zbtvpbtf.top/template/1421/images/4.jpg
104.21.54.248200 OK 5.9 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/4.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 306x400, components 3\012- data
Hash e95a15832e905e6035e3251b875824a9
73757540b1be0bd212949ebf9ee2eac58b6f453d
18786bb4b979bed9b574b40411962ec4d760990489b3278350e52c0684fc9410
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/4.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/jpeg
content-length: 5938
last-modified: Wed, 16 Oct 2019 06:09:08 GMT
etag: "5da6b404-1732"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MOKJ4pgVmFdkK3XhnWRb2eJEKOp51l%2FdKG4Qzma%2FjnhtNSYxFvlVvzm3BlR3APibvoEle%2B7h3xocKwPko89ZlYE7WE%2FYUIfayd%2FRzvM0%2B%2FCqVf1M%2BSIAgZ1eh6Nx50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a7acceb4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/2.jpg
104.21.54.248200 OK 6.0 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/2.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 306x400, components 3\012- data
Hash b2ed7a88a0e81778b3554a1f3f773342
b53e4e016adadc7297510a3c8246e7b5a69f6a08
6e8ef7c0eae367dc969666080d6caa0df2965833df701571fa7d541fa394bff9
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/2.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/jpeg
content-length: 5974
last-modified: Wed, 16 Oct 2019 06:09:08 GMT
etag: "5da6b404-1756"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBLVCh6%2FohrzJS8a44Sfy4oDglxuut9ZKo%2FJkfTYbwGVrIpzv%2BtZxszLIQrfTTkUfgAHT1dJnuI%2FIDKywaZwx5JI2J7PQhoICUaik8fMoMJdzYz%2FLtz66a1KiPcU1S8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a7accbb4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/2.png
104.21.54.248200 OK 2.8 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/2.png
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type PNG image data, 25 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash b9714db8de5dbeeba9420b5a5bdb8967
936d708451d50a44281c55f63694305d64a05ae9
5a0954fd9220f2be214bfb5606994665e2abba6e8c735bf36e27d33027905491
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/2.png HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/png
content-length: 2838
last-modified: Tue, 15 Oct 2019 07:20:22 GMT
etag: "5da57336-b16"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8ZvfkHI1pV4jcfDDIBMXqKqQ9zIOpKTlExMwATvOCCqa%2BxNYn60i%2FpeHcFloexO4OpCE21I1e757cRh4AEogUkPNBO516mnzYICbbDTmCwFVyDq3hKBrJdxhv2rpyM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a79cb5b4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/8.jpg
104.21.54.248200 OK 11 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/8.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x426, components 3\012- data
Hash f9870c0c7801d05de1f2e0ac857d3d87
bee6c432873071672b1d6bc8bb67547d90454ad9
687d952bd5397f262838fb938ae752411f56066bb1cb81dabbb348cf6f5b6ac5
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/8.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/jpeg
content-length: 11322
last-modified: Wed, 16 Oct 2019 06:09:08 GMT
etag: "5da6b404-2c3a"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxE31zOPkap9EybmeNzpCfWNtXEzbNNiCAiS6qFXTpvTo7oAH6YAOPNBxfTJSrio0zv8y%2FIjhqFHa67dVIHwdjUOmXgy3%2FX0jCXo8dq0anrJQoTsHtV%2FKG9851D8Sco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a79cc3b4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/5.jpg
104.21.54.248200 OK 5.8 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/5.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 306x400, components 3\012- data
Hash dc4bef7bbd73d5d43ef20129766fff3c
9a6a8f431d177d504053bfc07395b8772bc42be8
434a8c4ea4f613fa906641ea38d89ebdcaf35ea4c652963d9a2f9e83922d8151
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/5.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/jpeg
content-length: 5849
last-modified: Wed, 16 Oct 2019 06:09:08 GMT
