_bytes=221461&recv_bytes=22059&delivery_rate=6871796&cwnd=40800&unsent_bytes=0&cid=5e616046511c513c&ts=1075&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/uploads/allimg/250120/193I3D09-0-lp.jpg

172.67.208.82

200 OK

13 kB

URL GET HTTP/3
m.xzjmtzs.com/uploads/allimg/250120/193I3D09-0-lp.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 240x144, components 3
Size
13 kB (12821 bytes)
Hash
b90c0b99070be5c45af75fe762b651a3
99f69ec5b2513e766947a0ef221ac1fa8692d9f2
5c2c63606b7d0c01ad705f49211bb884f34c53e0089ef2b5f82ba494a560972a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/allimg/250120/193I3D09-0-lp.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/jpeg
content-length: 12821
last-modified: Mon, 20 Jan 2025 11:37:34 GMT
etag: "678e357e-3215"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PJxlWle09GgHEjILIGIwZblAn%2BnoEmHWvAFu%2F1zS%2BqQHUNmamRG5cLLFkxa4L%2FdetKQupZeccmqfBNctAe2EFK9hcDvFJUE76bHTGGdfGz2x2kIav2opVxDlKTa3gEH%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeccb756be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1766&min_rtt=535&rtt_var=646&sent=326&recv=116&lost=0&retrans=1&sent_bytes=254173&recv_bytes=22105&delivery_rate=10791630&cwnd=40800&unsent_bytes=0&cid=5e616046511c513c&ts=1078&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/uploads/allimg/250120/1U52245c-0-lp.jpg

172.67.208.82

200 OK

13 kB

URL GET HTTP/3
m.xzjmtzs.com/uploads/allimg/250120/1U52245c-0-lp.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 240x144, components 3
Size
13 kB (13037 bytes)
Hash
d4f358bdf1b22cce45ee48e47e663fbc
9c45877fc7e1eddc2743c01bd39487196487d5ab
92b0ea21a46d0240a791511b87e07622c0417e586e7b9f24ea317ad11eb5ef10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/allimg/250120/1U52245c-0-lp.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/jpeg
content-length: 13037
last-modified: Mon, 20 Jan 2025 10:55:23 GMT
etag: "678e2b9b-32ed"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WTrLXWk9CE8shXnrz7S6Fz7xeREceMz54djDJPxQIY1%2BVmpmKFyazacd7v7xLiUauWrDH0iBKxp8BPAK7QxYEckW3JG4HVMTsHmR%2Ffr2CLeFtyEE1Itl%2BCf7xm8Lsz2Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabecccc56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1738&min_rtt=535&rtt_var=430&sent=350&recv=118&lost=0&retrans=1&sent_bytes=281721&recv_bytes=22197&delivery_rate=6729057&cwnd=40800&unsent_bytes=0&cid=5e616046511c513c&ts=1096&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/bg-shape-2.png

172.67.208.82

200 OK

34 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/bg-shape-2.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 534 x 404, 8-bit/color RGBA, non-interlaced
Size
34 kB (33900 bytes)
Hash
e6cf106a4d80d1bad808ce3d74342585
234e439c9c7b08e9e2ade04bb3080d0c98037094
93b3a18aacf64278c57ca5ac26d64a06a96ca4d3fb55fc3e482b2ad24c7dfc5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/bg-shape-2.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/png
content-length: 33900
last-modified: Wed, 01 Nov 2023 14:36:08 GMT
etag: "65426258-846c"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=goATaIbTFJvN3slOZCbtkaxxEAcadQuy5ARLa78iypoI7jcTDy0SqFyOTjpS3GofpCdwZl%2BJHm9a%2B4Mx2%2BDdTTk%2BgwZsSrI5%2Bh%2FczLo4MB5CA85p2KA6TzZPLwbFSKLJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeac9056be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1684&min_rtt=535&rtt_var=431&sent=362&recv=119&lost=0&retrans=1&sent_bytes=295781&recv_bytes=22243&delivery_rate=6563140&cwnd=40800&unsent_bytes=0&cid=5e616046511c513c&ts=1110&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/gallery-5.jpg

172.67.208.82

200 OK

11 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/gallery-5.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3
Size
11 kB (10949 bytes)
Hash
7b13e0f6e593a8164ddafade586beadb
384a3e63dca672854beab1659a5b28acc26c1b9c
cb1a1bde6f843c89afdd617c7dc5ac3170e1f837749daea38e893be78beeae9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/gallery-5.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/jpeg
content-length: 10949
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-2ac5"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=foPAvuPdpX7s5W03Wwn9MoT2mrEjcNL8ZUbqlUKK%2B6bWY4KvpdRmAKUdRm3KoHv1sopVWpW%2FdJDQCQTGD41nIT04TOOpPsLtjMlV8Y%2FXwYx8bQfFyPj%2FuAV9WbKiSaHN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabeeced56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1699&min_rtt=535&rtt_var=355&sent=392&recv=120&lost=0&retrans=1&sent_bytes=331249&recv_bytes=22289&delivery_rate=9914643&cwnd=40800&unsent_bytes=0&cid=5e616046511c513c&ts=1132&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/uploads/allimg/250119/193G63405-0-lp.jpg

172.67.208.82

200 OK

11 kB

URL GET HTTP/3
m.xzjmtzs.com/uploads/allimg/250119/193G63405-0-lp.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 240x144, components 3
Size
11 kB (11308 bytes)
Hash
ab083424ff037ba1efe85672028ee985
1118f6c4397190740991f5c44e4b5457f186df39
bbc19a881dfca4427c445c55f224b25ad8d6ea495318b66f42cb566a6333f5e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/allimg/250119/193G63405-0-lp.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/jpeg
content-length: 11308
last-modified: Sun, 19 Jan 2025 11:37:17 GMT
etag: "678ce3ed-2c2c"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X5PnSN4tryKW6lH7gTC1k3NidtzRnkdFQZ7jTsGj7sbfQercFR5xIa3ZxqE6gOlRbhkFZG6A%2FMcwfISqMulhPW3IltJ4mI2WekHRRPCpieJzyDspLJVolnlTq2jRufOF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabedcdc56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1599&min_rtt=535&rtt_var=373&sent=417&recv=122&lost=0&retrans=1&sent_bytes=360581&recv_bytes=22380&delivery_rate=10380507&cwnd=40800&unsent_bytes=0&cid=5e616046511c513c&ts=1147&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/uploads/allimg/250119/195513OV-0-lp.jpg

172.67.208.82

200 OK

13 kB

URL GET HTTP/3
m.xzjmtzs.com/uploads/allimg/250119/195513OV-0-lp.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 240x144, components 3
Size
13 kB (12900 bytes)
Hash
6211287d15e773945742246d8b3bf40d
b0a518b308bfc1d97730fd6596652e0f177fbe37
13875bd3b4a70e7cbf5d30cc7e5f8f65e488ac7b7ea61e07c9df64263e43d9e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/allimg/250119/195513OV-0-lp.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/jpeg
content-length: 12900
last-modified: Sun, 19 Jan 2025 11:55:14 GMT
etag: "678ce822-3264"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wgmaB1trboi4HMnSD%2BIW9N1rBOSbEk5mmQ0z0pEI54ThvFd3O6bneEkJX%2FJLgCH6hcCNdADBZ%2Bn8QgAvQgR%2FDvXY3eKNiJPRBTsRxE0Zi6ZPHmvs6BqIQGndsOjTFMcd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabedcd556be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1599&min_rtt=535&rtt_var=373&sent=428&recv=122&lost=0&retrans=1&sent_bytes=372882&recv_bytes=22380&delivery_rate=10380507&cwnd=40800&unsent_bytes=0&cid=5e616046511c513c&ts=1151&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/hero-mobile-1.png

172.67.208.82

200 OK

48 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/hero-mobile-1.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 401 x 801, 8-bit/color RGBA, non-interlaced
Size
48 kB (47651 bytes)
Hash
689fab29ff518f640b9eb842d7838ff7
436226b82cdcf8071dd5a3dd9a6a92a3c7aaaf68
2f190ed00391ce2b621e9f9fbf3610c80e103776f30328cf9cab9b35da8fe192