etag: "5da6b404-16d9"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBvNH%2BM2lOCFIX0gvLgioXJKIxeGb0WK5Wl0cHUPtYnrj0XxXuNae3cYvMR62zxAZ%2F6JSfSQp%2Fh%2BfVnRnbFH0rVX0Bbzt9792SKinF134mcrf%2B3ckay%2BMhVL2OZOpGs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a7acd0b4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/3.jpg
104.21.54.248200 OK 6.2 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/3.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 306x400, components 3\012- data
Hash 4fd5f0ca42136abdd99d7339eef16bd7
dd9dda59f201c3bb949c90d19c61ff751445d1e4
93c1411d2c773bc1e52652a079cd7dd636e16caa19736f6b123bcb5842d49732
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/3.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/jpeg
content-length: 6151
last-modified: Wed, 16 Oct 2019 06:09:08 GMT
etag: "5da6b404-1807"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DideeNDYjSX4VdYSuy7TGwzSa97SePz3T8oahS8GcwpZZT%2FsxN%2B7bOzR9A19WtO8Hfd3pC%2FowkmFdgYhBdBZDGaPJd7KT%2FV5Nh5J2CT1ZPTA3pMUSPbOkakefOlS%2Bok%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a7accfb4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/9.jpg
104.21.54.248200 OK 17 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/9.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x426, components 3\012- data
Hash aa7e63a628b75341dccd3657024f78f6
d33e2497842039948175af75600db711db940933
814193f4e1dabee0a8061078f22f8e41707ccadaaac36ec59d6c9d3db2167fc2
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/9.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/jpeg
content-length: 16885
last-modified: Wed, 16 Oct 2019 06:09:08 GMT
etag: "5da6b404-41f5"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmiqgGJSY9%2B72tPGqB5lmipDNXlXU%2Fx3a9RpbHMW%2F2gGtMaNPop14bavL8H0vBLbyhq3CZ2qKU7Oy9NsBnzuJI4fbFZCE7dlkf2A%2Bds%2F11UR8YEb2Tbsj3m9BQdD%2Fm0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a79cc8b4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/10.jpg
104.21.54.248200 OK 16 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/10.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x426, components 3\012- data
Hash 5bbe42890197a1816fe92acd23fc43af
77c6714fffa7400f1f74a008c6b7b4aab1c207ca
c2ca96f3627ee34d8557220a708b43ae291c51bdee414ae9a1007993e866aca9
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/10.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/jpeg
content-length: 15541
last-modified: Wed, 16 Oct 2019 06:09:08 GMT
etag: "5da6b404-3cb5"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59dMO%2FoHV3ooeOWeehpNFQm%2FfA6%2BIedkLfUaA%2BZX3KP2Ecwy0CvV3ua7BbTC%2BrTYC6YPyi%2BHpw8QEG%2Fhs6SEJ4fyXZDH9bmYzgDhdkEhmo0S3K0s2EzcZ3I5WCCJD5E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a79ccab4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/15.jpg
104.21.54.248200 OK 26 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/15.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x426, components 3\012- data
Hash 54940789f35bcbd877bc8c9e8864db91
9e099a422c6b3c6ed6dbf9b01d167be7722a4520
3fcacb1cc453b64bbb8f0cdae06a32807397c36f6fec3bffdd01e947c6b673b4
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/15.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/jpeg
content-length: 26376
last-modified: Wed, 16 Oct 2019 06:09:08 GMT
etag: "5da6b404-6708"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOk6hX4rkPLfKZ8qMUTgH4Hn%2FkzcxXol%2FIaJshreOsO3qtuBOvpXVFjTMliFY%2FEKeWrOFOhxYGqTEM%2FI9GleglFagXp%2FXk4BgiR33jkyJnF%2FDwkSqe9WqXC9%2FPsDb6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a7acd4b4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/7.jpg
104.21.54.248200 OK 17 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/7.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x426, components 3\012- data
Hash e4769c8cb5fabb8390218a8728276895
4b419133d0fd6574ad1922803bafab13d694ffb5
92ac35a59e238eedfeff9967909b1cac17429dd4a1ab0802922c337330fc4e6b
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/7.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/jpeg
content-length: 17255
last-modified: Wed, 16 Oct 2019 06:09:08 GMT
etag: "5da6b404-4367"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDnrjGawKrWiifS7oVLjEU6dGSb63B%2BMMWdKQYxeyE%2Fz1VDzc8K0sj8b0elY3Rsy47MsUnYLv4wEMB0rxylHc0%2B%2F1kwcDaroq29jdVdk3RdKZP3FOHgyBgZ9MiDuPNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a79cb3b4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/3.png
104.21.54.248200 OK 23 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/3.png
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a6a3d2aef97878a2b0ac2e2b88d2c0c
bdcb53ebbeb666e8e773668758a00f3d949a904c
260bffa8275bff68b25e62f5c4495750c12ae2e2c5cf552d938d12b780dd7ae7
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/3.png HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/png
content-length: 22907
last-modified: Tue, 15 Oct 2019 07:20:22 GMT
etag: "5da57336-597b"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uooa38nF8Yw%2BpALtHDhqN1wH5SUGvWPdFQaqIeTUuK5LJYMNpIOJkhOARX01tNVAOYJ8VNKg7coMRag4SlnhCvgQnmK3s2gFFJWgPgar5DhaJwKBdr1cVN9Iiv0aVkA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a79cbbb4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/4.png
104.21.54.248200 OK 28 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/4.png
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ccf275ad122db39d42ef20221898c9e
bc5ab9af9219b4269afa7338d0ad4054d6792bdb
bab22f1fca6ab0bcaa442de65d6e387bd74fed2949a53652cacd568ceeaac653
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/4.png HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/png
content-length: 27729
last-modified: Tue, 15 Oct 2019 07:20:22 GMT
etag: "5da57336-6c51"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHAv4H%2FBZcJfbBVA2XAVoTnYO48eLG8AG0NukZOLe8yC22i5EpE0WedvSxeq7bQodlOHLh8LEq8ghRW0brDDh1gvEK6pLtrZ%2F9bKNBrr2hvIsfn1vtsKI77elb3uVUE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a79cbfb4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/14.jpg
104.21.54.248200 OK 22 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/14.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x426, components 3\012- data
Hash 8206d8c6ea3cf8cb07af17f56a2f5333
e4404fc34ad33e6add2e191ea3fcbd02140d440d
76f47be9180f0ebc46ce151e142888bb40f6a19248bf98092460beb0fca3fa5a
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/14.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/jpeg
content-length: 22441
last-modified: Wed, 16 Oct 2019 06:09:08 GMT
etag: "5da6b404-57a9"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4xdMKB2YJQurlzEHqfhpdkSlLU0SUQ3vjpjZREdLhZEpNuZFnQAu9tuQ%2BeUpbfdmO2oJfqoISWKgi8lQJdCyAUr6weZJ5HXga83JJZSgvaOdCxQK97R2Rk25Mxa6r8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a7acd2b4eb-OSL
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/1.jpg
104.21.54.248200 OK 21 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/1.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x533, components 3\012- data
Hash 42ee649981a68b3519ee493486c046be
e52ccf23c6e2b4ced5fe91cfa01c55011cfc8689
4314fe83050fd31a25578eafc3b60d77d600f0ef621304aae03d52e2ec70f646
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/1.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: image/jpeg
content-length: 21344
last-modified: Wed, 16 Oct 2019 06:09:08 GMT
etag: "5da6b404-5360"
expires: Sun, 09 Jul 2023 10:56:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVmTRT7VaXFgEFP6DzRcpFsKEjPVP1g6qnoz2kfaqqGiFDgd1p4nWsCUPGKz34IlLUBnZVVZDMw9I7cW%2Fc22swJ%2BsaFHSrN91X2nm%2F%2FYYE85qZwDnm%2BAvAoxydht%2Fuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a79cbab4eb-OSL
alt-svc: h3=":443"; ma=86400
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226 1.4 kB URL ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 72123cab9c00029ab4c89d4aa3d86b91
7929512b90bd617faef44cd0f465a8977bcca7a9
70d8c7a049c87016f36c107ea5f4407c15e52c1a4bbcae2acd06e2a93d5eecc2
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:56:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 13 Jun 2023 09:12:11 GMT
ETag: "7929512b90bd617faef44cd0f465a8977bcca7a9"