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/hero-mobile-1.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/png
content-length: 47651
last-modified: Wed, 01 Nov 2023 14:36:08 GMT
etag: "65426258-ba23"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BcllPGSXTllm07pqoltnn72D2O3WXl7h9MF%2B661GFZb52eMipv%2BgeMhwYYFOR%2B%2BcHEeR9ZOrUYFxeaibE%2FL%2BGfWU3DxzCKlByqphe1rsabUK4f9JcsocpZ%2B%2BuuF6EMt5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabe5c2556be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1438&min_rtt=535&rtt_var=356&sent=453&recv=126&lost=0&retrans=1&sent_bytes=402087&recv_bytes=22562&delivery_rate=9978780&cwnd=40800&unsent_bytes=0&cid=5e616046511c513c&ts=1199&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/faqs-1.png

172.67.208.82

200 OK

141 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/faqs-1.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 523 x 555, 8-bit/color RGBA, non-interlaced
Size
141 kB (141103 bytes)
Hash
b8c8872cbde5a67df9eb242028842b05
d7ecd383d3bdd4f66ca1a12b7b5d8ec6d1b1219f
fc49a0fda10de6144340da2a8a01c3f4ab4e046e4c668faa24aac44b3f7ce735

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/faqs-1.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/png
content-length: 141103
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-2272f"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=030TFdyHYxLhgf%2B0U0bQxL%2FmzKl4ZJy5wlcoP83d8%2BqMqMlpZ%2FSr6QvGN0BP1edy6Y0CzUJ%2BB9LhB%2FBU62LZMkJlGr8X%2BEIcR%2Bkz1CXSqyfJc8fk%2FIYI6geNHlg29%2BQj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabebcae56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1408&min_rtt=535&rtt_var=263&sent=577&recv=132&lost=0&retrans=1&sent_bytes=548139&recv_bytes=22837&delivery_rate=15306171&cwnd=81600&unsent_bytes=0&cid=5e616046511c513c&ts=1286&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/about-1.png

172.67.208.82

200 OK

228 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/about-1.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 527 x 555, 8-bit/color RGBA, non-interlaced
Size
228 kB (228126 bytes)
Hash
4171b2c2229183a9006f545f0ead11a2
b385422f48ef79448c6de4c104e241e40e9366b9
7f69b0556f6ef74eb6afc1368fc7ad01939a6e4cbfb4613a1b7fc5b9246b9f5a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/about-1.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/png
content-length: 228126
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-37b1e"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OgoxiVI2ToNU3WME1mGzUJqruz2uOy%2BlAytMUMf1r4ipjEY2XRym1hqIUecQNbNpPXLiTPwpURGpW5P9Uo138sOvnc%2BdNOD3OpH5lYDmojnuua%2FOzIICw0cKuQgysLd2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabe9c8c56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1369&min_rtt=535&rtt_var=345&sent=495&recv=128&lost=0&retrans=1&sent_bytes=451671&recv_bytes=22654&delivery_rate=3867341&cwnd=81600&unsent_bytes=0&cid=5e616046511c513c&ts=1244&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/images/626x0w.png

172.67.208.82

200 OK

263 kB

URL GET HTTP/3
m.xzjmtzs.com/static/images/626x0w.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 626 x 835, 8-bit/color RGB, non-interlaced
Size
263 kB (262712 bytes)
Hash
b078df2ed57b46fafc9aea6fb7ef1438
eb1224803d25b35daf7266bb07328ab4097169ec
e6b02ac634e1d1406d1730f718c68349fa5ce24ea694f8ca1cc54d91e358c9d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/626x0w.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/png
content-length: 262712
last-modified: Wed, 01 Nov 2023 16:12:58 GMT
etag: "6542790a-40238"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XOgsNiDlOXVXTRDqbYGzi%2FD9bW2p%2B%2FcriMox51G9A7teJpBxJbafx3UDT6%2FhDRz3vKoxrn2Sb4kINGdAUWIa8b1uPUgNvMdmzuQoBevVev2UJsuCPr8e3fM5%2BBs0OF0M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabebcaa56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1388&min_rtt=535&rtt_var=397&sent=523&recv=130&lost=0&retrans=1&sent_bytes=483856&recv_bytes=22746&delivery_rate=16267417&cwnd=81600&unsent_bytes=0&cid=5e616046511c513c&ts=1252&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/images/643x0w.png

172.67.208.82

200 OK

234 kB

URL GET HTTP/3
m.xzjmtzs.com/static/images/643x0w.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 643 x 858, 8-bit/color RGBA, non-interlaced
Size
234 kB (234154 bytes)
Hash
829f1a6ca8ac75edf0235c4412a7e2df
f31b3970364480fca947f81bba24d253e447eab6
0d4223b8fbb93974189d9ae877f9bd4840a2a046fc2a47b07094faf9ff48145c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/643x0w.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/png
content-length: 234154
last-modified: Wed, 01 Nov 2023 16:13:00 GMT
etag: "6542790c-392aa"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c3DvZOxOw5aBclws%2F0Twvfb%2BbFXqYLpVCGToN0Y4B%2FLCLnmbTE64lOwF3O1nAaljk2Rip3GiZNrJpCKwbaZy7udPn09aVJeaTx20rAnHhajDj8WJw6eQL16JH%2FssEKTH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabebca856be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1391&min_rtt=535&rtt_var=231&sent=604&recv=133&lost=0&retrans=1&sent_bytes=580290&recv_bytes=22882&delivery_rate=17236988&cwnd=81600&unsent_bytes=0&cid=5e616046511c513c&ts=1296&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/client-2.png

172.67.208.82

200 OK

757 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/client-2.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 207 x 50, 8-bit/color RGBA, non-interlaced
Size
757 kB (756891 bytes)
Hash
d45a51dead2546060debd05d9eb91c7b
70d11df581e0319856bfa92ce4b386b0d1d5bd71
98e44f3336028a58ea4f24c7b8f4e06f766e8f362678f0c3f437650382686e94

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/client-2.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/png
content-length: 756891
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-b8c9b"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j260xhTEFstNGNGjw3sI0RSgqmBB1XWzJ9AdadWrt2vsBeuNX5nsp2orUaJN2OzryAKz%2Flnbu8EFkPWykoKqQ3G8Pqo5PbHilnAi04jDnFKJVr1SQRLH6Eln%2BTTU878p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabebcb356be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1389&min_rtt=535&rtt_var=300&sent=550&recv=131&lost=0&retrans=1&sent_bytes=516001&recv_bytes=22791&delivery_rate=17779186&cwnd=81600&unsent_bytes=0&cid=5e616046511c513c&ts=1264&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/images/1286x0w.png

172.67.208.82

200 OK

534 kB

URL GET HTTP/3
m.xzjmtzs.com/static/images/1286x0w.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 1286 x 1716, 8-bit/color RGBA, non-interlaced
Size
534 kB (533732 bytes)
Hash
f7aa7d85b380d5caeba468b9768b8637
4e0e4fa07e2fb5ec643be5a105abd612e5167eb8
68aed7773169eb30fb91e4fb26fb642c030f66662af013373ea3738a225b1520

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/1286x0w.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/png
content-length: 533732
server: cloudflare
last-modified: Wed, 01 Nov 2023 16:13:02 GMT
etag: "6542790e-824e4"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
priority: u=4,i=?0
accept-ranges: bytes
cf-ray: 904ecabebca356be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

m.xzjmtzs.com/static/picture/client-3.png

172.67.208.82

200 OK

757 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/client-3.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 207 x 40, 8-bit/color RGBA, non-interlaced
Size
757 kB (756590 bytes)
Hash
33752fa5f9f4bc80715eb0e4d0a8dca6
090fab80b86c597f258aa6d3e69c1856c721f852
6963475390919af00e932667866dcd50a99bd3c10eed37e7171ce44f2f2a326c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/client-3.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/png
content-length: 756590
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-b8b6e"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4QlhJ2QgqkztaIlxknYwDpzdgYTKzu47GQ9sw4ceXjoGbRyPK3New%2BXqruXqNDkz6502ZLibtq1ffC65%2B3aR4d16Sp83GimOtE1olMwLR408y9LY5SMI1TVRKsxpi69n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabedce356be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1382&min_rtt=535&rtt_var=192&sent=632&recv=134&lost=0&retrans=1&sent_bytes=612674&recv_bytes=22927&delivery_rate=18552419&cwnd=81600&unsent_bytes=0&cid=5e616046511c513c&ts=1313&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/client-4.png

172.67.208.82

200 OK

759 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/client-4.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 207 x 56, 8-bit/color RGBA, non-interlaced
Size
759 kB (758637 bytes)
Hash
a7fe812cff429341ceabc2f6b90106ad
73138f68d7145b79276ffb86777ca6e159a11136
a2c8d365b68c872746170ad957d55d42e1686f3b0bfecd97df8e599b6bc404f9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/client-4.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/png
content-length: 758637
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-b936d"
expires: Wed, 19 Feb 2025 11:41:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oi0l2laEp0Q%2Ba0xpgSuJjBMHrklIhxcgA1wRU%2F7OkvlrWYt7TnUSIHh422FOcDqIx%2FxopfPqeD5wNuEwcchcowVWmh2ybZr6WelipyKbriUrSzJooKkMGm9X2CTSsna3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabedce556be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1479&min_rtt=535&rtt_var=241&sent=741&recv=139&lost=0&retrans=1&sent_bytes=740755&recv_bytes=23156&delivery_rate=788013&cwnd=81600&unsent_bytes=0&cid=5e616046511c513c&ts=1412&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/picture/client-1.png

172.67.208.82

200 OK

757 kB

URL GET HTTP/3
m.xzjmtzs.com/static/picture/client-1.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 162 x 35, 8-bit/color RGBA, non-interlaced
Size
757 kB (756954 bytes)
Hash
781acbd42081e9e3c1ee7462ce8ad3ad
2770f8174eebbfd5ae593a21b75ab268d7e50a4d
b71375eea868f5e91723374f586c46e1b838491970612de0716b5b1df81502ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/client-1.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: image/png
content-length: 756954
last-modified: Wed, 01 Nov 2023 14:36:10 GMT
etag: "6542625a-b8cda"
expires: Wed, 19 Feb 2025 11:41:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=34qHuO3xQ0TArRb3GH7m4xNkAoF%2F2i352eqmmZxEMkeuX5Ywxm18yqjgCGvL0LPhlTmHZw9CYNvvDagqPlsLGfl50jwLO4ekn%2BdXA7OSTDyLmdGmNfDA%2F5IZADOQvZs7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabebcb156be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1400&min_rtt=535&rtt_var=143&sent=693&recv=136&lost=0&retrans=1&sent_bytes=684518&recv_bytes=23019&delivery_rate=17503024&cwnd=81600&unsent_bytes=0&cid=5e616046511c513c&ts=1362&x=1", cfExtPri, cfHdrFlush;dur=0

oudngmslhifnsf.gdmgcyy.com/tj.js

156.224.2.38

200 OK

805 B

URL GET HTTP/1.1
oudngmslhifnsf.gdmgcyy.com/tj.js
IP
156.224.2.38:443
ASN
#133199 SonderCloud Limited

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerLet's Encrypt
Subjectoudngmslhifnsf.gdmgcyy.com
Fingerprint8C:50:61:2C:BF:FF:34:B3:17:7D:A0:0D:E4:36:0D:E2:38:05:E9:BD
ValiditySun, 15 Dec 2024 05:44:50 GMT - Sat, 15 Mar 2025 05:44:49 GMT

File type
JavaScript source, ASCII text, with very long lines (805), with no line terminators
Size
805 B (805 bytes)
Hash
b91b404e65a6d55f48e3e8929aaa6631
7feb40ab7aa9c2ff7458e6e89a74af63c5f56ae8
d73b625c5e38c3fd1e0d5a113374bec35307dd4cde91aca48167ee3dc33567ee

HTTP Headers

GET /tj.js HTTP/1.1
Host: oudngmslhifnsf.gdmgcyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.21.4.3
Date: Mon, 20 Jan 2025 11:40:52 GMT
Content-Type: application/javascript
Content-Length: 805
Last-Modified: Sun, 19 May 2024 07:52:07 GMT
Connection: keep-alive
ETag: "6649afa7-325"
Accept-Ranges: bytes

m.xzjmtzs.com/static/images/cta-bg.png

172.67.208.82

200 OK

71 kB

URL GET HTTP/3
m.xzjmtzs.com/static/images/cta-bg.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 1920 x 350, 8-bit/color RGBA, non-interlaced
Size
71 kB (71277 bytes)
Hash
96d07cdabd48de8c3f406ca38b4a867e
0766359895be74cfd59914603fdacf69887aa968
892b149b7c759e154d0b8500e86c5682fdc3b6787b66b6148046bca479d670d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/cta-bg.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/style.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:52 GMT
content-type: image/png
content-length: 71277
last-modified: Wed, 01 Nov 2023 14:52:58 GMT
etag: "6542664a-1166d"
expires: Wed, 19 Feb 2025 03:10:47 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 30615
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUZBXe6WVKLubQFLIzitueIUw8x3L7ETiWjH9HCLJvu9YPRk2aJo6cy0rkpJ072yhwmVd%2BiLf9mZLpk3kUJa9TsRmyoZsJ1xreEStXVYSnpkmFYBw8ZJgNoU6M0LHWnB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecacdebf756be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39570&min_rtt=535&rtt_var=51533&sent=4585&recv=216&lost=144&retrans=145&sent_bytes=5235790&recv_bytes=27554&delivery_rate=1666717&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=2784&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/fonts/pxibyp8kv8jhgfvrlgt9z1xlfq.woff2

172.67.208.82

200 OK

7.8 kB

URL GET HTTP/3
m.xzjmtzs.com/static/fonts/pxibyp8kv8jhgfvrlgt9z1xlfq.woff2
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7776, version 1.0
Size
7.8 kB (7776 bytes)
Hash
84780596e268aa0cb2be48af2ed5c375
d67ccd32f8c790a746d64d06145882a2f7b06560
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/pxibyp8kv8jhgfvrlgt9z1xlfq.woff2 HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/c9e1b5dc2b1b4169961debffbf206f94.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: font/woff2
content-length: 7776
last-modified: Wed, 01 Nov 2023 14:57:02 GMT
etag: "6542673e-1e60"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUQxsg7%2F7OVa2SVt5Fx8lXLzzTnHr%2BaMLkR9G7cKbQvk28MZN%2F3n31U29g3BfoDH3r4wJXyRzimJHA4VKMhbY7nQjkWaYutU5vul%2FGaxrKO%2BHVDXDxFIEcV1KcHaYvvW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecace1c1d56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30767&min_rtt=535&rtt_var=44331&sent=4653&recv=227&lost=144&retrans=145&sent_bytes=5309785&recv_bytes=31617&delivery_rate=180&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=2989&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/fonts/4icv6kvjbnbylgocxcvjsgyn.woff2

172.67.208.82

200 OK

29 kB

URL GET HTTP/3
m.xzjmtzs.com/static/fonts/4icv6kvjbnbylgocxcvjsgyn.woff2
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28968, version 1.0
Size
29 kB (28968 bytes)
Hash
b91fae466c698c775adb2ae92cecc8b2
5c9b89fcd9dee91910506375b316c59aef97e47b
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/4icv6kvjbnbylgocxcvjsgyn.woff2 HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/c9e1b5dc2b1b4169961debffbf206f94.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: font/woff2
content-length: 28968
last-modified: Wed, 01 Nov 2023 14:57:36 GMT
etag: "65426760-7128"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDK9jHHMBuM0T33pCTXWQA0vOSTfh4I0t11n9pvSD4ndxfcsShCIyfMZEjjZneo%2BCO4JXvA4WsAkyl41mDypR%2F5oS8GpdJg03DQ501od89LC3BmjG0w%2BIFnbKV0C8hWL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecace1c2156be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27091&min_rtt=535&rtt_var=40601&sent=4662&recv=229&lost=144&retrans=145&sent_bytes=5318501&recv_bytes=32055&delivery_rate=1173452&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3192&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/jquery-1.12.4.min.js

172.67.208.82

200 OK

72 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/jquery-1.12.4.min.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
gzip compressed data, from Unix
Size
72 kB (72264 bytes)
Hash
ddcfcc160b59a842f6e166f5af366819
2f0b65a1ef53d3c9cadd3b1483e12c079a06b37f
c69856286fe05d9e4ddcb97ef61d58b0889023209618706462a64bb9d4d74f9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/jquery-1.12.4.min.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:24 GMT
vary: Accept-Encoding
etag: W/"654261b4-17b8b"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FsUbCZzuC6dDIxz%2B4w7JkE62rJtLTzBfBV3ZXFZ%2BKQsQW7Z9UM3wWc%2Baq3oGv8Rly7o1%2F6yOGiBfFB4YX1xoVaCYYHtwpVn7jK70rpOP8TK%2Btp%2FCNNsfjB5Y26n8pZ5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabeecf356be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1383&min_rtt=535&rtt_var=146&sent=659&recv=135&lost=0&retrans=1&sent_bytes=644814&recv_bytes=22973&delivery_rate=3344092&cwnd=81600&unsent_bytes=0&cid=5e616046511c513c&ts=1337&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/counterup.min.js