Last-Modified: Fri, 09 Jun 2023 09:12:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2461
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d9b01afbb4f9-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226 1.4 kB URL ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 9e10541cf779d784732725309a6780b0
ab09fcd20420e1b4d2865e601f2ec438f9b5b375
5429a10bd8d09b3c0187caf75c4f2f550555e0573c056f3fee4ad878aef665d0
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:56:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 13 Jun 2023 07:42:08 GMT
ETag: "ab09fcd20420e1b4d2865e601f2ec438f9b5b375"
Last-Modified: Fri, 09 Jun 2023 07:42:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1361
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d9b13cd7b4f9-OSL
sdk.51.la/js-sdk-pro.min.js
47.246.44.137200 OK 13 kB URL GET HTTP/2 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.137:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 12846
date: Thu, 08 Jun 2023 16:07:24 GMT
vary: Accept-Encoding
x-oss-request-id: 6481FCBC5A8AEE3937610C4D
x-oss-cdn-auth: success
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5143829838470429443
x-oss-storage-class: Standard
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
content-encoding: gzip
ali-swift-global-savetime: 1686240445
via: cache15.l2de2[2194,1286,200-0,C], cache26.l2de2[1289,0], cache3.se1[0,0,200-0,H], cache2.se1[2,0]
age: 67766
x-cache: HIT TCP_MEM_HIT dirn:2:167495038
x-swift-savetime: Thu, 08 Jun 2023 16:07:25 GMT
x-swift-cachetime: 1296000
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9616863082113881507e
X-Firefox-Spdy: h2
zbtvpbtf.top/Aquery.js
104.21.54.248200 OK 1.8 kB IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (540), with no line terminators
Hash f6b7afcc4a01363d039ba7138ac342f2
13d5b83bef56227c24f19d38a57a6849bec94945
e6d112f55c1cb75702e1b5abd7634c6e1a97ce467f6cf51e8946d54f4d9bde81
Analyzer Verdict Alert quad9 Sinkholed
GET /Aquery.js HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: application/javascript
last-modified: Thu, 27 Apr 2023 11:43:51 GMT
etag: W/"644a5ff7-21c"
expires: Fri, 09 Jun 2023 22:56:50 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvgQ7cnBi0xZyskw5XZ2qAaN8oWgSG0KczSUwelECcX3Kbk6%2FBoL8csbO6btMxs%2FWOQ5wVDNRw%2Bcu2sor7XfS%2FWs3eDgG30imB9nDFI4X18DCmsZlIOSJRxTTdYfrt0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a79cb1b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
js.users.51.la/21599459.js
42.236.73.40200 OK 2.3 kB URL GET HTTP/1.1 js.users.51.la/21599459.js
IP 42.236.73.40:443
ASN #4837 CHINA UNICOM China169 Backbone
Certificate IssuerGlobalSign nv-sa
Subject*.users.51.la
Fingerprint8E:9F:59:98:28:F2:49:A9:E1:19:45:C2:49:ED:B2:F6:B8:E1:C6:39
ValidityFri, 14 Apr 2023 03:17:41 GMT - Wed, 15 May 2024 03:17:40 GMT
File type ASCII text, with very long lines (4898), with no line terminators
Hash c4e372498a081c7d702877a8c91a7b3e
362dca7260ec933c7859e67c215d89a851b604e6
2669f584dd55fc9011a7100ed622b35caa6f142a3600ea2a4c120e10127b1377
GET /21599459.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 09 Jun 2023 10:56:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Cache-Control: no-store
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://zbtvpbtf.top/
104.193.88.77200 OK 0 B URL GET HTTP/1.1 sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://zbtvpbtf.top/
IP 104.193.88.77:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint48:6A:ED:D1:68:52:E5:97:4F:A0:92:46:B3:3C:56:46:3D:D9:9C:D5
ValidityTue, 05 Jul 2022 05:16:02 GMT - Sun, 06 Aug 2023 05:16:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://zbtvpbtf.top/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 09 Jun 2023 10:56:51 GMT
zbtvpbtf.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.54.248200 OK 655 B URL GET HTTP/3 zbtvpbtf.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (1238)
Hash 9e8f56e8e1806253ba01a95cfc3d392c
a8af90d7482e1e99d03de6bf88fed2315c5dd728