172.67.208.82

200 OK

20 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/counterup.min.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
gzip compressed data, from Unix
Size
20 kB (19523 bytes)
Hash
84b9341d8c78f468a3c5ad9fbfe7e9d3
b2c72f9c780b4db893222a33f856c68928755bbe
d639da3d8f42f1ef5d6d525082d3a5b2deb9b9cfa99975186a3459af4e339be7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/counterup.min.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:48 GMT
vary: Accept-Encoding
etag: W/"654261cc-42b"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpjzVD%2By80DWLXW1mr6tlhTO5sq0zFalhNPq97zRbN5ZCuo41oNR%2B%2BeI9pXErIs8noTURx1%2BwkB4MtZtBVYcsH2qNFuiiKYmFw5EL6H9MHfkO7fV5XFr0IcmNDO5AQI2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabf0d0b56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4166&min_rtt=1765&rtt_var=1843&sent=71&recv=71&lost=0&retrans=0&sent_bytes=5683&recv_bytes=19764&delivery_rate=540&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=590&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/modernizr-3.5.0.min.js

172.67.208.82

200 OK

12 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/modernizr-3.5.0.min.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
gzip compressed data, from Unix
Size
12 kB (11673 bytes)
Hash
261e7c3a1d1d0ab5dd97b7d559fa234b
1080afbc90bb060a131c40741fa50b8dab3c4047
5662df851011b063fae2cb23d4481527992d39000fade0db22a95848db2f6e6a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/modernizr-3.5.0.min.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:20 GMT
vary: Accept-Encoding
etag: W/"654261b0-21bc"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhQWJYnFuplGxbtJsZtMEfRELw2eCzopn268nPTSYBzSD7i3lrtXNHBqfo0lJa2P37SbvkMFXxB9Cjc5CTUCYiGqAFB1U30i0HjDnbq%2BnGbsY7Asf%2BOaAWWdh5rGJYsp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabeecf056be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1892&min_rtt=535&rtt_var=1373&sent=199&recv=102&lost=0&retrans=0&sent_bytes=117645&recv_bytes=21464&delivery_rate=1640779&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=925&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/fonts/fontawesome-webfont.woff2

172.67.208.82

200 OK

77 kB

URL GET HTTP/3
m.xzjmtzs.com/static/fonts/fontawesome-webfont.woff2
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/fontawesome-all.min.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: font/woff2
content-length: 77160
last-modified: Wed, 01 Nov 2023 14:51:36 GMT
etag: "654265f8-12d68"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ETunEjIcajA1HdwGzhoS4vhNOusHLrMOTkCSOM2Ko98kE%2FoJ8DN6%2BIOg8TN6jcHpyTMnW4XPzEc8wYwgyR%2BNlk4HyLV18ccjLfUrXhTzvZ1LSfylbLdYqtabm4taSgcK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecacdebfb56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15013&min_rtt=535&rtt_var=23509&sent=4770&recv=234&lost=144&retrans=145&sent_bytes=5445066&recv_bytes=32285&delivery_rate=3692194&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3381&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/fonts/pxigyp8kv8jhgfvrjjluchta.woff2

172.67.208.82

200 OK

8.7 kB

URL GET HTTP/3
m.xzjmtzs.com/static/fonts/pxigyp8kv8jhgfvrjjluchta.woff2
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8656, version 1.0
Size
8.7 kB (8656 bytes)
Hash
c8844b2518e608504a044c16951c094e
b6a98202b81badaa49497d45a4568404e4fe05ec
f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/pxigyp8kv8jhgfvrjjluchta.woff2 HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/c9e1b5dc2b1b4169961debffbf206f94.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: font/woff2
content-length: 8656
last-modified: Wed, 01 Nov 2023 14:57:14 GMT
etag: "6542674a-21d0"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2Fo0uhe3rVgCnYnh8Sl0AlY0X1%2FEaYUMsKwaH8LvdlILB2yLWmvczn6UdMH9Ho7u0avr9hkeGvEpMfVZGkdSuATj6pEr53usuXEL0WxqOYTiQ%2FZuhocyG27G8wAlYGih"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecacf5d8f56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9428&min_rtt=535&rtt_var=14801&sent=4895&recv=238&lost=144&retrans=145&sent_bytes=5592193&recv_bytes=32466&delivery_rate=28289638&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3511&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/fonts/pxibyp8kv8jhgfvrlcz7z1xlfq.woff2

172.67.208.82

200 OK

7.8 kB

URL GET HTTP/3
m.xzjmtzs.com/static/fonts/pxibyp8kv8jhgfvrlcz7z1xlfq.woff2
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7832, version 1.0
Size
7.8 kB (7832 bytes)
Hash
f4f17fd53c7d040e56f91a3ecb692b22
1b51342175762634835645ba2f99cd3ab0ac615c
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/pxibyp8kv8jhgfvrlcz7z1xlfq.woff2 HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/c9e1b5dc2b1b4169961debffbf206f94.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: font/woff2
content-length: 7832
last-modified: Wed, 01 Nov 2023 14:57:10 GMT
etag: "65426746-1e98"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLaaXcrRhmy0f4Haf%2FZnfoKQFQPDW809dzax87qOvJsfFuEScy2zgZIrm9MXTP%2BiPpxkdqoMili1i6oibbeN6tUJpSAL3FEzEXfSUVqeYSMcAM5Tsu%2BtHLM%2BkEa%2BDQpb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecacf1d5456be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8384&min_rtt=535&rtt_var=13190&sent=4903&recv=239&lost=144&retrans=145&sent_bytes=5601758&recv_bytes=32512&delivery_rate=5130741&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3533&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/images/subscribe-bg.jpg

172.67.208.82

200 OK

78 kB

URL GET HTTP/3
m.xzjmtzs.com/static/images/subscribe-bg.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x250, components 3
Size
78 kB (78237 bytes)
Hash
abaae475d804c03c9dff6d0d7fc8c45b
3699feb3aae732d75cf38550e21d570462cb5ac6
1cadfa5a9c3018eb30926fafb7737c72d1066dc65c41ec22162229698ba7bf25

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/subscribe-bg.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/style.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: image/jpeg
content-length: 78237
last-modified: Wed, 01 Nov 2023 14:52:44 GMT
etag: "6542663c-1319d"
expires: Wed, 19 Feb 2025 11:41:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PvtcFLUca26S7GWjjT0ctNyIYzy4STvh%2F6UBsnxmsR4xW9xhqycgWKkYysDZmfcHrArZaZEZhbnirKRrMi4kmObNHzgqPvZzpwLf8mUsIFex0m94Q6dZqfGgYhV9pa08"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecacf0d3d56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7534&min_rtt=535&rtt_var=11591&sent=4911&recv=240&lost=144&retrans=145&sent_bytes=5610502&recv_bytes=32558&delivery_rate=3485107&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3536&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/fonts/4icv6kvjbnbylgocjc3jsgyn.woff2

172.67.208.82

200 OK

30 kB

URL GET HTTP/3
m.xzjmtzs.com/static/fonts/4icv6kvjbnbylgocjc3jsgyn.woff2
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29864, version 1.0
Size
30 kB (29864 bytes)
Hash
b4e565dcfc8f6cb332be0fc03302ad99
86bec9deab5b1b78b2c3b40df903c7d25e511763
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/4icv6kvjbnbylgocjc3jsgyn.woff2 HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/c9e1b5dc2b1b4169961debffbf206f94.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: font/woff2
content-length: 29864
last-modified: Wed, 01 Nov 2023 14:57:28 GMT
etag: "65426758-74a8"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B4yvUaFveRZahe11BMZddGPTol85yfyAbXIfCP%2FLlCtJEzpDvV4oPwbH%2FKZnYitMviTPHYIF%2BN%2F%2FY23BLMye7V37%2BOjCuoCUaEW0FbfY9SxQCnwosrrb3vzt03mA11V5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecace3c3556be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6984&min_rtt=535&rtt_var=9794&sent=4979&recv=241&lost=144&retrans=145&sent_bytes=5691453&recv_bytes=32604&delivery_rate=12863641&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3575&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/images/testimonial-bg.png

172.67.208.82

200 OK

166 kB

URL GET HTTP/3
m.xzjmtzs.com/static/images/testimonial-bg.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 1920 x 798, 8-bit/color RGBA, non-interlaced
Size
166 kB (166491 bytes)
Hash
30ea135bc002f396cbef9eca75d2a74a
b0ccb2f145bd41477fe8a9fc78d2fba41d25bc49
456cc833aba447449e919e3abea9b050db12ff7c9ae47766833f7031bf6cdd1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/testimonial-bg.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/style.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: image/png
content-length: 166491
last-modified: Wed, 01 Nov 2023 14:52:52 GMT
etag: "65426644-28a5b"
expires: Wed, 19 Feb 2025 11:41:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1qN0MTleBHYSQqalRQ6SReO%2B48irqCeLlvtc4BkM23BHaX1yLWUf9sKAB7ldEyDl3T9ncDFxD1p8zixI1MMDVF5xx9xHdEBq%2FUE471L8QECI8Cj7HeN4hsu4wzpckL5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecacf0d3c56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19082&min_rtt=535&rtt_var=29214&sent=4735&recv=232&lost=144&retrans=145&sent_bytes=5404032&recv_bytes=32193&delivery_rate=6067009&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3338&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/images/hero-bg-1.jpg

172.67.208.82

200 OK

59 kB

URL GET HTTP/3
m.xzjmtzs.com/static/images/hero-bg-1.jpg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x800, components 3
Size
59 kB (58769 bytes)
Hash
54df693087c681bca1e3a984c625aba9
d1c489b5200f2b55945b848d7490234f296744df
7b9d4cbbe3baae34090c8f128c4ebad670f69b0ad4103069517c167203a62225

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/hero-bg-1.jpg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/style.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: image/jpeg
content-length: 58769
last-modified: Wed, 01 Nov 2023 14:53:04 GMT
etag: "65426650-e591"
expires: Wed, 19 Feb 2025 11:41:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EfL0jjrv4OCxuE9eCgmw5nCte3AoklkiShI2K2XErdmMv5X8kssSmp15brXYY3aNSdmRWB580QPayquTyY1vkbsODjQQjuGTqJiJIUfVGIfnxAzpxIaucw55YmcZ%2FDDn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecacdebf356be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5825&min_rtt=535&rtt_var=7496&sent=5069&recv=243&lost=144&retrans=145&sent_bytes=5795638&recv_bytes=32696&delivery_rate=59842&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3673&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/fonts/pxibyp8kv8jhgfvrlej6z1xlfq.woff2

172.67.208.82

200 OK

8.0 kB

URL GET HTTP/3
m.xzjmtzs.com/static/fonts/pxibyp8kv8jhgfvrlej6z1xlfq.woff2
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7988, version 1.0
Size
8.0 kB (7988 bytes)
Hash
087457026965f98466618a478c4b1b07
00b024ccb35e3694de662d180d6ea7f56de6d654
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/pxibyp8kv8jhgfvrlej6z1xlfq.woff2 HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/c9e1b5dc2b1b4169961debffbf206f94.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:54 GMT
content-type: font/woff2
content-length: 7988
last-modified: Wed, 01 Nov 2023 14:57:06 GMT
etag: "65426742-1f34"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FSVxXEC%2BVT6bcJ2hepNewK35P6hQeyCSLOhDoVkXk4Un6LX5e3WPNhb0dJI9x7nLSYlXGosr8F%2BDjbq6yGB0VcaqS%2FBwmeF83c0xFgfuRrmiWosdZu5swbRlqmCKgv6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecace1c2056be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7335&min_rtt=535&rtt_var=8670&sent=5121&recv=246&lost=144&retrans=145&sent_bytes=5856634&recv_bytes=33089&delivery_rate=12972848&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3997&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/owl.carousel.min.css

172.67.208.82

200 OK

3.4 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/owl.carousel.min.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
ASCII text, with very long lines (3370), with no line terminators
Size
3.4 kB (3364 bytes)
Hash
91a7a4aeb1ace81ac0241f5eaf7af580
8e3975b3750b3895985b0d9636b7f441da0a7dfc
ab1bcad19255267898a1350372f9970b9f1572746c8fd96fe3938ef0c5878d08

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/owl.carousel.min.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:32:32 GMT
vary: Accept-Encoding
etag: W/"65426180-d24"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rAgYdW0CEDWzTVm2V8Jkt6y8cpmxu5br%2BTls6Axo%2B3Vo8uXjusDHitlv0CmaXTMSRk2wlSkKAcG%2Bx%2FHx5ouo66oDlg1iv4sASNaWwS%2FqkXybU9Rw%2BbOVWTd8pe02p5sB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabe3c0156be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3251&min_rtt=1562&rtt_var=1428&sent=91&recv=76&lost=0&retrans=0&sent_bytes=22546&recv_bytes=19991&delivery_rate=1021944&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=818&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/favicon.ico

172.67.208.82

200 OK

17 kB

URL GET HTTP/3
m.xzjmtzs.com/favicon.ico
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Size
17 kB (16958 bytes)
Hash
4335a1236c49b652b743a45df7369f9a
31fb93100c45f3a89b8c4ab57657e9765871cdf0
49c07eda3d6369073f360397a29e52dd74020e6c0978e83c4eb1da69e37ae895

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:54 GMT
content-type: image/x-icon
last-modified: Mon, 30 Oct 2023 20:19:44 GMT
etag: W/"65400fe0-423e"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DbBILnxjI%2By6W0RN2zHAqAZBcbBrE1o1O1bjV9YG60xLXDDuQPCvnRxvHBoew90TI%2FIesYYo10wMWXK3q5z67MJlyd7bfC3i3Kn5ATMNvpS%2FO9uQe1d4OiJiDajH%2B6GQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecad47a7e56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6585&min_rtt=535&rtt_var=8001&sent=5129&recv=247&lost=144&retrans=145&sent_bytes=5865533&recv_bytes=33135&delivery_rate=49026&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=4186&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/scrolltop.css

172.67.208.82

200 OK

2.2 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/scrolltop.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
ASCII text, with very long lines (2261), with no line terminators
Size
2.2 kB (2176 bytes)
Hash
7d7151711c405c6275f704a56e263260
aa236e28854044c375351eebf15b24dd8ee26d87
3856bd6c10ea7243a92a035d43b856352e535b18d9726a3b631704e12d5d9bad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/scrolltop.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:32:36 GMT
vary: Accept-Encoding
etag: W/"65426184-880"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KpUVrZByxuUYSe4s7KXt0uWi4exTGpv7xdpgx4FwjONrKnSlZpuGLezl7Ky4HSewizRyHfeOyaPjlOWwYA5twk0GTt1EaIFtMRJ4ZX16KYg3mFxoAVV4RVaLuf5ep1nB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabe3c0656be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3036&min_rtt=1533&rtt_var=1501&sent=96&recv=77&lost=0&retrans=0&sent_bytes=26739&recv_bytes=20036&delivery_rate=269918&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=821&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/owl.carousel.min.js

172.67.208.82

200 OK

43 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/owl.carousel.min.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JavaScript source, ASCII text, with very long lines (32000)
Size
43 kB (42766 bytes)
Hash
b7b9c97cd68ec336d01a79d5be48c58d
1a99890b57c9859a622337ed0b2f989d6e30cc0e
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/owl.carousel.min.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:42 GMT
vary: Accept-Encoding
etag: W/"654261c6-a70e"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2AQvO3mkclSZVvhvJ%2BEZFf2o2wfXkeNayyMXhmBX9R%2F84aUXA9SufM6GcYSL6tswpqH%2B1EG%2B54QpnYi9pc2t2sp2IOdeUhO1YaGl2ZFc1LwVvcsWR4oOIXi2OtuZOk8r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabefcff56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1769&min_rtt=535&rtt_var=492&sent=338&recv=117&lost=0&retrans=1&sent_bytes=268020&recv_bytes=22151&delivery_rate=2367206&cwnd=40800&unsent_bytes=0&cid=5e616046511c513c&ts=1088&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/style.css

172.67.208.82

200 OK

38 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/style.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type