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:49 GMT
content-type: application/javascript
last-modified: Tue, 06 Jun 2023 11:54:19 GMT
etag: W/"647f1e6b-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4syw0zY%2F1phqwCKZVe9BrbGMy3%2Ft9GDXw6UVa9a9X3J4vkdHnJh4DOBY0O9%2FpntbyzqvSoszbFQD0lfs2mNZgi0BK3YWVVV3%2BmIq%2B%2BLEVtikXpdBC3rU1nZSWB%2FhYoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a87dd1b4eb-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 11 Jun 2023 10:56:49 GMT
cache-control: max-age=172800, public
content-encoding: gzip
zbtvpbtf.top/template/1421/images/11.jpg
104.21.54.248404 Not Found 435 B URL GET HTTP/3 zbtvpbtf.top/template/1421/images/11.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7d4abb90e0acffebd415bc3572b97053
5185f2697596d3f7409c9e0c3a11e4d120b353ba
6612c76dbfca4350d273cb9c935564f23efeb6a1af663f89fd0ea4cc7ca08fc1
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/11.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/template/1421/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stezXLxLSBCywIKZqYga6vHRsGSoWRetMuMVLACAzNlm6paIszzDGunRnmj4ASubWstTFdnyrd5idk6q54yHF7mQyiGgi25aDKUVrmW%2Bgq1Te0T9VewSwPInULQmmRE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d9acbab7b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/Baidu.js
104.21.54.248200 OK 656 B IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (719), with no line terminators
Hash 71046927cd76e326f717eeeb40c15f38
4632c0500361565f2d6229f4b09c61223902c2ee
0273b89791208fa9692b4f1b85a3a158d176ba5a182de120bb348668e5ee3122
Analyzer Verdict Alert quad9 Sinkholed
GET /Baidu.js HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: application/javascript
last-modified: Tue, 11 Apr 2023 03:44:10 GMT
etag: W/"6434d78a-290"
expires: Fri, 09 Jun 2023 22:56:50 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKBJtPee%2Fxyl3EbecepKZcWfDVt%2BhYbx72603H5L%2FxvWY3epPaIXxhMcrtCFPpVj5uSNvBUccXuDjFPUNbfTFTbIq5EPeDTLFTFhjxr4AjWPKTtDXItoBI9BQtEDQPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9a8ee59b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/css/style.css
104.21.54.248200 OK 58 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/css/style.css
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash e02ec613ddce70059c6cc0188ce656c2
60a65d49ad6e31e559939503994f8096f2b97bc2
a2803f6453e4dd458bd0501814dfe698c10beeb5c35d15066f3469f4e952c169
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/css/style.css HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2019 07:20:22 GMT
vary: Accept-Encoding
etag: W/"5da57336-e4a6"
expires: Fri, 09 Jun 2023 22:56:50 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzPDEFi1DGosKScCkyp%2B2hEo4WA8nWxlD%2Fz9T6PmmS4YgYMh0IcVyATYGRWGuGkKt8VuQLRELuy42bRY1HtN2L7XDjwTMIZ3Iwn4O3PUZMl44wQ%2FKsdO44r0lWrkTOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d9a79cb0b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1
104.21.46.15200 OK 3.9 kB URL GET HTTP/2 www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1
IP 104.21.46.15:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA7:86:67:95:65:3F:9F:95:2C:EB:56:1E:31:DA:D9:C2:31:58:79:9F
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (4034), with no line terminators
Hash f7f29ea32b66d7f4d0b0458ef0798b27
707426504aaa8bfed4adaaf8b4ca2bdb9ac6235a
fd6084536b437cfc5394abfb19c260c3545de05673eaf87b7f8934588cbccb77
GET /app/app.js?t=xia&c=googleee&mb=1 HTTP/1.1
Host: www.lelifi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: application/javascript
last-modified: Mon, 05 Jun 2023 14:11:55 GMT
vary: Accept-Encoding
etag: W/"647ded2b-f1a"
expires: Fri, 09 Jun 2023 18:46:20 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 15030
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIYw6ngrTyWvW8%2FAOtPj4Ln%2BxJWo1QwoBe9LFS%2BZIEW5zoubYktlOCdF2kHYexXapFwsIhlG3GTKM0hNfYNw%2FDTMZfvzcUQnKnJ%2BSps37guJzmH0ADygmfNREWJvEbPULQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d9abc9f4b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.54.248200 OK 816 kB URL User Request GET HTTP/2 IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (27229), with CRLF, LF line terminators
Size 816 kB (816198 bytes)
Hash 00f167dac903d518e89b43662d810e7a
880d74735f9dabd3bbca2f8b4f12c22edee276a8
221e440cadb21cf26ae273c6d6405ca0c5aee19fd1d1835fc3f473e9f2e3d15b
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:56:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQJFyDeEgkf37LMKI%2BCpAm1FkazUHUZ8PIX54GwKt5XPF6lt%2BHlflpTlxT7kSRSF97oFD3ts%2Fr2E8%2BebTpNgfvVooggjOJG5e0VyuBKXOA2daQSOn3qC2Uz7AxNBx6o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d9a34eddb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.lelifi.com/app/app.js?t=shang&c=google&mb=1
104.21.46.15200 OK 3.9 kB URL GET HTTP/2 www.lelifi.com/app/app.js?t=shang&c=google&mb=1
IP 104.21.46.15:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA7:86:67:95:65:3F:9F:95:2C:EB:56:1E:31:DA:D9:C2:31:58:79:9F
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (4034), with no line terminators
Hash f7f29ea32b66d7f4d0b0458ef0798b27
707426504aaa8bfed4adaaf8b4ca2bdb9ac6235a
fd6084536b437cfc5394abfb19c260c3545de05673eaf87b7f8934588cbccb77
GET /app/app.js?t=shang&c=google&mb=1 HTTP/1.1
Host: www.lelifi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: application/javascript
last-modified: Mon, 05 Jun 2023 14:11:55 GMT
vary: Accept-Encoding
etag: W/"647ded2b-f1a"
expires: Fri, 09 Jun 2023 18:46:20 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 15030
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zKfdo%2FDVAj4oE4c5hpY9441agFSicdiB%2BGqD8FgDqbTW%2FpKvd%2FYwmlQqDvfg6Qs065rz%2BZ%2B%2FpaZVDiuuLrhRYsQR%2F5uLOdze9eouHt4EAS4gSlFBEadszzfnc9vq3DvTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d9abc9e1b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ia.51.la/go1?id=21599459&rt=1686308211051&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%2595%25AC%25E5%2591%258A%253A%25E6%259C%25AA%25E6%25BB%25BF18%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5WWW.97XXOO.COM_WW&ing=1&ekc=&sid=1686308211051&tt=WWW.97XXOO.COM_WWW97XXOOCOM_WWW.QQC999.INFO_WWWQQC999INFO_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=WWW.97XXOO.COM_WWW97XXOOCOM_WWW.QQC999.INFO_WWWQQC999INFO%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Fzbtvpbtf.top%252F&pu=
42.236.73.39200 0 B URL GET HTTP/1.1 ia.51.la/go1?id=21599459&rt=1686308211051&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%2595%25AC%25E5%2591%258A%253A%25E6%259C%25AA%25E6%25BB%25BF18%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5WWW.97XXOO.COM_WW&ing=1&ekc=&sid=1686308211051&tt=WWW.97XXOO.COM_WWW97XXOOCOM_WWW.QQC999.INFO_WWWQQC999INFO_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=WWW.97XXOO.COM_WWW97XXOOCOM_WWW.QQC999.INFO_WWWQQC999INFO%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Fzbtvpbtf.top%252F&pu=
IP 42.236.73.39:443
ASN #4837 CHINA UNICOM China169 Backbone
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21599459&rt=1686308211051&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%2595%25AC%25E5%2591%258A%253A%25E6%259C%25AA%25E6%25BB%25BF18%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5WWW.97XXOO.COM_WW&ing=1&ekc=&sid=1686308211051&tt=WWW.97XXOO.COM_WWW97XXOOCOM_WWW.QQC999.INFO_WWWQQC999INFO_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=WWW.97XXOO.COM_WWW97XXOOCOM_WWW.QQC999.INFO_WWWQQC999INFO%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Fzbtvpbtf.top%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Content-Length: 0
Date: Fri, 09 Jun 2023 10:55:22 GMT
collect-v6.51.la/v6/collect?dt=4
120.79.9.244200 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 120.79.9.244:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 363
Origin: https://zbtvpbtf.top
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Fri, 09 Jun 2023 10:56:52 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://zbtvpbtf.top
Access-Control-Allow-Credentials: true
zbtvpbtf.top/favicon.ico
104.21.54.248200 OK 1.2 kB IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 591676289e8a2b06c3fc31137810d2c0
f53c4f56f983f6b96198806a60624ba16741a156
2cab8e512dc07af44384a4e2c0e7020b04e03331affaa96aa54d489d6274e4de
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Cookie: __vtins__K1uQHKYeOMFb5rQK=%7B%22sid%22%3A%20%22994b3d7f-6db6-58d7-a83c-361af6f7f369%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201686310010894%2C%20%22ct%22%3A%201686308210894%7D; __51uvsct__K1uQHKYeOMFb5rQK=1; __51vcke__K1uQHKYeOMFb5rQK=4260cef7-cb0f-522a-9784-001076df74c7; __51vuft__K1uQHKYeOMFb5rQK=1686308210898; __tins__21599459=%7B%22sid%22%3A%201686308211051%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201686310011051%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:52 GMT
content-type: image/x-icon
last-modified: Thu, 17 Oct 2019 11:19:32 GMT
etag: W/"5da84e44-47e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GgIjpI%2BK3Ahek43zLNmGzG4kK%2B85fbNBblPokraAQz%2FzJVwo3qDhG2%2FlO%2Ff%2BoCuSw4IuYXL2y9fiYGan93gCiv%2Bx0gAsIEZjzCMHCk3P2znLa0Sktlof4lXhBnf9pY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d9b48c71b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/banner.jpg
104.21.54.248404 Not Found 1.2 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/banner.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1309), with no line terminators
Hash 1cb8f287f9cfc71109ed95c261f2ae00
0d2aee1f4ad2bbfa7a77535a92dcddb960993cc7
5b049d7f99b526ea9a4329f8676aad3e40fc7472f56aff96563623ddcd34741c
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/banner.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/template/1421/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 09 Jun 2023 10:56:51 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3bopw6Rij0L2xh%2FfMMPcS2ECd4L%2BiT2G0qAzj5qEKMos%2BVWqJAyr7d3hUIGGDfMdKMQTT98MSfVY3xyOOtROpI%2BACBLOPWrrFI103I5quF9Ockl1PXGKbFglOBXSpk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d9acaaa9b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/images/6.jpg
104.21.54.248404 Not Found 1.2 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/images/6.jpg
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1309), with no line terminators
Hash 1cb8f287f9cfc71109ed95c261f2ae00
0d2aee1f4ad2bbfa7a77535a92dcddb960993cc7
5b049d7f99b526ea9a4329f8676aad3e40fc7472f56aff96563623ddcd34741c
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/images/6.jpg HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/template/1421/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 09 Jun 2023 10:56:51 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpxZu58oNMdMY1aAjj1qOjZilKFGuME8WwdQ4gcC2OYNRy3UH1xVXTGWRLFQcn19C9N6HJ6DEwkBg9m02q7ZtaKoXnagQ1OYSn2moSUcR16bhrL2dkwecfCEmCzVc3w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d9acbab6b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
zbtvpbtf.top/template/1421/css/bootstrap.css
104.21.54.248200 OK 142 kB URL GET HTTP/3 zbtvpbtf.top/template/1421/css/bootstrap.css
IP 104.21.54.248:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint91:16:23:27:DF:E0:D7:C9:3D:2C:B8:4D:BD:7D:71:7B:6D:E7:63:D1
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (540)
Size 142 kB (141622 bytes)
Hash 2183d05f5a0a9a3b2e8cb0509ca363e3
f2183455571b19311a235bd5aa204e694ade8e94
c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1421/css/bootstrap.css HTTP/1.1
Host: zbtvpbtf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zbtvpbtf.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:56:50 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2019 07:20:22 GMT
vary: Accept-Encoding
etag: W/"5da57336-22936"
expires: Fri, 09 Jun 2023 22:56:50 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AiT%2B7%2FLJo17nIkYzI3sorJur3PY4Ym8Ls%2B%2Bq%2F%2Fhiy3599Lf5DhCw39bom3%2FO%2BYsskPkf1ErV6pDg5zsJATeg0GdAywKdOXDVfzEuoL5AZg7tqKCtndiQjEDmyFW5DE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d9a79caeb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400