Size
38 kB (38233 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 20:23:08 GMT
vary: Accept-Encoding
etag: W/"6542b3ac-9559"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LmgsShqIvCpIJkOeNLNJYZbXpEVQcUmdOU%2F6JkcAsz1SRSjgKzcJri1e4ojcrNPquCAdHEVzjfeYQ3m%2BC9mWdf2Txv5iuK4%2FVfFpBMYmZ4sg5mj7BCXThEtxdAQQEXu9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabe4c1156be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3472&min_rtt=1604&rtt_var=1839&sent=77&recv=74&lost=0&retrans=0&sent_bytes=9395&recv_bytes=19901&delivery_rate=1429916&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=809&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/animate.min.css

172.67.208.82

200 OK

70 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/animate.min.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type

Size
70 kB (70327 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/animate.min.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:32:26 GMT
vary: Accept-Encoding
etag: W/"6542617a-112b7"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EM0j26udrTVNiSY%2FXtQPGnlgtsSm%2BltzmCO0frxEwu4UlNS44l%2FsZAchepYe%2FUfPveyivYHeVDcdGBnRtA3iZsNdWMIp346NkdcJFd188lYwOuAaVUDTjD9YZ3WN6TV1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabe3bf656be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3036&min_rtt=1533&rtt_var=1501&sent=96&recv=77&lost=0&retrans=0&sent_bytes=26739&recv_bytes=20036&delivery_rate=269918&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=821&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/bootstrap.min.js

172.67.208.82

200 OK

51 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/bootstrap.min.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/bootstrap.min.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:30 GMT
vary: Accept-Encoding
etag: W/"654261ba-c75f"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZ0qIPN4%2B01Tf3N4WTE2q%2BzAZNx2sii9pnuqQu0inEyx7s6%2F6HeuGI3cYNxA7kQjEEh%2FHUqXeLUG5%2F9f0gr2u%2BpROuJAHqRzvDoEvlTgvHXOhAX5jKu126CwMP%2By%2FCjQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabefcf856be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1646&min_rtt=535&rtt_var=372&sent=402&recv=121&lost=0&retrans=1&sent_bytes=343168&recv_bytes=22335&delivery_rate=5655473&cwnd=40800&unsent_bytes=0&cid=5e616046511c513c&ts=1144&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/fonts/top-arrow.svg

172.67.208.82

404 Not Found

148 B

URL GET HTTP/3
m.xzjmtzs.com/static/fonts/top-arrow.svg
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
HTML document, ASCII text, with no line terminators
Size
148 B (148 bytes)
Hash
a505c0cb4ec1715c35ec0dc7c89f154a
b97fd9907cd01531489972ba67137e19f30e4c06
a7efd1f6629a4aa881a1681d5564ccf4f85b878eafa7bbae8f8a3c0a6d7dd9f0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/top-arrow.svg HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/scrolltop.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hn8ZVVA7ASk6He1XEhPxTl%2BkYYR76sUyGfnWCPPe5AfhT2hac129ObTo4tdOHRjM7kwI4nAeC0R0g1Bb2MxteURp2DJSft9%2B89xMuBr9Yb33PoqUBJZDe%2BkWtRkmAIUV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecacf1d4e56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6321&min_rtt=535&rtt_var=8672&sent=5007&recv=242&lost=144&retrans=145&sent_bytes=5722818&recv_bytes=32650&delivery_rate=10455215&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3588&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/swiper.min.js

172.67.208.82

200 OK

121 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/swiper.min.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65276)
Size
121 kB (121304 bytes)
Hash
b117060487d6ec17a9af7c5604a2c149
40a26a977cf1c6b060668c9680cf71a6c8e91e0d
34200a216f42b734a9723a5367645bb517c31e036b42e2bf6a480c62880fc12c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/swiper.min.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:36 GMT
vary: Accept-Encoding
etag: W/"654261c0-1d9d8"
expires: Mon, 20 Jan 2025 23:41:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DC9FYtWokaYQF6aU2rm3EtvdRm7TuGfrDWCfjZ62ynmhiGrZlo%2FNb5y9mAHntCqq172GeIblaJpm73Df9MUYPBe7Ag24gj8NTk19iVv8y53OJxcb3GagF%2Fio8fSQVL5A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabefcf956be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1541&min_rtt=535&rtt_var=310&sent=440&recv=124&lost=0&retrans=1&sent_bytes=386808&recv_bytes=22472&delivery_rate=5740788&cwnd=40800&unsent_bytes=0&cid=5e616046511c513c&ts=1175&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/main.js

172.67.208.82

200 OK

3.4 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/main.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JavaScript source, ASCII text, with very long lines (3600), with no line terminators
Size
3.4 kB (3399 bytes)
Hash
df8e58a311adb9a0c7ac3ed88f9f1e0c
31ebbce653ca791062b248b75d362eaec818fb58
404e90bf524c8aadef2a22e0c1b83e3476c1cd6599995ef5368adc2ce23f6513

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/main.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:34:06 GMT
vary: Accept-Encoding
etag: W/"654261de-d47"
expires: Mon, 20 Jan 2025 23:41:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKm5ZrmRzclZBzeP2zohQvI8AFu5RTVakD1ZNCHq9KEB1nN75XO09Yu2Ab06cUaRdVjGQ6sZvVnSt3K5959h5nt7%2FtidSL%2F4RwbUnT4Ev6XnOyFgMdxJXiM1%2Baywj%2Fe5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabf2d2556be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2119&min_rtt=535&rtt_var=721&sent=270&recv=112&lost=0&retrans=0&sent_bytes=191533&recv_bytes=21923&delivery_rate=1432011&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=1004&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/fonts/4ics6kvjbnbylgokfw72.woff2

172.67.208.82

200 OK

34 kB

URL GET HTTP/3
m.xzjmtzs.com/static/fonts/4ics6kvjbnbylgokfw72.woff2
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34260, version 1.0
Size
34 kB (34260 bytes)
Hash
5b23eeb3a32b30e91682d601535d2a89
48469f0155a13f3499db31d53cba5d47e8b528b5
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/4ics6kvjbnbylgokfw72.woff2 HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/c9e1b5dc2b1b4169961debffbf206f94.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: font/woff2
content-length: 34260
last-modified: Wed, 01 Nov 2023 14:57:20 GMT
etag: "65426750-85d4"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BX5fedS9Cx6MiN%2BF2qcVMzBEitg55NS8F3mrJVSZ4pwmIRsr%2BRLHCUB83aMA65Wge5cYSJEiLU4OsKJlxVuzgtetsK%2F90b3lmS99iMwNWdyM%2BIdy9G66mEKpaO9LIQi0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecace4c4a56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23946&min_rtt=535&rtt_var=36741&sent=4688&recv=230&lost=144&retrans=145&sent_bytes=5348909&recv_bytes=32101&delivery_rate=153808&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3226&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/popper.min.js

172.67.208.82

200 OK

20 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/popper.min.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JavaScript source, ASCII text, with very long lines (20164)
Size
20 kB (20336 bytes)
Hash
a22f3f7e61af6a069aa6b422537c3f49
682fdc625ae80a890d10af2cb16e62540e2186a8
d2b9f29ea1f42a60a8beb1c04f76868287f2a48d6ec50fb39d6b888584a03c49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/popper.min.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:26 GMT
vary: Accept-Encoding
etag: W/"654261b6-4f70"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bBI4R5cAu2%2B3nIakaudlpjVno%2FxwCpi7ri0YXu8%2F3ZkEJiJL4mODJhBo846nvzqwxgDdcFWbHJcYg8n1C6fqegmIdExuGVaaBemgOQZjnGK0CMF41HSrt6xI4kW%2BhEft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabeecf556be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2063&min_rtt=535&rtt_var=1334&sent=239&recv=106&lost=0&retrans=0&sent_bytes=160639&recv_bytes=21648&delivery_rate=1450426&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=947&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/owl.theme.default.min.css

172.67.208.82

200 OK

1.0 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/owl.theme.default.min.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
ASCII text, with very long lines (1018), with no line terminators
Size
1.0 kB (1016 bytes)
Hash
239a6e674e55d9861415d6c5dbb9b724
a23bb02aa9fd78da1d8d1d48bbdf10c1bbc0cf48
6118ba2e89befa683bbcfce25da857e5336a4e9af05edebc4555abb38189da39

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/owl.theme.default.min.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:32:34 GMT
etag: W/"65426182-3f8"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ig%2BFQaEL3NgVwKql%2BLz07g0FIPoRYORWAOJohxr6oNdWMGcz%2Ble2bejPXehZrsJK2rFaPhplWEpWeNKti0%2F7Lit4QpepSOLMsjigvleqgRtLh0Bw6dPkDcnYcOTZeFsN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabe3c0356be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2742&min_rtt=1526&rtt_var=998&sent=117&recv=82&lost=0&retrans=0&sent_bytes=44200&recv_bytes=20554&delivery_rate=83611&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=841&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/meanmenu.css

172.67.208.82

200 OK

3.6 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/meanmenu.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
ASCII text, with very long lines (3945), with no line terminators
Size
3.6 kB (3551 bytes)
Hash
73db00d5773ec6670b3004aa346ea5a5
89fb9153ef6161f89ac06413d4da58a25f99e4eb
07fc957f7dde0b1eb43c59d18541f7ca89a98da267407c81f97e53aadd1092a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/meanmenu.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:32:24 GMT
vary: Accept-Encoding
etag: W/"65426178-ddf"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDlhsL7w9l%2Bc3adVSNkgSoiRFfBfWBZ%2FmU0qX0nR5o3OdHwf1Vwjx72H0SP2w%2BZ0BGTMeg7xd2a5P6F6rWFw8uA5Igcch6j6qWEL39gz0lKJ8aqfisu8cEpz8sTyyII1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabe3bf256be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1849&min_rtt=535&rtt_var=1028&sent=147&recv=89&lost=0&retrans=0&sent_bytes=71229&recv_bytes=20870&delivery_rate=20457&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=875&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/images/foot-bg.png

172.67.208.82

200 OK

18 kB

URL GET HTTP/3
m.xzjmtzs.com/static/images/foot-bg.png
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
PNG image data, 1920 x 545, 8-bit/color RGBA, non-interlaced
Size
18 kB (18112 bytes)
Hash
ffb254eb00f55f4166d0b7472b4177ff
9a20ff0e63357b62bd330c31e2bd339f9a55b918
bd414b9c7acee8f1f873d2a4a0f281eeb32a3fdf8c410ca7ea9ae3f67b56c64c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/foot-bg.png HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/style.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: image/png
content-length: 18112
last-modified: Wed, 01 Nov 2023 14:52:34 GMT
etag: "65426632-46c0"
expires: Wed, 19 Feb 2025 11:41:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BI%2BdixWE5qQpHUI345WhMGnJZ%2F1%2B80GXmT3LdhgZISXzx%2FV%2BInNAGAf5Nir54GhIts5nKuw549YTZY5zx1Z7q35ZwPOGvgGQPZFD%2BZnqwlTrY3aDsmW2sgZCVenB6ic8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecacf0d3e56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21585&min_rtt=535&rtt_var=32276&sent=4718&recv=231&lost=144&retrans=145&sent_bytes=5384734&recv_bytes=32147&delivery_rate=4368523&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3308&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/wow.min.js

172.67.208.82

200 OK

8.4 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/wow.min.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JavaScript source, ASCII text, with very long lines (8515), with no line terminators
Size
8.4 kB (8415 bytes)
Hash
da4ec6a3e988677b1eff06cb90e95927
4083d1ec23a24f9f0eeb025501b9806b567249aa
85a9285b248eb56c2268288cfcea3ea7806c912ebb82d256fcd7c4e5b7e9c740

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/wow.min.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:58 GMT
vary: Accept-Encoding
etag: W/"654261d6-20df"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rLE2K%2F62aWU1Ab2JyTdzKU%2FrTgGfWGSB0fLV%2Bb0XOgXsXe0my9v9ZN0c1qrPVdF2rB6H5xmK5sKRuUXc7LMHA23yiypsqLf4AHXwcg6W1%2FP7iTfHZl0sAXqjc0Npn5he"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabf0d1256be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2169&min_rtt=535&rtt_var=1138&sent=254&recv=110&lost=0&retrans=0&sent_bytes=175127&recv_bytes=21831&delivery_rate=667264&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=968&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/magnific-popup.css

172.67.208.82

200 OK

7.0 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/magnific-popup.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
ASCII text, with very long lines (7302), with no line terminators
Size
7.0 kB (6954 bytes)
Hash
31624166558eafd72f05df700acd2245
efe61cc95aa5dc7b4798bbb5ca3223616e64649d
acfdcefce785e171e91cbbb5d1367730acd4f83584d17c671a77bc10c141af5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/magnific-popup.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:32:28 GMT
vary: Accept-Encoding
etag: W/"6542617c-1b2a"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ojrCnhsaGfWTxj9B00BLBwzWq2IDRBvy61R89FRJQ3ju%2FWJECUmMjf%2BUjEstXQBQ1C5l8oZE4tecM1TBVdXgDBXpo4Plkcf3DnjfeOIuU0TNzFTtGaiMk9Pv5aMqXUc8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabe3bfa56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2626&min_rtt=1526&rtt_var=981&sent=119&recv=83&lost=0&retrans=0&sent_bytes=45374&recv_bytes=20600&delivery_rate=218280&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=854&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/

172.67.208.82

200 OK

74 kB

URL User Request GET HTTP/2
m.xzjmtzs.com/
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type

Size
74 kB (73535 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4m43aYaF6qqtfLMDev8gdC7eCMKyKmLIaougAI8PWW%2BgvfJqhUwZyJsp3PQdnAEPc3fGESLWGWzAnt9G0xJdd5XkQ1uaoRFSR9%2F7Lo%2BenChHqXZnWAf8SsOOc%2Bxd8p3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecab7fd9c0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5813&min_rtt=525&rtt_var=10607&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3198&recv_bytes=1116&delivery_rate=7252086&cwnd=253&unsent_bytes=0&cid=7b3a1e27013afb8c&ts=751&x=0"
X-Firefox-Spdy: h2

m.xzjmtzs.com/static/css/swiper.min.css

172.67.208.82

200 OK

20 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/swiper.min.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type

Size
20 kB (19775 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/swiper.min.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:32:38 GMT
vary: Accept-Encoding
etag: W/"65426186-4d3f"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCWSAQ%2F4uc8mcM8O4UrX3n%2Fzz%2BWa6J22%2Bx1qCF1b6bzZxZVvNT4qrHC%2FmyUngE8x8HWzXx%2Fpgh0Uo%2B3M227JmOBWVDYO8g3yLKQRQt%2BLXPoVyPwoXkKiG%2F6xm12sWrLR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabe4c0c56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2184&min_rtt=541&rtt_var=1143&sent=132&recv=86&lost=0&retrans=0&sent_bytes=56945&recv_bytes=20735&delivery_rate=3345&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=869&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/default.css

172.67.208.82

200 OK

14 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/default.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type

Size
14 kB (14354 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/default.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:32:42 GMT
vary: Accept-Encoding
etag: W/"6542618a-3812"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gwzy1K3As8x%2BN8Aq0miKUowFvwf7cwugWtUTNhEyYNODQwOA2tmSPTAQwE5mEon1QcfHiGoCeRODl7vGeH89Z7AL28tcncZOzx3NCSdzexa6wJqJ%2BBFJfqZXKJQmcljl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabe4c0f56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3233&min_rtt=1562&rtt_var=1857&sent=86&recv=75&lost=0&retrans=0&sent_bytes=18710&recv_bytes=19946&delivery_rate=1004675&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=811&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/responsive.css

172.67.208.82

200 OK

7.6 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/responsive.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
ASCII text, with very long lines (8507), with no line terminators
Size
7.6 kB (7624 bytes)
Hash
87b38be685f58fd37c43e90a37b05ed0
fe66fc02297734ea3741acbe025e7a48f3d76e34
5b42c1cdfa964f3cf69751fa83cd1ac0e45844ee5b5709a4b7af626bb872853e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/responsive.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:32:46 GMT
vary: Accept-Encoding
etag: W/"6542618e-1dc8"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSxaqEn9qnhqvNUmweKOF%2BPPOy%2FxxAKeVcNtY1f5yavKgmGuPobtdP%2BV42P9zpgEhA9jeCcUscrzjpMklxj%2FQQcHbDmzjYYYDCntO3sHrdIQIa3lIDwtHsAVMKrviBAs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabe4c1656be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3738&min_rtt=1757&rtt_var=1741&sent=74&recv=73&lost=0&retrans=0&sent_bytes=7076&recv_bytes=19855&delivery_rate=1093&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=801&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/meanmenu.min.js

172.67.208.82

200 OK

4.0 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/meanmenu.min.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JavaScript source, ASCII text, with very long lines (4201), with no line terminators
Size
4.0 kB (4019 bytes)
Hash
1207dbf88055434dc48ed2de7d47438c
24c3c5662d32467d42a5f43a85e4d4fb22eb19cf
432177ce405d2352908d1d7007edeb762887b0b9fee13f707e531611fc7f5b20

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/meanmenu.min.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:38 GMT
vary: Accept-Encoding
etag: W/"654261c2-fb3"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fxv5A%2BCMIc8mpRtX0Ls14j0rZr3sE1PQ0%2BHF3WOcXaQpVprVX6U3VUqnYOCudjw4s0o3OpOElYHeJe6qI7sDEgI639ucbcmtxGwoilLXmKpDK3xvkQKlBeh2bkZ0H1Vo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabefcfd56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2063&min_rtt=535&rtt_var=1237&sent=249&recv=109&lost=0&retrans=0&sent_bytes=170545&recv_bytes=21786&delivery_rate=172452&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=959&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/bootstrap.min.css

172.67.208.82

200 OK

141 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/bootstrap.min.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type

Size
141 kB (140940 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/bootstrap.min.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:32:22 GMT
vary: Accept-Encoding
etag: W/"65426176-2268c"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQtimMLykdIOMJVoX4HWG2YoQwYproBjYWthMd7N53USY9EFhAnyHJp07tNyv1iReXxE3i6yB1SGAqZD7jstFIGOTdhmC6oU6GXeBIS4Dd2C21kOklJFAIzCRBtWj0Qg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabe3bef56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1996&min_rtt=535&rtt_var=787&sent=275&recv=113&lost=0&retrans=1&sent_bytes=194487&recv_bytes=21969&delivery_rate=406106&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=1037&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/js/magnific-popup.min.js

172.67.208.82

200 OK

20 kB

URL GET HTTP/3
m.xzjmtzs.com/static/js/magnific-popup.min.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JavaScript source, ASCII text, with very long lines (20087)
Size
20 kB (20216 bytes)
Hash
ba6cf724c8bb1cf5b084e79ff230626e
f455c5f153f872e52265f87a644ff89fe14a6fb6
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/magnific-popup.min.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 14:33:42 GMT
vary: Accept-Encoding
etag: W/"654261c6-4ef8"
expires: Mon, 20 Jan 2025 23:41:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QJDL%2FVRm7%2FAQtiB8TaHCp1l5G0WiOqKHEOiSC2v3Le47RpF%2FKDH6JKxkbiFcz140ZIbLLVjjWiyafZIAjoK1gT8NWVt6L42PUi0iHCtGt1oZfnO05mxwrqVoGxfDtH4H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabefcfe56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2119&min_rtt=535&rtt_var=721&sent=262&recv=112&lost=0&retrans=0&sent_bytes=182556&recv_bytes=21923&delivery_rate=1432011&cwnd=20400&unsent_bytes=0&cid=5e616046511c513c&ts=1003&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/tj.js

172.67.208.82

200 OK

362 B

URL GET HTTP/3
m.xzjmtzs.com/tj.js
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
JavaScript source, ASCII text, with very long lines (377), with no line terminators
Size
362 B (362 bytes)
Hash
8a6b988c4c8a68345320714bb07b4950
6fefbbac8abbad6989eee1ad0eb6b2d61e019f95
1e3219b5488e1be11331f1a5ff2c8af16b8b6729af934aa27520b6c89a079238

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tj.js HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: application/javascript
last-modified: Tue, 10 Sep 2024 05:42:08 GMT
etag: W/"66dfdc30-16a"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsZLehM9gK6pUhu%2FZc1Z0k8ER7PtEQky89Ev9yjjOvy4jHMmcsb1ugE4Vl%2Fd0GGJIrsxzD670uV4lOILfte9NdUU4WqbCk0ojxVcZfoosgMJpzBhHC9ZV6vrQJBAchOi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecabe5c1756be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2915&min_rtt=1533&rtt_var=868&sent=115&recv=81&lost=0&retrans=0&sent_bytes=43198&recv_bytes=20508&delivery_rate=2184845&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=838&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/fontawesome-all.min.css

172.67.208.82

200 OK

31 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/fontawesome-all.min.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type

Size
31 kB (30929 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/fontawesome-all.min.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:50 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:32:30 GMT
vary: Accept-Encoding
etag: W/"6542617e-78d1"
expires: Mon, 20 Jan 2025 23:41:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2F2bIXoDH9hH2YSZJKbe8XfUanUdegmQOTW5QUL0zw9kW0DN3PzrVRXXd484R8GWy72R6fpROmdYVhvvUvFbdnxiuQ33pZrjIJ9lBR9wLRFRKp7jdvJS3l1OZeU2NbBm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecabe3bff56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2626&min_rtt=1526&rtt_var=981&sent=122&recv=83&lost=0&retrans=0&sent_bytes=48199&recv_bytes=20600&delivery_rate=218280&cwnd=12000&unsent_bytes=0&cid=5e616046511c513c&ts=855&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/css/c9e1b5dc2b1b4169961debffbf206f94.css

172.67.208.82

200 OK

9.9 kB

URL GET HTTP/3
m.xzjmtzs.com/static/css/c9e1b5dc2b1b4169961debffbf206f94.css
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
ASCII text, with very long lines (10144), with no line terminators
Size
9.9 kB (9850 bytes)
Hash
ed452948b1ee7064314a52112f4485c5
6c7e4366821e8ca2991dd8544dd9ced3e4567b13
bd899d50375b53e94ef7303a9c3b30b9074e19e21a1f1e3d906b01c87537f3e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/c9e1b5dc2b1b4169961debffbf206f94.css HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/style.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:51 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 14:50:58 GMT
vary: Accept-Encoding
etag: W/"654265d2-267a"
expires: Mon, 20 Jan 2025 23:41:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DwlCQNtFDzjRm4HSCcMXMUjcH8b0BqqlGg7KSigBKDIKWj0eQ7b%2BW4PTBpJeq93OpdB5lkqeeODBF4tvX0iGKpNabPqHNX6fBfoCgnAtEk3fynjg7Nghy5W8vdTv7NQc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 904ecac1bfe956be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1506&min_rtt=535&rtt_var=252&sent=739&recv=138&lost=0&retrans=1&sent_bytes=739178&recv_bytes=23110&delivery_rate=17995547&cwnd=81600&unsent_bytes=0&cid=5e616046511c513c&ts=1383&x=1", cfExtPri, cfHdrFlush;dur=0

m.xzjmtzs.com/static/fonts/pxieyp8kv8jhgfvrjjfecg.woff2

172.67.208.82

200 OK

7.9 kB

URL GET HTTP/3
m.xzjmtzs.com/static/fonts/pxieyp8kv8jhgfvrjjfecg.woff2
IP
172.67.208.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://m.xzjmtzs.com/
Certificate
IssuerGoogle Trust Services
Subjectxzjmtzs.com
FingerprintD6:4E:51:C1:B2:24:74:EA:BE:25:DF:4E:F8:7A:FA:C8:85:EF:52:0B
ValidityWed, 11 Dec 2024 04:09:37 GMT - Tue, 11 Mar 2025 05:02:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0
Size
7.9 kB (7900 bytes)
Hash
9ed361bba8488aeb2797b82befda20f1
6f80d965a066aff81c0a344d4b7297bd009cc099
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/pxieyp8kv8jhgfvrjjfecg.woff2 HTTP/1.1
Host: m.xzjmtzs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://m.xzjmtzs.com/static/css/c9e1b5dc2b1b4169961debffbf206f94.css
Cookie: PHPSESSID=hc3a500ll470rd0bh7s16t5kgq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 20 Jan 2025 11:40:53 GMT
content-type: font/woff2
content-length: 7900
last-modified: Wed, 01 Nov 2023 14:57:32 GMT
etag: "6542675c-1edc"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A0kcG8Q%2BRvuZXwQOtq2Z%2FVeZlFCk9a3ZN%2B3C5DfUrKsqDeS55UfLP8LykiYoz%2F5x07TJQ3GUBt6DH0abtoQgZGBScSs1Ns05%2Bquq49gpSO22%2FhjVweCdWE1DDYshaGkl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 904ecacdfc0756be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16958&min_rtt=535&rtt_var=26158&sent=4762&recv=233&lost=144&retrans=145&sent_bytes=5436251&recv_bytes=32239&delivery_rate=11298509&cwnd=218553&unsent_bytes=0&cid=5e616046511c513c&ts=3345&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML