GET tl7p8z.top/assets/refer_earn_bg_pc-BPf4ZNiG.png
200 OK 26 kB URL GET HTTPS
tl7p8z.top/assets/refer_earn_bg_pc-BPf4ZNiG.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 260 x 66, 8-bit/color RGBA, non-interlaced
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 26 kB (25990 bytes)
MD5 45289c653f41c9edd77348fcf6f2c6c5
SHA1 d4b0d385125a1748bb363393eca897446c6911bb
SHA256 14c919b08bafad4026b5768de07eea48445759ab73a712b8f9d530b99bf1697c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/refer_earn_bg_pc-BPf4ZNiG.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-CD3Vznvo.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: image/png
content-length: 25990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S95h8lTFV%2BhQvJz7cNgqp%2FXXYV1fovR9DZjN0xkEFqdZ1%2By1jRbed92LPClsaAifyVL5blqGQmGXN%2FrgSDsQi50QlwWb%2BqV5nqyYSSFoFdvQyzbZiqWVudFKqQdA"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-6586"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf4283cdb3b529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1739&min_rtt=608&rtt_var=1214&sent=2189&recv=410&lost=37&retrans=38&sent_bytes=2139741&recv_bytes=66406&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6463&inflight_dur=1010&x=80"
OPTIONS api.tl7p8z.top/games/search?game_categories_slug=hot_MX&page=1&limit=54
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/search?game_categories_slug=hot_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/search?game_categories_slug=hot_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Ru5PKoIkr53msZ3IScKCZREcEBrxaHwvwQP2wfc%2FdnUTwysUjye1nv7OZh8Dhs5lOQ0U%2BF%2B8mo0Rp8NXWAUDftY5so9lNnqEEHXMe3pu5iIgs6ob1bTQ%2FWHP75z4qRkIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf4286be25b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1229&min_rtt=563&rtt_var=583&sent=2567&recv=443&lost=37&retrans=38&sent_bytes=2540650&recv_bytes=70326&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6812&inflight_dur=1194&x=80"
GET tl7p8z.top/assets/icon_public_139-CX4cVZpZ.js
200 OK 2.0 kB URL GET HTTPS
tl7p8z.top/assets/icon_public_139-CX4cVZpZ.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1989)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.0 kB (1990 bytes)
MD5 414ec40f4ce36c08aa65b44a7f6f3db6
SHA1 7e27fd0aa8c9760221be9afcab705c0a74dfb275
SHA256 1f80e4bf87d4d4e817df0670d1b035d47842509f22d242be6944bb35bdda14ac
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/icon_public_139-CX4cVZpZ.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FPlXOs9q0OPPbOEbPxMUp3Ca%2BkmhKwauwwdX1nATle38Y%2BYSmS36yBdZSbgiQGISyOiamyiSV06Tw9nIE5v7QYa9dH%2BeUOGgYrJKN5500cWsjCaDN7vXyQH3MFUo"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2d0"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426eec51b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1200&recv=248&lost=0&retrans=0&sent_bytes=1194172&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3247&inflight_dur=314&x=80"
GET tl7p8z.top/assets/close-K6H9pnNU.js
200 OK 445 B URL GET HTTPS
tl7p8z.top/assets/close-K6H9pnNU.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (444)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 445 B (445 bytes)
MD5 c5960a40a0998285db50133918fff0e6
SHA1 152136caac446d7a37da19a54962c2f9052334ad
SHA256 4df9bba8371b8ea41d742d0199dbbcf94cf605630e59ec1b692365a021fbb7c5
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/close-K6H9pnNU.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2R2rFEe6s7kSJ%2B6%2BW3XCAz9myBXssGKFoFdZGDZblO0vVpghBl7K03uDUEve4hKCdsDpduIAD66r%2FaWNAVE4%2BGJ153IqTGa%2FU1rmyQS%2BuKgVKw7JSC1l4vCiBhKa"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-186"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f0c61b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1225&recv=248&lost=0&retrans=0&sent_bytes=1214657&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3259&inflight_dur=325&x=80"
GET res.tl7p8z.top/maintain.json?1749457750110
200 OK 1.2 kB URL GET HTTPS
res.tl7p8z.top/maintain.json?1749457750110
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 5
Size 1.2 kB (1243 bytes)
MD5 a9d0c6e814371c0af75abefd12f49483
SHA1 caec5ba5c2711d0989d482e9db4d80f200c557c0
SHA256 2ac4b09ce64b7fbc580f391d023a8f75bdcf58caf1e18d455ac8be6e4df48932
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /maintain.json?1749457750110 HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: application/json
content-encoding: br
access-control-allow-origin: *
etag: W/"a9d0c6e814371c0af75abefd12f49483"
last-modified: Wed, 28 May 2025 16:00:35 GMT
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mWzMTcVCnjQR4nLQDL1ns8O085yeLtC1TBwp1b4yeUn02U4YRIJ2%2FL%2FX%2BznOMp7cv6xsU392Md%2F6OG8A7AjM6n%2B0k2eJAkOvDOz1qMXK%2B7gFwVHkdG7x0lsU%2F7hDBOJIbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94cf427a4a675699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=547&min_rtt=400&rtt_var=29&sent=167&recv=150&lost=0&retrans=1&sent_bytes=190854&recv_bytes=1936&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=2462&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/gamblers-DfLDHims.png
200 OK 4.4 kB URL GET HTTPS
tl7p8z.top/assets/gamblers-DfLDHims.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 4.4 kB (4379 bytes)
MD5 584285f417b419ed5a3e8e32597d6cf7
SHA1 8f29f549f01bd794cfb28f666218f2671c1f6cf5
SHA256 63c93e297e80a1dce5f7c5fe908d072a25293840c1f31cc7d46fc8e84a86f911
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/gamblers-DfLDHims.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: image/png
content-length: 4379
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NYY7q1cIQF7HgQWjiVHeIRQfWCDS1YjNMFxp5yLhkthlYsIQ0nzLGDf3MKYgCakVwYnvKsBYCoTibSSSn4bbLYQuHv7mnm%2BK9XPzmQEaJhh%2F7RhC%2F24umY8bmKkY"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-111b"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf427cfd63b529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2035&min_rtt=608&rtt_var=1012&sent=1899&recv=338&lost=37&retrans=38&sent_bytes=1883151&recv_bytes=52647&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5253&inflight_dur=676&x=80"
GET res.tl7p8z.top/upload/banner_image/20250531_56d8737842bfba7e4c46e371fbf3e374_1748684105296.png
200 OK 109 kB URL GET HTTPS
res.tl7p8z.top/upload/banner_image/20250531_56d8737842bfba7e4c46e371fbf3e374_1748684105296.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 666 x 420, 8-bit colormap, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 109 kB (108950 bytes)
MD5 c9da9548a5d36bd104fae081c466b964
SHA1 31eb4564abea961f88c5bd28ab097171266630b4
SHA256 314663d5130b48ca4a8be459f79f684264032303f8b740227d5c61d4d34f4239
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/banner_image/20250531_56d8737842bfba7e4c46e371fbf3e374_1748684105296.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 108950
cf-ray: 94cf42886ad45699-OSL
accept-ranges: bytes
etag: "c9da9548a5d36bd104fae081c466b964"
last-modified: Sat, 31 May 2025 09:35:07 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0bbDhavDB7XusEHinVs6Po0pU1LVCu0pPvYLMazgfS3r80wr26nccazahoJReC3KcQBan8wpKDqFfKaNWyuN9BqtuDITgsT%2FE1eqrmQCecdM0ZGnlsuVfGcOt6lCObnINw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=830&min_rtt=396&rtt_var=488&sent=1216&recv=444&lost=0&retrans=1&sent_bytes=1464182&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4514&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/56469921172815889_20250603044537.jpg
200 OK 61 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469921172815889_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 61 kB (60797 bytes)
MD5 c1dafb6ed0b32fdca9f70eab4da11584
SHA1 28ee2ca38304c4d8773f0f723ca2955c53e4c54a
SHA256 24255cec81829e824f7ed7f118dd07319861376a047984790d12ef982d8660cf
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469921172815889_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 60797
cf-ray: 94cf428b6e735699-OSL
accept-ranges: bytes
etag: "c1dafb6ed0b32fdca9f70eab4da11584"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZmWohBDfUo5xgpF2rvniGxTXCXm%2F%2FNwJ%2BYh3KS6jCxCdG7jBroE20Whh2HjphxzuzDyiz%2FYqHTpkCKxJe1cZOTfiPv7ZSZTXtNTpfrtmrE7ra1atPCKK79WvzDUVCue%2BMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1732&min_rtt=396&rtt_var=1523&sent=2850&recv=705&lost=0&retrans=3&sent_bytes=3549121&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4989&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/countdown-lkVG0yit.css
200 OK 923 B URL GET HTTPS
tl7p8z.top/assets/countdown-lkVG0yit.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (922)
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 923 B (923 bytes)
MD5 d5b75d30b3eb234ae2adb5d40bc405dd
SHA1 badfa9d3be7825a9a0095ebe0a55795e108af2e1
SHA256 63b4768536757230354b54fac0be19ac2eb58e088225463815f8ecbaba6beeab
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/countdown-lkVG0yit.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uvEIUUFT37gmKUjig9g2JaNne6paR0xv9rS35WduCY6F4jA6keu62WRdHwoJeKJcVdC%2FuqZT9%2BlonUtF%2BHdrSKB5wOwzBaRp16XahonYQTpqYU4QvrV4VBf8qrZX"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-174"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426e7c2bb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2454&min_rtt=608&rtt_var=1805&sent=1122&recv=241&lost=0&retrans=0&sent_bytes=1130506&recv_bytes=29786&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3174&inflight_dur=256&x=80"
GET tl7p8z.top/assets/nascar_icon-Dtze6ad-.js
200 OK 3.8 kB URL GET HTTPS
tl7p8z.top/assets/nascar_icon-Dtze6ad-.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3775)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.8 kB (3776 bytes)
MD5 284c9ee0b9369c215e2447ebb241c82f
SHA1 cead24ef35dd62725ffddbf27181123590a25a12
SHA256 16599eea96c87269f63b2b382a4cfbdc2e55bf669ec94630ba8c98925c4eadd4
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/nascar_icon-Dtze6ad-.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1624
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3SA47oW6M3KPVbzTQXbTRzMUsfc6Vy5sn36aBHyS88fpzarH%2FwW%2BEiwgYcqgekDzX9G2ZpugtJ00lQZcX36fnbSrYLqdXvgACl2dqoCmjzVSrfkQtghbPNEkwUyE"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-658"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742cacb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1408&recv=290&lost=0&retrans=0&sent_bytes=1366073&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3721&inflight_dur=443&x=80"
OPTIONS api.tl7p8z.top/vipdesc
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/vipdesc
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /vipdesc HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8AU4ItFCj9VDdofuvShf0lCo8FXPn%2B4OmuiS8V6aNZ7Sic5VPNPgq9%2BnmgvkZZUyLyTBlYy%2Fisk%2Fw98xfbKr2aLIo%2BbX7dzR7ayDlY%2F8yghwsn8xfkzqhpVwMs0uL8IBA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf42844dcab529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1922&min_rtt=608&rtt_var=1681&sent=2176&recv=400&lost=37&retrans=38&sent_bytes=2135876&recv_bytes=63771&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6431&inflight_dur=973&x=80"
GET res.tl7p8z.top/upload/banner_image/20250531_795a0008ec66e4696526d2ab27d482de_1748683834564.png
200 OK 109 kB URL GET HTTPS
res.tl7p8z.top/upload/banner_image/20250531_795a0008ec66e4696526d2ab27d482de_1748683834564.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 666 x 420, 8-bit colormap, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 109 kB (108742 bytes)
MD5 f3314c7760c2d9d32358082d89b95f90
SHA1 1f4580230e43fd736fae7cfc9507ece426022921
SHA256 f34867d3af9095ee64221a623ffa1a4b12b6e0bb97adca656fa39f00d9628dc6
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/banner_image/20250531_795a0008ec66e4696526d2ab27d482de_1748683834564.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 108742
cf-ray: 94cf42886acc5699-OSL
accept-ranges: bytes
etag: "f3314c7760c2d9d32358082d89b95f90"
last-modified: Sat, 31 May 2025 09:30:35 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6wXkxbh2N12E0ILq8yyT0PJn86YIkIt6WRzbyPfiwROc2KfA7yRxW7bWCuLMpO8PRp2Aw3l5ljKBW4aNNsqud3kTBTuDJ5og849g%2BKJAHmLpjmEQ54YrOY%2Bo%2FwMGyWGAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=850&min_rtt=396&rtt_var=405&sent=1072&recv=429&lost=0&retrans=1&sent_bytes=1271227&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4500&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/arrow_left-CDKkQzuj.js
200 OK 357 B URL GET HTTPS
tl7p8z.top/assets/arrow_left-CDKkQzuj.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (356)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 357 B (357 bytes)
MD5 de3c47d5f97ecd60c0b6eb54a51ccd73
SHA1 aca12c2871978dd5e934394e0bd7d7bef3949ae6
SHA256 d81e4c20a775f5ea73e5c370ff2a0f1dc692a9defc64b73afed73da01b1de7bf
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/arrow_left-CDKkQzuj.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36k8pddrpsgCAVDuhvS7XGmojOf6YbwtgGAlbrTHAshd1SEgd51kt6rVXVumbmTCkyg3uXAxI2FyoAVg7tPjxMAVqqVlkQCYPvA24nmirIrnznCucEZT30LM9xKM"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-13d"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42740c9bb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1546&min_rtt=608&rtt_var=599&sent=1356&recv=274&lost=0&retrans=0&sent_bytes=1332015&recv_bytes=34942&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3703&inflight_dur=424&x=80"
GET tl7p8z.top/assets/arrow_right-Cy3s1bSW.js
200 OK 377 B URL GET HTTPS
tl7p8z.top/assets/arrow_right-Cy3s1bSW.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (376)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 377 B (377 bytes)
MD5 845c7f9d79717631bd9f0c9f07bf2413
SHA1 c3be102f79ddf7b89afec22022e9d7bd8891759e
SHA256 3790a82323d4a7093b614121791a12e15f90bccb34ab76a33162124638ac661b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/arrow_right-Cy3s1bSW.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 330
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTaBoeD7QpFxtZ1kr60mmJiHnk1I3Ai12LAYUccedDc5JwkvLKQxZfMNSl5w3lw4lA2AUumZsaC0qC%2B6WdhG6xDfAFoSLp%2FwsL2z%2FVSVjH76AKDzX%2FH0mjmkGVTx"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-14a"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42740c98b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1651&min_rtt=608&rtt_var=520&sent=1354&recv=273&lost=0&retrans=0&sent_bytes=1330971&recv_bytes=34896&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3701&inflight_dur=423&x=80"
GET tl7p8z.top/assets/rally_icon-DXYa3K5G.js
200 OK 3.2 kB URL GET HTTPS
tl7p8z.top/assets/rally_icon-DXYa3K5G.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3178)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.2 kB (3179 bytes)
MD5 5defdc9dadb2f6d5ebc032d562fcf915
SHA1 b105a0022105870f78c67b1b593407f85157e674
SHA256 438dc51ac67ee74dbe6277059387d8dcf4d5faa7b5f1f2f29a0a7bd714be9c1c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/rally_icon-DXYa3K5G.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=akpICs7kE0QzmrCFWqf7ESjma%2BRoEhzsM72b5Au8M0HdwaHDqerRStiZVo8R2ZpduL768gbqVGns2EEJKIc3BcFPQ%2BxrfT5ZwFCsuOf%2Bo5xQ9avu1O2fYUWIMonr"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-500"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742cb0b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1415&recv=290&lost=0&retrans=0&sent_bytes=1372210&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3725&inflight_dur=446&x=80"
OPTIONS api.tl7p8z.top/games/categories?type=hall
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/categories?type=hall
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/categories?type=hall HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CQWfV1XfrXhEkKIW7o82MnE7X57JJe%2BnFXlV5lLvlO8s3YCY2RfbCF5DBbSJfe%2FgK1CAxBue9VDF0SXxcVIWPCgcczmuQravmkU0%2BANUNBxE7aL7v3JsCi7879N9id1p5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf42844dc8b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2708&min_rtt=608&rtt_var=2127&sent=2164&recv=393&lost=37&retrans=38&sent_bytes=2131174&recv_bytes=62361&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6416&inflight_dur=964&x=80"
GET res.tl7p8z.top/upload/game_group_image/20250516_b2ca6a7d78450502277db43a20d6a518_1747384011961.png
200 OK 1.6 kB URL GET HTTPS
res.tl7p8z.top/upload/game_group_image/20250516_b2ca6a7d78450502277db43a20d6a518_1747384011961.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-07-31
Times Seen 2
Size 1.6 kB (1575 bytes)
MD5 0f67f1d3b07f936925495565928651d8
SHA1 61f74edbda57340d1ac52763339abbe5b1b816d2
SHA256 22a65782e946f80f4e6dcd99244d5dcaa591d5261166dca505e9f0f8baea9f7a
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_group_image/20250516_b2ca6a7d78450502277db43a20d6a518_1747384011961.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 1575
cf-ray: 94cf4286784d5699-OSL
accept-ranges: bytes
etag: "0f67f1d3b07f936925495565928651d8"
last-modified: Wed, 28 May 2025 16:28:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buG0kyGwh5aMC%2Fr4CTPvWQ1wzaiMUQv7%2FhJqidKdpS40BiV4clsOUEeFx9NA7ZRYThpa8dTnkQ3sTtaO7eap8Ly4Ee5mrLUf%2F4FQICRoCCeP3sQ4oFuqqjDDsaHbbBxgWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=472&min_rtt=396&rtt_var=27&sent=188&recv=171&lost=0&retrans=1&sent_bytes=196191&recv_bytes=3106&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4175&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/127342191428239372_20250603044537.jpg
200 OK 52 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342191428239372_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 52 kB (51481 bytes)
MD5 42a46ca5e66a20a260dfc2227c82ab5f
SHA1 d7dea36c1e955bfed43c341e6a651975773d6c89
SHA256 0c9613d60af743e794ec806f52eb71c19271f9cd42cbfeaa9bf7e3733e638941
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342191428239372_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 51481
cf-ray: 94cf428b2e265699-OSL
accept-ranges: bytes
etag: "42a46ca5e66a20a260dfc2227c82ab5f"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2BTWo8NgBzzCeS0vi9f9lNPN6boc%2FffW5y%2FBcC%2FrdKMjoTZi6hCHjGyEEVF9CMyalXhg8qG6XeBT%2FXgxzCPzRpNctvwVTqsceBricqc%2Fi2%2FGDNNg7ItIMeuC2Xq0g8Uq7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1514&min_rtt=396&rtt_var=955&sent=2738&recv=698&lost=0&retrans=3&sent_bytes=3406854&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4978&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/Order-xjUFw0kN.css
200 OK 5.2 kB URL GET HTTPS
tl7p8z.top/assets/Order-xjUFw0kN.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (5177)
First Seen 2025-06-09
Last Seen 2025-07-31
Times Seen 3
Size 5.2 kB (5178 bytes)
MD5 9e3803b392f012066c7e65b659f5c8ad
SHA1 1ab8ff20bad5536e7d0cd2d2fdb3aa2935a912de
SHA256 dfa6cd6505317f5046782490c61443e8de055b99e448b52b0a914593e8cc7587
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/Order-xjUFw0kN.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 1053
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8DIIcC5rGc0qg56vgaVETrieKuAZrq8lKOVsFSeg1nOXfdG9iQqpuQS7VsHCm97y3muQ6UHScU8XFkrGHcozs%2BxX9Q31g0gFAhcmu%2FQTJFRz%2BbbXRJSPr0ZBdAMJ"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-41d"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426e7c2cb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2588&min_rtt=608&rtt_var=2050&sent=1119&recv=240&lost=0&retrans=0&sent_bytes=1128714&recv_bytes=29741&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3172&inflight_dur=249&x=80"
GET tl7p8z.top/assets/reward-leveI-icon-Cg93okMh.js
200 OK 65 B URL GET HTTPS
tl7p8z.top/assets/reward-leveI-icon-Cg93okMh.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-02-23
Last Seen 2025-06-09
Times Seen 4
Size 65 B (65 bytes)
MD5 688dec09df5e8d5135f44bd9ee47b439
SHA1 bd72b9bc412d55b31edb9a77072b8aff66196128
SHA256 3bc5ce0d21c93004be27386312e6c7b7d0e6fff408754929f5a5f04dc5a144c5
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/reward-leveI-icon-Cg93okMh.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0G3yskVdVO1kWuQFp2e73bs4pTn1G%2ByoiW8pjBMekoURYdvbyxEEoVGjTHZtEBm7rLDXtzgUwU7Uc8ovJ8hmqfuhqXlZzdkiX5fxwC7YGURPH7uzLKhA4hv8Euaf"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-41"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94cf42745cc5b529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1472&recv=304&lost=0&retrans=0&sent_bytes=1411621&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3757&inflight_dur=479&x=80"
GET tl7p8z.top/assets/image_loading_logo-DZ0aQgDt.png
200 OK 4.5 kB URL GET HTTPS
tl7p8z.top/assets/image_loading_logo-DZ0aQgDt.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 106 x 137, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 4.5 kB (4485 bytes)
MD5 1f296d1ee3cbc0c44fb510aa0b21d21f
SHA1 4266b1390cec0b91b20d5350aa661d292b023352
SHA256 5e25c52666b308b7d056421afbd0fecc99a3629769064c89ff9d6b1e9db96998
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/image_loading_logo-DZ0aQgDt.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Cookie: _ss_s_uid=6e586157d46e1f27d414ad744c139b5b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 4485
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djY0W08nul%2BP26vQO9A8ynfOZcGGNkwygs%2FFqOeWZsRcgd%2FWDFrYFNvqCuYXDbxzr2G1Efaguz0PuEvlE4Bu9XPhbmPi3P63s55IKKz%2Fo2dWmtJaSxB38SDopZSG"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-1185"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf428a2e5db529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1729&min_rtt=563&rtt_var=1165&sent=2616&recv=470&lost=37&retrans=38&sent_bytes=2560063&recv_bytes=74915&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=7360&inflight_dur=1338&x=80"
GET tl7p8z.top/assets/game_collection_icon-018mQazk.js
200 OK 1.2 kB URL GET HTTPS
tl7p8z.top/assets/game_collection_icon-018mQazk.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1231)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.2 kB (1232 bytes)
MD5 b38e1c4e53f506b46a0214c92c7a23ce
SHA1 a8f156fab5211690e2453b383c90d47644da11e4
SHA256 387d85c6eea089ec516fefadb714a1c3ac6b2e70ab3c0721c7f15ac896194511
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/game_collection_icon-018mQazk.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-C4sLo-pF.js
Cookie: _ss_s_uid=6e586157d46e1f27d414ad744c139b5b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: application/javascript
content-length: 607
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42fIs4hmqIH8KAybnlsC6BHe0AjMFCtnTAH4Xy8sDAl4pZOYwKBK2t%2BUB8F9HLR0UIbK1HUKjaF269mLNMEklL4BHvh5KP2jwzwphmylE4aQldeJ2txjg216j9gu"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-25f"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf428b9e6db529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1769&min_rtt=563&rtt_var=996&sent=2624&recv=474&lost=37&retrans=38&sent_bytes=2565436&recv_bytes=75690&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=7595&inflight_dur=1362&x=80"
GET tl7p8z.top/assets/BetHistory-D1VEQSyM.css
200 OK 11 kB URL GET HTTPS
tl7p8z.top/assets/BetHistory-D1VEQSyM.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (10865)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 11 kB (10866 bytes)
MD5 dc573f9e4795a4e18ed0bbae0780250d
SHA1 ca1ca652bd9731abfbe2da2fd48be07971759d82
SHA256 a7e4282ca5efa44b3518dc80e6302d7dccf4ca714232ddb076dff000569e4db2
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/BetHistory-D1VEQSyM.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 1511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4D9uhyHw1JOzXAdP5e5SOt7Bnk3fnJaoMKOJ06czmkIn252Llfd5T9S3I5B6Vfucs0Yx9Y%2FAjq22Hlf5rJZ9woSPod6eYX2GafKA3Zi32o8pm4tzbIDB0csowdXO"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-5e7"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426eac30b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1149&recv=246&lost=0&retrans=0&sent_bytes=1151222&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3210&inflight_dur=277&x=80"
GET tl7p8z.top/assets/boxeo_icon-grmgNAi1.js
200 OK 64 B URL GET HTTPS
tl7p8z.top/assets/boxeo_icon-grmgNAi1.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 64 B (64 bytes)
MD5 4748df024fac9a413919dccd6f5c6a7d
SHA1 e5f9e1dc3a51c97bd4f2aeaf6a778ce3bbd47288
SHA256 2cac1ca4ef5dd0401e54be3b35508a09ca0cebd891d5a51da141451986124499
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/boxeo_icon-grmgNAi1.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ohONLLOOKn%2Bxo8Md6qUaIPWZPJivcvOMYkCvvLxdGt9R963cRSCMqQqVYggAlgCjYbnBS31pSrB3zrfmB02V1nEsLEAX462mgHUj3UInoLtetVUrpuantdXAVXrK"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-40"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 94cf426ecc3eb529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1827&min_rtt=608&rtt_var=923&sent=1181&recv=247&lost=0&retrans=0&sent_bytes=1179684&recv_bytes=30059&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3235&inflight_dur=303&x=80"
GET tl7p8z.top/assets/index-e7stqYMc.js
200 OK 1.5 kB URL GET HTTPS
tl7p8z.top/assets/index-e7stqYMc.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (1464)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.5 kB (1465 bytes)
MD5 78705cf86c48769663e7abb2492868ef
SHA1 b4271f992e03d72e7bf91eadd9448df5200f761f
SHA256 b9da82319c3db5d7663d98210ad17fb7e47d6bf912f200f41225fbbaca9b2dd6
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-e7stqYMc.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kitWhx5%2Fxaet18NNAvhedg36wziZJJAFe7is5h6Gy%2FnKXtfO9V91wCXLra%2F0vy%2BDKgU%2Bt6NQRJ5hRpaI%2BNi1youmZghB6Y%2BdncnrOpsYodkuxk%2BydSA%2BoKIF3qsH"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-29c"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f0c60b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1200&recv=248&lost=0&retrans=0&sent_bytes=1194172&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3248&inflight_dur=314&x=80"
GET tl7p8z.top/static/Inter-500Medium-8.otf
200 OK 231 kB URL GET HTTPS
tl7p8z.top/static/Inter-500Medium-8.otf
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type OpenType font data
First Seen 2023-05-08
Last Seen 2025-07-31
Times Seen 73
Size 231 kB (230788 bytes)
MD5 3bd1056d001e1f22d4842ccfd88e3a5f
SHA1 699375c590a1879bde1b53a7949b2659292ee3b0
SHA256 13aa9491299ab70f308fce811f07a4b774ab8db3b8ba332f5b559f2cc99c0d09
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/Inter-500Medium-8.otf HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/font.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: font/otf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sRtojTLqggdQvV41%2BJY8CrknDpOwQMq82NfUTnRNCtGdmfNMD9G16u1nEZmWlj6irCzlgx2QI7YOQJpkMoqWQUpDF5w2mto%2F56Eeye9blvfTE1pQvMlQaNaB7r6u"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:11:51 GMT
etag: W/"683ee687-38584"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 94cf42732c87b529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1345&min_rtt=608&rtt_var=469&sent=1491&recv=308&lost=0&retrans=0&sent_bytes=1424406&recv_bytes=47867&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3917&inflight_dur=517&x=80"
GET tl7p8z.top/assets/index-DuYkRCAS.js
200 OK 2.7 kB URL GET HTTPS
tl7p8z.top/assets/index-DuYkRCAS.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (2665)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.7 kB (2666 bytes)
MD5 c08ce32dcc017187d138c96d8fd11285
SHA1 6ce37fc3d1e1382dbfb119aa458ff22666b252c4
SHA256 9c2136ca1167ae47fdf362c797a913606c5cf22b6532def9cb25828b08be99ed
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-DuYkRCAS.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1211
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SzFz9dqw6J3ji2boxNa7RLlUWhyABNrrmTNSOa2cqNtWNjcPEkcblCzmoQwjVVp2iuTLrWKcgjsffXGgagB5Go8Vmjwpo2f5A%2BnV4mEiuL4O8L80JZB%2FMCEp23Yw"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-4bb"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cc7b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1463&recv=304&lost=0&retrans=0&sent_bytes=1404238&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3756&inflight_dur=478&x=80"
GET tl7p8z.top/assets/giftHooks-DZ5zU5-W.js
200 OK 905 B URL GET HTTPS
tl7p8z.top/assets/giftHooks-DZ5zU5-W.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (904)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 905 B (905 bytes)
MD5 4bffabb84e19b95aa598a56f69a3964e
SHA1 0b8773e8a3d8cec990f79dd45b08690041a166fc
SHA256 c4da3b69f734995f89ad18be18edabe8afaeb5bb393169f1700cebfb27ad6c95
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/giftHooks-DZ5zU5-W.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BcN0oQS9.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/javascript
content-length: 470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tY2%2Bmjnz7SGSYud%2FQ2YboMuvTaBDpBoFeZ67mLPR8VdP0HIlZRUSHBMKDi2PKugEmZs44XSDWyHgUE43iK4tv2tP5suRoFDdvG6hvLhdqhAATINGEboSOQoqQeAn"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-1d6"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42802d8eb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1478&min_rtt=608&rtt_var=818&sent=2094&recv=362&lost=37&retrans=38&sent_bytes=2086569&recv_bytes=55574&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5649&inflight_dur=802&x=80"
GET tl7p8z.top/assets/tg_float-DnI8014D.png
200 OK 6.0 kB URL GET HTTPS
tl7p8z.top/assets/tg_float-DnI8014D.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 6.0 kB (6014 bytes)
MD5 f0d49869fb6e367ba4482e94bd33f008
SHA1 79f7438fe3cd1150e1bedcb44e59e2b856e8621d
SHA256 1a087ea6ad9e897c020942e711e4ed2022dc6510d12eb59f3c51b68c3f5e3f2e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/tg_float-DnI8014D.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: image/png
content-length: 6014
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1yAiBS0%2Fhai%2FvRC42ShI%2B6iiUX9Hy36qEitTEgLKFdGL6hmlvaCHJdLdITSTNfWKKa%2B6TGxjBPAaqkfOx1K3WwjmQZNBoOjY9CakyvQuD4NU6x92xaRC1DyiGFY"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-177e"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf4283bdacb529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2897&min_rtt=608&rtt_var=2637&sent=2132&recv=386&lost=37&retrans=38&sent_bytes=2102463&recv_bytes=62042&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6334&inflight_dur=897&x=80"
GET res.tl7p8z.top/home/icon_public_35.svg
200 OK 1.4 kB URL GET HTTPS
res.tl7p8z.top/home/icon_public_35.svg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 1.4 kB (1374 bytes)
MD5 5459386d267bc73dd98752edbfbc1561
SHA1 1657884f9dbcbc4e6392386397543e92cc238bbc
SHA256 0e09809f26b8ee4063ba7bec6ad5387a455ee4bebf7d143c4daafc940a00dba5
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /home/icon_public_35.svg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/svg+xml
content-encoding: br
access-control-allow-origin: *
etag: W/"5459386d267bc73dd98752edbfbc1561"
last-modified: Wed, 28 May 2025 16:00:39 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wflMVibHVH%2Bsi4Q0k6jAwwkluNyCKRUP7Ispq8nZKNiw3hZH1pXSy%2BJ5h%2BgNF0OeQmq0fnjcrodBgLlQ403hoN9mgLkvDLvc%2Bav8cMgVP3DauT%2FlUwEkmgizg5GHLywvrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94cf4286e8d75699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1205&min_rtt=396&rtt_var=1271&sent=230&recv=207&lost=0&retrans=1&sent_bytes=205933&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4288&x=0"
X-Firefox-Spdy: h2
GET cdn.launcher.a8r.games/connector.js
200 OK 1.9 kB URL GET HTTPS
cdn.launcher.a8r.games/connector.js
IP / ASN
104.18.41.153
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, ASCII text, with very long lines (1904), with no line terminators
First Seen 2024-03-31
Last Seen 2025-08-08
Times Seen 794
Size 1.9 kB (1904 bytes)
MD5 31f31b789e1157fae8d55fb85b07f82d
SHA1 79a087348423ab49ce222da90b82f006429bff80
SHA256 71877550f925a2b52f1f57d969b2cdb9f9deab1d8cf7d3382ffae9675524308d
Certificate Info
Issuer Google Trust Services
Subject cdn.launcher.a8r.games
Fingerprint 4D:22:4F:96:EB:C4:79:24:F5:60:2C:3F:85:C4:05:4A:01:41:68:EA
Validity Sat, 31 May 2025 08:49:52 GMT - Fri, 29 Aug 2025 09:49:48 GMT
GET /connector.js HTTP/1.1
Host: cdn.launcher.a8r.games
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:05 GMT
content-type: application/javascript
last-modified: Thu, 05 Jun 2025 09:11:07 GMT
etag: W/"68415f2b-770"
cf-cache-status: HIT
age: 5958
expires: Mon, 09 Jun 2025 12:29:05 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=TIsp_xK.3UOy6iw439MAyGkZ03syPww_W1pItPeRIh0-1749457745-1.0.1.1-mGlMdq8ywd3jNOsUGBQlSdy_z.YgYQZfB5J9sn5L3RsUVUQ1MLaS63Ir_7GhvotW2ngTkC6dxJVaDNGTlfE9kETrM.4JRvQYX56srjSRjEU; path=/; expires=Mon, 09-Jun-25 08:59:05 GMT; domain=.a8r.games; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 94cf425ebcf37131-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/127342191059140623_20250603044537.jpg
200 OK 48 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342191059140623_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 48 kB (48098 bytes)
MD5 08b1d413cf9343308485ff3aaa275573
SHA1 2cf73322f14f632310278e0c209006097835483e
SHA256 fd4b720c07f61a8b33ba0da8ce25ca5c47ef85d9a075bcca241f34e032620112
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342191059140623_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 48098
cf-ray: 94cf428b6e6f5699-OSL
accept-ranges: bytes
etag: "08b1d413cf9343308485ff3aaa275573"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZZTSFUYF%2BHIkMcO%2FGE75uLW%2Ft82TuxZ6O%2B%2FxljY0LTdRUv56xlITlRI0yQDnBVjxAth9YVea5WTr5Gl7KWXiWgkQLD04SJ7xCNE%2BUiQmnDb3CynbNNSt4DCfZcoiUNPDEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1910&min_rtt=396&rtt_var=1411&sent=3053&recv=709&lost=0&retrans=3&sent_bytes=3808614&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5000&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/126172385496793105_20250603044537.jpg
200 OK 51 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172385496793105_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 51 kB (51245 bytes)
MD5 09f3267120c30a3c10abda8992ba55c7
SHA1 c59a81fe24e804b6759be48e24b6c16d1d19d848
SHA256 8ec0b200f252f31e30a62c35fd57de5ceb3f8de42cc5a45f45ca798bfbfa90a8
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172385496793105_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 51245
cf-ray: 94cf428b8eac5699-OSL
accept-ranges: bytes
etag: "09f3267120c30a3c10abda8992ba55c7"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljqoPzEzbCOoUCD809fkTifTfqPLc%2Bon5fcmTcfoUqLJDX%2BdH2Po0mwzu%2BPy9MzyDJ%2BUwGFdSQsGb5FHGu6CVb8Wmf58%2B6vf6m7nHZyrIyigdpRL4iVvS8fvHIgyOh3kDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1210&min_rtt=396&rtt_var=814&sent=3327&recv=729&lost=0&retrans=3&sent_bytes=4165021&recv_bytes=9986&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5016&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/126172385480015888_20250603044537.jpg
200 OK 49 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172385480015888_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 49 kB (48573 bytes)
MD5 043d2f0bb2220df34fc6659f1060fd40
SHA1 a2fd45f6c1e32d7d3640269d6ccf1d4a2e798dba
SHA256 cb5955883193aa55bd531e0021231ce94ad23dbc3ec1b947e0c828df633fde1a
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172385480015888_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 48573
cf-ray: 94cf42881a6a5699-OSL
accept-ranges: bytes
etag: "043d2f0bb2220df34fc6659f1060fd40"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Q25epAbOkjjCa9NZk%2BpI2%2FfA64D9s9iTdSwVaNdYcECj9TwV6FiyUxxO34XoYY4oGy%2Bla%2BemBiznIT6yemuWN%2FxOxy0YU6CwoBdLUqzMN03KXgy94317NI6VlMg1yy4yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=705&min_rtt=396&rtt_var=285&sent=733&recv=337&lost=0&retrans=1&sent_bytes=844803&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4430&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/futbol_icon-BNhFW24u.svg
200 OK 4.4 kB URL GET HTTPS
tl7p8z.top/assets/futbol_icon-BNhFW24u.svg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 4.4 kB (4420 bytes)
MD5 6e1dbcc6a3b75554815f8be035ea40ee
SHA1 805f4bc55e647247c4b3d93ad45fa70bcd2bda7d
SHA256 78f5fc75f67bb41655a5bfa94e0fc635bbb66f3504eb28ee395220358a0d46c6
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/futbol_icon-BNhFW24u.svg HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: image/svg+xml
content-length: 1966
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OOvDmhdjVvqEffd7n1M%2B%2FepqyNuaOeDR%2FVaXe9JC5PgimTYXrCyi9wFH7AilaDBTwQQwIngyjzq45mTI4rJI0NLonZLHTVYoDbo51s5zwnekG7Ii8DVxxJW15vov"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-7ae"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf4283cdaeb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2779&min_rtt=608&rtt_var=2213&sent=2143&recv=387&lost=37&retrans=38&sent_bytes=2113344&recv_bytes=62087&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6340&inflight_dur=904&x=80"
GET api.tl7p8z.top/banner/list?download_plan=0
200 OK 2.4 kB URL GET HTTPS
api.tl7p8z.top/banner/list?download_plan=0
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.4 kB (2385 bytes)
MD5 91f61d8524cd37e4cad40ab5d8d500a0
SHA1 3f9266b0d1912dd96976955bde6bc00d4c404b22
SHA256 820ea633876f96b2cf8b1879e178df1f0c9ff515f348433b67e5468b8878f8e6
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /banner/list?download_plan=0 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ux%2BY04VMXtW2QBYtxglTj5YrM8WnRjpW46lpN0IK60SMKJwIUKwLLucXSp6wCQuDzt4CCLDMIk7NwHZBI3OoIhAR8VxjorowjO05YpyPytohaMl8%2FibIA55jRUHXPxWskw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf42854e0ab529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1373&min_rtt=563&rtt_var=830&sent=2544&recv=439&lost=37&retrans=38&sent_bytes=2523435&recv_bytes=70132&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6797&inflight_dur=1181&x=80"
GET res.tl7p8z.top/home/icon_public_171.svg
200 OK 1.8 kB URL GET HTTPS
res.tl7p8z.top/home/icon_public_171.svg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 1.8 kB (1836 bytes)
MD5 d5ebb1c161c2bdee54a9c22bd826bb1f
SHA1 f7949ee95d93c476d94c3b60ac8c9760d6d10f4b
SHA256 77f01a1c005ccc5687c2b10b3dcb504da4e46cc1809f7eb9b17c09e58e3a7394
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /home/icon_public_171.svg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/svg+xml
content-encoding: br
access-control-allow-origin: *
etag: W/"d5ebb1c161c2bdee54a9c22bd826bb1f"
last-modified: Wed, 28 May 2025 16:00:38 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pL223RbRPd2N8UoD4Hc2SlbHPPnaryj%2F%2BI2ig%2BTIrdq0U9kW9tKEdhZGG6bGZ6DRZtp1hjClZXFWCwpcZ8cpVVvcMoEApPTHqXExrgWm7NHYzdgLix%2FAI8zEUV%2BJVi6x1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94cf4286e8e65699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=482&min_rtt=396&rtt_var=42&sent=221&recv=202&lost=0&retrans=1&sent_bytes=201748&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4273&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/index-C4sLo-pF.js
200 OK 897 kB URL GET HTTPS
tl7p8z.top/assets/index-C4sLo-pF.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (56148)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 897 kB (896614 bytes)
MD5 881e369570d05e2706b096747d9a7dd1
SHA1 f9634089eacb5c6be80ce64b645ac139a8bf3073
SHA256 b554cebf99b91ebd23b0b99339012a3dbc69771bb229bc76852b8f6d64601236
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-C4sLo-pF.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:06 GMT
content-type: application/javascript
content-length: 264395
server: cloudflare
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-408cb"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qLyB0DRdgY6ucNF%2FUb916bzA7nVUJ%2Bp%2FcQGsLW4R519O%2FTVYuUYSWiDgRBLoZQfFOFqp5RS8TrbUzNu6YVQibFiZZ6VU9eeb"}]}
cf-ray: 94cf425e5e3b0afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/bwCustomI18n-B4N840oR.js
200 OK 1.9 kB URL GET HTTPS
tl7p8z.top/assets/bwCustomI18n-B4N840oR.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (1864)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.9 kB (1865 bytes)
MD5 c9a7898ea10ef4d698ebe152694fd58c
SHA1 7816d6efecee3ed23131bb0231d519c7e089aaa0
SHA256 a5c8d109e66f3547ceb7d76eb9f4970013fe4c0cabef846a598d51bbc748ea63
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bwCustomI18n-B4N840oR.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0u78wN9kKzPWNC2CzYN5tkLPlpCFw9ZcPiHOY%2FM2KpL00DMxj5DtAlX9cGVZVh8vg%2FnADSMhWk8PeO9BHlB3p172MPRvhoMdXQ9i1M6oS%2B6i2uMqZga%2BMyaEJVk1"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-33b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42740c95b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1499&min_rtt=608&rtt_var=544&sent=1360&recv=275&lost=0&retrans=0&sent_bytes=1335096&recv_bytes=34988&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3705&inflight_dur=427&x=80"
GET tl7p8z.top/assets/promo_icon-CNUIoCB5.js
200 OK 3.9 kB URL GET HTTPS
tl7p8z.top/assets/promo_icon-CNUIoCB5.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3902)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.9 kB (3903 bytes)
MD5 b85eafa0f236eaaf124dabae5e2a552d
SHA1 648853c70a8901f5a400c44d9d07ab3235ceb97d
SHA256 43428caeeb6ee816995188056c94b73e197385f09cbb4b02a1406d4626d2cedc
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/promo_icon-CNUIoCB5.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1648
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EUdWHZbOp%2ByAiejNqmMCjXOTjHmi%2BNcBs%2B7%2FcydUDBdj6KPRbIKBRxVlJJFPctdvUe7vIAYT9%2BE%2FaL9c6ArK4j8X6UJvjpfvfILOXcl0fFsrSiAYWALrOaYQMW02"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-670"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742cb1b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1419&recv=290&lost=0&retrans=0&sent_bytes=1375937&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3725&inflight_dur=447&x=80"
GET tl7p8z.top/assets/index-CzQ4ZtV-.js
200 OK 2.5 kB URL GET HTTPS
tl7p8z.top/assets/index-CzQ4ZtV-.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (2527)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.5 kB (2528 bytes)
MD5 274183af8a610726d2a95ed718b3b636
SHA1 f32e1d279652bf39dde162822d1b4cd232b3ef9d
SHA256 e56d03a1797f472881e1df28729df397679ef9b81ac952d8f373499182ae93c7
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-CzQ4ZtV-.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BcN0oQS9.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/javascript
content-length: 1116
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2N%2FIpMH4T2gGZm5zPqJsOB%2Ffp64oOWy22RIM6s0b9OnCX7JPfdJlGSBy3i7ZSHP662hxdjTHAUMQlWFqPdfSLveSb22fW5hqID7ZFuKihFQ5z%2B5eAqchaAshX9m5"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-45c"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42803d90b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1444&min_rtt=608&rtt_var=682&sent=2097&recv=363&lost=37&retrans=38&sent_bytes=2088516&recv_bytes=55619&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5654&inflight_dur=805&x=80"
OPTIONS api.tl7p8z.top/games/bigwin
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/bigwin
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/bigwin HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g19%2B6VBHCUMUy3THkp%2FmIKXYSyCbmwPRTdH7yBeHNVlwqSIudGfNafDp52oq0ERqAHgKzySPkVMUWH0u3BXK35ZPcapeTLS48VTc9mqRYwjdf4qmF838MNNJAGTCQo38cA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf42844dc3b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2233&min_rtt=608&rtt_var=2021&sent=2169&recv=395&lost=37&retrans=38&sent_bytes=2133934&recv_bytes=62453&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6421&inflight_dur=968&x=80"
OPTIONS api.tl7p8z.top/games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IUvCoPsW89a5OIEDMSyeijFwRKgfVyVK01Y5GQM154Qssak1rYNDvXtD%2FNxDXua9b%2BbNdPE98VCUNfKTPczEfKzNnoRP7SXHzsVdBBGkURPiEVig0Q31mbpESFhABOjLew%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf42886e43b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1261&min_rtt=563&rtt_var=396&sent=2607&recv=463&lost=37&retrans=38&sent_bytes=2557231&recv_bytes=73927&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=7176&inflight_dur=1286&x=80"
GET res.tl7p8z.top/upload/game_image/126172382275567628_20250603044537.jpg
200 OK 53 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172382275567628_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 53 kB (53430 bytes)
MD5 1913b2dca873a89f8d66feea6ed945a3
SHA1 879748d9df16a1e6393ae5ea47db970bb816f69f
SHA256 fe2dba4f7d4358ab7c6b22ebd9465a37877ef259dbbe9086c496345557d99b13
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172382275567628_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 53430
cf-ray: 94cf428b5e5b5699-OSL
accept-ranges: bytes
etag: "1913b2dca873a89f8d66feea6ed945a3"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qn4AY3Wth7DonSPfqLwxZmVDfuZWc5mxes6sq9hQtg1UC1%2BdgDi%2BSzV2xh16rFvbYskUKBYaIalAQJx8JriyVnfJmGZWWoumNp8bCzjNmSovYcTpaMzpGeQ6XfIqqYEWGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1732&min_rtt=396&rtt_var=1523&sent=2864&recv=705&lost=0&retrans=3&sent_bytes=3566057&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4992&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/76622870721069078_20250603044537.jpg
200 OK 43 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/76622870721069078_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 43 kB (42660 bytes)
MD5 7f3a4755b56f00f528a7d4b3dc24a07f
SHA1 db7884ac4b6f23c42813568da367eacadbf962b0
SHA256 4f6aa03c47bcd09230b9ccc0fffbed3831315e013d2260efd449728430f5df4f
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/76622870721069078_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 42660
cf-ray: 94cf428b7e8a5699-OSL
accept-ranges: bytes
etag: "7f3a4755b56f00f528a7d4b3dc24a07f"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=951tEWqe4ZMQ3FmacTl8v1fTPxrUDAHQNd7NLmAxPXQRkiyBIZh1QmI05KnAd0gn3gZiPMaeoWq2n5c6PGAmIavWLnCWwPJT832QemViZxaRtfsJuxNnlxApULtRh3brBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1984&min_rtt=396&rtt_var=1988&sent=2996&recv=707&lost=0&retrans=3&sent_bytes=3738612&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4994&x=0"
X-Firefox-Spdy: h2
GET api.tl7p8z.top/games/copy
200 OK 75 B URL GET HTTPS
api.tl7p8z.top/games/copy
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 75 B (75 bytes)
MD5 ec011bc0e1bd587a4235ecfa25426d3f
SHA1 7ede4fdbd99530b4be635b584d31ebfe75cade8c
SHA256 535e4427aae6855303f2617adaa510cd31ebe4118b5ae86ab175e0d3de0cc2e7
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/copy HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp:
Source: pc
X-Language: es
X-Country:
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=P%2FklHF4IPbO68N3hrz6jPV6j25cDKBBZpAMcie8lnj%2BoHolCm4Ofb2CqSlysfVpfalAabjLxTG5K3qwdatf7pXGBymY%2BRiPE9XVerw%3D%3D"}]}
content-encoding: br
cf-ray: 94cf4270bf835699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/liveChat_icon-CaovBjsT.js
200 OK 1.7 kB URL GET HTTPS
tl7p8z.top/assets/liveChat_icon-CaovBjsT.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1658)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.7 kB (1659 bytes)
MD5 d15934e747fcf76ee75a47ba92006a35
SHA1 c125b86dabda8463c7119b2c5d2ef4ca7af2e879
SHA256 d0905f262934ff1132d0c40c1a44721773e901aab5e5fccdd2add98685c3a996
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/liveChat_icon-CaovBjsT.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 718
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=93xsGObOPagPuYlgfGn7057ghQ445eK6iHGLZlBZWXeg2PZRQIaMWGzAtZXJ0UEHRrvTfebdSZpFIeDatiHsl%2BohdYyL0znT%2FYOOiYfWSfADmAQyQK%2Buwlu6TvZ%2B"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2ce"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742cb5b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1232&min_rtt=608&rtt_var=441&sent=1430&recv=291&lost=0&retrans=0&sent_bytes=1386255&recv_bytes=41715&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3736&inflight_dur=453&x=80"
GET marsbingo.sptpub.com/bt-renderer.min.js
302 Found 24 kB URL GET HTTPS
marsbingo.sptpub.com/bt-renderer.min.js
IP / ASN
54.240.174.93
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-10
Times Seen 5753517
Size 24 kB (23592 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Amazon
Subject sptpub.com
Fingerprint F6:31:D8:A8:C8:28:E2:D7:05:B7:A8:33:ED:2D:2F:40:C2:91:AC:C7
Validity Wed, 12 Mar 2025 00:00:00 GMT - Fri, 10 Apr 2026 23:59:59 GMT
GET /bt-renderer.min.js HTTP/1.1
Host: marsbingo.sptpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html
content-length: 138
location: https://start7.sptpub.com/bt-renderer.min.js
server: nginx
date: Mon, 09 Jun 2025 08:28:29 GMT
cache-control: max-age=60
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: P9XqQIWGK_TXBQBAdvTqMQD3hIqPqaD2Rl1j97y3K3LWQ5CzpiGIRQ==
age: 41
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/giftHooks-DZ5zU5-W.js
200 OK 905 B URL GET HTTPS
tl7p8z.top/assets/giftHooks-DZ5zU5-W.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (904)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 905 B (905 bytes)
MD5 4bffabb84e19b95aa598a56f69a3964e
SHA1 0b8773e8a3d8cec990f79dd45b08690041a166fc
SHA256 c4da3b69f734995f89ad18be18edabe8afaeb5bb393169f1700cebfb27ad6c95
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/giftHooks-DZ5zU5-W.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: application/javascript
content-length: 470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BvkJRaFPA9eAWulCoO55Prf4ZzcpPc1IX2BiWJQAVSwcOrswyJQWH8qMuXdBZ%2BZFiWNzLcj5VQhByF5QVTzGyHethugF4ApwsWArjGrGA1JedCu85V%2BBqryRCHmr"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-1d6"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf427d0d67b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1784&min_rtt=608&rtt_var=628&sent=2066&recv=348&lost=37&retrans=38&sent_bytes=2068401&recv_bytes=53325&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5498&inflight_dur=738&x=80"
GET res.tl7p8z.top/upload/game_image/56469912935202829_20250603044537.jpg
200 OK 48 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469912935202829_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 48 kB (47736 bytes)
MD5 0c95f2628bebeb6526f9eece23e33d0b
SHA1 335984672ebdad9303cc2dd7b9f1f1d669654b4c
SHA256 a04c5ad62e3e809af26fe7a521ef2a245dc00c80fea5bb6563d65dc702382d4e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469912935202829_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 47736
cf-ray: 94cf428b0de75699-OSL
accept-ranges: bytes
etag: "0c95f2628bebeb6526f9eece23e33d0b"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oyAA8SX9PyUsXrk3XP7Uxw09O1UlRJG7e2ClxMv8NGG6zibRogGzNyjb7Xq7%2Fot2gfj73%2F3eonyUBHLzNFY%2Bgxjb2OMs3ueT0XrkTZrbE5Re5cIftNlmGxAFuGf35t2Dfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=941&min_rtt=396&rtt_var=377&sent=2359&recv=669&lost=0&retrans=3&sent_bytes=2915832&recv_bytes=9986&delivery_rate=44986407&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4936&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/no_data-DKmNohZb.js
200 OK 5.1 kB URL GET HTTPS
tl7p8z.top/assets/no_data-DKmNohZb.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (5108)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 5.1 kB (5109 bytes)
MD5 d11537d5632f77548c4f9e4cbc5d7944
SHA1 02741e89e325835eaa318007e48749bed180dfd5
SHA256 5d2ed77b5d2a45c27131d77c5dd889da2b45b03d77084fa3532a588d7f851a05
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/no_data-DKmNohZb.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 3892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w1k9ttAqcCYFy6J3mGIMyNks3UUz7%2F2VWdfPmbo9uJpkT%2BNUj8b9VbbhynjRK9MvpQW%2Fz9Ln0bEm7huvM7pC8HJ%2Fh9HyjNVVzYXiWwSRvEe%2BHfFUDh23UClvwjsO"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-f34"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42741c9eb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1400&recv=290&lost=0&retrans=0&sent_bytes=1357703&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3721&inflight_dur=442&x=80"
GET tl7p8z.top/assets/countdown-D6znV8qH.js
200 OK 2.5 kB URL GET HTTPS
tl7p8z.top/assets/countdown-D6znV8qH.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (2523)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.5 kB (2524 bytes)
MD5 07513ec43da0f4b6e9195b33664ab0ad
SHA1 d8d226fa86e07f8b8d32d139cd26e659ecec2f00
SHA256 09d8f6b86fbaf4fd7cf7b96a1d8dacc7ba1b21f10d2ff2e37548d681cf57f9d7
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/countdown-D6znV8qH.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQuNi2vwJvgc7pWlGZbpEH82CIsKAFpyNtG6h04U3QVzAuAOCtw5u4O8IFYTQV8uSWvHUcV9xZPIVopSRpJ1O%2F%2FJc8s59E6FylfvPktr0rQ%2FUNunANTfpFYjYCeM"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-32f"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f0c62b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1217&recv=248&lost=0&retrans=0&sent_bytes=1206774&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3256&inflight_dur=321&x=80"
GET tl7p8z.top/assets/suspend-language-icon-D1_Op9yU.js
200 OK 1.6 kB URL GET HTTPS
tl7p8z.top/assets/suspend-language-icon-D1_Op9yU.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1636)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.6 kB (1637 bytes)
MD5 0d0e5a48a51ac1b3f8939b9193325f0f
SHA1 0c0f6ae2dc0bff58d231e3ca9e964171dc53d0d4
SHA256 def654a2fbf956666616f510523468e8af2af84047911670f520cdd256eaa190
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/suspend-language-icon-D1_Op9yU.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0hwAohiAEAc%2FEZ0wS2ajF%2BLWUunMNqn0hqybbqCHI3EgrMtTXbdTBJhwaashgLr8ZK2QmB87vKg49NtS2q5r7MqJZvz7sYzN64jjc3A5D7gXLIxjNSOZe%2FaZ9fnJ"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-506"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f2c6bb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1840&min_rtt=608&rtt_var=865&sent=1238&recv=249&lost=0&retrans=0&sent_bytes=1226090&recv_bytes=30151&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3273&inflight_dur=338&x=80"
GET tl7p8z.top/assets/index-U6SimiM5.js
200 OK 1.4 kB URL GET HTTPS
tl7p8z.top/assets/index-U6SimiM5.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (1399)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.4 kB (1400 bytes)
MD5 f2cfb0be4220367ad3f4d4f199bee537
SHA1 f86a2aa3c184971e96870f622fa5dccc14478a21
SHA256 39e75387ac3f787c7a7d84bb34e177e9f2e24f17c209c33d5bafefac23fb74a9
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-U6SimiM5.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UpnEFJzx%2FEUnJsvFbYw59aW4ZdespULQV%2FC%2FLPtqOW6GGLDhP7zN09K00N8X6yOACHwl1v%2BYA9h7xG8mJFOO2Huw9Fw%2Ff3NVbPfOQ9z4%2FiYUTIWSMgckgjq3IMnU"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2f4"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f4c71b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1970&min_rtt=608&rtt_var=914&sent=1268&recv=251&lost=0&retrans=0&sent_bytes=1256600&recv_bytes=30244&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3305&inflight_dur=364&x=80"
OPTIONS api.tl7p8z.top/agent/invitation/bonus/info
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/agent/invitation/bonus/info
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /agent/invitation/bonus/info HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7mIWtssuS7YCBu6AsIXkC32xlH2sNuuTPr%2BR%2FFnU%2FnE38AluqSvfcH6sPvbpx0%2BVmCMj9Uuuocf9AIZ0ITpyinANcL%2BmJ%2BTBp7UBDN3mEH0SBbIVca3CagP7OtWCCZYtKA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf42843dc2b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1922&min_rtt=608&rtt_var=1681&sent=2177&recv=400&lost=37&retrans=38&sent_bytes=2136783&recv_bytes=63771&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6433&inflight_dur=979&x=80"
GET res.tl7p8z.top/upload/game_image/30928987798996106_20241009213302.png
200 OK 63 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/30928987798996106_20241009213302.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 277 x 365, 8-bit colormap, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 63 kB (62601 bytes)
MD5 24b3e7fc08c8e8da0eb3c2f1db97c715
SHA1 abf671112fbd8651ada3487bf653535d1f7e31d0
SHA256 c9709e2227a69e5fd6cc5763e0f609f99d3a9e2dbaa6402234092c360c671588
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/30928987798996106_20241009213302.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 62601
cf-ray: 94cf42880a695699-OSL
accept-ranges: bytes
etag: "24b3e7fc08c8e8da0eb3c2f1db97c715"
last-modified: Wed, 28 May 2025 16:32:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JC5TkB1ltjoeEbiR1z5M91R0nTZ4NP0LiKs91HUBbFFyF80ENju54jVev4ZC0f0zRdri7CX6VfJIWoaR0qKkEG89U0JdHQQotzjmw08MlWdpvbEcain8sBRHyHUYbKBANQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=739&min_rtt=396&rtt_var=193&sent=557&recv=287&lost=0&retrans=1&sent_bytes=614607&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4421&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/rally_icon-DXYa3K5G.js
200 OK 3.2 kB URL GET HTTPS
tl7p8z.top/assets/rally_icon-DXYa3K5G.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3178)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.2 kB (3179 bytes)
MD5 5defdc9dadb2f6d5ebc032d562fcf915
SHA1 b105a0022105870f78c67b1b593407f85157e674
SHA256 438dc51ac67ee74dbe6277059387d8dcf4d5faa7b5f1f2f29a0a7bd714be9c1c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/rally_icon-DXYa3K5G.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2UwffoseEUUn%2BQKEPPDWYp%2F8pRDDAxCpTXnnDnEtKWdyaokY1SOrgWn8Fd%2FK1YrnWtxORqOhXbcnivF2WdYwRF13Z8zCHbeAobUwrnegt778fjpC3%2FVUg8WctRi"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-500"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426edc46b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1827&min_rtt=608&rtt_var=923&sent=1173&recv=247&lost=0&retrans=0&sent_bytes=1171861&recv_bytes=30059&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3231&inflight_dur=298&x=80"
GET tl7p8z.top/assets/common-header-back-B74iTo9o.js
200 OK 307 B URL GET HTTPS
tl7p8z.top/assets/common-header-back-B74iTo9o.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (306)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 307 B (307 bytes)
MD5 f5c576c059c0d09ecb2d8d245cdc5722
SHA1 838490c9d7f58045fa90d2982b9f6b5df78a4428
SHA256 ee3bdd000f41cced23d57b572d87f91801474cde3c04f4546990ce599c72df55
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/common-header-back-B74iTo9o.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 234
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Un23mDgpENwQQInYO0uxyiFHk86XrAMmD2Zyf4v5VWLZp7knRUF5kPkH6OfOq3Ia4lwP4nZVaPA193ylJUEwPGdhjrDkqId90VlvfgMdpRxASA1s2V5ISeRPxrj%2B"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-ea"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745ccbb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1480&recv=304&lost=0&retrans=0&sent_bytes=1417967&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3759&inflight_dur=481&x=80"
GET res.tl7p8z.top/upload/game_image/127342193223401487_20250603044537.jpg
200 OK 54 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342193223401487_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 54 kB (54176 bytes)
MD5 ea4dcd8c86e0289db412af4c90d59d44
SHA1 2f5b5535ad7b17c0cd08ed1fdb33abee8a170531
SHA256 7280f6ffc3f0504d36eb8a52b45f7f61c8a8bf9f9592565a064f1fabdb53a70a
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342193223401487_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 54176
cf-ray: 94cf428b2e2a5699-OSL
accept-ranges: bytes
etag: "ea4dcd8c86e0289db412af4c90d59d44"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M1UVkvLWamiJurN8sXn4iuYP7Z%2BQtrAliGob3slDSIZdLMrOjEdvO4vNG9deip0QUhQvyMRHeXYKX76Nqdu%2Bma4kua4089XBmLzARbx2BAw7lN6Ky5OnKb9fh2pa44pI0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=865&min_rtt=396&rtt_var=432&sent=2580&recv=689&lost=0&retrans=3&sent_bytes=3201490&recv_bytes=9986&delivery_rate=48992481&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4955&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/casino_icon-D8-wi0zY.js
200 OK 1.8 kB URL GET HTTPS
tl7p8z.top/assets/casino_icon-D8-wi0zY.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1836)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.8 kB (1837 bytes)
MD5 9b08329eb0a3136cff4f42642e88980e
SHA1 7b7904d42aa03fa8a088859dd3be7a9473bed540
SHA256 015ff4682f326c91a2f00db374a6783a1b66ae3cb18d17d86b235a877f7f591b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/casino_icon-D8-wi0zY.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 875
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JMOHtUbBYiSin109KTiSGP30A6YMnw4j%2B5BgPBG4IvHz4iV9UU6a516nZDPk1wZL0yrZ%2Fnaywog9%2Bg7IFXYKLG%2FbNEzaqjUZ5Zr%2BUimsLdb3myMltXABUO2e21B9"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-36b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426eec4cb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3496&min_rtt=608&rtt_var=3223&sent=1086&recv=234&lost=0&retrans=0&sent_bytes=1097648&recv_bytes=29468&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=2998&inflight_dur=190&x=80"
GET tl7p8z.top/assets/bets_icon-DxWez_fB.js
200 OK 3.5 kB URL GET HTTPS
tl7p8z.top/assets/bets_icon-DxWez_fB.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3497)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.5 kB (3498 bytes)
MD5 62cab719c31278bd684e49ca5027e5e1
SHA1 a9ce4d0a6b1f8d0a268801f2cd633530bde3d381
SHA256 a64ca252a50be2b83159e6d83ed601e527772583813ed965d936eb9c6802a572
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bets_icon-DxWez_fB.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQUbAXBClBcZzW%2Bw7B6URaEXdhF%2BybSHGDnX8CK0uH%2BipeeUWa5NlGX3rlQLlpMwHCrdLUSb%2Bu6HXjzsSOGte99b99Tfi2ZQQ8Q4rnBpzAul2K7sEPaZl1xokyaJ"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-544"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ecc3cb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1827&min_rtt=608&rtt_var=923&sent=1188&recv=247&lost=0&retrans=0&sent_bytes=1183732&recv_bytes=30059&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3239&inflight_dur=303&x=80"
GET tl7p8z.top/assets/futbol_icon-VT_Qf44H.js
200 OK 65 B URL GET HTTPS
tl7p8z.top/assets/futbol_icon-VT_Qf44H.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 65 B (65 bytes)
MD5 34039495c771bd791cd9466839cbc520
SHA1 476658a26cc7e0924de247286ee8f898b1104b5e
SHA256 40fc917629b8e843010f8b4a2e11e2bc3317cbe6eb24ea60cfaf2e94d8390daa
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/futbol_icon-VT_Qf44H.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I6iJKV6%2FUKc7F%2FevzW8Apkb6EckO%2FoCFucYvNZl26GrT4W%2FOwu81rE02HXY6QiVGKweLbRKrGQqgBPb4WZBuhc9DBY2sgPy5cWeVOSERLrZCdn2lyCOdy3ex4yJJ"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-41"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 94cf426ecc3db529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1152&recv=246&lost=0&retrans=0&sent_bytes=1154607&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3211&inflight_dur=278&x=80"
GET tl7p8z.top/assets/tennis_icon-D6N35M_3.js
200 OK 4.3 kB URL GET HTTPS
tl7p8z.top/assets/tennis_icon-D6N35M_3.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (4314)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 4.3 kB (4315 bytes)
MD5 d102c4500f311be7a27f74c42a3c9df8
SHA1 e7223511cfb682b59a4972a4faa872d9f78cd6c7
SHA256 0e8c6b442800bc8cd320832491a6853de3dfe05a2a824849b19d183c44613b90
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/tennis_icon-D6N35M_3.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1729
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sVk4cCta5Uyb9Rm0HszxzJ1K%2B%2Fgnni37EueA2yFvtpcxJY84cYpxCahD21LrTeXELzN%2Bi7nMq6KDxtr%2BxzX0wMdYlKCTrK%2Bc63ymm%2BFs%2FcWjnZ4YoW77hz4RVndS"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-6c1"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ecc3bb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1827&min_rtt=608&rtt_var=923&sent=1181&recv=247&lost=0&retrans=0&sent_bytes=1179684&recv_bytes=30059&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3235&inflight_dur=303&x=80"
GET tl7p8z.top/assets/sports_mma-OvBt-H1N.js
200 OK 1.1 kB URL GET HTTPS
tl7p8z.top/assets/sports_mma-OvBt-H1N.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1071)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.1 kB (1072 bytes)
MD5 9b2f0be92a2c1422cb9b2678c83bdd91
SHA1 2808df4827edf1cd0fe0185890ef6d58ad88bb4c
SHA256 fce44460b098ff9afa2232a5d7aac5080298edb6ee0a9b707f996af2514eb044
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sports_mma-OvBt-H1N.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 571
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wp7MR05kKFRMI10PBogcivnscpK%2BoTOtlKErn9NdB37itKUdVt8Zvld3hev758h9xv1dTqwzfYn9lrN6IiiGv7%2BgBmPMOHg75zUKEKg8Ex6io4Nj09S%2BivceDYta"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-23b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426efc5bb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1210&recv=248&lost=0&retrans=0&sent_bytes=1201759&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3251&inflight_dur=318&x=80"
GET tl7p8z.top/assets/bwCustomI18n-B4N840oR.js
200 OK 1.9 kB URL GET HTTPS
tl7p8z.top/assets/bwCustomI18n-B4N840oR.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (1864)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.9 kB (1865 bytes)
MD5 c9a7898ea10ef4d698ebe152694fd58c
SHA1 7816d6efecee3ed23131bb0231d519c7e089aaa0
SHA256 a5c8d109e66f3547ceb7d76eb9f4970013fe4c0cabef846a598d51bbc748ea63
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bwCustomI18n-B4N840oR.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8e%2BXqdwoy2fhpiphhNJn%2FGjEQdrGsFFOv7u5GrLhv0eMBPLbVxG2eK7Kyydqd0KzQ%2Bu7GAfhqbJtMa1o763gdskhIj38iWxoXLWgKf2QbSRaq%2BEY4zZke9VGIx%2FL"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-33b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426efc5cb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1204&recv=248&lost=0&retrans=0&sent_bytes=1196997&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3249&inflight_dur=315&x=80"
GET tl7p8z.top/assets/arrow_top-DwVBMoYc.js
200 OK 369 B URL GET HTTPS
tl7p8z.top/assets/arrow_top-DwVBMoYc.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (368)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 369 B (369 bytes)
MD5 233334d2dee46e5c190f0654187b95bb
SHA1 2d7c95d2002fa3f58ad89480a253c56431d7abfc
SHA256 c4eda1f787748d1da39a9d09dbfe642e391d4bd4f961b4647ba5bee021c33312
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/arrow_top-DwVBMoYc.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SudPYG4btjNBw8oM22v%2BkLsZyJ%2F6EhwqsYClqh2qk7pz2NuC9FhkZbAp8eSCailRaar2gE61vJjkrx%2ByheWTB%2FM1iCi40BSM6ncxHEgTNs%2FKnQxlYS6YrhQTRMds"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-146"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426efc5eb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1235&recv=248&lost=0&retrans=0&sent_bytes=1223938&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3261&inflight_dur=329&x=80"
GET tl7p8z.top/assets/language_icon-CNQA1QHM.js
200 OK 1.5 kB URL GET HTTPS
tl7p8z.top/assets/language_icon-CNQA1QHM.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1527)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.5 kB (1528 bytes)
MD5 88a28964d3afdebff4cff92fed405eb7
SHA1 2dd1669cf31b7fe3df4762344cbcae3d422f2e28
SHA256 76962d05901c653af1e3cc50e7ff1e1c23424374b1486cc1148c67830a1d4118
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/language_icon-CNQA1QHM.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljEYLx3WWqy%2BKIUB9JbMjlQRCoOYwux977P8V%2BljzGKzlOiaOnuYm7VDi0QjgyhNrXyWpwNWQWoiQTzupmApPakPxbBe2FYbFV%2BAW1JC1v8PdNo1q4UyCDHcN9YQ"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2b7"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cb8b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1284&min_rtt=608&rtt_var=429&sent=1482&recv=305&lost=0&retrans=0&sent_bytes=1418912&recv_bytes=47730&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3761&inflight_dur=481&x=80"
GET tl7p8z.top/assets/vendor-Dm2P-0o0.js
200 OK 2.3 MB URL GET HTTPS
tl7p8z.top/assets/vendor-Dm2P-0o0.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.3 MB (2322640 bytes)
MD5 8bee3a39a77c1b8d14472200bb3e17bf
SHA1 0e1140e107f87f43fda192ec24766bcee8b71e88
SHA256 3fed76c8e9a754681f348ea04b38018147bf9a1f7018f121dfcced6fb11fb92c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/vendor-Dm2P-0o0.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-C4sLo-pF.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:06 GMT
content-type: application/javascript
content-length: 528178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHp%2F2hlujvjieYqOcUmkHcbtzbOWcJ2eHQSVjTFnvgqWhhiOcJEeAguGwnOb4Ai%2FFLXT0GVAdYrIDHBicgJmUSbDT4dL50k1IdPcuEvLxjPURXOyMkoZ6B7qFvo1"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-80f32"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf42642becb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10320&min_rtt=1522&rtt_var=8610&sent=102&recv=141&lost=0&retrans=0&sent_bytes=8644&recv_bytes=8097&delivery_rate=348687&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=40c9c63fa90b9432&ts=1523&inflight_dur=43&x=80"
GET api.tl7p8z.top/downloadapp/list?id=0&download_plan=0
200 OK 579 B URL GET HTTPS
api.tl7p8z.top/downloadapp/list?id=0&download_plan=0
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 579 B (579 bytes)
MD5 b6c692b3ab8e210eb5e1f2cc2e7cb954
SHA1 fbfcfcebf36c8c39969f40781f2c52869ccd4706
SHA256 711cc4bb977fe312f0cde37d5b6c8f2b15a1bb167fe1179f3dd2af0893d5890f
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /downloadapp/list?id=0&download_plan=0 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp:
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6aOfarQqWGmS7xrYBSXcY2%2BMEfmP530AbNV3ZI1JqGvTrPr%2F1drbocN608aFhDv2Oz1wPTFf%2B3Iz83d9eMSrWi3Mm7tHgpGkotE1Ge2Ye31MLMQtU%2F7%2FCbS2f%2BAIvqIgqA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf427fbd8cb529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1650&min_rtt=608&rtt_var=1014&sent=2107&recv=368&lost=37&retrans=38&sent_bytes=2094154&recv_bytes=55843&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5795&inflight_dur=859&x=80"
GET tl7p8z.top/assets/beisbol_icon-DFVkmJJW.svg
200 OK 7.6 kB URL GET HTTPS
tl7p8z.top/assets/beisbol_icon-DFVkmJJW.svg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 5
Size 7.6 kB (7619 bytes)
MD5 08440970534d4fec66d4e977644b01b6
SHA1 986ceba3e8de10a6bb42fa3792d8a9d8c21d7476
SHA256 25b6c6317ed6728c779744474a5f085079c379db6e26a98a14e3cf20de3f4e3d
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/beisbol_icon-DFVkmJJW.svg HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: image/svg+xml
content-length: 3230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qSbzXRqlU8CxXbhenl%2Fx8uOULzCrrzSJ2EPwBkDthmyVCKqzpBnIVZgJxdAtcd4tmWhwFeHGYVRsaKbK0yfuR1tMHO77Xsxu6R25Z%2FCC4krl0%2FaBLMlh4EbKPtwv"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-c9e"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf4283cdafb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2507&min_rtt=608&rtt_var=1705&sent=2154&recv=389&lost=37&retrans=38&sent_bytes=2123050&recv_bytes=62177&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6345&inflight_dur=908&x=80"
GET tl7p8z.top/assets/sprots_tennis-CrBkc-Zj.js
200 OK 2.2 kB URL GET HTTPS
tl7p8z.top/assets/sprots_tennis-CrBkc-Zj.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2179)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.2 kB (2180 bytes)
MD5 d5e26ddc800d6ccdcfdf82101c25629c
SHA1 e8732626bb422e32da4f95d6a3d35d15d6b02f49
SHA256 58f55eea1b45eb66aa8bb354870fe95d6d52b7868495bcea773f7a16dc4c8276
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sprots_tennis-CrBkc-Zj.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ZBxmyJto%2FbTaOsubWDhad2HeqWvf35ArclhgESnDZACGfvppIrhfaAr6xc3uqwSVjrOYY%2FpM2rxEZBljHEDa2rpoALdx41ivH79R76zfnTMbyZ3ESh05SP%2FMX6%2F"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-3cd"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cbeb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1437&min_rtt=608&rtt_var=609&sent=1446&recv=301&lost=0&retrans=0&sent_bytes=1392903&recv_bytes=47548&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3752&inflight_dur=474&x=80"
GET tl7p8z.top/assets/arrow_right-Cy3s1bSW.js
200 OK 377 B URL GET HTTPS
tl7p8z.top/assets/arrow_right-Cy3s1bSW.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (376)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 377 B (377 bytes)
MD5 845c7f9d79717631bd9f0c9f07bf2413
SHA1 c3be102f79ddf7b89afec22022e9d7bd8891759e
SHA256 3790a82323d4a7093b614121791a12e15f90bccb34ab76a33162124638ac661b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/arrow_right-Cy3s1bSW.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 330
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lg4NvBObWHGrhan%2F34lpakNIpSkKG0nNOM%2FIdUorIDRsQFTNLvVX5c2VkaYRAs%2FxG1ODTfaxnX%2Bm1%2Fyi0vd53MV16VLe5FkdW4PZ8hvXBmPWmab%2Fh%2B4bVCR1Xv3N"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-14a"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426efc5db529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1197&recv=248&lost=0&retrans=0&sent_bytes=1191339&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3246&inflight_dur=311&x=80"
GET tl7p8z.top/assets/automovilismo_icon-ul2Vk9QG.js
200 OK 2.6 kB URL GET HTTPS
tl7p8z.top/assets/automovilismo_icon-ul2Vk9QG.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2558)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.6 kB (2559 bytes)
MD5 a0a23f93cc6adea6e898324b33060ccc
SHA1 8787d848f3623312796a0c359dc3b40c057ca766
SHA256 e34d2b642a641c3b164c895bc36baf5739e15d71ba14ce5a55bf8caf2cb069d3
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/automovilismo_icon-ul2Vk9QG.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1015
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OCjvoa9hAnJZA4KTx2TotZh7j8C1ZvIWgXQhb5s65cU7qSDP4qkXSpNEv6LqTGZQIQDz%2BaNx5tkAIipb64rCXNWl%2BzAlnWHb%2FUH24zO8uabYVUgBsr2peNMXlPCx"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-3f7"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42741ca2b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1417&recv=290&lost=0&retrans=0&sent_bytes=1374204&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3725&inflight_dur=447&x=80"
GET plugin-code.salesmartly.com/chat/widget/code/install.js
200 OK 20 kB URL GET HTTPS
plugin-code.salesmartly.com/chat/widget/code/install.js
IP / ASN
54.240.174.71
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, ASCII text, with very long lines (20174), with no line terminators
First Seen 2025-06-07
Last Seen 2025-06-09
Times Seen 8
Size 20 kB (20174 bytes)
MD5 f79d497e0c6f64c6d731f893286dbcdd
SHA1 0b355722df5d1d22414b653105ce03bcf0bba7da
SHA256 a17cdf0e495cd0515552ea5da57d7dc2bccb654dee890ad3172605d474722430
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /chat/widget/code/install.js HTTP/1.1
Host: plugin-code.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Wed, 04 Jun 2025 02:49:23 GMT
x-oss-request-id: 683FB433F1D29D3738C24AB3
last-modified: Wed, 04 Jun 2025 02:48:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13646932626921300032
x-oss-storage-class: Standard
cache-control: public, max-age=600
content-md5: 951JfgxvZMbXMfiTKG283Q==
x-oss-server-time: 6
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iHvCCtrqqqjSHSpf6oynAuWG-VLC5dcVvffD8OiBjy__7y7pUek3sA==
age: 452387
X-Firefox-Spdy: h2
GET plugin-code.salesmartly.com/chat/widget/code/js/chunk-vendors.bf63bec0.js
200 OK 231 kB URL GET HTTPS
plugin-code.salesmartly.com/chat/widget/code/js/chunk-vendors.bf63bec0.js
IP / ASN
54.240.174.71
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators
First Seen 2025-05-14
Last Seen 2025-07-13
Times Seen 175
Size 231 kB (231027 bytes)
MD5 55ce12e508a6e6fb1a0a042518c6eaf2
SHA1 ae5bc4f5fff9920dc7ae8c1d97736db70789d9cb
SHA256 81bd368e03fb87548bdbd9580cf5c9309e447fedf52295e4717fbb41a384ec48
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /chat/widget/code/js/chunk-vendors.bf63bec0.js HTTP/1.1
Host: plugin-code.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Wed, 04 Jun 2025 02:49:21 GMT
x-oss-request-id: 683FB4315841FF3034328D1F
last-modified: Wed, 04 Jun 2025 02:48:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11628951447286022601
x-oss-storage-class: Standard
cache-control: public, max-age=15552000
content-md5: Vc4S5Qim5vsaCgQlGMbq8g==
x-oss-server-time: 9
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: afYp_u3siLmNOceqNd0XN_76mKZMR6QYOL3O8wGP3c4Vuf7-jRvpxA==
age: 452390
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/login_bonus_bg_pc-DHZE41bY.png
200 OK 27 kB URL GET HTTPS
tl7p8z.top/assets/login_bonus_bg_pc-DHZE41bY.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 260 x 66, 8-bit/color RGBA, non-interlaced
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 27 kB (26660 bytes)
MD5 53d3c1948d8303439dc4b0eb74f423cb
SHA1 05dca5c07e1e177843256ae384ef243a4f0fc97f
SHA256 a0b802e91881c919b69fa2dbfa312288435cb1c790df61d334c0f1dae12620fa
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/login_bonus_bg_pc-DHZE41bY.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-CD3Vznvo.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: image/png
content-length: 26660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7GZb7u8nhmcaLTGdvT2iveFS2CpLZPKZeasYymekTh%2BIYZYmnYLQbzfPelccvFl%2Bxd9XZkTuY4b7%2FpqxQ5C5gjefstQRONmstgd5j%2F43hX%2BRCZtJgvDrUTLlp2d"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-6824"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf4283cdb2b529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2638&min_rtt=608&rtt_var=2051&sent=2259&recv=412&lost=37&retrans=38&sent_bytes=2220654&recv_bytes=66498&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6514&inflight_dur=1048&x=80"
OPTIONS api.tl7p8z.top/games/categories?type=providers
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/categories?type=providers
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/categories?type=providers HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMD9OsQC2nUBK9g%2F6YbYEOMqDLICzvn8kSMmHoW7Jnk%2Bh%2Flewk7OoI0u6nxqdmiAl72st8TpbaKJUQewYFExv%2BLlU4oJ0siufh%2FnoMqClq5H76ytKEQ0i%2FUk50hL3M%2FKqg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf42844dc9b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2076&min_rtt=608&rtt_var=1829&sent=2171&recv=396&lost=37&retrans=38&sent_bytes=2134862&recv_bytes=62499&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6424&inflight_dur=970&x=80"
GET tl7p8z.top/assets/common-header-close-B6-pd6FT.js
200 OK 1.1 kB URL GET HTTPS
tl7p8z.top/assets/common-header-close-B6-pd6FT.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1050)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.1 kB (1051 bytes)
MD5 db2885d0544462b7044b094f4a3c15e0
SHA1 10549cf75edc0370a2764371e438a91c7a7cf7e2
SHA256 6f1b23ce28ab9ee869c1c9cb260cef362328289c8309734725358c91be07ea7e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/common-header-close-B6-pd6FT.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 477
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1T4sQEszgmktoaEtBWR9WRcWZ2Cjq4ZBgDqqwneyuCOXZubwUqaex%2B3hKd%2B7E8kzEu7mRm8ipTVysuBjsH4JP26buFjx7R2mGaBcl%2Fyx8rI53qfWHEsV7abc4%2FB"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-1dd"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ebc38b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1151&recv=246&lost=0&retrans=0&sent_bytes=1153441&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3211&inflight_dur=278&x=80"
GET tl7p8z.top/assets/bwFormatCurrecyNum-Ik44kQRK.js
200 OK 1.1 kB URL GET HTTPS
tl7p8z.top/assets/bwFormatCurrecyNum-Ik44kQRK.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (1141)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.1 kB (1142 bytes)
MD5 f300792837e444600690909b1558b06d
SHA1 5249759c21d2b2d7851be5920cb053faf4ec4522
SHA256 30b00c694d44d260f2e6e12e74edaf2dee4e60f409330c8b14e3ee4bb65d722d
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bwFormatCurrecyNum-Ik44kQRK.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6euI4zzKrzHp8r%2B88mF8CGHmeYjDk3xkUKWHgskn%2BE4zurC7OT8KyRhGv%2BgRxXnylW4f5dl9xMiiF3hZb1AatibQVCxlImxsi9fP9Q9YEbxrzSh6D%2F5eQuT0bpWH"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-259"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42740c96b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1651&min_rtt=608&rtt_var=520&sent=1349&recv=273&lost=0&retrans=0&sent_bytes=1326819&recv_bytes=34896&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3700&inflight_dur=420&x=80"
GET api.ipify.org/?format=json
200 OK 21 B URL GET HTTPS
api.ipify.org/?format=json
IP / ASN
104.26.12.205
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2023-04-05
Last Seen 2025-08-10
Times Seen 42003
Size 21 B (21 bytes)
MD5 7d69c71af0f191e9a72db6153f8018d1
SHA1 f67c5f2887bc05654b47f76e9621e53a4091aed1
SHA256 5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65
Certificate Info
Issuer Google Trust Services
Subject ipify.org
Fingerprint B6:43:2D:30:3C:0D:E5:13:B7:32:8A:28:4E:69:95:BC:C6:20:DD:F9
Validity Fri, 09 May 2025 18:38:00 GMT - Thu, 07 Aug 2025 19:37:58 GMT
GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: application/json
content-length: 21
cf-ray: 94cf427a9c095691-OSL
access-control-allow-origin: *
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=1071&min_rtt=479&rtt_var=1107&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3191&recv_bytes=1082&delivery_rate=8369942&cwnd=254&unsent_bytes=0&cid=dc1d3654090dfa38&ts=162&x=0"
X-Firefox-Spdy: h2
POST api.tl7p8z.top/statistics/report
200 OK 75 B URL POST HTTPS
api.tl7p8z.top/statistics/report
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 5
Size 75 B (75 bytes)
MD5 4c9f10173d6def8fc5bbef7022cfb322
SHA1 35c0d465b474ede617233cb52b48daa51e542de8
SHA256 3a7f36e458e8de71b94d899186e5e4838d9b118b1b0d48f7a1ff8de3c186e56b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /statistics/report HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Content-Length: 91
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LD6%2F4UCpPywVG2Viti41eZNmHUX7ESvUDETdBOq3pDJ%2F2fyiB5lAyPzCsMb05wYsskM3Vd%2FtjAOvhBAPsgX6Fm07fpTd0KLiSsux%2F%2B6DNCxPJRHG9uybWatXEKxldiAE6g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf42879e33b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=959&min_rtt=563&rtt_var=365&sent=2583&recv=455&lost=37&retrans=38&sent_bytes=2545463&recv_bytes=73233&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6950&inflight_dur=1242&x=80"
GET api.tl7p8z.top/configuration
200 OK 1.8 kB URL GET HTTPS
api.tl7p8z.top/configuration
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.8 kB (1793 bytes)
MD5 5785c5a27b7c9f4a793bfdec69014f78
SHA1 c2a7dd770cc05e542e0aa3bb9112edc161f8e32c
SHA256 e13f2a9b9d76abf381b13d30956a8610ff3d71a25cf21ee1797411fd09f7748e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /configuration HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp:
Source: pc
X-Language: es
X-Country:
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NnItUA4e41aOVlEozqNe2tSW1C2M%2FcY8lRPWbWg7XlPSyahW1gnF5%2Fo0krXLqe0%2BkhkqZX8BpqIp2ktULjJRIfyIzuCzfQAjGXqaDw%3D%3D"}]}
content-encoding: br
cf-ray: 94cf4270bf865699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/sports_eSports-CmrhlJIc.js
200 OK 2.9 kB URL GET HTTPS
tl7p8z.top/assets/sports_eSports-CmrhlJIc.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2872)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.9 kB (2873 bytes)
MD5 e4d9f35ad0578271c8b2c494da4e570a
SHA1 2a2bc28e536012213e2af136d26c05aa80c2c930
SHA256 4479572c1461a4c00ccab0593eaae7a1392b8a47162d6f9d88ba1905e7e13941
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sports_eSports-CmrhlJIc.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2B3YgPe7jEszX8piSq18cRI8EfvSXqb1HycUf9E7bfrpvO3nbF7IfQgGccAwwYYi929hUKy9gPiG9rA35QyPbnEctHvfm%2F9LLsOqoJNAeEgzUiqkrZX%2BluJOiEm2"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-4db"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cbfb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1383&min_rtt=608&rtt_var=460&sent=1456&recv=303&lost=0&retrans=0&sent_bytes=1399744&recv_bytes=47639&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3755&inflight_dur=477&x=80"
GET tl7p8z.top/assets/sports_valorant-CKlO2sp4.js
200 OK 2.4 kB URL GET HTTPS
tl7p8z.top/assets/sports_valorant-CKlO2sp4.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2422)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.4 kB (2423 bytes)
MD5 1205a528b0b38890fc7c4a330a6756be
SHA1 57f9f1f37287a72b2f7e2a90d4efc28f63513f4b
SHA256 da887046e86858d1910cb9b97eb250dee617fcc186355810e1a2a82ce07518dc
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sports_valorant-CKlO2sp4.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1091
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69SzPE9jn7mpcK1POygKC%2BKRs%2F2XspoZ0kWqqb2gi8uDF3V2mvQu249wf5cEz%2BfpG6S8DnJMgBaxMGsRCsuh0QVDHQ7ZfLfaWqpOnQuslPNh4gra%2BkrU5TSLSiUi"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-443"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cc1b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1437&min_rtt=608&rtt_var=609&sent=1448&recv=301&lost=0&retrans=0&sent_bytes=1394593&recv_bytes=47548&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3754&inflight_dur=475&x=80"
GET res.tl7p8z.top/upload/game_group_image/20250516_1a32569521925a5c484773d813b6ffb5_1747384031332.png
200 OK 1.4 kB URL GET HTTPS
res.tl7p8z.top/upload/game_group_image/20250516_1a32569521925a5c484773d813b6ffb5_1747384031332.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-07-31
Times Seen 2
Size 1.4 kB (1386 bytes)
MD5 ddc1cb1a606718d28a62352c8e17a37b
SHA1 43329e0651cb686327aea97a934fd1648bb2b5fc
SHA256 61234b936b0f4f579f57e52cd93181bf3b924d0eed9fd4b76a6469bfb7f8b3c9
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_group_image/20250516_1a32569521925a5c484773d813b6ffb5_1747384031332.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 1386
cf-ray: 94cf428678575699-OSL
accept-ranges: bytes
etag: "ddc1cb1a606718d28a62352c8e17a37b"
last-modified: Wed, 28 May 2025 16:28:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmBojY4xtUjRYSnsDtArq4kXo%2B5sz8FOsgldMmwtWNlAEfpQv%2FJ2j6PIVazyJ%2BSxabKQ8Ulk1O7SIxlDKH8fIm6Yk4M6tFaM2rIKRXkdpi5n7CYuvAsS1a2djhaW0D3GrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=505&min_rtt=396&rtt_var=36&sent=181&recv=164&lost=0&retrans=1&sent_bytes=192097&recv_bytes=3106&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4169&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/tennis_icon-D6N35M_3.js
200 OK 4.3 kB URL GET HTTPS
tl7p8z.top/assets/tennis_icon-D6N35M_3.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (4314)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 4.3 kB (4315 bytes)
MD5 d102c4500f311be7a27f74c42a3c9df8
SHA1 e7223511cfb682b59a4972a4faa872d9f78cd6c7
SHA256 0e8c6b442800bc8cd320832491a6853de3dfe05a2a824849b19d183c44613b90
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/tennis_icon-D6N35M_3.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1729
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQzixjTmWjshHWcW0mh8tIzIcZSeJKHx12p22Oy100s2BmIqMvlqf11NgGrWEDPmGqFmlOzfbveLOE8kHrwISn0cgek%2Fy105FHrNv5%2Fw3gVBHkh6MNJhmVi90mdK"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-6c1"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42741ca8b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1394&recv=288&lost=0&retrans=0&sent_bytes=1354063&recv_bytes=40894&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3719&inflight_dur=441&x=80"
GET tl7p8z.top/assets/cooperacion-DBrYjKDy.png
200 OK 42 kB URL GET HTTPS
tl7p8z.top/assets/cooperacion-DBrYjKDy.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 1276 x 304, 8-bit colormap, non-interlaced
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 42 kB (41906 bytes)
MD5 083cf10a77ef7fde71fe8363510eb170
SHA1 3eb7fe19d6b2edd9fd85326e2cbc0a82a4d80c45
SHA256 93e64e956faa7ae8368060da387e756622f7f9ce3a763671f4e5aab123846aff
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/cooperacion-DBrYjKDy.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: image/png
content-length: 41906
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4t7fhFCa5m3COTIhj0b0ltu%2BQcHcNeoC0c0AqK9jrCtaZACaSO1xPlqE9Zbggo6yBpZ4fUz1D3xjDWTtXbsTlC%2FpfENuxJeCKQupI0s5dswmxSDoEOIBu%2BkfAioq"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-a3b2"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf427cfd64b529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1817&min_rtt=608&rtt_var=724&sent=1940&recv=343&lost=37&retrans=38&sent_bytes=1925324&recv_bytes=52876&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5362&inflight_dur=717&x=80"
GET plugin-code.salesmartly.com/chat/widget/code/js/plugin.63fb3161.js
200 OK 313 kB URL GET HTTPS
plugin-code.salesmartly.com/chat/widget/code/js/plugin.63fb3161.js
IP / ASN
54.240.174.71
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (64566), with no line terminators
First Seen 2025-05-23
Last Seen 2025-06-09
Times Seen 18
Size 313 kB (313223 bytes)
MD5 62e0d5ab9a11cdbba4a9a09bcf8cd432
SHA1 c27a92c678166c397382b647be1c7cfabc8c40c1
SHA256 d901f7a915184349d07d7e1c86061edddd7818af8d8d3fb116f8ffcbc22ac25c
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /chat/widget/code/js/plugin.63fb3161.js HTTP/1.1
Host: plugin-code.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Wed, 04 Jun 2025 02:49:23 GMT
x-oss-request-id: 683FB43315F0493534CFFBD1
last-modified: Wed, 04 Jun 2025 02:48:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11090211282061570493
x-oss-storage-class: Standard
cache-control: public, max-age=15552000
content-md5: YuDVq5oRzbukqaCbz4zUMg==
x-oss-server-time: 13
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bG3yR2qRjHN4iYTv0XsV1uu36qx0AmTV7aWWILb1evCojOP47C6rmQ==
age: 452388
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/banner_image/20250602_b62bc6b55a1f2b368380dc1fbea2e71b_1748867780413.png
200 OK 118 kB URL GET HTTPS
res.tl7p8z.top/upload/banner_image/20250602_b62bc6b55a1f2b368380dc1fbea2e71b_1748867780413.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 666 x 420, 8-bit colormap, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 118 kB (117874 bytes)
MD5 d3f8e9e45efb3eb3b97a27a615130622
SHA1 8404c96659c0a6912c1435e8c69067b05d22fb9b
SHA256 817580a6249b8107ada30f3873362ffdc2ca59e5d1db53e33c4d982dceeb1d1b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/banner_image/20250602_b62bc6b55a1f2b368380dc1fbea2e71b_1748867780413.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 117874
cf-ray: 94cf42886aca5699-OSL
accept-ranges: bytes
etag: "d3f8e9e45efb3eb3b97a27a615130622"
last-modified: Mon, 02 Jun 2025 12:36:22 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TcutCvq5sGmjsYhVuvL7xzSxmqeVEXcFSUiGypiRbeKJdvkHRuoDqXEGvASG49i3BTTcj%2B%2B6dl1VLBDxyxb3C%2BUlT9RZcvqRo7GTZ1XJDB6%2FUSKTib%2BMEqIp%2FtdZwbsoGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=835&min_rtt=396&rtt_var=401&sent=1057&recv=425&lost=0&retrans=1&sent_bytes=1253788&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4492&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/index-CVG7ewD4.js
200 OK 489 B URL GET HTTPS
tl7p8z.top/assets/index-CVG7ewD4.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (488)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 489 B (489 bytes)
MD5 ea2ebb48077dfa55721ac85f078c1edf
SHA1 c1dc116493bbc13bf7539cef26a5a95cd62f7847
SHA256 a478c7e4dc87f600394b13388b50ef0e1494d8f4942b8d9a6277902cee489977
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-CVG7ewD4.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6bVtEv%2FCzu62Fnvl0om%2FNtAKoACioG1nCommrXDvczB5qZm4emyHhdxGr6UEM0V6%2BeWGoFIG7mHBJM51%2BlbOhsIdfB01qzm6u%2FYdxpisC0peu7qaP22T4yvCmjj1"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-161"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42740c9ab529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1499&min_rtt=608&rtt_var=544&sent=1368&recv=278&lost=0&retrans=0&sent_bytes=1340602&recv_bytes=37912&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3708&inflight_dur=428&x=80"
GET tl7p8z.top/assets/agent-D9lYeYyH.js
200 OK 734 B URL GET HTTPS
tl7p8z.top/assets/agent-D9lYeYyH.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (733)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 734 B (734 bytes)
MD5 91b89ae708772e7361a699b436c988d3
SHA1 fde9e3e60bd9cb3331720339cc66436c8a0f1bcd
SHA256 052e8e868010bd4a9ae36ac352625744dc8e8112cab2a4726400c80c88d3a591
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/agent-D9lYeYyH.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rzn70YILteSLFyk9W5kyhuCZDwcT1p%2By9K6BZ6K7BrvyuWpPhHlvvZtsNGMceehrgCRHKU0kEHtA6iz2B0e5CqVsClgHyrpTqDrfuNm7zGt%2Bz7rVQqVbW%2FTnwT3h"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-100"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f0c66b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1216&recv=248&lost=0&retrans=0&sent_bytes=1205830&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3254&inflight_dur=320&x=80"
GET tl7p8z.top/assets/reward-leveI-icon-Cg93okMh.js
200 OK 65 B URL GET HTTPS
tl7p8z.top/assets/reward-leveI-icon-Cg93okMh.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-02-23
Last Seen 2025-06-09
Times Seen 4
Size 65 B (65 bytes)
MD5 688dec09df5e8d5135f44bd9ee47b439
SHA1 bd72b9bc412d55b31edb9a77072b8aff66196128
SHA256 3bc5ce0d21c93004be27386312e6c7b7d0e6fff408754929f5a5f04dc5a144c5
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/reward-leveI-icon-Cg93okMh.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DL8nOMpPjDMlt5F0Qdge9sdfr3cnHqKT8p41Xg1n5zPgWHVZGORNL03uEmOBliF08QVuwtDrBBt9BHElS4PB6wCxNMPouMrXSZSIX9OKwI%2BUe2ezbN9Ye%2FKBfoyp"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-41"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 94cf426f0c6ab529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1212&recv=248&lost=0&retrans=0&sent_bytes=1203043&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3252&inflight_dur=319&x=80"
GET tl7p8z.top/assets/sports_mma-OvBt-H1N.js
200 OK 1.1 kB URL GET HTTPS
tl7p8z.top/assets/sports_mma-OvBt-H1N.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1071)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.1 kB (1072 bytes)
MD5 9b2f0be92a2c1422cb9b2678c83bdd91
SHA1 2808df4827edf1cd0fe0185890ef6d58ad88bb4c
SHA256 fce44460b098ff9afa2232a5d7aac5080298edb6ee0a9b707f996af2514eb044
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sports_mma-OvBt-H1N.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 571
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubKbP%2FoQeLKiu7NJDyVQURcsUjhUmC7hM533yc2fORhMs0vJq73V77kl7J%2B7TfRSJ%2BiVrms1NVKDxhHJUE7%2F1%2FX6OdQp5BbEC1YNMZ4MMRdcE8qg%2BfmpF5DFxiph"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-23b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cc2b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1383&min_rtt=608&rtt_var=460&sent=1452&recv=303&lost=0&retrans=0&sent_bytes=1396451&recv_bytes=47639&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3754&inflight_dur=477&x=80"
GET api.tl7p8z.top/games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54
200 OK 6.4 kB URL GET HTTPS
api.tl7p8z.top/games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 6.4 kB (6395 bytes)
MD5 7e98a8a2d3633eae430a59d028115ae5
SHA1 d1bfd7c2126392a874fc7a676e22bb0863b0a625
SHA256 845b8b283e4c5e75dd554e48ab4858f04f74c448416fea4dd3efa697550ef51c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6iZhalqmXlsW9l9rHqxFVloUuWKxOmtVTX1Xrt2DRvjYnTndpH9rIrTL1tGUgiQAlpYtmg%2FP%2Fmmc75bSBYafinyMQaehM2Wk31g%2BsxcfKlcijFiGHnZXJh5umo5I3oaKDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf428d3e7bb529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2754&min_rtt=563&rtt_var=1785&sent=2631&recv=479&lost=37&retrans=39&sent_bytes=2568649&recv_bytes=76308&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=7855&inflight_dur=1421&x=80"
GET tl7p8z.top/assets/beisbol_icon-BUeMYdUf.js
200 OK 66 B URL GET HTTPS
tl7p8z.top/assets/beisbol_icon-BUeMYdUf.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 66 B (66 bytes)
MD5 9fab34bf5045e1638f4bf6f265f0276d
SHA1 3f2e01b321243da2fa243cd683e422588c769d22
SHA256 b3a3bb11a4040b03905f1a997f4b3925a440881fe15a0f7c99926b5656f9108e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/beisbol_icon-BUeMYdUf.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phDoJV3C2buGIzdru%2FldVmaY1udv2%2BXyhi8riZkA1%2FsM6qLs9WJLwq6ENJa8ub4kvdjGe8W78itVA8ldH9fIqhp7XD2UdzwIgu0oRPppZ9P1sGwv%2FAlxCRArY9dF"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-42"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 94cf426ebc3ab529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1946&min_rtt=608&rtt_var=1299&sent=1141&recv=245&lost=0&retrans=0&sent_bytes=1145467&recv_bytes=29967&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3208&inflight_dur=275&x=80"
OPTIONS api.tl7p8z.top/popup_mgt/list
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/popup_mgt/list
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /popup_mgt/list HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJyo6ASrQlkV8AkMnqmPR%2BuQ4pIQZ%2Bu4jr506XPG%2BF62Jb1cmkkmDuUhF4rAhG8WPenP5DyEYrrUffBheu13prnaFcfQAlPmcFLR%2BjezMa2jHpK144k9alxy7BSMa62Q8w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf427d5d6eb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1394&min_rtt=608&rtt_var=522&sent=2082&recv=353&lost=37&retrans=38&sent_bytes=2083614&recv_bytes=53554&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5550&inflight_dur=767&x=80"
GET api.tl7p8z.top/popup_mgt/list
200 OK 4.6 kB URL GET HTTPS
api.tl7p8z.top/popup_mgt/list
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 4.6 kB (4607 bytes)
MD5 9f9d45008cfe48e5aac656ea6e05d308
SHA1 18a1381a10f7a0705f6a3529cf3c013421d4ac63
SHA256 85f837c6f81758daf4bc78ce8c166d1774c9e033ab5c82e6b7089cb59b45a379
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /popup_mgt/list HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp:
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVx6SfoyS09%2BeoYFZi6thBsuNm5jezwKjWW1bMqoUarNr1sRn2j68oC8EvD7%2BOnqw%2BdolGV6Fn4wJ8Mlmys1j3A7P4g27CccBG76GwPTGYjCqQP5iMGWDb0SF2p5%2BvH7dA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf427fad89b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1472&min_rtt=608&rtt_var=659&sent=2100&recv=365&lost=37&retrans=38&sent_bytes=2090378&recv_bytes=55709&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5680&inflight_dur=832&x=80"
GET plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js
200 OK 225 kB URL GET HTTPS
plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js
IP / ASN
54.240.174.71
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, ASCII text, with very long lines (49155)
First Seen 2025-05-10
Last Seen 2025-08-10
Times Seen 250
Size 225 kB (225000 bytes)
MD5 4dd10bf9e3a55d04fb02d076f8d888fd
SHA1 73fe2ade639561e0fbee753a10ab3a8f64457ba6
SHA256 9b5cc937de300ae7ed821b3c25405086cd9fc0c25be5f6afc2213b06d1981408
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /chat/widget/code/js/vendor1_b8775aab.js HTTP/1.1
Host: plugin-code.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Wed, 04 Jun 2025 02:49:21 GMT
x-oss-request-id: 683FB431FE67F33134C83858
last-modified: Wed, 04 Jun 2025 02:48:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15305004930386263030
x-oss-storage-class: Standard
cache-control: public, max-age=15552000
content-md5: TdEL+eOlXQT7AtB2+NiI/Q==
x-oss-server-time: 2
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B7gYxPtIioSL_2ywIvPK9sDnxAJUTnlbIQLcp56CiHQpcLJJ2qWaFw==
age: 452390
X-Firefox-Spdy: h2
GET res.tl7p8z.top/home/icon_public_38.svg
200 OK 548 B URL GET HTTPS
res.tl7p8z.top/home/icon_public_38.svg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 548 B (548 bytes)
MD5 c06750ed7075c9ae0e46b91cc4736dc9
SHA1 47370d7a988c6d0f6eba7e5f307cde9a57e280c9
SHA256 21143006a9019f945d7e023b11face6cfef7f0fb8e6eb72e37023e6c607de2a4
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /home/icon_public_38.svg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/svg+xml
content-encoding: br
access-control-allow-origin: *
etag: W/"c06750ed7075c9ae0e46b91cc4736dc9"
last-modified: Wed, 28 May 2025 16:00:39 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9VklKdeg06fIV%2FbpXCE0c2eBDGgnk6A0trJsTnSJ54wjV6Yg4t7%2BjmeJvYdC169vZfv2hjZTSmn1NjK2gkdZrhRjDFk9usyXPsvoKiLkQy49VfkH8PlR1dInj6sKisSJ6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94cf4286e8df5699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=482&min_rtt=396&rtt_var=42&sent=218&recv=202&lost=0&retrans=1&sent_bytes=200836&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4272&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/62432524227313683_20250603044537.jpg
200 OK 56 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/62432524227313683_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 56 kB (56092 bytes)
MD5 1d7cf578c55669c37bf37ad731db2c7a
SHA1 2468b25a146cf3d9ef40c52874b1862ada34abf4
SHA256 b8b648ab33804f9f36f9bc772895473e71f742c02716a998601ea52d10438958
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/62432524227313683_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 56092
cf-ray: 94cf428addbb5699-OSL
accept-ranges: bytes
etag: "1d7cf578c55669c37bf37ad731db2c7a"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rbvr2Gfm%2FXjqgRJ7S8mGQe7%2B5ibF2h%2FW0HMohSFOisgtI0B80cT5H%2BDfX0CZO2W%2BXfN5GcSQkIdwmP%2Bo0zX%2B19YP9lrDaE278qYW1AXEQrNGr0p8ktUriSCztr0Oo5%2B%2Brw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=861&min_rtt=396&rtt_var=319&sent=2304&recv=666&lost=0&retrans=3&sent_bytes=2842589&recv_bytes=9986&delivery_rate=44986407&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4921&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/rewards_icon-BlkLby2Y.js
200 OK 4.0 kB URL GET HTTPS
tl7p8z.top/assets/rewards_icon-BlkLby2Y.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3964)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 4.0 kB (3965 bytes)
MD5 78ee8e08dbe5fd61f815ff9ac60bf519
SHA1 b87d7982e3bedfd3d36bf8a6ca3266529f3ba9df
SHA256 a6e13175d377ed64a27a6e74735e0aeb9c381294b51573b7d69dfaf2c79aea12
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/rewards_icon-BlkLby2Y.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BuP6BQYZLPYqoX%2FlgNdpPno6gPyOHhB8f%2FjZdTqBoCTK0djn1GF4PHE76fRSfYTG787JduIJ0oxfW1TsKeMpFEaG4F21kDeodoXJ90zHeiX1YWj%2FCIHXMCjuLU0g"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-614"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742cb6b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1425&recv=290&lost=0&retrans=0&sent_bytes=1382001&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3729&inflight_dur=450&x=80"
GET res.tl7p8z.top/upload/game_image/127342192938188816_20250603044537.jpg
200 OK 59 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342192938188816_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 59 kB (58734 bytes)
MD5 5ac1c9578f7746739c0a63973d8541ab
SHA1 9ada1ff538f5d39fec3fc3111519951575a88f86
SHA256 a2a3f349f081c2ed94cca5d36f6641ce46a61cf2f99350e1b9801533896368cc
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342192938188816_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 58734
cf-ray: 94cf428b8ea05699-OSL
accept-ranges: bytes
etag: "5ac1c9578f7746739c0a63973d8541ab"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F46UKwAtrOhfPy%2FGJEIsxHc1TNGnXoeZHvY6aLgTMx140YnzmLEKVFxRyIzdffW%2B2tftf5XKpC5IAGJvtU4UYr6hamhoKQMZ3FxeFYK56UaoVP6ZvrHvv6oXMsaxf1dM%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1044&min_rtt=396&rtt_var=599&sent=3203&recv=724&lost=0&retrans=3&sent_bytes=4002838&recv_bytes=9986&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5010&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/76622871039836184_20250603044537.jpg
200 OK 49 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/76622871039836184_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 49 kB (48931 bytes)
MD5 d6978ad3a08082c38499b357ca99f3fd
SHA1 dc15b6e40e25c06c78afc6d7d0b3bb9a1ff76ad0
SHA256 23a97e884ac8f6e1c439cb3f564b2f6c720ad085bdb0aea114facda266dff20a
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/76622871039836184_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 48931
cf-ray: 94cf428b9ec45699-OSL
accept-ranges: bytes
etag: "d6978ad3a08082c38499b357ca99f3fd"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=grE89568xG6tvbIdLo8zMwKZqazxrqUs70o9SAanr5hMaDi3fuJ1sTUjAsrdG1Xf4HNibV7aWM5zQCOdGsN1WRosfPKBrb8kW6BRDJ6c6nCa%2F3p7ZWoFhkOq%2BXqcU%2FhY3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=953&min_rtt=396&rtt_var=603&sent=3643&recv=759&lost=0&retrans=3&sent_bytes=4574347&recv_bytes=10021&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5056&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/banner_image/20250531_b92d94a273c71cbd64156d2115df8c46_1748684073348.png
200 OK 115 kB URL GET HTTPS
res.tl7p8z.top/upload/banner_image/20250531_b92d94a273c71cbd64156d2115df8c46_1748684073348.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 666 x 420, 8-bit colormap, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 115 kB (114605 bytes)
MD5 284a93ed7a134e685a7ad82dddb4db03
SHA1 95b664b57a5f2748d0873aa49fb64a31058d8ebd
SHA256 750c3e3de852feb73ea35ad2ba57055f015e69ef99542413ca8b21ef631b833c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/banner_image/20250531_b92d94a273c71cbd64156d2115df8c46_1748684073348.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 114605
cf-ray: 94cf42886ad25699-OSL
accept-ranges: bytes
etag: "284a93ed7a134e685a7ad82dddb4db03"
last-modified: Sat, 31 May 2025 09:34:35 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EzlFKhXNrf3lX3KRTY0JTvOdqBHTnsHj061yqPGLnNlapqPlY0KOJSK0tXDt1e8wBjK7kPIHekcAieCKVfiiCdWy8qT6JCxrbFk9g2cCrPUluqzq254mS1Nv71Q%2BvXEkTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=802&min_rtt=396&rtt_var=398&sent=1177&recv=438&lost=0&retrans=1&sent_bytes=1414305&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4510&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/fff-copy-Bpr1biuI.js
200 OK 469 B URL GET HTTPS
tl7p8z.top/assets/fff-copy-Bpr1biuI.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (468)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 469 B (469 bytes)
MD5 45d76394808f51d90cd0d60ebc8606ae
SHA1 80533c196fd587a6acbe9711dfa891fe544cf85a
SHA256 dbe46fc9285ce4f07a82d6ec1f62e2df353b146ca9729f08881b796e9095bee4
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/fff-copy-Bpr1biuI.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8y5MgSIFzgGySs6neAO4Y6SXHgsGzEtKW5X%2FXFKLINYx%2BmiXxVB24w%2B0fYHrXMVGyY24w9Iyk%2B7nIGr4dJ8gCUltugqFv%2FQS31UcOsrsSt3kg7zHs3brsVSHeHMm"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-197"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f4c70b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1970&min_rtt=608&rtt_var=914&sent=1266&recv=251&lost=0&retrans=0&sent_bytes=1254818&recv_bytes=30244&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3300&inflight_dur=362&x=80"
GET tl7p8z.top/assets/BetHistory-C9jUjToX.js
200 OK 6.5 kB URL GET HTTPS
tl7p8z.top/assets/BetHistory-C9jUjToX.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (6461)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 6.5 kB (6462 bytes)
MD5 a16b4339e5338bb0ac0d5f7c1ce6b83d
SHA1 657ef5ec7437ca8d8c8e329d65d77167d6e9e768
SHA256 25a605842f64c6666c0a30ada4defd98eac18c22959bd6c349e588c7e39aee0e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/BetHistory-C9jUjToX.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 2095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xnj7VFw0QkRUvM5uwlVgQptSRnBEof3A3873ifpsASLZoTlVNHbllcQc3AGncQ%2FAVw1Vb9YpFyifqDlyDwxzWAbIJmRx58jHtlfKEwuitseJuel0gZX3tlxQCPsq"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-82f"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42740c97b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1651&min_rtt=608&rtt_var=520&sent=1351&recv=273&lost=0&retrans=0&sent_bytes=1328136&recv_bytes=34896&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3701&inflight_dur=422&x=80"
OPTIONS api.tl7p8z.top/games/search?game_categories_slug=new_MX&page=1&limit=54
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/search?game_categories_slug=new_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/search?game_categories_slug=new_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nNq2Pbyrm5nGbj0hQWTbjCBlnpiggJ0YN4WIFN%2BIXOLYWTmLg94J6BOADHPJuEopkuhJtEyk0JoMrx4uGQVkvutF0Q%2FO4qdylxtLf7sTWKeQxdUUvSVWMbMGB%2BLtp2spJw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf4286ce27b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1098&min_rtt=563&rtt_var=557&sent=2572&recv=446&lost=37&retrans=38&sent_bytes=2542533&recv_bytes=70916&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6828&inflight_dur=1200&x=80"
GET res.tl7p8z.top/upload/game_image/56469906157207562_20250603044537.jpg
200 OK 64 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469906157207562_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 64 kB (64176 bytes)
MD5 1f19e6da76105ddcdfe3f1b437d6b290
SHA1 900ed95340e7dd47241f883b18b192a285575d87
SHA256 55dd985a88aa5fff8ff6d46dc9a1139a5f2c4bc685c1f04b641847bdade78890
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469906157207562_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 64176
cf-ray: 94cf428b3e325699-OSL
accept-ranges: bytes
etag: "1f19e6da76105ddcdfe3f1b437d6b290"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4iI9p64ChEQSVRTJwNFVWtYyxRfWdyxzzgTeU06eL9JqweUYCcOBCwrkKPZ33o8to7Trql1oPsajBYcwPqWbWAYbrowUGob8yI2J2ZDwJk9OKq7XPwEpjV5E0ga%2F8ChfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1139&min_rtt=396&rtt_var=655&sent=2492&recv=680&lost=0&retrans=3&sent_bytes=3088908&recv_bytes=9986&delivery_rate=44986407&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4950&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/56469903204417554_20250603044537.jpg
200 OK 52 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469903204417554_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 52 kB (51781 bytes)
MD5 15faf40466368f8bf6923c6499ec8a51
SHA1 06c7d02e9bba3b40c46f37c8bc3fd0c5ec357f9b
SHA256 2fac6f3934a81dedd763f1016ab9aad96b3f7aa40c5f32976679f2c9fdcf9009
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469903204417554_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 51781
cf-ray: 94cf428b3e3c5699-OSL
accept-ranges: bytes
etag: "15faf40466368f8bf6923c6499ec8a51"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fva8fKfFPrg6OnCzdH9dnQznWEZiPu4wKp6QMLuuoqlY4RwQP18o%2FRlgl%2BI6gToQd4IuxWIFiF2i1Twl0AEI%2BKc91oHr4ZRdOBUayCwsF4nfFXKHqbrd%2B7%2Bta0UKqArLTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1514&min_rtt=396&rtt_var=955&sent=2763&recv=698&lost=0&retrans=3&sent_bytes=3440255&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4982&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/sports_eSports-CmrhlJIc.js
200 OK 2.9 kB URL GET HTTPS
tl7p8z.top/assets/sports_eSports-CmrhlJIc.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2872)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.9 kB (2873 bytes)
MD5 e4d9f35ad0578271c8b2c494da4e570a
SHA1 2a2bc28e536012213e2af136d26c05aa80c2c930
SHA256 4479572c1461a4c00ccab0593eaae7a1392b8a47162d6f9d88ba1905e7e13941
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sports_eSports-CmrhlJIc.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T484PQixOTsTK0Bn6%2F2NWORvMMhmIBikeSd0hIe%2BVtOrhn3ygojBbGPpjSUuH1I4uF1ZnukKR9biQvpkWGMqNWTHkJLSpevRFnnFv1zId2GexIjc3QhFg946mk4C"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-4db"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426efc57b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1233&recv=248&lost=0&retrans=0&sent_bytes=1221981&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3261&inflight_dur=328&x=80"
GET api.salesmartly.com/sys/company/plugin/get-plugin-info?plugin_sign=5d14eb255e119b04657ad30fb6747a32&plugin_id=gt044g&over_time=&env=chat&_=1749457751880&_lt=&_u=
200 OK 4.0 kB URL GET HTTPS
api.salesmartly.com/sys/company/plugin/get-plugin-info?plugin_sign=5d14eb255e119b04657ad30fb6747a32&plugin_id=gt044g&over_time=&env=chat&_=1749457751880&_lt=&_u=
IP / ASN
3.167.2.126
#0
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 4.0 kB (4007 bytes)
MD5 2dbb3d89e545d424bc7f384e20965f53
SHA1 1506e8d435745b8f289eb71cb4ee5d56f8524561
SHA256 d7424ff5dcdc3731a41b4c513ee8a85d34f5f900af549e78394b2965bf47a89b
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /sys/company/plugin/get-plugin-info?plugin_sign=5d14eb255e119b04657ad30fb6747a32&plugin_id=gt044g&over_time=&env=chat&_=1749457751880&_lt=&_u= HTTP/1.1
Host: api.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
server: Salesmartly
x-request-id: b5b3309f-e859-4483-9d54-4403c378b6ff
date: Mon, 09 Jun 2025 08:29:12 GMT
access-control-allow-origin: https://tl7p8z.top
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type, Share-Access-Token, External-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-max-age: 86400
x-cache: Miss from cloudfront
via: 1.1 50c588fd3255d023d9b9021263f5fa0a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: ht-hKMiFfZfJESx-HnS3uNt68_tUNGMgbMbzhvTZPZGJUg-_wygx_A==
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/126172382443339792_20250603044537.jpg
200 OK 51 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172382443339792_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 51 kB (50651 bytes)
MD5 dd185641512364f666b8c791c8bd8d98
SHA1 85fa6feb0f6764a153bc80779bf3959f49af510c
SHA256 c553b3cc6f5f0acab5b6773f902c5c72224a08ae114641b0c2633bc8791b27f7
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172382443339792_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 50651
cf-ray: 94cf428b2e155699-OSL
accept-ranges: bytes
etag: "dd185641512364f666b8c791c8bd8d98"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4J655Ivm2dz11TkcHm5dIwV9yZLQuPRxd8cnUu9A9cDCx1RQ82cX8UgIqaQDQYd8vEKb14GrINj4GouO%2BgyEZXHA%2BT7sOWxx6ZD0wYTDirTt%2FBS27up0ok%2FlFX%2BlUT8nug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=907&min_rtt=396&rtt_var=318&sent=2303&recv=665&lost=0&retrans=3&sent_bytes=2842046&recv_bytes=9986&delivery_rate=44986407&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4907&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/76622870553296920_20250603044537.jpg
200 OK 39 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/76622870553296920_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 39 kB (38899 bytes)
MD5 4b7e2d426c43c6d5618948784a23cae2
SHA1 1b6d1735f7744ad361877310f4eaa4a39de91b88
SHA256 435933093ecb68c447a1a4accc37f0c2de1e0e8b0a86e4b9895bdd2b28f59f3e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/76622870553296920_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 38899
cf-ray: 94cf428b7e845699-OSL
accept-ranges: bytes
etag: "4b7e2d426c43c6d5618948784a23cae2"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1rOFQzFWHcj%2BEPWZEpDQlmYHf%2FlWd043Q70yhN6CVBuAeGs%2FX3v1Eq0QLP%2FwR1Qrcb%2BzXtUMNR9bwSpI9CXqfjhCS3SB3q3W7XpZLbPqH9Z1P5VeoIGt49YeSXpDn5P0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1732&min_rtt=396&rtt_var=1523&sent=2912&recv=705&lost=0&retrans=3&sent_bytes=3628914&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4992&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/bwFormatCurrecyNum-Ik44kQRK.js
200 OK 1.1 kB URL GET HTTPS
tl7p8z.top/assets/bwFormatCurrecyNum-Ik44kQRK.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (1141)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.1 kB (1142 bytes)
MD5 f300792837e444600690909b1558b06d
SHA1 5249759c21d2b2d7851be5920cb053faf4ec4522
SHA256 30b00c694d44d260f2e6e12e74edaf2dee4e60f409330c8b14e3ee4bb65d722d
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bwFormatCurrecyNum-Ik44kQRK.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPLx3%2BZGKWDQFvaIEPZKU3LBvcuUrPEZKi7iLDxE3JjhvBWN0SpgsKMAGMHRvH%2F8EbanlJpcRb8kBEIRpLjZHKDjsu8j3YP5SYFDCPjUXs2NB9jJIcJoaw9%2BKjwk"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-259"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f0c63b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1231&recv=248&lost=0&retrans=0&sent_bytes=1220663&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3260&inflight_dur=327&x=80"
GET tl7p8z.top/assets/index-lxPkVXZi.css
200 OK 1.4 kB URL GET HTTPS
tl7p8z.top/assets/index-lxPkVXZi.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1447)
First Seen 2025-06-09
Last Seen 2025-07-31
Times Seen 3
Size 1.4 kB (1448 bytes)
MD5 1ab047356d172840d13d6b39392a6440
SHA1 b1d9c8191a71f3e94bc60760d87e0aaa792e52c9
SHA256 d25095129e7314c5b5f6077770f456d15f143819881883a60df64eee2ab1a67a
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-lxPkVXZi.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GE8FgmJapuUpVh7Q8CRbx4MT0qzYhCl8IpPdmZ9DhxXPatb5%2FjvLfPz0VyzahMNEuWrHf7gp8i7mTTthpMYIG%2FU7hoWpD9ZLouaYMYE5SI3JU%2FupzdCV%2FBX8q9Xk"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-207"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426dec21b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4014&min_rtt=1206&rtt_var=2906&sent=1028&recv=177&lost=0&retrans=0&sent_bytes=1093278&recv_bytes=14112&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=2852&inflight_dur=163&x=80"
GET tl7p8z.top/assets/sideBarMobile-C3mesgIE.css
200 OK 5.4 kB URL GET HTTPS
tl7p8z.top/assets/sideBarMobile-C3mesgIE.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (5391)
First Seen 2025-06-09
Last Seen 2025-07-31
Times Seen 3
Size 5.4 kB (5392 bytes)
MD5 5bf7f54bc3cccf71d935532cdd730df1
SHA1 8e3ca427697f45053ed8dade204c38f8c1567c5a
SHA256 876edf87d3f56e5c21d796bb035cd006ff7f64b97a3473d06ed45aab62de5d1e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sideBarMobile-C3mesgIE.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 1052
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vLmXVyexZqH6EAtlnexUXeMvUV1wZFxojt%2FlVKxJoK9gGa4Zn%2B9EiGkpgSk3i9Nljh96RMl3M35HZHyZ3JoVNkPTGL9zRK4LBtPJu1bQyITARTdZtEwTE5slLhL4"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-41c"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426e4c29b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2935&min_rtt=608&rtt_var=2506&sent=1113&recv=238&lost=0&retrans=0&sent_bytes=1125530&recv_bytes=29651&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3160&inflight_dur=242&x=80"
GET tl7p8z.top/assets/sport-D_TtLpEm.js
200 OK 1.7 kB URL GET HTTPS
tl7p8z.top/assets/sport-D_TtLpEm.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1677)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.7 kB (1678 bytes)
MD5 8a12523b4b8ea0b1d14e0048fc8b3ad2
SHA1 43ba49bdab4619e8556e7610ae2ebe2d6bc60612
SHA256 a10ef15a6e127d8d8498a384850b6b122a1e5153ab5c40ee3e015a25ad50238e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sport-D_TtLpEm.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 779
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GizjjX64aJTZ2nUa8q3MOlUSofV92Vb8K62ImouUWABTxsQKvVinUIc7QDEtorpWdaQ3PV4rvknSCdXQPQIGKe%2B7WzUXYWnXXrz84kBjiGrUKQ4ErrVWqozj2Kmb"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-30b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426eec4db529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1827&min_rtt=608&rtt_var=923&sent=1192&recv=247&lost=0&retrans=0&sent_bytes=1188137&recv_bytes=30059&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3242&inflight_dur=307&x=80"
GET tl7p8z.top/assets/countdown-D6znV8qH.js
200 OK 2.5 kB URL GET HTTPS
tl7p8z.top/assets/countdown-D6znV8qH.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (2523)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.5 kB (2524 bytes)
MD5 07513ec43da0f4b6e9195b33664ab0ad
SHA1 d8d226fa86e07f8b8d32d139cd26e659ecec2f00
SHA256 09d8f6b86fbaf4fd7cf7b96a1d8dacc7ba1b21f10d2ff2e37548d681cf57f9d7
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/countdown-D6znV8qH.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NRerbN%2FPdyzztECIlEcY3omjCioauOR%2FYZsXeEoWGzHLC%2BURjUOQhyUM%2Foufa8cDQERg8zPNQGI0NEX5LOnzGqR8shK2vLTn5EdOi4AjpVdpmjDNRhIZBZe7Ct1h"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-32f"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cc4b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1461&recv=304&lost=0&retrans=0&sent_bytes=1402982&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3756&inflight_dur=478&x=80"
200 OK 14 kB URL User Request GET HTTPS
tl7p8z.top/
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Resource Info
File type HTML document, Unicode text, UTF-8 text, with very long lines (435)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 14 kB (13886 bytes)
MD5 4c28c0c5ad65411b96133d3352f58246
SHA1 190304532f94730dd9ae8733284a39034e4d9f47
SHA256 0aca5858c02b61ae3c3c1034be9853740df4e94b20c146c8dd344e5c8ae33a6b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:05 GMT
content-type: text/html
server: cloudflare
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jbtuL%2FMGTTnl4M%2B4r8y9iHVck2D%2B%2F9rpYamBsRkSFPPH1t8ePQfMb%2FQcYfB7oQQo0h60yUZrUBq3%2BF%2B0utsk6WDwKW0jrtzw"}]}
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf425a8a3f0afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET plugin-code.salesmartly.com/js/project_344529_353847_1748351068.js
200 OK 1.2 kB URL GET HTTPS
plugin-code.salesmartly.com/js/project_344529_353847_1748351068.js
IP / ASN
54.240.174.71
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, ASCII text
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.2 kB (1183 bytes)
MD5 6280e0d4ebf57bfb551272acfc3b7c3a
SHA1 887df20764c0d7fbdc1856715a468a4eb737b740
SHA256 00fc8dc4639c816d9ca113c097d5d1c284ed1e1dbf04e6c316493ddcc9e52f2c
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /js/project_344529_353847_1748351068.js HTTP/1.1
Host: plugin-code.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Wed, 04 Jun 2025 04:21:28 GMT
x-oss-request-id: 683FC9C8637FD23036700854
last-modified: Tue, 27 May 2025 13:04:28 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5855294599031552081
x-oss-storage-class: Standard
content-md5: YoDg1Ov1e/tVEnKs/Dt8Og==
x-oss-server-time: 28
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UCof0-FM805p9mVP2kS3nTNAK2ERFlEv7BMbLApa5InMheFiryBOmQ==
age: 446862
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/logo-VYDHY-4B.png
200 OK 130 kB URL GET HTTPS
tl7p8z.top/assets/logo-VYDHY-4B.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 2148 x 483, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 130 kB (129507 bytes)
MD5 ee8b53830b56af7dbf1e15b8d1d633db
SHA1 1847e1ace581b0aece6573531bccbce7dd826953
SHA256 61d5615d426c8f5e2ef2901cefbe91eb8d52d4d69586a54a99204613b76b7f3d
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/logo-VYDHY-4B.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: image/png
content-length: 129507
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRxZ1ZjUmKv3tbSzsO7qf8jQ%2B6E2Gh0Qx%2FXIx64Lf6%2F2LLACnNpDIiW7Ahc4bepw%2F4y8fjBLj%2FIzzn0zyim0tzQNajdtzBGDY8XZljMUWycmpXMp66hhRBu9Bsge"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-1f9e3"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf427c4d58b529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1953&min_rtt=608&rtt_var=924&sent=1905&recv=339&lost=37&retrans=38&sent_bytes=1888363&recv_bytes=52692&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5261&inflight_dur=679&x=80"
GET tl7p8z.top/assets/liveChat_float-C_c6XLe-.js
200 OK 62 B URL GET HTTPS
tl7p8z.top/assets/liveChat_float-C_c6XLe-.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 62 B (62 bytes)
MD5 90581e1327ae11ed57627e8112edcfb4
SHA1 20e6b91c6d0d737ce8a82261afac1bc55bfc99b4
SHA256 829f9ace32cee9dfd9f80c0215712f2ff2f80ed79108ac4eefaf680d380efa39
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/liveChat_float-C_c6XLe-.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3r%2BOo37NlUt5v2C720Nlv29GVd85X5KQuZtRZKA%2Bl3lOzvitZkZnsSaG4FH24JWL7OckFg5EzwlrOvYFgKZijfK1wWowd4YKr2VDSwvklmY8k5ypgSv7o2PpfvH"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-3e"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 94cf427d0d69b529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=733&sent=1934&recv=340&lost=37&retrans=38&sent_bytes=1922651&recv_bytes=52738&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5265&inflight_dur=686&x=80"
GET plugin-code.salesmartly.com/chat/widget/code/css/chunk-common.aee94c54.css
200 OK 3.4 kB URL GET HTTPS
plugin-code.salesmartly.com/chat/widget/code/css/chunk-common.aee94c54.css
IP / ASN
54.240.174.71
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3448), with no line terminators
First Seen 2025-05-10
Last Seen 2025-06-15
Times Seen 68
Size 3.4 kB (3448 bytes)
MD5 ed51c37509b7c860cda88219e48a3122
SHA1 ad4b24ed46fd4f4738b33230112a2e25838f6c87
SHA256 a623dc17ec891cc4f6cecab0ec40b2c927f73704e751b9b0bdc9014db2577b11
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /chat/widget/code/css/chunk-common.aee94c54.css HTTP/1.1
Host: plugin-code.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: AliyunOSS
date: Wed, 04 Jun 2025 02:49:24 GMT
x-oss-request-id: 683FB434F9AF893333F70F72
last-modified: Wed, 04 Jun 2025 02:48:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6685358742753036998
x-oss-storage-class: Standard
cache-control: public, max-age=15552000
content-md5: 7VHDdQm3yGDNqIIZ5IoxIg==
x-oss-server-time: 7
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ciIv8B2YNpnlgw5VkkacPFq8-fs7cPRIDyIsqoakplAwraJd1L75cA==
age: 452387
X-Firefox-Spdy: h2
GET res.tl7p8z.top/home/icon_public_39.svg
200 OK 2.6 kB URL GET HTTPS
res.tl7p8z.top/home/icon_public_39.svg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 2.6 kB (2578 bytes)
MD5 78e5f87afe4c0df313973d26a22c2ba1
SHA1 2d71168126fc21986cbe80547ea2d82eabcc0c55
SHA256 55bde4c3351073e5bd10c6cbbba4efeae6b59438799910ccce38521d822f744e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /home/icon_public_39.svg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/svg+xml
content-encoding: br
access-control-allow-origin: *
etag: W/"78e5f87afe4c0df313973d26a22c2ba1"
last-modified: Wed, 28 May 2025 16:00:39 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X5r21L6obYKMfHdBjZxAhkHmuleduuqu%2Bemo8ZtuiaZbWiO4Ys3aapu3lANMY14OkBubCDcqqaXLA1fweR5WZNr7Lfo6nUi7SoNDh0tuzCXH%2FZrqh%2BtQTqkQjL8bmMFRyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94cf4286e8e45699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1338&min_rtt=396&rtt_var=1220&sent=233&recv=208&lost=0&retrans=1&sent_bytes=207153&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4291&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/formula_icon-Dvq28_rO.js
200 OK 1.6 kB URL GET HTTPS
tl7p8z.top/assets/formula_icon-Dvq28_rO.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1594)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.6 kB (1595 bytes)
MD5 b51ff1146fa9eeee44714f6192f37839
SHA1 5ec835c3383553112af57008bd2db853792e3fee
SHA256 d20b99b4906ed08f1758f0477df0929ae440d0980e0b46a7e4d8b7a6c4915888
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/formula_icon-Dvq28_rO.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 688
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9LHYVxCywuD2ZULWV8kckFD9F2%2B0AffX57ZySrnz5AEC2xnZer7WBjvCX61XR1LUYcrYp7w%2FhozKmrZ3cAyetwZ9rS9e8E1iXPZBL%2F%2FHNxQiOOTbIuosdc83T4k"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2b0"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426edc44b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1161&recv=246&lost=0&retrans=0&sent_bytes=1162703&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3220&inflight_dur=285&x=80"
GET tl7p8z.top/assets/sports_leagues-RtCLlfUO.js
200 OK 975 B URL GET HTTPS
tl7p8z.top/assets/sports_leagues-RtCLlfUO.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (974)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 975 B (975 bytes)
MD5 a34de2ec6ec36ac3a5756cca5c674a74
SHA1 9b6ba49f4934e0015ed200b773149d5ca1bc01d7
SHA256 cf4b483ac32590a06d79ef18aea410beacdb8a5f31331030d46b3c29c3ad4395
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sports_leagues-RtCLlfUO.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fLFvZu05WzUa6Ey5MMkQYgGKU0AiCPUcOF%2B6nSFluNxaU6U%2Feijtcf6SQszeOy5GXiARdq5jbORI4udDS9AVvsmcDgqKjYx%2F89ut02JVL3BzmmXrJS4PmFXUSKcg"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-219"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426efc58b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1840&min_rtt=608&rtt_var=865&sent=1240&recv=249&lost=0&retrans=0&sent_bytes=1228092&recv_bytes=30151&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3275&inflight_dur=341&x=80"
OPTIONS api.tl7p8z.top/marquee/info
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/marquee/info
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /marquee/info HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qh1lJFlkeZT%2FAZrFQWaCY5PLZhUyRtOKqZdT9bWxZIudFqFirjz8biAPRLjUwVP4Mhja%2F42F6SiVuzqKus26AKDUFujzxieFXcwkF8%2FLEMqiChJ2MefbFuF2lWA%2B3oFxnA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf42844dc4b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2031&min_rtt=608&rtt_var=1259&sent=2183&recv=404&lost=37&retrans=38&sent_bytes=2138702&recv_bytes=64671&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6440&inflight_dur=987&x=80"
GET res.tl7p8z.top/upload/game_image/56469908707344401_20250603044537.jpg
200 OK 51 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469908707344401_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 51 kB (50635 bytes)
MD5 ab2142d190c9f5e27a4c506d1089b183
SHA1 ccf16d85e3b469493b335d76e90d5387b191972c
SHA256 8e760debcd2d85c0a1a72ddbfe6af2d9834d468139e1c8a53af8595ebaaf4c90
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469908707344401_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 50635
cf-ray: 94cf42881a6b5699-OSL
accept-ranges: bytes
etag: "ab2142d190c9f5e27a4c506d1089b183"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKTNtWHHqTC7ZvfSnuwtqckGvmukw7L1Se%2B8tziljwsmlU8ZxFJ%2BAK6D6lC6Md%2FhOUsqnlAD5AIP4HRAmpQrWixidGg3%2BIhI8p%2Foqg0Ri%2BGewxFLNKcEGUCqn%2B0ZYoGbvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1017&min_rtt=396&rtt_var=748&sent=366&recv=262&lost=0&retrans=1&sent_bytes=371845&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4415&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/126172382762106898_20250603044537.jpg
200 OK 49 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172382762106898_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 49 kB (49387 bytes)
MD5 eb3c3f20ff0467381437fbf4fd0da526
SHA1 743b0a8fea3ad8bc1a14b4c2243d207f6d09ceb2
SHA256 3f99e1e5cdd36e60fbea077436f48a33bd9da74f4dc43c979bc233d709e54682
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172382762106898_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 49387
cf-ray: 94cf42883a975699-OSL
accept-ranges: bytes
etag: "eb3c3f20ff0467381437fbf4fd0da526"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9pHHWj9SBCoE3lr0YyZFXWNFhXAnMFD1gKhcFZn8LxttgJqHDMPAYa73dXlU71eyzzsIKOPMg9nT0vzUscqXedR%2BSXclfJH0oMOjDbMOPnc23L%2BMmUIIbJc1HCSuwxnWfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=752&min_rtt=396&rtt_var=188&sent=809&recv=374&lost=0&retrans=1&sent_bytes=942436&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4442&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/speedway_icon-ClZ-JvKv.js
200 OK 3.7 kB URL GET HTTPS
tl7p8z.top/assets/speedway_icon-ClZ-JvKv.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3712)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.7 kB (3713 bytes)
MD5 7171aab7e139e4e60fdda42933e8f49f
SHA1 595fd10baca0b8a9508427c784f61425ac216156
SHA256 aa6213b321d77b6bd65611c7276100934f3eaa243c86416fbbac2b56d5190c88
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/speedway_icon-ClZ-JvKv.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNioXTGBRySn3dt7REMTRzSQenaTwzVq3K%2F3Sgq8NYFi%2Fbc000Rc0PzksRTUWnjjNe%2B4Tfeft498fH1%2Fs5zkwN%2BO%2Baa6UkO5QHFsR2ngpnXEe6Ku5ksUxI81m7Yx"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-626"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426edc47b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1163&recv=246&lost=0&retrans=0&sent_bytes=1164110&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3223&inflight_dur=288&x=80"
GET tl7p8z.top/assets/sports_valorant-CKlO2sp4.js
200 OK 2.4 kB URL GET HTTPS
tl7p8z.top/assets/sports_valorant-CKlO2sp4.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2422)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.4 kB (2423 bytes)
MD5 1205a528b0b38890fc7c4a330a6756be
SHA1 57f9f1f37287a72b2f7e2a90d4efc28f63513f4b
SHA256 da887046e86858d1910cb9b97eb250dee617fcc186355810e1a2a82ce07518dc
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sports_valorant-CKlO2sp4.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1091
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PNbkaOjNkhZJlhm0ao68c6kH66dC%2Fcm4dcTvBPde9MlX8hE83f6ftGEx2vC8kbLJiuCk8ETwoiT3Ly5zuIZLY0M7KWo%2FrON7aJtxOThsLt9%2FPQ%2FcAI62QrEsIYNw"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-443"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426efc59b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1206&recv=248&lost=0&retrans=0&sent_bytes=1198542&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3249&inflight_dur=316&x=80"
GET tl7p8z.top/assets/agent-D9lYeYyH.js
200 OK 734 B URL GET HTTPS
tl7p8z.top/assets/agent-D9lYeYyH.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (733)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 734 B (734 bytes)
MD5 91b89ae708772e7361a699b436c988d3
SHA1 fde9e3e60bd9cb3331720339cc66436c8a0f1bcd
SHA256 052e8e868010bd4a9ae36ac352625744dc8e8112cab2a4726400c80c88d3a591
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/agent-D9lYeYyH.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItoM0B%2FUi%2FMkgFK%2FD%2F5K7b8rXvQVK9VsZpuwvIX%2FRH58TWcVtmHNWfkTqq%2BbG5DGUJ8zCUGZK7zFlLJ%2FpP8FP%2FdBHu2OWxQIugybz%2BSHXyzIeEUEM5vtPMokH3ZA"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-100"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42741c9fb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1405&min_rtt=608&rtt_var=450&sent=1381&recv=284&lost=0&retrans=0&sent_bytes=1346497&recv_bytes=40258&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3715&inflight_dur=436&x=80"
GET tl7p8z.top/assets/bwConditionalMethods-B5TY3FRz.js
200 OK 2.4 kB URL GET HTTPS
tl7p8z.top/assets/bwConditionalMethods-B5TY3FRz.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (2396)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.4 kB (2397 bytes)
MD5 256e3b3a13a639f6e4dbda4bac457a51
SHA1 58d91fc0714fee0c5f3cbbb8d860e8f5edd64163
SHA256 13ca8ce26da521cdd024ae769a33d69e62c8a1239177c1c5db15e42f0b550a08
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bwConditionalMethods-B5TY3FRz.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b976kPiKgTP9AbDvwGJeT30Tihd0mirgAXxzL966s7O6buc0A8I43RUAQiLj%2FWcOlpRSz%2FvmeqheA78aEuYkUJjWctBrGbWUSN8elbK6SnPu7BND97mg3Dj3gUWT"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-46f"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42741ca0b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1414&min_rtt=608&rtt_var=577&sent=1371&recv=280&lost=0&retrans=0&sent_bytes=1341696&recv_bytes=38928&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3713&inflight_dur=434&x=80"
GET res.tl7p8z.top/upload/game_group_image/20250516_96bcc6c1054cf4eec0bb1cb562a85209_1747384074043.png
200 OK 2.0 kB URL GET HTTPS
res.tl7p8z.top/upload/game_group_image/20250516_96bcc6c1054cf4eec0bb1cb562a85209_1747384074043.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-07-31
Times Seen 2
Size 2.0 kB (1952 bytes)
MD5 a1e7144ab3113a2f3b5789a3adbc612a
SHA1 aee1890aebe20539159c1a29cab6aed081f54b5b
SHA256 4f8c65214d379535a9be9242dcbcfb00c371237c85aa3ce041546a6de5a1a521
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_group_image/20250516_96bcc6c1054cf4eec0bb1cb562a85209_1747384074043.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 1952
cf-ray: 94cf428688625699-OSL
accept-ranges: bytes
etag: "a1e7144ab3113a2f3b5789a3adbc612a"
last-modified: Wed, 28 May 2025 16:28:47 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VlLYFEKrNDE0kwL4xOjo7F20u1kLdivR1twyYMIg5Z9IYNLgttmxTx8Ca0hcZ6cZa5MEbPIYdGfyrg3C4PiRk9YTju2EUuL%2FaaNyROKoLBzVvhps5f4Q39Paju5t6PIq%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=454&min_rtt=396&rtt_var=21&sent=192&recv=175&lost=0&retrans=1&sent_bytes=198342&recv_bytes=3106&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4180&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/home/icon_public_172.svg
200 OK 11 kB URL GET HTTPS
res.tl7p8z.top/home/icon_public_172.svg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 11 kB (11403 bytes)
MD5 c9ff60f52de5d5189591a07a7cfa0f71
SHA1 34c4f31c3610d94b5f0cf2b8a333ad5bee3539c1
SHA256 bedc86f41f1ba955c3aba029f4df4ca298de516e0a0e7ec6c7152cc9582d807b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /home/icon_public_172.svg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/svg+xml
content-encoding: br
access-control-allow-origin: *
etag: W/"c9ff60f52de5d5189591a07a7cfa0f71"
last-modified: Wed, 28 May 2025 16:00:38 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpFTs14k72Ay3xcvN9Lhd5s6P4oG3DU%2BggniadgneMoc%2F0qAtSYXUgRPh2wr4Wpnvct%2BrmF%2B2yYyLwS0j6vNeHo4I23Ckp8%2F4aaCTli2gFrkv6ejQDgAYS5CfoJBtVqSEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94cf4286e8e85699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=752&min_rtt=396&rtt_var=188&sent=810&recv=374&lost=0&retrans=1&sent_bytes=942928&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4443&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/56469910989045777_20250603044537.jpg
200 OK 54 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469910989045777_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 54 kB (54302 bytes)
MD5 9e84804cb70a49bb0572294069fd026f
SHA1 9bbf73d24da525b3efcfe9ed241dbc8b0fc78d30
SHA256 c157803b928aa4d6bbd9431162526ac9bea9ea3c232998b07d201a967f64b717
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469910989045777_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 54302
cf-ray: 94cf42880a675699-OSL
accept-ranges: bytes
etag: "9e84804cb70a49bb0572294069fd026f"
last-modified: Tue, 03 Jun 2025 10:45:40 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fMnyDDtgwl6umKjb5LiP0omJ5tm9eYuiynlG9rNYGeot1hFKduuVMoj5IR7Q48UiXdcOBjq7frXa0RDdiYxYc%2BjspejV%2BO4RvXkhQmqduPhFKfmVTTYis4QzBhSuaR0Xzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1017&min_rtt=396&rtt_var=748&sent=381&recv=262&lost=0&retrans=1&sent_bytes=389334&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4415&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/icon_public_138-BvQBR85F.js
200 OK 3.4 kB URL GET HTTPS
tl7p8z.top/assets/icon_public_138-BvQBR85F.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3428)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.4 kB (3429 bytes)
MD5 a0037839c7e5c5b39523109e9b1ebc96
SHA1 28acb3f7a37b7cc5c0f3be74aa5e7529943e88de
SHA256 538613e7caed4a3aef0dad91175731c9744bf166dba47b23a30e06a2c382e131
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/icon_public_138-BvQBR85F.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTY5cyvI42LXJy8DFGF%2BIAUK9uAJz8Zkryd3NPBvEVeyKh9Pz6%2B1ufkoUxcVTe6lTElBvaCS%2FTnuDeYqoEuxJGWMIUnwP5gpjlgQWC3FvCzzfmXoCxzis72VoOvh"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-5ea"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426eec50b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1223&recv=248&lost=0&retrans=0&sent_bytes=1212426&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3257&inflight_dur=325&x=80"
GET tl7p8z.top/assets/language_icon-CNQA1QHM.js
200 OK 1.5 kB URL GET HTTPS
tl7p8z.top/assets/language_icon-CNQA1QHM.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1527)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.5 kB (1528 bytes)
MD5 88a28964d3afdebff4cff92fed405eb7
SHA1 2dd1669cf31b7fe3df4762344cbcae3d422f2e28
SHA256 76962d05901c653af1e3cc50e7ff1e1c23424374b1486cc1148c67830a1d4118
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/language_icon-CNQA1QHM.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHtNIg9%2FDk6T9CTxai1PSXgHywV684nvLbpa%2BPiodU4bvcwCxFAOtozyQwD3PApoLJTLvb2Nj15pd0QtA3D2Ng5pyHgRQqlGDdDgTOz8Qc2Gv1IQFIktJaPhTbnP"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2b7"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426eec4fb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1165&recv=246&lost=0&retrans=0&sent_bytes=1166404&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3228&inflight_dur=291&x=80"
GET tl7p8z.top/assets/common-header-close-B6-pd6FT.js
200 OK 1.1 kB URL GET HTTPS
tl7p8z.top/assets/common-header-close-B6-pd6FT.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1050)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.1 kB (1051 bytes)
MD5 db2885d0544462b7044b094f4a3c15e0
SHA1 10549cf75edc0370a2764371e438a91c7a7cf7e2
SHA256 6f1b23ce28ab9ee869c1c9cb260cef362328289c8309734725358c91be07ea7e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/common-header-close-B6-pd6FT.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 477
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9EZgvEKOWzIbJHDDI6clYfS9x16dj9hKU249eZPTt0UFHvXh8lSMEgydus8t1nVtggMMLrLf%2BpXffzsMFvZrzJ6ocgPI5g%2BDt2Mu1DwiJ41%2BBn7cYxIt%2FmfMICv"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-1dd"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cc6b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1471&recv=304&lost=0&retrans=0&sent_bytes=1410454&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3756&inflight_dur=478&x=80"
OPTIONS api.tl7p8z.top/banner/list?download_plan=0
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/banner/list?download_plan=0
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /banner/list?download_plan=0 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bjRfEIw6m8fmGo2nBjp%2BFqbB9ybL3D3VeHiFVRdkCyN93IophJqS%2FQdJkkaFFOcsmt1u%2BCF2BOescf9czxaRTo8xMrN0sH7HLeiXnBZbSJn%2BaPn%2FWa%2BBYavvKsUHQxFzFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf42843dc0b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2457&min_rtt=608&rtt_var=2098&sent=2167&recv=394&lost=37&retrans=38&sent_bytes=2133002&recv_bytes=62407&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6419&inflight_dur=966&x=80"
GET res.tl7p8z.top/upload/game_image/76622870637183002_20250603044537.jpg
200 OK 43 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/76622870637183002_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 43 kB (43255 bytes)
MD5 335a6bacecd19cc660e0b0fc31477599
SHA1 f18a6ed26b9c1f7d5e752fc38f9e75d2300d9231
SHA256 f42f704e7b687545231fed12c23d9389498169b8e8a13537a85cff2bacf7c2f1
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/76622870637183002_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 43255
cf-ray: 94cf428aad835699-OSL
accept-ranges: bytes
etag: "335a6bacecd19cc660e0b0fc31477599"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jeWEZYb8%2B9SIzuAwJBlookTMtQ0YrHeoUZq72t%2FvTQPZ7b4e2DuFL5xrjshTiZOc4V%2Bx%2FOQ5euTHhxrNUqrqOPHYsEBtcEdIA7X5uO0i7sPCQdgyjuepe6mzkZbh6nNOqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1155&min_rtt=396&rtt_var=1061&sent=2162&recv=630&lost=0&retrans=2&sent_bytes=2661495&recv_bytes=9986&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4825&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/automovilismo_icon-ul2Vk9QG.js
200 OK 2.6 kB URL GET HTTPS
tl7p8z.top/assets/automovilismo_icon-ul2Vk9QG.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2558)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.6 kB (2559 bytes)
MD5 a0a23f93cc6adea6e898324b33060ccc
SHA1 8787d848f3623312796a0c359dc3b40c057ca766
SHA256 e34d2b642a641c3b164c895bc36baf5739e15d71ba14ce5a55bf8caf2cb069d3
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/automovilismo_icon-ul2Vk9QG.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1015
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3fCwxFMkBr14zuZahMu1wJDck0ObzRHwwMGyuM14CUqwFpT8rvJdsJgwSR0eZ77I8CAsLD0f2s3OEms2XcvCV%2Fyn4wBg%2Fbbf7bSHLLuoJ9rlzIOQsv%2FRxLKGTC3e"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-3f7"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ebc39b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1155&recv=246&lost=0&retrans=0&sent_bytes=1157469&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3215&inflight_dur=279&x=80"
GET tl7p8z.top/assets/icon_public_142-CJUxWKfi.js
200 OK 3.1 kB URL GET HTTPS
tl7p8z.top/assets/icon_public_142-CJUxWKfi.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3079)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.1 kB (3080 bytes)
MD5 270e0f72e28a3c0144f243dbbb4ef7f5
SHA1 b08258d67a579329d37cc6304fcc0e0ca408669a
SHA256 8201b3ebaec46efdaf0f23a9610beea90b3395f9a9c62b6181e24102fecb3b90
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/icon_public_142-CJUxWKfi.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1310
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8o4uV2GVjEsSizAgSuwPe30VFDzzTxnPlTiJscQYA0WejkiAn1shQ6ictuO8DjavTlbQ3PxUrgavpvVLrf%2FZ4gltzuU8lFV428YwXMYgPNnn12BcQn2m6sh%2BBW1"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-51e"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cbbb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1475&recv=304&lost=0&retrans=0&sent_bytes=1413494&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3758&inflight_dur=479&x=80"
GET tl7p8z.top/assets/index-C4sLo-pF.js
200 OK 897 kB URL GET HTTPS
tl7p8z.top/assets/index-C4sLo-pF.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (56148)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 897 kB (896614 bytes)
MD5 881e369570d05e2706b096747d9a7dd1
SHA1 f9634089eacb5c6be80ce64b645ac139a8bf3073
SHA256 b554cebf99b91ebd23b0b99339012a3dbc69771bb229bc76852b8f6d64601236
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-C4sLo-pF.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: application/javascript
content-length: 264395
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xp0MCn5bCeXHFFzUIaKpXFfI9eQFxjp66kIOmiT44bvnCnPZ3GyqWvXa7Cz9R0qtSoed8CHN6P0tOHEKKv7%2FFEqV5bNxKVYTJkMzFRBuD34TtLSagkJ2rkYvZF1t"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-408cb"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 4
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf427d0d68b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1462&min_rtt=608&rtt_var=456&sent=1628&recv=333&lost=0&retrans=1&sent_bytes=1564809&recv_bytes=51515&delivery_rate=30262738&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5153&inflight_dur=621&x=80"
GET tl7p8z.top/assets/liveChat_float-Cu8HDSHW.png
200 OK 6.1 kB URL GET HTTPS
tl7p8z.top/assets/liveChat_float-Cu8HDSHW.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 6.1 kB (6089 bytes)
MD5 a95d2541f05052161dcf44171fbece87
SHA1 2764aa944ba3a9eb5496d9d099bcc043060bfabe
SHA256 f9337372055feda7adcd63f9ebffbc95d66acd34cbdef4e13f83f4c132229184
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/liveChat_float-Cu8HDSHW.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: image/png
content-length: 6089
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xfn9RV1GTd0ErMcJd84YrjU%2F4ERksKBAFrl283b%2F%2BveBxpRLjd4GaxgJg8OnXjYnDqyhB7Fs6go32l2lAChrF2feQo7St1PSot1LYOMKt%2F1rcnTbTXX%2F%2FcEXlGtt"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-17c9"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf4283bdadb529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2507&min_rtt=608&rtt_var=1705&sent=2148&recv=389&lost=37&retrans=38&sent_bytes=2116124&recv_bytes=62177&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6343&inflight_dur=907&x=80"
GET res.tl7p8z.top/upload/game_image/127342192703307794_20250603044537.jpg
200 OK 50 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342192703307794_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 50 kB (49922 bytes)
MD5 9f7ec8e0591f2495e17fc229e3aede1c
SHA1 138d8afd8758bc567d1bc643e3ba6668985aa864
SHA256 3f4079538c4cbe265d5f0a413dbf0ade5f15a65670ca7a4c5796ceedc605721c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342192703307794_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 49922
cf-ray: 94cf428aad905699-OSL
accept-ranges: bytes
etag: "9f7ec8e0591f2495e17fc229e3aede1c"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6%2FuxydnvirHtphaZQzZeqfmK94BKxdUnscRvHAT0lTwpiJo5dcbuRJV5hcAtr2BA%2FzsK2cXNXCN9oiYDqjGEfupBc1DRQQjK2c8hk%2FcYCUP7Os1TjbbHHHkIX4Fu68jaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=712&min_rtt=396&rtt_var=207&sent=2230&recv=643&lost=0&retrans=2&sent_bytes=2746770&recv_bytes=9986&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4850&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/index-BLqJ-ndz.js
200 OK 56 kB URL GET HTTPS
tl7p8z.top/assets/index-BLqJ-ndz.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (55633)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 56 kB (56153 bytes)
MD5 23a2f214772a0daf439d30e82e36f924
SHA1 7b7a5fe9a8798f777886d26ba4ee8716985e7165
SHA256 f82964d3f9b007b96b9c181f6bcf706a82d6a6ac1bbb5521146f446dfc72ba33
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-BLqJ-ndz.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 24924
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wLPFypnGfUYHmHo2SMI3r1eBhBZB0mMsTSDIF68%2B7NrC1pIXw%2B0n3hmTFfcAZK7G%2F%2F2zblOBR6N67%2BDZDV7yhVnZZTXEQYs5W2COzTNGDaluEoG6FyN32VaQ9BpE"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-615c"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ebc34b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3456&min_rtt=608&rtt_var=2846&sent=1089&recv=236&lost=0&retrans=0&sent_bytes=1099267&recv_bytes=29559&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3083&inflight_dur=218&x=80"
GET tl7p8z.top/assets/sideBarMobile-DBfuo3qc.js
200 OK 13 kB URL GET HTTPS
tl7p8z.top/assets/sideBarMobile-DBfuo3qc.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (12696)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 13 kB (12697 bytes)
MD5 6e4df0b6283b76eb985c46ed3b6ca4b2
SHA1 bfaa289cab0949a3ee993bab6527d51e9447edec
SHA256 bb1ee167d8869275770ddcbe887b73aa36becfbac358be99950b7852a0563306
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sideBarMobile-DBfuo3qc.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 4147
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RtsB%2Fz1%2FQw%2BB%2BaasylBboTPZQ93tOEwVc0yNXFbvgownNXU87a7FZXwYLs1SauRzScGWfu6h4EOkOn8gdaZvKIisjChdjfgzDHHxvvfyO3YQSA1ZFPNxygBurML4"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-1033"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ebc35b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1144&recv=246&lost=0&retrans=0&sent_bytes=1146276&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3210&inflight_dur=276&x=80"
GET api.tl7p8z.top/games/search?game_categories_slug=hot_MX&page=1&limit=54
200 OK 13 kB URL GET HTTPS
api.tl7p8z.top/games/search?game_categories_slug=hot_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 13 kB (13155 bytes)
MD5 f4ebd6ee5fb1937f0d9ce4e0bca4878a
SHA1 810429a6a026057941ab43f5f990ed190856d9cc
SHA256 e4f1ed40d59d1fe297be49d64294953657d61cb61df53647c5dc7810733ddba7
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/search?game_categories_slug=hot_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79wHXkA99sE%2FS4AV83f350cu%2FQvXaKDKEQE%2BsQdvG8Oa66bH8dL9%2FlmIB8o%2BPts%2BqyGD8YaJYvUBrGjg3nzr%2BiHHNIz4JMivqMLC3AhU4ZmTLqQ%2Bc%2FFcNEHfLsd0Kf3Cvg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf42879e34b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=959&min_rtt=563&rtt_var=365&sent=2584&recv=455&lost=37&retrans=38&sent_bytes=2546436&recv_bytes=73233&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6957&inflight_dur=1242&x=80"
GET res.tl7p8z.top/upload/game_image/127342191025586191_20250603044537.jpg
200 OK 46 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342191025586191_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 46 kB (45726 bytes)
MD5 a7b991313c8d5fb3a397a7752ca360aa
SHA1 364699e12cb5aab90fe9c63ebb671beff3faceb5
SHA256 75627b4c767f719a0542c988533585fa3713ff72596986da024b33e86e4149d2
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342191025586191_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 45726
cf-ray: 94cf428b6e695699-OSL
accept-ranges: bytes
etag: "a7b991313c8d5fb3a397a7752ca360aa"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YVHgh%2FyET3k0ip2aYq1zAzPqPHP%2FpIfAlQKQFxm3FcIdwtl1F%2BNRM%2FjAYvIGatDD39vqxb4SaCVEGH8n6pEQ4oOjgTGt%2B6kpJQyMGe83xOG2pH1IIxd5kSezBCMwCjG0pg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1975&min_rtt=396&rtt_var=1637&sent=2779&recv=699&lost=0&retrans=3&sent_bytes=3459931&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4982&x=0"
X-Firefox-Spdy: h2
GET msg.salesmartly.com/chat/chat-msg/unread-msg-list-v2?login_token=5f71c924494c637226ebcade1580c2d3&chat_user_id=c1e8e75bbecb5ea978106566f4f7ce36&direction_type=1&plugin_id=gt044g&over_time=&env=chat&_=1749457753843&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b
200 OK 66 B URL GET HTTPS
msg.salesmartly.com/chat/chat-msg/unread-msg-list-v2?login_token=5f71c924494c637226ebcade1580c2d3&chat_user_id=c1e8e75bbecb5ea978106566f4f7ce36&direction_type=1&plugin_id=gt044g&over_time=&env=chat&_=1749457753843&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b
IP / ASN
3.167.2.129
#0
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2023-04-19
Last Seen 2025-08-10
Times Seen 317
Size 66 B (66 bytes)
MD5 48016efe262190df0ad5b1d7340a60c4
SHA1 1cd9c973630bf59e2c479cada9105bbfad39dec3
SHA256 6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /chat/chat-msg/unread-msg-list-v2?login_token=5f71c924494c637226ebcade1580c2d3&chat_user_id=c1e8e75bbecb5ea978106566f4f7ce36&direction_type=1&plugin_id=gt044g&over_time=&env=chat&_=1749457753843&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b HTTP/1.1
Host: msg.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
external-sign: ace6d0e762cc4c264ddd509edd6b6f7b
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Cookie: ss_uid=6e586157d46e1f27d414ad744c139b5b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 82
date: Mon, 09 Jun 2025 08:29:14 GMT
content-encoding: gzip
access-control-allow-origin: https://tl7p8z.top
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept,External-Sign
x-cache: Miss from cloudfront
via: 1.1 4e0a1f367f79652e0e7d03fa585de7b2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: f-gmWvbDEOYLCAIZxZ7mTNTV77RShFX-QDm0mmhjvFqJ2VrS3ywn6w==
X-Firefox-Spdy: h2
OPTIONS api.tl7p8z.top/configuration
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/configuration
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /configuration HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eOPxB3ilmXTz9JxeJhXiM%2Fpu4GCzynOGYRZj7SfkAL259CginypshRdGjNMAAoE%2FgNDxp6j%2BBozVWFnlslhmtoixSINffLOH3%2F1Pew%3D%3D"}]}
content-encoding: br
cf-ray: 94cf426e5c995699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/arrow_top-DwVBMoYc.js
200 OK 369 B URL GET HTTPS
tl7p8z.top/assets/arrow_top-DwVBMoYc.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (368)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 369 B (369 bytes)
MD5 233334d2dee46e5c190f0654187b95bb
SHA1 2d7c95d2002fa3f58ad89480a253c56431d7abfc
SHA256 c4eda1f787748d1da39a9d09dbfe642e391d4bd4f961b4647ba5bee021c33312
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/arrow_top-DwVBMoYc.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M63%2F%2B24MBrJNqU7ThYf6TsVhxnQ69ldkg1VjRObj2QufjIONMAluMM1%2FLcbY571BVaqO7sbSHqOCyqtyYME0UeRE%2FaDNjEciG%2F1t9QHqbKJcnQW4OdcQ8aqOQoNa"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-146"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cccb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1477&recv=304&lost=0&retrans=0&sent_bytes=1415517&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3758&inflight_dur=480&x=80"
GET res.tl7p8z.top/upload/game_image/127342192636198929_20250603044537.jpg
200 OK 54 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342192636198929_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 54 kB (54116 bytes)
MD5 46a465d285da3d22937fe719e745637f
SHA1 fa6c5eec25d33b3e4da84cd0eb391af31721c415
SHA256 30ecc75f1ebc0af815ffbfa41d1a748e8515720a42d9c2cdff522084e7a2db60
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342192636198929_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 54116
cf-ray: 94cf428b8ea35699-OSL
accept-ranges: bytes
etag: "46a465d285da3d22937fe719e745637f"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x37lJBLIOLV5x%2B0gVizoO9gKQrUtrosQ6yVkDGMwfFF20jO7mpVnBvGuwLSnmLYOK4qPa9QFQJymz0VkNKEiBvWcjcj%2B1lZCFYh2MalhcSYHXQAquugvuwGpL2YcEgNlzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1163&min_rtt=396&rtt_var=827&sent=3521&recv=744&lost=0&retrans=3&sent_bytes=4418379&recv_bytes=9986&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5035&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/BetHistory-C9jUjToX.js
200 OK 6.5 kB URL GET HTTPS
tl7p8z.top/assets/BetHistory-C9jUjToX.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (6461)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 6.5 kB (6462 bytes)
MD5 a16b4339e5338bb0ac0d5f7c1ce6b83d
SHA1 657ef5ec7437ca8d8c8e329d65d77167d6e9e768
SHA256 25a605842f64c6666c0a30ada4defd98eac18c22959bd6c349e588c7e39aee0e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/BetHistory-C9jUjToX.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 2095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KWB6DkK0gFBrw%2Fno9shCK2eU71dE4P580ze0Qqko0JzK6ZDWoB%2BtItCEEZvl6%2BbN5T0FMJSFN1rGEiIIscHT6tVpAn3xgyeOqubnuXnFSpDBTnGYdmVqLh6IhDwn"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-82f"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f4c72b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1970&min_rtt=608&rtt_var=914&sent=1246&recv=251&lost=0&retrans=0&sent_bytes=1232394&recv_bytes=30244&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3295&inflight_dur=359&x=80"
GET tl7p8z.top/assets/index-Cqq1Stol.js
200 OK 1.2 kB URL GET HTTPS
tl7p8z.top/assets/index-Cqq1Stol.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (1151)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.2 kB (1152 bytes)
MD5 fe9e8cc965e34c2ecca9aafd53546133
SHA1 e09f2ee73a67bb007008fdfd12bef96b8b489d47
SHA256 227dd827482fad8eee38a78a2f01505d391ac6be7b1392f4178823ebebdaba7e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-Cqq1Stol.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eeErvY3EJKao32D62831eJVdjjyLMu9iqPDcj9LblA5vPg%2FvlXzXtEDsx8d249EkEK6lj6hsja%2BefqBoyKdgGn69%2ByFzAFpI1EPztbC53H8819vivkR3dVf%2BgMl%2B"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-274"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ebc36b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2076&min_rtt=608&rtt_var=1386&sent=1130&recv=244&lost=0&retrans=0&sent_bytes=1135628&recv_bytes=29922&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3201&inflight_dur=267&x=80"
GET tl7p8z.top/assets/bwConditionalMethods-B5TY3FRz.js
200 OK 2.4 kB URL GET HTTPS
tl7p8z.top/assets/bwConditionalMethods-B5TY3FRz.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (2396)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.4 kB (2397 bytes)
MD5 256e3b3a13a639f6e4dbda4bac457a51
SHA1 58d91fc0714fee0c5f3cbbb8d860e8f5edd64163
SHA256 13ca8ce26da521cdd024ae769a33d69e62c8a1239177c1c5db15e42f0b550a08
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bwConditionalMethods-B5TY3FRz.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYW1MOypmECLF3JQMAbRDuOeKGlz9XTK%2B9PIAnqPyNw5QhEHbPSYZKrgAadeb729xmWcP99B6sk38knXjlPdD7wtwsUzE9HtyryQcsUstCGcTweVducAfO3Z0v0p"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-46f"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f0c68b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1219&recv=248&lost=0&retrans=0&sent_bytes=1208306&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3257&inflight_dur=324&x=80"
GET tl7p8z.top/assets/bttom-arrow-ClNnGRm_.js
200 OK 473 B URL GET HTTPS
tl7p8z.top/assets/bttom-arrow-ClNnGRm_.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (472)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 473 B (473 bytes)
MD5 0ccb283e3a5b50af9dded7a31078eeb5
SHA1 3451fccb577efb89eef20e1b41259af58a961929
SHA256 06f72fd161da1ec77a1272cc693dab3842e556e26481484c1a4979228b0cecc5
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bttom-arrow-ClNnGRm_.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c2Cn5noj0lX1FwKO%2BJyhuho1fcFCFQsIE9Jdy5OZkTudNdtfGuL9epAq5lTYvv5UxNL4kaondw9QqTMl%2FIR1Hg02mGS4PnzdYA6kQacgv5%2FqpKg%2Br3Zr980sJ%2Bww"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-195"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f2c6db529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1840&min_rtt=608&rtt_var=865&sent=1244&recv=249&lost=0&retrans=0&sent_bytes=1231270&recv_bytes=30151&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3279&inflight_dur=344&x=80"
GET tl7p8z.top/assets/index-CVG7ewD4.js
200 OK 489 B URL GET HTTPS
tl7p8z.top/assets/index-CVG7ewD4.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (488)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 489 B (489 bytes)
MD5 ea2ebb48077dfa55721ac85f078c1edf
SHA1 c1dc116493bbc13bf7539cef26a5a95cd62f7847
SHA256 a478c7e4dc87f600394b13388b50ef0e1494d8f4942b8d9a6277902cee489977
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-CVG7ewD4.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R33i4iX9Y01%2FLI8diDmp58g%2FcF0djVXcQXe%2FM54vD8JfPwxsmnNHX0VXvJjRCYFMpoLibtbLsQKacsnp7pp9MUSigE3GepitTdx%2B7zLQoUH7JRZSyDwi2ma7kvuB"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-161"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f5c74b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1970&min_rtt=608&rtt_var=914&sent=1274&recv=251&lost=0&retrans=0&sent_bytes=1262740&recv_bytes=30244&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3307&inflight_dur=368&x=80"
GET tl7p8z.top/assets/beisbol_icon-BUeMYdUf.js
200 OK 66 B URL GET HTTPS
tl7p8z.top/assets/beisbol_icon-BUeMYdUf.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 66 B (66 bytes)
MD5 9fab34bf5045e1638f4bf6f265f0276d
SHA1 3f2e01b321243da2fa243cd683e422588c769d22
SHA256 b3a3bb11a4040b03905f1a997f4b3925a440881fe15a0f7c99926b5656f9108e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/beisbol_icon-BUeMYdUf.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAYU5nhbrXNw7oQlBks4xKVHzGiFN7oI3OJzXm%2BOJAVVxF0sJbrPEibHMfhKWBrUVY2okGEB3V48hiXuOJexbq5TTAZ1IaQwdauKCHYKNLi10g08PCRhti90HI40"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-42"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94cf42741ca5b529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1414&min_rtt=608&rtt_var=577&sent=1373&recv=280&lost=0&retrans=0&sent_bytes=1343545&recv_bytes=38928&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3713&inflight_dur=435&x=80"
GET res.tl7p8z.top/home/icon_public_173.svg
200 OK 3.1 kB URL GET HTTPS
res.tl7p8z.top/home/icon_public_173.svg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 3.1 kB (3071 bytes)
MD5 a37b3fa53fc949e986fac7f1ed9f42e3
SHA1 832dc812a68821221005e24a5ced54bab721ca98
SHA256 243f79295445379f7081fdf0012cd8c83eaac70dccff619d287f1b3f3dd039f2
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /home/icon_public_173.svg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/svg+xml
content-encoding: br
access-control-allow-origin: *
etag: W/"a37b3fa53fc949e986fac7f1ed9f42e3"
last-modified: Wed, 28 May 2025 16:00:38 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1qvNw0%2BnJ0kLK3QHZIlTBxniXrUdPIANjrlullFJg9OgTQUeD4fjyXQ%2BLsPOaYZv2%2BGFbrN5VCnNtaNPjCzHdyTOW0EimciSLbK%2Fm91naqaD1xJjYG1AAx1n3NqQ76c6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94cf4286e8ea5699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1365&min_rtt=396&rtt_var=1774&sent=225&recv=205&lost=0&retrans=1&sent_bytes=203884&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4285&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/126172382476894225_20250603044537.jpg
200 OK 46 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172382476894225_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 46 kB (45514 bytes)
MD5 63eb835af1f1f3e3a420d0b07728c502
SHA1 1c30cf1c598c5977c7e95050c183de5769b1765d
SHA256 5f9e18069b36ee819e5c820b4cffa0bef95ab6283ffe309fff6a4fde2df267d6
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172382476894225_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 45514
cf-ray: 94cf42880a615699-OSL
accept-ranges: bytes
etag: "63eb835af1f1f3e3a420d0b07728c502"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RNFW2hAdDzsj9AbA887G%2BxXT%2FlxErZpuXro6tBKBjCpGD%2B0%2F%2BUBN9m6VvhAspbcyu%2Fqeo4b%2Fd5G0o9mK5TQTB%2FkeVGqJ829SQncPboUuhnh%2Bz6Nw8LAuRjRdg1lBIG4EQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=962&min_rtt=396&rtt_var=590&sent=631&recv=288&lost=0&retrans=1&sent_bytes=710903&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4424&x=0"
X-Firefox-Spdy: h2
GET cdn.jsdelivr.net/npm/js-base64@3.7.7/base64.min.js
200 OK 5.1 kB URL GET HTTPS
cdn.jsdelivr.net/npm/js-base64@3.7.7/base64.min.js
IP / ASN
151.101.65.229
#54113 FASTLY
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, ASCII text, with very long lines (4760)
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 5
Size 5.1 kB (5084 bytes)
MD5 dc436cad89207a195179e8f97a963fda
SHA1 bea5761e970779314ca82e2bca1aa5fb0644a7dd
SHA256 3d832f727bb5c25b661fd0f9fe6a659995b6e87b069587dd694e0238c6977c25
Certificate Info
Issuer GlobalSign nv-sa
Subject jsdelivr.net
Fingerprint 21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
Validity Mon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT
GET /npm/js-base64@3.7.7/base64.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.7.7
x-jsd-version-type: version
etag: W/"13dc-vqV2HpcHeTFMqC4ryhql+wZEp90"
content-encoding: br
accept-ranges: bytes
age: 2330095
date: Mon, 09 Jun 2025 08:29:05 GMT
x-served-by: cache-fra-etou8220173-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2092
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/index-DuYkRCAS.js
200 OK 2.7 kB URL GET HTTPS
tl7p8z.top/assets/index-DuYkRCAS.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (2665)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.7 kB (2666 bytes)
MD5 c08ce32dcc017187d138c96d8fd11285
SHA1 6ce37fc3d1e1382dbfb119aa458ff22666b252c4
SHA256 9c2136ca1167ae47fdf362c797a913606c5cf22b6532def9cb25828b08be99ed
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-DuYkRCAS.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1211
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KnAZvPI9sAz081DAQKgyAErrv87IJpLhSQ8bqiTMcteXIiVsx3rtRgygDwINfED9abh0OKSMXhyyQIRm78pA%2FOFxorrS1rRxEyiMLNrBc65Ebm%2BR2YyAl8upPKGr"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-4bb"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f2c6cb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1840&min_rtt=608&rtt_var=865&sent=1242&recv=249&lost=0&retrans=0&sent_bytes=1229345&recv_bytes=30151&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3276&inflight_dur=343&x=80"
GET tl7p8z.top/assets/no_data-DKmNohZb.js
200 OK 5.1 kB URL GET HTTPS
tl7p8z.top/assets/no_data-DKmNohZb.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (5108)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 5.1 kB (5109 bytes)
MD5 d11537d5632f77548c4f9e4cbc5d7944
SHA1 02741e89e325835eaa318007e48749bed180dfd5
SHA256 5d2ed77b5d2a45c27131d77c5dd889da2b45b03d77084fa3532a588d7f851a05
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/no_data-DKmNohZb.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 3892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nsux2P1fPbKrYdP41HiW8IuU3aQsC1Mhak44Ynm35KphZavqx5KuA7oCfBqgOhwD2RjTg%2FOzx7ZBooIvYOJpA2tY69acuNS8jq5s9ANi3s%2FjW%2FqrP92kFUdah4kc"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-f34"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f5c75b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1970&min_rtt=608&rtt_var=914&sent=1268&recv=251&lost=0&retrans=0&sent_bytes=1256600&recv_bytes=30244&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3305&inflight_dur=364&x=80"
GET api.tl7p8z.top/games/categories?type=hall
200 OK 897 B URL GET HTTPS
api.tl7p8z.top/games/categories?type=hall
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 897 B (897 bytes)
MD5 46439a40162b03d7a8671cd27164cf05
SHA1 120ead731a51d09266cfc98060d1b3e4f3fef626
SHA256 0101e6d76daac836174a3343845308d00f413e1cd35a61caaf9acf3f9df10d5f
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/categories?type=hall HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vwLryMbtJtk2Ha0CPd%2BXDLeiH5jgwxFr1E2UiB5XgUjsgjKnMOVXLHiZfD7c8SFRHXXyXaVX%2BhjwEg8T2ex9pa8BWsf5J002ZA2F8tWtR1Z2iVw99IpM9qbjAdBAEpHVcw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf42851e02b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2380&min_rtt=608&rtt_var=1617&sent=2284&recv=414&lost=37&retrans=38&sent_bytes=2248709&recv_bytes=66590&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6553&inflight_dur=1073&x=80"
OPTIONS api.tl7p8z.top/statistics/report
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/statistics/report
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /statistics/report HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BX8nf%2BzB8JkkI%2BhcU7I48gVvdGfH2KZuJay1%2FrxegXZdeMWWsJsGG5acPUTxStqvJYPc8ADFCg2h8%2FGjhZWNddm5reHlpJshErjGoAjWUKYVTqJcbnOTeSZovpV4u6gS4g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf4286ae23b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1306&min_rtt=563&rtt_var=574&sent=2565&recv=442&lost=37&retrans=38&sent_bytes=2539714&recv_bytes=70276&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6809&inflight_dur=1190&x=80"
GET assets-cdn.salesmartly.com/prod/project/gs8dic/p1/integration/plugin/image/20250530/1748602756116/image_1748602756116_4e6ace7bf2a541f189f8a0df4d7.png?x-oss-process=image/resize,m_fill,h_120,w_120
200 OK 22 kB URL GET HTTPS
assets-cdn.salesmartly.com/prod/project/gs8dic/p1/integration/plugin/image/20250530/1748602756116/image_1748602756116_4e6ace7bf2a541f189f8a0df4d7.png?x-oss-process=image/resize,m_fill,h_120,w_120
IP / ASN
54.240.174.9
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 22 kB (22419 bytes)
MD5 24d74fbe26d38fcadb04d3d7afed32bf
SHA1 1c340168b67287b384a6f3ea2fac708561f5fc54
SHA256 c3c1adef195d059b97a2f19e987577e4496dae6339d58a6030e8a0aebd141a18
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /prod/project/gs8dic/p1/integration/plugin/image/20250530/1748602756116/image_1748602756116_4e6ace7bf2a541f189f8a0df4d7.png?x-oss-process=image/resize,m_fill,h_120,w_120 HTTP/1.1
Host: assets-cdn.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ss_uid=6e586157d46e1f27d414ad744c139b5b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 22419
server: AliyunOSS
date: Fri, 06 Jun 2025 11:19:22 GMT
x-oss-request-id: 6842CEB90900E6333763B578
etag: "E995B55100AC662C771303F566DA4786"
last-modified: Fri, 30 May 2025 10:59:18 GMT
x-oss-object-type: Normal
x-oss-storage-class: Standard
x-oss-server-time: 75
x-oss-hash-crc64ecma: 16396324691922538013
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: biEchs1YjIEmcxrw6jt3VlGeB5ugnNCwcA-saT-i5Ds_pfJoyZfEKg==
age: 248990
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/127342192300654610_20250603044537.jpg
200 OK 50 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342192300654610_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 50 kB (50439 bytes)
MD5 8a58a4224fb02b1515c05ec2000fe54c
SHA1 4ff5c0242a121bb2b346a5b64a0e788685b306e2
SHA256 8367687f5403c8d3f19f1faa066380f008e7fdf6b3ec0e0724cd7d8053a6920d
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342192300654610_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 50439
cf-ray: 94cf428b5e575699-OSL
accept-ranges: bytes
etag: "8a58a4224fb02b1515c05ec2000fe54c"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4nEs13u%2BHpVdmF5zsrMbOsE9byydXpjzRtVQVO8CCTrdwYBB4DasK4p0ViJT8bERf7zZAkv5q0AnBjpfovRk5QCG1NrmdprKCEVe76SFIrmnJFIc2npdrY70d4%2FRvKbO6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=980&min_rtt=396&rtt_var=578&sent=3275&recv=725&lost=0&retrans=3&sent_bytes=4096960&recv_bytes=9986&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5013&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/56469908036255759_20250603044537.jpg
200 OK 56 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469908036255759_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 56 kB (55718 bytes)
MD5 1fc18019c2b5d1a469828938d8649e04
SHA1 e1bf83ff319d98a83a7688afc13309028f33d939
SHA256 058632964c22b2c66a2f4ff96db02b5422aee6d47a34655522817dea639416f5
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469908036255759_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 55718
cf-ray: 94cf428b9ec05699-OSL
accept-ranges: bytes
etag: "1fc18019c2b5d1a469828938d8649e04"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOrpaBVHe%2BbNdteQ7hIUx1GwAo%2Ff53dnzTmpos28Ozp%2FbHiBe7Fp%2FJ95MQz4Gp4n9ORc3LS8jdEZvoIc55RMZE5XP%2FZRyPny8Bp1nF%2FroEt3GhxCD5RL%2BKvl55oAqgq2dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=940&min_rtt=396&rtt_var=477&sent=3682&recv=766&lost=0&retrans=3&sent_bytes=4624188&recv_bytes=10021&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5065&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/gameItem-B6h7aP5d.css
200 OK 4.2 kB URL GET HTTPS
tl7p8z.top/assets/gameItem-B6h7aP5d.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (4195)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 4.2 kB (4196 bytes)
MD5 4afceb29665376b769c6a4ba7ce72892
SHA1 52d5ffe45ab6a7dea047a55b6b9a30042c98bb82
SHA256 099256d39f061996f00bbdb4b32486f42bb72c168a5c8ae53d327bfc5495b178
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/gameItem-B6h7aP5d.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 1085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2BavT%2B9RkzimIJR2mQ7%2Fqu0wruZUEvD4MEbWmaMQKf%2F4V4eP98YPfsqX4YlBa1HG1d%2FllNx6JGMi1ewQYJgcZ66OA%2F541ac8V52pMT4uKgHlC%2FMNNzISQEtaw9Nh"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-43d"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426eac31b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2209&min_rtt=608&rtt_var=1494&sent=1127&recv=243&lost=0&retrans=0&sent_bytes=1133798&recv_bytes=29877&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3197&inflight_dur=265&x=80"
OPTIONS msg.salesmartly.com/chat/chat-msg/unread-msg-list-v2?login_token=5f71c924494c637226ebcade1580c2d3&chat_user_id=c1e8e75bbecb5ea978106566f4f7ce36&direction_type=1&plugin_id=gt044g&over_time=&env=chat&_=1749457753843&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b
200 OK 0 B URL OPTIONS HTTPS
msg.salesmartly.com/chat/chat-msg/unread-msg-list-v2?login_token=5f71c924494c637226ebcade1580c2d3&chat_user_id=c1e8e75bbecb5ea978106566f4f7ce36&direction_type=1&plugin_id=gt044g&over_time=&env=chat&_=1749457753843&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b
IP / ASN
3.167.2.129
#0
Requested by https://tl7p8z.top/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-10
Times Seen 5753517
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
OPTIONS /chat/chat-msg/unread-msg-list-v2?login_token=5f71c924494c637226ebcade1580c2d3&chat_user_id=c1e8e75bbecb5ea978106566f4f7ce36&direction_type=1&plugin_id=gt044g&over_time=&env=chat&_=1749457753843&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b HTTP/1.1
Host: msg.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: external-sign
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Mon, 09 Jun 2025 08:29:13 GMT
access-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept,External-Sign
access-control-allow-origin: https://tl7p8z.top
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 7bc180ff569f641823300f4c342cb63a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: Vn9lsnJqEPImEpajj337gLEyjEIH4leEcxkFQQZ4HpaUma8Lg8UK9Q==
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/126172385832402958_20250603044537.jpg
200 OK 55 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172385832402958_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 55 kB (54878 bytes)
MD5 b6f30120a44b6eee210101bef40f6fab
SHA1 a7ec08980600a5e858ba5ffe61f773d2866fd1a8
SHA256 bebed7a91c3ad66c37653673d1bc17169cf5d5d3e8f541e39d2bdf5424e0816f
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172385832402958_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 54878
cf-ray: 94cf42882a815699-OSL
accept-ranges: bytes
etag: "b6f30120a44b6eee210101bef40f6fab"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFlk1jPwJLcCy1HQeINDvpn6gST%2F013VmuHiJCuQ%2FxOyhm7o%2BTlOHczzzydla1Y2IkexMDj%2FCA45C0nF47Gu3k1rFecbe0BFuvaYKpwL%2BEVMMZKOWnulbS%2FszloYzBikww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=896&min_rtt=396&rtt_var=454&sent=946&recv=413&lost=0&retrans=1&sent_bytes=1111530&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4467&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/index-hdfRsUUR.css
200 OK 60 kB URL GET HTTPS
tl7p8z.top/assets/index-hdfRsUUR.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (60417)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 60 kB (60418 bytes)
MD5 2e0bc422a88c3ed54ffbfa9fa2079850
SHA1 97033794dd5b712e2ad1d843656872a1f7f4538d
SHA256 c7d7177ea658453d7f0474ec784dfcae1ce7ec4813d63d3bcd8d277eb5848c07
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-hdfRsUUR.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 6629
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K3xrBVIeuEKlT52EdGbZHgjc5pA%2FaKl45q5arJqFjUPaDWi7Mw4s7qeLwO3k59kB%2Fa8ukenBmbuPqDKtHOIH%2BshaCdlpatm3MbDpplzb2KNYE9nqhOxfb1ZZYEiv"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-19e5"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ebc33b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2076&min_rtt=608&rtt_var=1386&sent=1132&recv=244&lost=0&retrans=0&sent_bytes=1136972&recv_bytes=29922&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3202&inflight_dur=269&x=80"
GET tl7p8z.top/assets/index-e7stqYMc.js
200 OK 1.5 kB URL GET HTTPS
tl7p8z.top/assets/index-e7stqYMc.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (1464)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.5 kB (1465 bytes)
MD5 78705cf86c48769663e7abb2492868ef
SHA1 b4271f992e03d72e7bf91eadd9448df5200f761f
SHA256 b9da82319c3db5d7663d98210ad17fb7e47d6bf912f200f41225fbbaca9b2dd6
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-e7stqYMc.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZmK1vhT%2BvXA%2BPSGohqQ7OiCGSzLMRK%2F69DS3P9LyQqeeu94FY1h2NDi83%2FRNt%2FR8Ztv1xlLAvfzDgxuAfWQ6aOAJ%2Fx4IIiaQis%2B%2F7Yw9Pv%2Fh1xyh49hly34hLio"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-29c"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf4273fc94b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1651&min_rtt=608&rtt_var=520&sent=1343&recv=272&lost=0&retrans=0&sent_bytes=1322829&recv_bytes=34628&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3698&inflight_dur=419&x=80"
GET tl7p8z.top/assets/bets_icon-DxWez_fB.js
200 OK 3.5 kB URL GET HTTPS
tl7p8z.top/assets/bets_icon-DxWez_fB.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3497)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.5 kB (3498 bytes)
MD5 62cab719c31278bd684e49ca5027e5e1
SHA1 a9ce4d0a6b1f8d0a268801f2cd633530bde3d381
SHA256 a64ca252a50be2b83159e6d83ed601e527772583813ed965d936eb9c6802a572
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bets_icon-DxWez_fB.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rwDbqxVsJp7grkdn6F6iNmNBZz4%2BC3b0yoUqSV5AoWyD9Q4Y6MdMGdOBYRDXHVpkq1PTbts629gkFuP7Bee270uPcXalWfY5MEyquHfckSiZ13UGnTSEKuRs3WFE"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-544"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42741ca4b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1405&min_rtt=608&rtt_var=450&sent=1377&recv=282&lost=0&retrans=0&sent_bytes=1344381&recv_bytes=39480&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3714&inflight_dur=436&x=80"
GET tl7p8z.top/assets/futbol_icon-VT_Qf44H.js
200 OK 65 B URL GET HTTPS
tl7p8z.top/assets/futbol_icon-VT_Qf44H.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 65 B (65 bytes)
MD5 34039495c771bd791cd9466839cbc520
SHA1 476658a26cc7e0924de247286ee8f898b1104b5e
SHA256 40fc917629b8e843010f8b4a2e11e2bc3317cbe6eb24ea60cfaf2e94d8390daa
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/futbol_icon-VT_Qf44H.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gXznCSVwxDVbM5IPdv5QRRJy4wDiuN9i5BQZIawAF2xl%2FhrLwLAjR5Z%2FljIEr06onc9FvbeiGQb3jmb%2B4Y%2FmAev2j97im%2FW9kU69x%2FWglSnvSuHVjxJDO%2BVK4Rsn"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-41"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94cf42741ca6b529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1339&min_rtt=608&rtt_var=471&sent=1384&recv=285&lost=0&retrans=0&sent_bytes=1348250&recv_bytes=40304&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3717&inflight_dur=439&x=80"
GET tl7p8z.top/assets/formula_icon-Dvq28_rO.js
200 OK 1.6 kB URL GET HTTPS
tl7p8z.top/assets/formula_icon-Dvq28_rO.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1594)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.6 kB (1595 bytes)
MD5 b51ff1146fa9eeee44714f6192f37839
SHA1 5ec835c3383553112af57008bd2db853792e3fee
SHA256 d20b99b4906ed08f1758f0477df0929ae440d0980e0b46a7e4d8b7a6c4915888
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/formula_icon-Dvq28_rO.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 688
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xdjFW5qeCO4gc5PjXzdeJXfVqpUMhpJWRYK9wbsGOA4oSOqkF6FhnwPfM9lVX4mnuKuttS5MT6tAeEsM1hOEKWm4SGf9%2BlGy8KqGoVBcUuB9%2BJkKtvPyRvesWtSK"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2b0"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742cadb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1421&recv=290&lost=0&retrans=0&sent_bytes=1378307&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3726&inflight_dur=448&x=80"
GET tl7p8z.top/assets/icon_public_139-CX4cVZpZ.js
200 OK 2.0 kB URL GET HTTPS
tl7p8z.top/assets/icon_public_139-CX4cVZpZ.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1989)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.0 kB (1990 bytes)
MD5 414ec40f4ce36c08aa65b44a7f6f3db6
SHA1 7e27fd0aa8c9760221be9afcab705c0a74dfb275
SHA256 1f80e4bf87d4d4e817df0670d1b035d47842509f22d242be6944bb35bdda14ac
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/icon_public_139-CX4cVZpZ.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o61iJGaC2hAmBPx0TF7pygzAjuBhPZmZ1sfEFldfsocNMVkv%2FpLQhAkBP29qrceKyIkJl1kKfXMiuFG%2BwKtbrfAQun3KWOw1pgTvebqhmu00d1%2Bg6TtVs96dJIG2"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2d0"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cbab529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1475&recv=304&lost=0&retrans=0&sent_bytes=1413494&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3758&inflight_dur=479&x=80"
GET tl7p8z.top/assets/suspend-language-icon-D1_Op9yU.js
200 OK 1.6 kB URL GET HTTPS
tl7p8z.top/assets/suspend-language-icon-D1_Op9yU.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1636)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.6 kB (1637 bytes)
MD5 0d0e5a48a51ac1b3f8939b9193325f0f
SHA1 0c0f6ae2dc0bff58d231e3ca9e964171dc53d0d4
SHA256 def654a2fbf956666616f510523468e8af2af84047911670f520cdd256eaa190
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/suspend-language-icon-D1_Op9yU.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1X1FheLRpbYNg%2BPz9pOQk4Mw6SWwws54EC5GDqVjWFZVarAtaIKMPlfZ5dQ5cC8spqfQaBYYPa8Kzlc4mfjWnB0OVHb1yk0kKjuHe5%2B4PDoh1iHV06IrLrIjf3Ng"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-506"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cc8b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1383&min_rtt=608&rtt_var=460&sent=1452&recv=303&lost=0&retrans=0&sent_bytes=1396451&recv_bytes=47639&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3755&inflight_dur=477&x=80"
GET tl7p8z.top/assets/index-BdNftx_1.css
200 OK 646 B URL GET HTTPS
tl7p8z.top/assets/index-BdNftx_1.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (645)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 5
Size 646 B (646 bytes)
MD5 01bad19033a12460e22a4e00d70ea51b
SHA1 877bb39752ffc01c788f57392e176a182fede432
SHA256 c06e025bfa2bd39a7e91a5ca0a4545d15e4d0b7dae3d0486770f60604134e8c1
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-BdNftx_1.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLhrCD7pWFb5ZkqvvxLrCdAojKwoWvP9%2Fx4eslsVxTEp0tAccB%2FvEE9nakT7noNl9hMmqD8gOVpR4xzR2%2FJtBAhu9IR38aSV%2FDKt%2FzzrqOj8JuDM4Aijo5zVv3c5"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-12e"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ebc32b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1946&min_rtt=608&rtt_var=1299&sent=1140&recv=245&lost=0&retrans=0&sent_bytes=1144476&recv_bytes=29967&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3207&inflight_dur=271&x=80"
OPTIONS api.tl7p8z.top/games/categories?type=providers
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/categories?type=providers
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/categories?type=providers HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IkSnm6K2PaFSH5ALO9NNV9sV5x4Zvc0wnJBFh2deaCszDqALuI7ko603d0OMpcjOydmlDQUisvxOaEo14q5Ummzmlcih%2FVcew%2B7Q8QqwD1uSbWIH4h9zkHSWsMXNM%2B3SfA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf4286ae24b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1164&min_rtt=563&rtt_var=568&sent=2569&recv=444&lost=37&retrans=38&sent_bytes=2541579&recv_bytes=70372&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6815&inflight_dur=1197&x=80"
GET res.tl7p8z.top/upload/game_image/76622870603628567_20250603044537.jpg
200 OK 43 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/76622870603628567_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 43 kB (42943 bytes)
MD5 a41b97aff975417a912fc21e8b95ad52
SHA1 1521ff86eeb37404176a3f639ffabb2dd86c2be3
SHA256 ba3daed29c4d25283546078a4607d33e774a30e69c166cd5229c35566f0e499a
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/76622870603628567_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 42943
cf-ray: 94cf428acdaf5699-OSL
accept-ranges: bytes
etag: "a41b97aff975417a912fc21e8b95ad52"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3kfdlFJznjB1Tx8YW5wiUoKfhOpDteMse2UqkEEgANec9jiimAA9ZE1xkzoZA1MHffWf5ZIP7qUaYQ6HHWWyC4RCc8vnt1yv8wt%2FDHT4NV4lyPTiBz0zGd1wFLKBceE1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=969&min_rtt=396&rtt_var=526&sent=2270&recv=661&lost=0&retrans=3&sent_bytes=2798419&recv_bytes=9986&delivery_rate=28564491&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4890&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/127342192283877386_20250603044537.jpg
200 OK 51 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342192283877386_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 51 kB (50550 bytes)
MD5 8d97b322528027f98a7118f282dbfbdd
SHA1 040a49ea998b7e5b78c40b45a76d0a51b45c2763
SHA256 e1c44adbc7d3bb192c5132af6593e1555c0f3071dc6cb35f2ce0b9baf6b8e8ad
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342192283877386_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 50550
cf-ray: 94cf428b5e525699-OSL
accept-ranges: bytes
etag: "8d97b322528027f98a7118f282dbfbdd"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1o6Tz%2BTEkBBhKmOUCetgzenQeNstv7JL5DqbaTrThURrcNHNz0kykG%2BpiCOuKHeThWUyZRWZeEAXBClH1fX3amS7sccGbu8RflSjkigmsW6F7YeLG5NwOgBDqpF2g9Xhkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1858&min_rtt=396&rtt_var=1743&sent=3010&recv=708&lost=0&retrans=3&sent_bytes=3755558&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4996&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/static/Inter-700Black-3.otf
200 OK 228 kB URL GET HTTPS
tl7p8z.top/static/Inter-700Black-3.otf
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type OpenType font data
First Seen 2023-10-29
Last Seen 2025-07-31
Times Seen 10
Size 228 kB (227788 bytes)
MD5 8eef1d181c64f2adb85ad1c93d62a550
SHA1 68c456410eebd937a6496fff66d71311c8e844f7
SHA256 6501afc3abeda7f4e1f158017b5eb91bdf9427073896dc4ad8f5f52a43459288
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/Inter-700Black-3.otf HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/font.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: font/otf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B0Tro8pvvY2jwj9cPX3FQF%2FoROa%2BdDuDw2Axbl3ptx9Fh0a2u7YSyY5HI8T22RU6PghmDkSV6LoGX7PXrjmXn4xXrzjh7A%2F7qNO4tvBFhKHXYqQHP1xfFWG7P%2FD6"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:11:51 GMT
etag: W/"683ee687-379cc"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 94cf4283ddb6b529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1739&min_rtt=608&rtt_var=1214&sent=2212&recv=410&lost=37&retrans=38&sent_bytes=2167073&recv_bytes=66406&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6465&inflight_dur=1010&x=80"
GET tl7p8z.top/assets/speedway_icon-ClZ-JvKv.js
200 OK 3.7 kB URL GET HTTPS
tl7p8z.top/assets/speedway_icon-ClZ-JvKv.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3712)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.7 kB (3713 bytes)
MD5 7171aab7e139e4e60fdda42933e8f49f
SHA1 595fd10baca0b8a9508427c784f61425ac216156
SHA256 aa6213b321d77b6bd65611c7276100934f3eaa243c86416fbbac2b56d5190c88
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/speedway_icon-ClZ-JvKv.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0BcxQeAWmHFVgjjLP7sKEsUtZkNoeyYAqVIXq6p5Gfmw4eBPcEBb8q5NPfB1KlkBHbs22ZwMagDqnTIAhGf33pm%2F%2FtqXfaLqu7B3oB2B3tVXgWt3COLn%2FhKqD0XJ"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-626"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742cafb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1423&recv=290&lost=0&retrans=0&sent_bytes=1379711&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3727&inflight_dur=448&x=80"
GET api.tl7p8z.top/games/categories?type=casino
200 OK 690 B URL GET HTTPS
api.tl7p8z.top/games/categories?type=casino
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-07-31
Times Seen 2
Size 690 B (690 bytes)
MD5 1d60b50fab7068a11b9c53163e4f9076
SHA1 64da09dedd7eb8472d3033549616e31c8876ba2b
SHA256 b244fdb43d7a63b1b4828542cbc6d3195bd2f0651f3958446106a1404a1abfd2
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/categories?type=casino HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5r05mpL00%2FrxHr2B80XzMMEQcojzAXW1MAEp8ujpV9CSuK9gczYuX%2FB4Ad188845w%2FhWH8osqnmCo%2BBauNU8vDR%2BaeYvxpb%2FS70F5lkHt4xcdH6RFFKV76Px0CBW%2FeltZA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf42851e03b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2605&min_rtt=608&rtt_var=1896&sent=2294&recv=416&lost=37&retrans=38&sent_bytes=2253398&recv_bytes=66681&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6574&inflight_dur=1089&x=80"
OPTIONS api.tl7p8z.top/games/search?game_categories_slug=livecasino_MX&page=1&limit=54
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/search?game_categories_slug=livecasino_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/search?game_categories_slug=livecasino_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKPmyN8mmKrdClUQ%2FE8S9ifeaCD2v3deFKyCbvJ63HyGxF%2BCP%2BohwGuVVTGKUoEcTWBuSZeLR4%2BCzFzZkh98c%2FRZdsOoQMMBGxxZolxvCIiFGrWvDLYmAjhPb%2FQPRnCx5A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf4286ce26b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1027&min_rtt=563&rtt_var=436&sent=2578&recv=450&lost=37&retrans=38&sent_bytes=2544447&recv_bytes=71847&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6835&inflight_dur=1214&x=80"
GET res.tl7p8z.top/upload/game_image/126172383315755027_20250603044537.jpg
200 OK 48 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172383315755027_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 48 kB (47635 bytes)
MD5 a94b159cbce10f5bd6bd3521b66e845c
SHA1 fbf8b91b07a1ed106a5e7e24329f3d876717d4e5
SHA256 702bfae09aaded0a4dd166bdc432d52c00fdef950d8ded0dfc2c6ad5ff46f504
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172383315755027_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 47635
cf-ray: 94cf42881a755699-OSL
accept-ranges: bytes
etag: "a94b159cbce10f5bd6bd3521b66e845c"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WIUexV%2F%2FjY%2BXB0OhMdW1xz834llQHE%2BCQ%2BFHjgFtHXm3EXwuucS2PoayvHX9Fo1dz1B15ATUpszailBLlK5c5b%2Faj8t7t6p0XflPivvweVBwvizDvuM5pYNfMi%2F79dnunw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=852&min_rtt=396&rtt_var=483&sent=433&recv=268&lost=0&retrans=1&sent_bytes=456124&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4417&x=0"
X-Firefox-Spdy: h2
OPTIONS api.tl7p8z.top/games/copy
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/copy
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/copy HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Ec7PvCh%2FYt5NHyOi6FxKKae6coxUlKn30d6Q9rIRJfxktMVhjmflsJKhDr%2BqB0Xw2cNy3eqbzPIWK7Wab8%2BZJQZ22u0vM8HUdG%2B5DA%3D%3D"}]}
content-encoding: br
cf-ray: 94cf426e3c775699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/promo_icon-CNUIoCB5.js
200 OK 3.9 kB URL GET HTTPS
tl7p8z.top/assets/promo_icon-CNUIoCB5.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3902)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.9 kB (3903 bytes)
MD5 b85eafa0f236eaaf124dabae5e2a552d
SHA1 648853c70a8901f5a400c44d9d07ab3235ceb97d
SHA256 43428caeeb6ee816995188056c94b73e197385f09cbb4b02a1406d4626d2cedc
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/promo_icon-CNUIoCB5.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1648
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cY5epabc1xWnJkLmPhSIIxrrAr0SN5WhHOcQCkLJoesbcp5m43zjWoZ3cPkhFHL7nI9EfV0VbJfFSXp8R0K9oB6o0gS43TVqQ4GAZtiSeASeXH%2FeQUsz3z%2F%2B3Lj%2B"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-670"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426edc48b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1827&min_rtt=608&rtt_var=923&sent=1175&recv=247&lost=0&retrans=0&sent_bytes=1173857&recv_bytes=30059&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3234&inflight_dur=299&x=80"
GET tl7p8z.top/assets/sprots_tennis-CrBkc-Zj.js
200 OK 2.2 kB URL GET HTTPS
tl7p8z.top/assets/sprots_tennis-CrBkc-Zj.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2179)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.2 kB (2180 bytes)
MD5 d5e26ddc800d6ccdcfdf82101c25629c
SHA1 e8732626bb422e32da4f95d6a3d35d15d6b02f49
SHA256 58f55eea1b45eb66aa8bb354870fe95d6d52b7868495bcea773f7a16dc4c8276
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sprots_tennis-CrBkc-Zj.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYznHPv5QpTRGjjUQYIet8usnHBTWjcIcue1dtfLQRWMvmbD82AE974npbCPyxoItNRNpouN6rQdGNpesxpeUVQAwe7aXjCk8EK5Q1QKygZtQaqicX6akEy7MT0X"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-3cd"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426efc56b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1827&min_rtt=608&rtt_var=923&sent=1194&recv=247&lost=0&retrans=0&sent_bytes=1189630&recv_bytes=30059&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3243&inflight_dur=309&x=80"
GET client.salesmartly.com/setting/sounds/ling.mp3
206 Partial Content 47 kB URL GET HTTPS
client.salesmartly.com/setting/sounds/ling.mp3
IP / ASN
54.240.174.108
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo
First Seen 2023-04-19
Last Seen 2025-08-10
Times Seen 644
Size 47 kB (47223 bytes)
MD5 1065fe976ff9e98d69772fe0f0d7b808
SHA1 122193fafe8453db01635cf4502524eb93264fdc
SHA256 35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /setting/sounds/ling.mp3 HTTP/1.1
Host: client.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
content-type: audio/mp3
content-length: 47223
date: Thu, 05 Jun 2025 09:19:24 GMT
x-amz-replication-status: REPLICA
last-modified: Tue, 02 Jul 2024 06:29:42 GMT
etag: "1065fe976ff9e98d69772fe0f0d7b808"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=15552000
x-amz-version-id: J6b7RzocQsVXwTzS3QxevgOr1gKTyblY
accept-ranges: bytes
server: AmazonS3
content-range: bytes 0-47222/47223
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Tpef01ixfxJepaDRNgYshRHAo5M0aSLe6Eq8OIDpLF2qer3-Ne_E9A==
age: 342588
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/liveChat_float-C_c6XLe-.js
200 OK 62 B URL GET HTTPS
tl7p8z.top/assets/liveChat_float-C_c6XLe-.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 62 B (62 bytes)
MD5 90581e1327ae11ed57627e8112edcfb4
SHA1 20e6b91c6d0d737ce8a82261afac1bc55bfc99b4
SHA256 829f9ace32cee9dfd9f80c0215712f2ff2f80ed79108ac4eefaf680d380efa39
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/liveChat_float-C_c6XLe-.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BcN0oQS9.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCKqjwO8U06I4y9R%2B12u9DromDGiK9haqHUxXK8V%2By9sjQJLbFeOrqx47lKPGPU7K6ZuVFrvJSkJ06H2L2A30r2X5ppbrUx3btm8FLe%2FEZF%2BWMvRwg1d3hmLUtCs"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-3e"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94cf42803d8fb529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1478&min_rtt=608&rtt_var=818&sent=2095&recv=362&lost=37&retrans=38&sent_bytes=2087731&recv_bytes=55574&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5649&inflight_dur=802&x=80"
GET tl7p8z.top/assets/indycar_icon-BqBrKULO.js
200 OK 2.7 kB URL GET HTTPS
tl7p8z.top/assets/indycar_icon-BqBrKULO.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2672)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.7 kB (2673 bytes)
MD5 181ea4f6f1a151316a5d9e178f8300ec
SHA1 40718f76befae3bae5d2b405fe2c98be634f8c37
SHA256 517638864240e915cac5537da5b182761a14b8db2f35f4038aabe6a54c9c40bb
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/indycar_icon-BqBrKULO.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0loZwn2er8oEBhSGSkMndhQw1WuI%2F2fzh2uweoLZjoAuo2QBPdR6juJSbLmmLQlU3Kat4ANFR1VIx%2FMs1pQi0Aksmaz0q5AmUdfmYdlBhoueBxRqr71axM1qfzOO"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-49d"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426edc45b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1159&recv=246&lost=0&retrans=0&sent_bytes=1160810&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3217&inflight_dur=285&x=80"
GET res.tl7p8z.top/upload/banner_image/20250604_0f74fb17ee9b408c696c7d9c1b105be1_1749051821531.png
200 OK 406 kB URL GET HTTPS
res.tl7p8z.top/upload/banner_image/20250604_0f74fb17ee9b408c696c7d9c1b105be1_1749051821531.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 666 x 420, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 406 kB (406325 bytes)
MD5 4a96c38f80025283621a1d73c3563205
SHA1 936453ad9c997e8052dd06e1e1708decccc4d273
SHA256 9f4e65bef0ee8ec31a12fd615689d62ba2cccc16cbd3dc2b7e0c502e2c6a9fb3
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/banner_image/20250604_0f74fb17ee9b408c696c7d9c1b105be1_1749051821531.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 406325
cf-ray: 94cf42886acd5699-OSL
accept-ranges: bytes
etag: "4a96c38f80025283621a1d73c3563205"
last-modified: Wed, 04 Jun 2025 15:43:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KuFEzEytb%2B3Klw4SCFA7QYqj%2B2SbHeBTNALZarPbgVXmwyEvkK5LqmZVo2g0EEW8EKSfdRBrGH6kzhxXl58zL2BLDBCAN86bjtadAMu0pD%2FbZD3%2B0V%2BAR%2FDgZ8rB8B5jtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=924&min_rtt=396&rtt_var=519&sent=1151&recv=431&lost=0&retrans=1&sent_bytes=1380903&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4505&x=0"
X-Firefox-Spdy: h2
GET api.tl7p8z.top/banner/list?download_plan=0
200 OK 2.4 kB URL GET HTTPS
api.tl7p8z.top/banner/list?download_plan=0
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.4 kB (2385 bytes)
MD5 91f61d8524cd37e4cad40ab5d8d500a0
SHA1 3f9266b0d1912dd96976955bde6bc00d4c404b22
SHA256 820ea633876f96b2cf8b1879e178df1f0c9ff515f348433b67e5468b8878f8e6
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /banner/list?download_plan=0 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fNc6EIwDzjSeP05HuX2usS1qhfacOasPcr1FxE0IYQXPaQtuwTWdL0Q%2ByqOOt5aaCc1lAf9n5tj6nf01%2FdKuSksTATLotLD4LSRf6cLStJy4iROgFz4DzB%2BU71MAjBbcbA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf42851e05b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2791&min_rtt=608&rtt_var=2035&sent=2288&recv=415&lost=37&retrans=38&sent_bytes=2250114&recv_bytes=66636&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6566&inflight_dur=1079&x=80"
GET tl7p8z.top/assets/index-BcN0oQS9.js
200 OK 9.4 kB URL GET HTTPS
tl7p8z.top/assets/index-BcN0oQS9.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (9443)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 9.4 kB (9444 bytes)
MD5 2bdeb77fbbbe6de7a17159ffeac65c6a
SHA1 9b6e96d109f28011a61891c11ce0604c44b66318
SHA256 44b4bd999215789aca2c1b28bcf891cde22b0684d7730f8002835736acd7f033
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-BcN0oQS9.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: application/javascript
content-length: 6154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y00z9aEqsfewFRHR20eo%2FCYgJZ6b2E%2ByBwUG8Fs3p8NrpvzvDVWsgovdaSQ3uwM3JgzOG5TprNoXlWCdRBAhLmtoK3QZXgJYLYMna0XzDtMWLfXDAopTv0pM5%2F2e"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-180a"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf427d0d66b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1784&min_rtt=608&rtt_var=628&sent=2067&recv=348&lost=37&retrans=38&sent_bytes=2069564&recv_bytes=53325&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5499&inflight_dur=741&x=80"
GET tl7p8z.top/assets/headadv-pc-icon-ClfDtEvS.png
200 OK 177 kB URL GET HTTPS
tl7p8z.top/assets/headadv-pc-icon-ClfDtEvS.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 730 x 156, 8-bit/color RGBA, non-interlaced
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 177 kB (176931 bytes)
MD5 132d95d293407aec0e3e8dc91dc40d15
SHA1 3d1429c21e44e261a8c22d119915a932d15676cd
SHA256 bdc1dbff00754a0dc39a2d89417c232740ff31ee0ad91ab621a9cdcc93a5a287
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/headadv-pc-icon-ClfDtEvS.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/Order-xjUFw0kN.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: image/png
content-length: 176931
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PNvI6Z0iN1EywjJXYEQGKvj1TnHy6SGUtoDatXL%2BDBFVZuiGqjUbgTN6zAOz%2B%2Biuq9RUnjrv%2Be4GU0b2lH%2FyzO8XJqTcLl%2FO2rrTJ8EILMsryVfUsoxxl93DdMD%2B"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-2b323"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf4283ddb4b529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1739&min_rtt=608&rtt_var=1214&sent=2229&recv=410&lost=37&retrans=38&sent_bytes=2186336&recv_bytes=66406&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6467&inflight_dur=1013&x=80"
GET res.tl7p8z.top/upload/game_image/127342191780560914_20250603044537.jpg
200 OK 53 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342191780560914_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 53 kB (53137 bytes)
MD5 52928f169b1a1a062d83c6635e8b1f4d
SHA1 44a1c7d5d4739334fc313c3b56983c444ec879e1
SHA256 3655609c85c01d08d262a287a567b3da5e284cb7f8aab7ff9a464ee82d0ca532
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342191780560914_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 53137
cf-ray: 94cf428b5e5f5699-OSL
accept-ranges: bytes
etag: "52928f169b1a1a062d83c6635e8b1f4d"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSpiTYRX8oK%2BaBQOFHKp3BAU6c%2FiWXYEyNBG5vbJ8ZTXzHMvAsZ50RCLjCYW6D%2BP%2BP6vDlORwZBCNuBiIXToyqZRIa2z9urY8Jh1dqe7b94cpzfmvBzGvkp8i7bDE5WHOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1514&min_rtt=396&rtt_var=955&sent=2737&recv=698&lost=0&retrans=3&sent_bytes=3406364&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4977&x=0"
X-Firefox-Spdy: h2
OPTIONS api.tl7p8z.top/games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UqvUHJzzfJmmFNRTH9EhoACp5GZtt0zP8xSaj9afTSxZxwTj7dSN4hHAoY6OH77wtXG6Us3AJWLuKQqDocxMQBShrL2ZVuvmoJ2R61U96H3GIe%2Fy4m3RieD9gUy9bYfhOg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf428c3e72b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1915&min_rtt=563&rtt_var=841&sent=2627&recv=476&lost=37&retrans=38&sent_bytes=2566788&recv_bytes=75782&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=7699&inflight_dur=1390&x=80"
GET tl7p8z.top/assets/index-BLqJ-ndz.js
200 OK 56 kB URL GET HTTPS
tl7p8z.top/assets/index-BLqJ-ndz.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (55633)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 56 kB (56153 bytes)
MD5 23a2f214772a0daf439d30e82e36f924
SHA1 7b7a5fe9a8798f777886d26ba4ee8716985e7165
SHA256 f82964d3f9b007b96b9c181f6bcf706a82d6a6ac1bbb5521146f446dfc72ba33
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-BLqJ-ndz.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-C4sLo-pF.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 24924
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IEQvuZFhoUM6Ut62iAhDFQKuJTGIZQNcZv4Sj9mT0oij0nQ7mTYApOecHG9%2FYo6Re0xkPNoGdc%2FWuS%2BG6MWaftRuvouLb9p9yM%2F2cdmaPxSEwOhHl4BEsJvPkiyf"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-615c"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42732c86b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1686&min_rtt=608&rtt_var=599&sent=1306&recv=260&lost=0&retrans=0&sent_bytes=1293602&recv_bytes=31373&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3560&inflight_dur=411&x=80"
GET tl7p8z.top/assets/left-menu-btn-CvYrfWzB.js
200 OK 1.2 kB URL GET HTTPS
tl7p8z.top/assets/left-menu-btn-CvYrfWzB.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1241)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.2 kB (1242 bytes)
MD5 c85a656d82931832c34094368d1d72b2
SHA1 bb1a01118ccc4de38e7067a3c53727f815c6d85f
SHA256 fb27f7112919dcca1220a5fed2b43ad0dffa43c9468ac543b3b678fca4cd8ad4
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/left-menu-btn-CvYrfWzB.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qK5MDy0wcq8W2bRWUjn6OUdWLhydq17SVQG2pOU0GmiBnN2lo6UGqFJHhfHCsljEKmv5uCWODE3LJ%2B04a06WrpTtqyqEAs7uCsBIh1Wfa8TD1uBFsNpKRsSvWzfB"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-21d"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745ccab529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1459&recv=304&lost=0&retrans=0&sent_bytes=1401728&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3755&inflight_dur=477&x=80"
GET tl7p8z.top/assets/arrow_bottom-DSgdI6tl.js
200 OK 373 B URL GET HTTPS
tl7p8z.top/assets/arrow_bottom-DSgdI6tl.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (372)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 373 B (373 bytes)
MD5 c15e219293331a58ef885e9801d447fc
SHA1 ce957ca892d13bdd73c764893467682792aade8a
SHA256 5fd29541e4bc1c1ea25578238501a595897bdd6b3cbad0c5e228fe36045040ff
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/arrow_bottom-DSgdI6tl.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 329
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bICVbBNbALDz4TrJcCIFobwQ35g4o0bvT743UQpc2azK5JV1ReGCYndf4zTI3fGUQOxoA3aV2PEtrOI6eAa0Iq4c%2FdQJoFthBoaG%2BCehlodL%2BGBn8gVUwh84%2Fs6D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-149"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745ccdb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1284&min_rtt=608&rtt_var=429&sent=1482&recv=305&lost=0&retrans=0&sent_bytes=1418912&recv_bytes=47730&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3761&inflight_dur=481&x=80"
GET tl7p8z.top/assets/index-BYeHPM7a.css
200 OK 369 B URL GET HTTPS
tl7p8z.top/assets/index-BYeHPM7a.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (368)
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 369 B (369 bytes)
MD5 8171e418962ee4ed46a06defee341ced
SHA1 f27c192676e2e0f776815ca962c9666e0a850e40
SHA256 4a7fe6660cb1216d4fc5674ebe5c1358c1c91f61adcf02ac93a37f965897c667
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-BYeHPM7a.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: text/css
content-length: 225
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6SsaQUf86nM%2B2H6vNFM2Y4aeUS3jzHqmsR2L6nPfAheU0vLaECWLoX0fWuFkLI22cD68jPQiY48ytXOnX5dQv3grwaiIf3zWJDOWshfWL5hJq4p9mtu7QelkLdD"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-e1"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf427c6d59b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1462&min_rtt=608&rtt_var=456&sent=1855&recv=333&lost=0&retrans=1&sent_bytes=1836681&recv_bytes=51515&delivery_rate=30262738&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5158&inflight_dur=622&x=80"
OPTIONS api.tl7p8z.top/downloadapp/list?id=0&download_plan=0
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/downloadapp/list?id=0&download_plan=0
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /downloadapp/list?id=0&download_plan=0 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5BK6ipzSrrAfWbeyS4vldQ815NyfQ4pQ1r51KGzbuYibfxhiSoLHw%2FAHEPEHZic4GrW%2FPcBTF56lvIWmVruczaph0cY0w6bJPj9N%2BLYxZVMhggH2FJKwkE43UXj5TqXzg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf427d5d6fb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1367&min_rtt=608&rtt_var=446&sent=2087&recv=355&lost=37&retrans=38&sent_bytes=2085506&recv_bytes=53953&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5558&inflight_dur=770&x=80"
GET res.tl7p8z.top/upload/game_group_image/20250516_fbc1cc6bb1ed675bd9c3243dbf657e77_1747384047023.png
200 OK 1.5 kB URL GET HTTPS
res.tl7p8z.top/upload/game_group_image/20250516_fbc1cc6bb1ed675bd9c3243dbf657e77_1747384047023.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-07-31
Times Seen 2
Size 1.5 kB (1542 bytes)
MD5 5a6d3fad7b7ec84153bd6cdf36a30a4c
SHA1 7d85686af2ac17134eb7387a9a65ddaf90daf616
SHA256 6d4db648162983a8d6560591523f3491dedbced8f4269e185da7f32a8195f686
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_group_image/20250516_fbc1cc6bb1ed675bd9c3243dbf657e77_1747384047023.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 1542
cf-ray: 94cf428688635699-OSL
accept-ranges: bytes
etag: "5a6d3fad7b7ec84153bd6cdf36a30a4c"
last-modified: Wed, 28 May 2025 16:28:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5tddYOXpdG9fh2BTJAECMMdDujd9xheoQmUHozbzEb59oCAzhK80sgHHkHk5B9%2FujiEJs8HZHSCFhj2yz2DycXaq%2F7XSfR899eGYcPY2I5PASOUx%2FHL%2BjmRNy09p0yMmxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=487&min_rtt=396&rtt_var=35&sent=184&recv=167&lost=0&retrans=1&sent_bytes=194124&recv_bytes=3106&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4174&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/arrow_left-CDKkQzuj.js
200 OK 357 B URL GET HTTPS
tl7p8z.top/assets/arrow_left-CDKkQzuj.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (356)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 357 B (357 bytes)
MD5 de3c47d5f97ecd60c0b6eb54a51ccd73
SHA1 aca12c2871978dd5e934394e0bd7d7bef3949ae6
SHA256 d81e4c20a775f5ea73e5c370ff2a0f1dc692a9defc64b73afed73da01b1de7bf
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/arrow_left-CDKkQzuj.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dP6S6a6bC9wDCb7r7Q4ZnUXJYYNpferEog7UlMX%2BAfa4xNQIPCSMjtZuNKx1t72HYeE76hjybi%2BK15tg3qU3Z29mANxa0hi7Jf7O%2BLvXJlc6MPXto0%2Fjbh%2BM5q1L"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-13d"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f5c76b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1937&min_rtt=608&rtt_var=622&sent=1275&recv=253&lost=0&retrans=0&sent_bytes=1263781&recv_bytes=30336&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3313&inflight_dur=374&x=80"
GET tl7p8z.top/assets/feature-CPgyEJlR.js
200 OK 97 B URL GET HTTPS
tl7p8z.top/assets/feature-CPgyEJlR.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 97 B (97 bytes)
MD5 47e235bd214564b9639fa49fb0be789b
SHA1 5b95bd51534e48334433ad4f87503e3a405138c2
SHA256 e2ac77f9b441805ae0a5b9fcaf5e0c630a987012693b86bb45cab7f0511316e3
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/feature-CPgyEJlR.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAAUxt8HFpdqokmZfdba2PeGBrBmEdBwvhNlCQqRR1QnLTuorQvxgwDD%2B8PRZW0Ed3cM4esuusSfLsxvd4bWKFfV36NpNdOeXuovsoqSlv8PglsYHkA754SMv9CS"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-61"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94cf42741c9db529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1405&min_rtt=608&rtt_var=450&sent=1381&recv=284&lost=0&retrans=0&sent_bytes=1346497&recv_bytes=40258&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3715&inflight_dur=436&x=80"
GET tl7p8z.top/assets/boxeo_icon-grmgNAi1.js
200 OK 64 B URL GET HTTPS
tl7p8z.top/assets/boxeo_icon-grmgNAi1.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 64 B (64 bytes)
MD5 4748df024fac9a413919dccd6f5c6a7d
SHA1 e5f9e1dc3a51c97bd4f2aeaf6a778ce3bbd47288
SHA256 2cac1ca4ef5dd0401e54be3b35508a09ca0cebd891d5a51da141451986124499
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/boxeo_icon-grmgNAi1.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GhP5mzLMhMPlAK76US2r45F%2F5MoWtRh3WANzTqZZMtVm%2BM0xwz6Zq10%2FZ%2Bc4TuT2HsmQl3tKHz8Jz3oKyE6ZUF1Gvb2KMfy%2FlQDWV7GmJGuAryaItr%2FwTgRPlGNv"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-40"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94cf42741ca7b529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1411&recv=290&lost=0&retrans=0&sent_bytes=1369524&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3723&inflight_dur=444&x=80"
POST srz.salesmartly.com/client/log/log?plugin_sign=a52e08e4f90eebb97e80981d6151894e&plugin_id=gt044g&over_time=&env=chat&_=1749457751981&_lt=&_u=
200 OK 47 B URL POST HTTPS
srz.salesmartly.com/client/log/log?plugin_sign=a52e08e4f90eebb97e80981d6151894e&plugin_id=gt044g&over_time=&env=chat&_=1749457751981&_lt=&_u=
IP / ASN
54.240.174.22
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2023-08-03
Last Seen 2025-08-10
Times Seen 268
Size 47 B (47 bytes)
MD5 77e652f404f47086bb49598b43b92d9a
SHA1 9b4981aa40e98879d7f2efda3261e0f0c76a0d78
SHA256 052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
POST /client/log/log?plugin_sign=a52e08e4f90eebb97e80981d6151894e&plugin_id=gt044g&over_time=&env=chat&_=1749457751981&_lt=&_u= HTTP/1.1
Host: srz.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 516
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 09 Jun 2025 08:29:12 GMT
access-control-allow-credentials: true
access-control-max-age: 86400
x-powered-by: PHP/7.2.34
access-control-allow-origin: https://tl7p8z.top
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E1yrIP2_fPLIExEutquhs13SSritEmPkvA1LrCr7Coz-nHrQLCfE-Q==
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/sports_cricket-DbNeBt6l.js
200 OK 2.5 kB URL GET HTTPS
tl7p8z.top/assets/sports_cricket-DbNeBt6l.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2530)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.5 kB (2531 bytes)
MD5 48d88f06a6e67224e446266fcc57e37a
SHA1 c3f57c1bc4b21df7d93a5886593e57ab5a5fb246
SHA256 584946946aa660a1f6fcacf7fd6bb762a2968053bd0bcbc13ed84949710c4bc6
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sports_cricket-DbNeBt6l.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2B2GfMCw6ErA823asj66KmqZ5RqhvHHQWuQd9pY2rRsg5nFjdiE7TpQ6P0feQvzjPd7afZbDOWi76COcD%2BdGpQcvyR0lrPPnBEBzrvHpI7yRU9BTFiypN47EBD6Q"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-447"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426efc5ab529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1198&recv=248&lost=0&retrans=0&sent_bytes=1192363&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3246&inflight_dur=314&x=80"
GET tl7p8z.top/assets/vipClub_icon-b9u5Wevg.js
200 OK 2.4 kB URL GET HTTPS
tl7p8z.top/assets/vipClub_icon-b9u5Wevg.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2448)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.4 kB (2449 bytes)
MD5 549f1f4a614f77c99b7c25084357b7f7
SHA1 0d5536b934b3936e66d92d5e13982494b17c64b0
SHA256 a325e76ca8fae558f473d7fbe6b744ac502bcb01a0318323f7d2c877d8be9b3b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/vipClub_icon-b9u5Wevg.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zEGG05S8ikKpXTtt%2Bh1LFeWbX1j%2B9bKpRtQe13RcCN13ZF7fMvL%2FtNQ37n8DO2JgWp%2F2S4uw7Yr%2FycbTOENWYr7SJObH5NToN1Rrap3pQ%2FtpR%2B9ysZNHcdr%2BMU8H"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-3cd"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426edc49b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3847&min_rtt=608&rtt_var=3362&sent=1083&recv=233&lost=0&retrans=0&sent_bytes=1095927&recv_bytes=29422&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=2994&inflight_dur=188&x=80"
GET api.tl7p8z.top/games/categories?type=providers
200 OK 8.0 kB URL GET HTTPS
api.tl7p8z.top/games/categories?type=providers
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 8.0 kB (8035 bytes)
MD5 b85bf2942eb5bfaa591455fa9160bcdc
SHA1 57f630756ade3cca2dca702dea8936bf1901d429
SHA256 85a8f6e4b7440394fa205c9bd05c2946eb77eefd4e3ae2c895a73311003f7ab3
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/categories?type=providers HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HPSDjL5w8wvcDARo531tWdCQ%2FPgrjRQbENvfD67YqhsA1xP4q52Ys37wO04VgJmVDNI%2BJt2OcXz6IF2OQoBVzviskUAJXispO%2BaHfqNrliGPIwGR8vjYrXC5829OFCilwA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf42852e07b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1543&min_rtt=563&rtt_var=936&sent=2539&recv=437&lost=37&retrans=38&sent_bytes=2520807&recv_bytes=70038&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6794&inflight_dur=1175&x=80"
GET res.tl7p8z.top/upload/game_image/56469924394041356_20250603044537.jpg
200 OK 47 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469924394041356_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 47 kB (47086 bytes)
MD5 73eabbdfa0ff4f6e1e6e1187fb2a65eb
SHA1 81402355c2a2fac545a1d767147e962496d1d675
SHA256 cbc3f2af192dd873af8ac3ff8df36b45f0e682b22834ea2153fdb5d81a440437
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469924394041356_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 47086
cf-ray: 94cf428b6e785699-OSL
accept-ranges: bytes
etag: "73eabbdfa0ff4f6e1e6e1187fb2a65eb"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09%2FAp8Lzs4p1zEI4A24UXb%2F92LBqd7OH2yfuOkLY40%2FXxwK8ALoQI5tTDbO2cux88DvnE%2F1s9Eag%2F%2Bfx9zp0ZbzhB85zECGhd9B3cvHGeV123YIfjHQywBkzvpbc6TrORg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1910&min_rtt=396&rtt_var=1411&sent=3078&recv=709&lost=0&retrans=3&sent_bytes=3841980&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5002&x=0"
X-Firefox-Spdy: h2
GET telegram.org/js/telegram-web-app.js
200 OK 114 kB URL GET HTTPS
telegram.org/js/telegram-web-app.js
IP / ASN
149.154.167.99
#62041 Telegram Messenger Inc
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, ASCII text, with very long lines (768)
First Seen 2025-04-12
Last Seen 2025-07-03
Times Seen 358
Size 114 kB (113893 bytes)
MD5 2db55d684f07c95beee17f42802f772b
SHA1 75d76d0be4d644d3fb0de488752ce1a4f28e6480
SHA256 89a574824215075b5392730f04d2afa3fef7d8992311deb5ff3ea1975f7ee3bd
Certificate Info
Issuer GoDaddy.com, Inc.
Subject *.telegram.org
Fingerprint C8:B7:84:85:FF:8F:0B:CA:9A:D6:E7:3E:81:F1:1E:94:39:D1:11:0A
Validity Sat, 10 Aug 2024 13:33:14 GMT - Thu, 11 Sep 2025 13:33:14 GMT
GET /js/telegram-web-app.js HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 09 Jun 2025 08:29:05 GMT
content-type: application/javascript
last-modified: Fri, 11 Apr 2025 15:41:00 GMT
etag: W/"67f9380c-1bce5"
expires: Fri, 13 Jun 2025 08:29:05 GMT
cache-control: max-age=345600
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/Order-BjKT1V3S.js
200 OK 5.6 kB URL GET HTTPS
tl7p8z.top/assets/Order-BjKT1V3S.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (5622)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 5.6 kB (5623 bytes)
MD5 6a1a0bcadc4d44a3c1d6a58f4a497539
SHA1 186c96ef31d9e5fe641b9b0625d2df230b296109
SHA256 82f50e672abc7b79645077f146156a789fc9fdf739ee58a388da9d3c9ae36ec9
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/Order-BjKT1V3S.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 3132
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sjrq8L1VuIaHK7orXBNqfif0VUOMa%2BA3QQJ3BUjxH%2FYIVwgjYCdPaTuxnLCZ5lgJ%2BUU2e0oH8C0kFvFVnmOymyMvs07adEgW36Ajp%2Fu3DczgoLi86e%2BjMygNIfsy"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-c3c"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42740c9cb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1499&min_rtt=608&rtt_var=544&sent=1363&recv=277&lost=0&retrans=0&sent_bytes=1336668&recv_bytes=37175&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3706&inflight_dur=428&x=80"
GET tl7p8z.top/assets/indycar_icon-BqBrKULO.js
200 OK 2.7 kB URL GET HTTPS
tl7p8z.top/assets/indycar_icon-BqBrKULO.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2672)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.7 kB (2673 bytes)
MD5 181ea4f6f1a151316a5d9e178f8300ec
SHA1 40718f76befae3bae5d2b405fe2c98be634f8c37
SHA256 517638864240e915cac5537da5b182761a14b8db2f35f4038aabe6a54c9c40bb
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/indycar_icon-BqBrKULO.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZitkvF1Du68ec8nsj57C86%2FUpbr70W7ql4Ut0bh1ovxzPXQ%2FdrFpWKAifQzHnNZ28TgG26z7rx3KWgZC99vaV%2FH%2FV7qyvVF6L4%2FaYtPN2eTFnuAO7HfqVCikZjAU"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-49d"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742caeb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1413&recv=290&lost=0&retrans=0&sent_bytes=1370311&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3724&inflight_dur=445&x=80"
GET res.tl7p8z.top/upload/game_image/126172382661443603_20250603044537.jpg
200 OK 60 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172382661443603_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 60 kB (59652 bytes)
MD5 0b42b732300b716b3ff884c6c0d4b6db
SHA1 a87eec34f084d7c4c35f25bdc7681dabba3fae60
SHA256 d177a6ada3473c61410c4c9aa67bb2cceedf997ef5c079917b3f4eba4965a613
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172382661443603_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 59652
cf-ray: 94cf42882a7b5699-OSL
accept-ranges: bytes
etag: "0b42b732300b716b3ff884c6c0d4b6db"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJrZCACb929kzB7dnpKsF6AavXibJNRkB98qVH6sgviflQg2jcQPsK1u5hpQENp4%2FVUjvCNQ4znIvnQhmnJYW26rZi69CM9rL4CDSa057h%2BUppQPmNGbFs9MkkhEterp8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=715&min_rtt=396&rtt_var=66&sent=702&recv=302&lost=0&retrans=1&sent_bytes=806186&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4424&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/56469922363998222_20250603044537.jpg
200 OK 50 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469922363998222_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 50 kB (49489 bytes)
MD5 9ec1db7b54d1534659f942f2d6d1c7e5
SHA1 54b80b7917b2cdaabc5dbb8ffd69fd6aefb21fea
SHA256 106aa50cdc9052365d07a68ab4ea78511229e09a54514a2e75738a551a45372b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469922363998222_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 49489
cf-ray: 94cf428b6e725699-OSL
accept-ranges: bytes
etag: "9ec1db7b54d1534659f942f2d6d1c7e5"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnoiq5w%2F0vea8Q9DBaL0hn4rXPr60CxmxG5nW7eQsr2cMK%2Fza9UnXa3uwDyglwZXVV4lgDefJtzmqJTsFmCa5rKm4OlZAFy6VSvQzijcxP6Gx8QfjaT5qtZHLsnHecYLZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=732&min_rtt=396&rtt_var=192&sent=3803&recv=791&lost=0&retrans=3&sent_bytes=4773766&recv_bytes=10021&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5355&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/index-C0KqjxwR.css
200 OK 2.7 kB URL GET HTTPS
tl7p8z.top/assets/index-C0KqjxwR.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2662)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.7 kB (2663 bytes)
MD5 c26e583313a130e152745aadfcf03454
SHA1 4bdcbdbee9cd78eb99f831e7ea20752f9bc5e0ff
SHA256 9440a2d39b95231e2be539da2649de6300b59b6232fde7b7796b4c28566f9f32
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-C0KqjxwR.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eXI0rIx7f4sSO138m3qXL%2FjtPC%2Fh%2Buq%2FXkRDqaQcTTd%2FHvF28b5x5GPjGhQy%2FOYLRpa7Ux%2BoAtI%2FXWVshTygB87RMmsmGofz%2BDqQ7pTP6elPvroYtgTo1BlvLN9T"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-320"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426e8c2db529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2454&min_rtt=608&rtt_var=1805&sent=1123&recv=241&lost=0&retrans=0&sent_bytes=1131565&recv_bytes=29786&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3176&inflight_dur=256&x=80"
GET tl7p8z.top/assets/vipClub_icon-b9u5Wevg.js
200 OK 2.4 kB URL GET HTTPS
tl7p8z.top/assets/vipClub_icon-b9u5Wevg.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2448)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.4 kB (2449 bytes)
MD5 549f1f4a614f77c99b7c25084357b7f7
SHA1 0d5536b934b3936e66d92d5e13982494b17c64b0
SHA256 a325e76ca8fae558f473d7fbe6b744ac502bcb01a0318323f7d2c877d8be9b3b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/vipClub_icon-b9u5Wevg.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BB2l47K97pzB%2F%2FOK0ulztvNlZFkGIBFXVRpEVuzKJSjl%2B6dBC%2FfxSaG6UhkRPxyXOTJQ6uQsCl0aLrwwOZkaQU6akFU1ofhxb%2BGViH1mRQwgcTdJ3eutWmGDsaSH"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-3cd"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742cb2b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1232&min_rtt=608&rtt_var=441&sent=1432&recv=291&lost=0&retrans=0&sent_bytes=1387691&recv_bytes=41715&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3739&inflight_dur=459&x=80"
GET tl7p8z.top/assets/index-Cqq1Stol.js
200 OK 1.2 kB URL GET HTTPS
tl7p8z.top/assets/index-Cqq1Stol.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (1151)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.2 kB (1152 bytes)
MD5 fe9e8cc965e34c2ecca9aafd53546133
SHA1 e09f2ee73a67bb007008fdfd12bef96b8b489d47
SHA256 227dd827482fad8eee38a78a2f01505d391ac6be7b1392f4178823ebebdaba7e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-Cqq1Stol.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wsYIxigZOE5i1oRKw5oq3%2BsGApBdFp%2B%2BgCwod7R1qht4RzCGKYIf0GUPlUI2ZR4XD8OTXynLbk%2BPeTJQNiMMhkhSFe8Zfy6F%2BPZU7PIQFT1XeRWXj4st1zodkOg"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-274"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cc9b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1463&recv=304&lost=0&retrans=0&sent_bytes=1404238&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3756&inflight_dur=478&x=80"
GET api.tl7p8z.top/agent/invitation/bonus/info
200 OK 118 B URL GET HTTPS
api.tl7p8z.top/agent/invitation/bonus/info
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 118 B (118 bytes)
MD5 46596c909c9701ea0286d27dfa52ab4d
SHA1 874e74caaf3720b9cc95018ad7fb681dfb70ff67
SHA256 1e8f9e1c33668d4b00ecbfb62b49bae3b24153c6bf0a1a735eb5910659c7584b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /agent/invitation/bonus/info HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1UmrIp5UVVVakKOLE3XbI8nE%2BlMN%2FjDuj8c%2FWpe%2BFpMv4lykQRpBVpeJtVTZ5eLg7ynYRfmLUiJOfAj%2B9zau%2FzTEL444tJg6DmeYYD7SWXV8ZwcBMRRqxiv32fRcjPa6EA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf42854e09b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1373&min_rtt=563&rtt_var=830&sent=2544&recv=439&lost=37&retrans=38&sent_bytes=2523435&recv_bytes=70132&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6797&inflight_dur=1181&x=80"
GET res.tl7p8z.top/upload/game_image/126172386134392851_20250603044537.jpg
200 OK 49 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172386134392851_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 49 kB (48896 bytes)
MD5 7f5d7c87934dd4e5fba0a694ae0a7d2f
SHA1 dd6027f5454edcb39e4b3ead67fd3015571b74cc
SHA256 2a470cbe7f59c09a6558de8f59fe426bfdba5a334693e1501a3a681db9e69309
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172386134392851_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 48896
cf-ray: 94cf4287fa505699-OSL
accept-ranges: bytes
etag: "7f5d7c87934dd4e5fba0a694ae0a7d2f"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EJ%2BZ4zbbKJKqBAqIWtj0oRlFcZxUz9XCmRqIB8dgUJn%2FqQxrWvVThAVGJGUWJ1cv3wTd%2FpCcpj5ZH8MDpNvFUPPni9Lc4BePsseWIQPy%2BGZw0wlR6dQtx1R3e%2FWpzMl4vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2265&min_rtt=396&rtt_var=3032&sent=301&recv=242&lost=0&retrans=1&sent_bytes=291057&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4403&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/126172382309122065_20250603044537.jpg
200 OK 50 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172382309122065_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 50 kB (49696 bytes)
MD5 1b312d95b076a9dedb7cb4d071c7a1b6
SHA1 dcbea44af1ba52be819a78b854fd7973a8f9d4de
SHA256 ed4bab1ff344f6ee273065b6f13833d400b698d0ec4f45c9838ed871dab9f7a8
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172382309122065_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 49696
cf-ray: 94cf428b5e625699-OSL
accept-ranges: bytes
etag: "1b312d95b076a9dedb7cb4d071c7a1b6"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qekPMC4iCBr8uiRN9kh%2FQdSa1r4xaG5ypDAEKH80V9nudQDdm05G3y8qOFzi41qHU8G%2BVwO7F5oONEEORF3uVnaEwIUfEYA2X3BDTetMU5MbDUaVGjkv1csp75ywpbq9kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=976&min_rtt=396&rtt_var=355&sent=2402&recv=673&lost=0&retrans=3&sent_bytes=2971677&recv_bytes=9986&delivery_rate=44986407&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4939&x=0"
X-Firefox-Spdy: h2
POST api.salesmartly.com/chat/msg-user/create-user?plugin_sign=cd62fce0464538d06318b04d64dd952f&plugin_id=gt044g&over_time=&env=chat&_=1749457752905&_lt=&_u=6e586157d46e1f27d414ad744c139b5b
200 OK 157 B URL POST HTTPS
api.salesmartly.com/chat/msg-user/create-user?plugin_sign=cd62fce0464538d06318b04d64dd952f&plugin_id=gt044g&over_time=&env=chat&_=1749457752905&_lt=&_u=6e586157d46e1f27d414ad744c139b5b
IP / ASN
3.167.2.126
#0
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 157 B (157 bytes)
MD5 d25cdce457b62e417ddae33965ae0107
SHA1 04db1d3627348c1c524fca110ae76e85d00b5e6f
SHA256 2ec6e5b2731ffcfeecb8d4920e8958f0d8c9817fae06e5bb1c8cf151be355fe9
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
POST /chat/msg-user/create-user?plugin_sign=cd62fce0464538d06318b04d64dd952f&plugin_id=gt044g&over_time=&env=chat&_=1749457752905&_lt=&_u=6e586157d46e1f27d414ad744c139b5b HTTP/1.1
Host: api.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 319
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Cookie: ss_uid=6e586157d46e1f27d414ad744c139b5b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
server: Salesmartly
x-request-id: 11f1f589-8221-4fca-bdff-bd16323ed9b7
date: Mon, 09 Jun 2025 08:29:13 GMT
x-powered-by: PHP/7.2.34
access-control-allow-origin: https://tl7p8z.top
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type, Share-Access-Token, External-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-max-age: 86400
x-cache: Miss from cloudfront
via: 1.1 50c588fd3255d023d9b9021263f5fa0a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: fYNo7DCKxOGGMhm7_6GeOh27n4LsmxVuwSfWtI3JIEewGaSAbjAZDQ==
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/cycling_icon-BU7k0nuk.js
200 OK 2.3 kB URL GET HTTPS
tl7p8z.top/assets/cycling_icon-BU7k0nuk.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2312)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.3 kB (2313 bytes)
MD5 4e4b90117eeb91289a7154ae344bf5c1
SHA1 50db82fb67a603978287928390cb5efdefe263fe
SHA256 5d80f39d25420bbe0c1da0763a88f4ca474848e25c546c5908437539d080bd4b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/cycling_icon-BU7k0nuk.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpiWSzMiNGfrrlSGUz%2BqwYehBkgU0hqswYW16wQq7KAPF%2Fv1XeiVrZe70PbxatxXzmDmH3BZwWTXs2al%2F%2BgKSdxlau6CEZKlshU8dYRv6wVteMHF9LRciFOs8PGr"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-37b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ecc3fb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1157&recv=246&lost=0&retrans=0&sent_bytes=1159201&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3217&inflight_dur=283&x=80"
GET tl7p8z.top/assets/close-K6H9pnNU.js
200 OK 445 B URL GET HTTPS
tl7p8z.top/assets/close-K6H9pnNU.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (444)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 445 B (445 bytes)
MD5 c5960a40a0998285db50133918fff0e6
SHA1 152136caac446d7a37da19a54962c2f9052334ad
SHA256 4df9bba8371b8ea41d742d0199dbbcf94cf605630e59ec1b692365a021fbb7c5
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/close-K6H9pnNU.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiy3oSllss3zTp2WyTDu%2F2O9xKePC17FeaYcBA%2B7u%2Fwemgrrrcr0F4W1Q05FcgyPn5UbnhjVe47DxmLuHUcgxyes1Cxcu0N9UB0LRJxytzd%2FLtvoMCwCT9D3JAb%2B"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-186"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf4273fc91b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1651&min_rtt=608&rtt_var=520&sent=1340&recv=272&lost=0&retrans=0&sent_bytes=1320158&recv_bytes=34628&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3696&inflight_dur=414&x=80"
GET res.tl7p8z.top/upload/game_image/56469918136139792_20250603044537.jpg
200 OK 48 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469918136139792_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 48 kB (47452 bytes)
MD5 cb66751f4541dcdc21f9f85e37fc45fb
SHA1 40caf6ea78aa7088c057c1fe51a6f17deaccbc8c
SHA256 98efe79ec3fbe7e235140c531e3b86dd58b8cbfbbe45055caac75423e6325ec0
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469918136139792_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 47452
cf-ray: 94cf428b1e0a5699-OSL
accept-ranges: bytes
etag: "cb66751f4541dcdc21f9f85e37fc45fb"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VzzpdI%2F6H4oobP%2BVZ6JrIYwB6ouS5UjiuV%2BgTSSLiZbOCNwpLLQGAp3ToJLxYJ7hsutZlmxlEyyZU%2BhOSFSENbyS2Gzsy1SJI4WdOdwxO5cHfb3ljKi79touB%2FvwvRbrwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1095&min_rtt=396&rtt_var=813&sent=2440&recv=677&lost=0&retrans=3&sent_bytes=3022103&recv_bytes=9986&delivery_rate=44986407&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4943&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/56469873491968014_20250603044537.jpg
200 OK 51 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469873491968014_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 51 kB (50908 bytes)
MD5 e60c03dd6657dcd95ed2cc20fd98dd28
SHA1 5f3fa552ae53ca05d267954b82eaa52c669a06d4
SHA256 bf69d078fe3c4c13e73a3ddb090d307d0e93c598506a72a4fa690aa87bac9063
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469873491968014_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 50908
cf-ray: 94cf428b8eb15699-OSL
accept-ranges: bytes
etag: "e60c03dd6657dcd95ed2cc20fd98dd28"
last-modified: Tue, 03 Jun 2025 10:45:40 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qj5K4iULTel0XGWHer2uZd%2FXyjPOcI4tlDWbhFG20FCEIpjTWlIoUBmxeswJ62QjLA18WMbHxQnT%2BKxJVvjBWggMPtS6T1g3EgeZM6rDlh6AmaM3Xckd6dZtTCeU%2FVbymQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1181&min_rtt=396&rtt_var=889&sent=3165&recv=719&lost=0&retrans=3&sent_bytes=3952231&recv_bytes=9986&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5005&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/Order-BjKT1V3S.js
200 OK 5.6 kB URL GET HTTPS
tl7p8z.top/assets/Order-BjKT1V3S.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (5622)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 5.6 kB (5623 bytes)
MD5 6a1a0bcadc4d44a3c1d6a58f4a497539
SHA1 186c96ef31d9e5fe641b9b0625d2df230b296109
SHA256 82f50e672abc7b79645077f146156a789fc9fdf739ee58a388da9d3c9ae36ec9
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/Order-BjKT1V3S.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 3132
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hIhE1F5yLShq9nehT5bEb4MvCtHO8V%2FqpeTLgVQ3BREOwkecVYiNk7xDi4e4KAr9rVxvqQIRShtWkEMbXOfkJbtbUUXpaQQabx%2BrT4yEax%2B98ENmLwrrECBEjVc5"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-c3c"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f0c65b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1226&recv=248&lost=0&retrans=0&sent_bytes=1215739&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3259&inflight_dur=326&x=80"
GET tl7p8z.top/assets/provider-CpDCknBq.png
200 OK 6.4 kB URL GET HTTPS
tl7p8z.top/assets/provider-CpDCknBq.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 60 x 61, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 6.4 kB (6359 bytes)
MD5 949774084db9a5c5aa5c0492f677fa5d
SHA1 3cfd6da84d17125309b75a7239d045992a9e5dd5
SHA256 6e628f560e7e1e2555fc205a8d6559fa60c4f3deb074c57eed7b657c9edba6ff
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/provider-CpDCknBq.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 6359
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSn0fXe18omsHKolBYP9UbSqBLgZPd0k2C7EDjmXSIa8%2FpQ%2FyTFdyfxLfba8hU3iz4kWStyolZKSJEZtayysbpsR77V6bpFIWAkJ5Z%2BozP2vGjVIyBhq2AwJgbt%2B"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-18d7"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf42867e21b529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2019&min_rtt=608&rtt_var=864&sent=2522&recv=433&lost=37&retrans=38&sent_bytes=2505646&recv_bytes=69848&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6778&inflight_dur=1165&x=80"
GET plugin-code.salesmartly.com/chat/widget/code/js/import-lang-es.c5942154.js
200 OK 3.7 kB URL GET HTTPS
plugin-code.salesmartly.com/chat/widget/code/js/import-lang-es.c5942154.js
IP / ASN
54.240.174.71
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (3610), with no line terminators
First Seen 2025-05-12
Last Seen 2025-06-09
Times Seen 3
Size 3.7 kB (3662 bytes)
MD5 ba3057a31fe103cc025e5e12bc51b335
SHA1 f10cd866c4ccf062e194ef3716cffeb68d318879
SHA256 0fff5a647fb02aeb3be944d7ceda6b7d52d1b41e82beddf56a9a23297c808ad7
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /chat/widget/code/js/import-lang-es.c5942154.js HTTP/1.1
Host: plugin-code.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ss_uid=6e586157d46e1f27d414ad744c139b5b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Wed, 04 Jun 2025 02:49:39 GMT
x-oss-request-id: 683FB443669A4C30375698C0
last-modified: Wed, 04 Jun 2025 02:48:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8047631395782280708
x-oss-storage-class: Standard
cache-control: public, max-age=15552000
content-md5: ujBXox/hA8wCXl4SvFGzNQ==
x-oss-server-time: 15
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q2zcCTsHOGqHMQ70oCJ4Eas25DtA0fK8alLLHbtEcvQjkSmOFHqUbg==
age: 452373
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/fff-copy-Bpr1biuI.js
200 OK 469 B URL GET HTTPS
tl7p8z.top/assets/fff-copy-Bpr1biuI.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (468)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 469 B (469 bytes)
MD5 45d76394808f51d90cd0d60ebc8606ae
SHA1 80533c196fd587a6acbe9711dfa891fe544cf85a
SHA256 dbe46fc9285ce4f07a82d6ec1f62e2df353b146ca9729f08881b796e9095bee4
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/fff-copy-Bpr1biuI.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iW9GqbjFF9Mq6BpdsND%2Bjxr4HaJ%2F717aWQ7427VX5dUHwZNwrbDLA78%2Bby%2FENz%2FGOPLs2qoxXAQIorQKhGZN027McBwHbTBBpDTDT8Pa9YQstESt0PaVOgUOXqhT"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-197"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf4273fc92b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1651&min_rtt=608&rtt_var=520&sent=1348&recv=273&lost=0&retrans=0&sent_bytes=1325720&recv_bytes=34896&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3698&inflight_dur=420&x=80"
GET plugin-code.salesmartly.com/chat/widget/code/css/plugin.4aebfdea.css
200 OK 74 kB URL GET HTTPS
plugin-code.salesmartly.com/chat/widget/code/css/plugin.4aebfdea.css
IP / ASN
54.240.174.71
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-05-14
Last Seen 2025-06-15
Times Seen 65
Size 74 kB (73675 bytes)
MD5 b3e32d43877208e1ffe5c01a90675faf
SHA1 c267decc010327e6192e5b3cf1562b22c1587a83
SHA256 acd3547abed6c333b51c036d70310b688076717515db47b3186b6f0fdfcac260
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /chat/widget/code/css/plugin.4aebfdea.css HTTP/1.1
Host: plugin-code.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: AliyunOSS
date: Wed, 04 Jun 2025 02:49:25 GMT
x-oss-request-id: 683FB435E9CC4C383721CB58
last-modified: Wed, 04 Jun 2025 02:48:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1359935324114526354
x-oss-storage-class: Standard
cache-control: public, max-age=15552000
content-md5: s+MtQ4dyCOH/5cAakGdfrw==
x-oss-server-time: 1
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O7A9WFDpmOYJHOHkt6c4eT5u7L2dQxSYtQJweUHWIpt2NiD_TQ2DEg==
age: 452386
X-Firefox-Spdy: h2
GET api.tl7p8z.top/games/search?game_categories_slug=new_MX&page=1&limit=54
200 OK 2.3 kB URL GET HTTPS
api.tl7p8z.top/games/search?game_categories_slug=new_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.3 kB (2291 bytes)
MD5 7417d8a25df3ce55e95f5254cc7a4d3f
SHA1 8004724893c7d8fe140acdfdb0bb19bd9d05e4d4
SHA256 4a29a136157dda8b812c8073c90a9940f8b784334011650a179ea3dd848d58b5
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/search?game_categories_slug=new_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F2YdeBBGJ8DWtuihzWgFUj8ixGDvJ%2FcbZ3EPCco6j5XvgAfxdzXnK2ubPR2D4flSM%2FO6wDOJbposI2dKxDLqPb0kDVk%2FOBUgC%2F2PaMteptkVakqIsHeE72Lz3YRsMfO4Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf4287ae36b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1240&min_rtt=563&rtt_var=682&sent=2598&recv=459&lost=37&retrans=38&sent_bytes=2553302&recv_bytes=73745&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=7071&inflight_dur=1280&x=80"
GET res.tl7p8z.top/upload/game_image/127342192267100173_20250603044537.jpg
200 OK 49 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342192267100173_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 49 kB (49445 bytes)
MD5 b0e6af0fa97dac911502e58e259ef267
SHA1 2f7ca639ac249834048054295e71d28c55c16744
SHA256 1484b641cc744f86386212ff1f18dba1b12a54eba4270bb65bdd664141521fee
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342192267100173_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 49445
cf-ray: 94cf42880a5e5699-OSL
accept-ranges: bytes
etag: "b0e6af0fa97dac911502e58e259ef267"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ef0K8IxCv2LIG%2FBqaDnqPXBH9YQ33jg2vnO7FxFPsHe6FFbwojnSqKTFFjNEVI29zbqtvpBeeEv3t26%2FOE%2BKKZN5wH9DxSQH855ym7cvOy56L%2F%2FUL2IMQRr8fQxJzhQ9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2265&min_rtt=396&rtt_var=3032&sent=302&recv=242&lost=0&retrans=1&sent_bytes=291619&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4405&x=0"
X-Firefox-Spdy: h2
GET api.tl7p8z.top/games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54
200 OK 6.4 kB URL GET HTTPS
api.tl7p8z.top/games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 6.4 kB (6395 bytes)
MD5 7e98a8a2d3633eae430a59d028115ae5
SHA1 d1bfd7c2126392a874fc7a676e22bb0863b0a625
SHA256 845b8b283e4c5e75dd554e48ab4858f04f74c448416fea4dd3efa697550ef51c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/search?game_categories_slug=gamingpanda_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UhYNs0ZmhLclJQ2DeVtb2BfKhJvmKBtUxWhoSJAYX2vduYGdPDOf7Jdx3TNYiBnKVmWnTQj3800YnxKgUU7scn7ad6oM%2BOapv5lpaS7%2BUet9g9vosI58nsrew6xt8d9GdA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf4289fe5ab529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1289&min_rtt=563&rtt_var=346&sent=2612&recv=468&lost=37&retrans=38&sent_bytes=2558238&recv_bytes=74823&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=7332&inflight_dur=1310&x=80"
GET res.tl7p8z.top/upload/game_image/127342191629565964_20250603044537.jpg
200 OK 52 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342191629565964_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 52 kB (52049 bytes)
MD5 71fc82a5f73c6a924118b6a13d26c5ae
SHA1 f216916d0aee6349737c1d0275353fb7790d095e
SHA256 ebcb69790a0302e313d54d5c211fe9b07d60df67f7b1bf947ae6fdd947088b78
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342191629565964_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 52049
cf-ray: 94cf428b9eb95699-OSL
accept-ranges: bytes
etag: "71fc82a5f73c6a924118b6a13d26c5ae"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PcLnRDQSF4cd4B5QoiJhfx2t4fQrEIj3OKyiXh%2B4xesVkz9lUi6TaBf%2BSmqLOdqmlHQGYQ7eyOwD9%2FlBCS7HT0PygL6y4II%2BsnnnOSgOSorsdnx1GF0IEwZ%2B1pI%2BlMeMxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=973&min_rtt=396&rtt_var=524&sent=3441&recv=739&lost=0&retrans=3&sent_bytes=4314839&recv_bytes=9986&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5024&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/vendor-Dm2P-0o0.js
200 OK 2.3 MB URL GET HTTPS
tl7p8z.top/assets/vendor-Dm2P-0o0.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.3 MB (2322640 bytes)
MD5 8bee3a39a77c1b8d14472200bb3e17bf
SHA1 0e1140e107f87f43fda192ec24766bcee8b71e88
SHA256 3fed76c8e9a754681f348ea04b38018147bf9a1f7018f121dfcced6fb11fb92c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/vendor-Dm2P-0o0.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 528178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAnLuUyrCQjUqaqdzEdUbpS7eoB%2Bc1Ae%2FMOOY2QfJmFvtWAh3euQn4IWFhfv8KhA0FvBrgDXF9uNV1wx4K4k9MLdpMO5YgUx3k%2BeCKnGNxZI8F6rx9pTAxzaRI50"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-80f32"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 1
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf426d3c1fb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4648&min_rtt=1206&rtt_var=4633&sent=557&recv=155&lost=0&retrans=0&sent_bytes=550764&recv_bytes=9014&delivery_rate=38714303&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=169200&unsent_bytes=0&cid=40c9c63fa90b9432&ts=2615&inflight_dur=125&x=80"
GET tl7p8z.top/assets/index-COFXxL7M.css
200 OK 2.5 kB URL GET HTTPS
tl7p8z.top/assets/index-COFXxL7M.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2469)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.5 kB (2470 bytes)
MD5 3e0ccb752996f19c1fc6bb387b3a4679
SHA1 2da40fa3b56d519f75e8f3d92c6b34171d035b8d
SHA256 f5d154f514c2ae1870645e5987693b2f8f62f3407cc8ed59efd5fc74c326d1e9
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-COFXxL7M.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: text/css
content-length: 887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WDPnAuLDeMiRWPjiGhDVb6YL9p6M6DXzMp5KbHeOzGdzaOBwM%2F4CHChkdq2pBcrMclFLnpkvIC7QNT4ce2DxAvwvj9OE6A%2B2Clrb9GR8BUbZGRub1k0qB03dJgwV"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-377"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf427c6d5ab529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1462&min_rtt=608&rtt_var=456&sent=1856&recv=333&lost=0&retrans=1&sent_bytes=1837588&recv_bytes=51515&delivery_rate=30262738&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5160&inflight_dur=626&x=80"
GET tl7p8z.top/assets/icon_public_144-DJs6-ohT.svg
200 OK 7.2 kB URL GET HTTPS
tl7p8z.top/assets/icon_public_144-DJs6-ohT.svg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 7.2 kB (7236 bytes)
MD5 27d65f1e4acb13d69b3645744ae07e94
SHA1 55126ec50c33bc69f986bdef9924197659958813
SHA256 b0e7b09868dd8cb6dd782335ad790289b910ae94de6c8ec5466a0d8ee783cf82
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/icon_public_144-DJs6-ohT.svg HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: image/svg+xml
content-length: 3257
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BTIGfqoXn92pWvQXGHQCwU4FiEiZ3qhwdgI6s1vE3w8nqud2KlbE%2FangruQ1BFM2wyTe3%2FN%2B0uQcE34qpqo%2FL2b%2FiWR4R%2F4a70buMPEECPgeKxvdSAytNsLmUW0L"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-cb9"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf4283cdb1b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2330&min_rtt=608&rtt_var=1276&sent=2159&recv=391&lost=37&retrans=38&sent_bytes=2127097&recv_bytes=62269&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6377&inflight_dur=935&x=80"
GET res.tl7p8z.top/upload/game_image/126172382258790418_20250603044537.jpg
200 OK 53 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172382258790418_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 53 kB (53129 bytes)
MD5 8604bb72eaef03951412f6022f55db28
SHA1 50c720447fc11687c200657c601e77e228c84a7e
SHA256 288e04bc4482d007d8aadc41f19bb81914e2dede746b17372ec726b43b9339dd
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172382258790418_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 53129
cf-ray: 94cf42884ab05699-OSL
accept-ranges: bytes
etag: "8604bb72eaef03951412f6022f55db28"
last-modified: Tue, 03 Jun 2025 10:45:40 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jfbpxmFsCToITaFPSRThmt2uIlFWOf7GPWUtDd3ZD3oz5sXCE3M1yDaYosYrxnGT1UOCWMBjvst4rG2gdNTvBM1rDoo%2FdarNCADnzgriOPdZh2jCtSCyIMayWfZx%2BDLgQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=896&min_rtt=396&rtt_var=454&sent=945&recv=413&lost=0&retrans=1&sent_bytes=1111015&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4462&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/127342190690041874_20250603044537.jpg
200 OK 54 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342190690041874_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 54 kB (54384 bytes)
MD5 f3ad9db79dc132e2a60d301b76c26d51
SHA1 d9481fed9a1fa87731f5c4c315d63991b09ad832
SHA256 ea1a466837debd2ee11606c9f53573f306602760e568a65495aab95337009edd
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342190690041874_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 54384
cf-ray: 94cf428b7e7e5699-OSL
accept-ranges: bytes
etag: "f3ad9db79dc132e2a60d301b76c26d51"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovpg49WbEZ3cj6jkrFspbNhVeFJPzUglbERAuYfuUI9S8KIsQ8qsmTSnoeG%2FAzcSPkS%2Fsn4ULtgPv%2B3rrEXz2wFW0td%2B5DzrD2ooVK6wNoUsBoPoDOGXvXkypWWcPodI8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1232&min_rtt=396&rtt_var=1051&sent=3164&recv=718&lost=0&retrans=3&sent_bytes=3951704&recv_bytes=9986&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5005&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/76622870804955159_20250603044537.jpg
200 OK 52 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/76622870804955159_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 52 kB (52216 bytes)
MD5 65b6b5028bdb6f93806455b12139c231
SHA1 138d98c8ba200c0c3663b8b85c0c10f6cff4156d
SHA256 f283eeaecb61a226ebd3a6e0f30fa9b9aaf91171e55bc69c26803bed64431746
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/76622870804955159_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 52216
cf-ray: 94cf428b7e925699-OSL
accept-ranges: bytes
etag: "65b6b5028bdb6f93806455b12139c231"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mhR9vd1ji2DwlG%2FG8kL8H0ODpt04HPikIqYT%2FpoPnLRryZM2yYVGN4vKznGPKL9RdB%2BkkwhoQ1oc4tDTx%2F3lHLgegGYcahG2svKO0LqcWVgcb6NFMtxnCJRBDBmxLLO6sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1163&min_rtt=396&rtt_var=827&sent=3534&recv=744&lost=0&retrans=3&sent_bytes=4435328&recv_bytes=9986&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5036&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/favicon.ico
200 OK 4.6 kB URL GET HTTPS
tl7p8z.top/favicon.ico
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 4.6 kB (4551 bytes)
MD5 122062b86cb472c66d9ff58faaffc116
SHA1 e3f83ac4c7e5374b52cd2e47f1eda80a0fe6e849
SHA256 356a9eca4eb83452ef869270e49b420b9befdb8071276e96d4225f483c5a4e00
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: image/vnd.microsoft.icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ro6koiE3HdfzKjbFdFuDjxpzapAUzCuj6ioBJtPtAXWOGQfLJ5E5nAQQDLqlIdDwaOceGMTQ%2BC%2FzEPswJ7tp%2FjbiEMI4%2BnHz2H0Ei3yy9JerfPVdpHLC2zCxmiid"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:11:51 GMT
etag: W/"683ee687-11c7"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 94cf4277dcf1b529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1381&min_rtt=608&rtt_var=514&sent=1612&recv=321&lost=0&retrans=1&sent_bytes=1559135&recv_bytes=48698&delivery_rate=30262738&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=4668&inflight_dur=597&x=80"
GET start7.sptpub.com/bt-renderer.min.js
200 OK 24 kB URL GET HTTPS
start7.sptpub.com/bt-renderer.min.js
IP / ASN
3.167.2.115
#0
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (23539)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 24 kB (23592 bytes)
MD5 e3e9b08490e44cff7beece782236e5bc
SHA1 986927069388a74b83db6b42a76c5cca917e9749
SHA256 728375ae906851b865fdc578d6c625bcad66d800c0c9a9feadd6d3547f378416
Certificate Info
Issuer Amazon
Subject sptpub.com
Fingerprint F6:31:D8:A8:C8:28:E2:D7:05:B7:A8:33:ED:2D:2F:40:C2:91:AC:C7
Validity Wed, 12 Mar 2025 00:00:00 GMT - Fri, 10 Apr 2026 23:59:59 GMT
GET /bt-renderer.min.js HTTP/1.1
Host: start7.sptpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jun 2025 15:44:32 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
server: AmazonS3
date: Mon, 09 Jun 2025 08:29:11 GMT
cache-control: max-age=0,s-maxage=600,proxy-revalidate
etag: W/"e3e9b08490e44cff7beece782236e5bc"
x-cache: Hit from cloudfront
via: 1.1 dfa43a17d6715f83d8bb6aa560e80366.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: SQiawKsmUe6aXCqkfuaE2RlQk8KkWYBuDhvZESSRKvDhIXOlzX0bmg==
age: 536
timing-allow-origin: *
vary: accept-encoding, Origin
X-Firefox-Spdy: h2
OPTIONS api.tl7p8z.top/banner/list?download_plan=0
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/banner/list?download_plan=0
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /banner/list?download_plan=0 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E1QWaktAHlkj3SOMwKmT61I4CYADePk%2FggDXp8WppPRUvHV6FrmfoyvkFc7AK58OlYxSMIg%2B5R2Xne3%2B8rjMKuLcxlNr9r%2Bq6ZLCTwxYylHclKjKONd%2BZbYCzt2kY%2BGlag%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf42843dc1b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1895&min_rtt=608&rtt_var=1314&sent=2179&recv=401&lost=37&retrans=38&sent_bytes=2137714&recv_bytes=63817&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6436&inflight_dur=981&x=80"
GET res.tl7p8z.top/upload/game_image/127342190639710220_20250603044537.jpg
200 OK 51 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342190639710220_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 51 kB (51337 bytes)
MD5 bbc6dd892cdaa6399944148d382a3954
SHA1 02c0d751a791e7521b890f24cc1058e1fa3650b4
SHA256 3a518aefe1cff12aba8d8a788f303a26db55aaa8fee380e74b94b812f4f8d822
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342190639710220_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 51337
cf-ray: 94cf428b4e4a5699-OSL
accept-ranges: bytes
etag: "bbc6dd892cdaa6399944148d382a3954"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aM7Q%2FF0NBzXBDbEujH%2B91AgdUvy7MqmYOh%2F3NPnqtp9HQ5ENvOerBjh5fmL6CIIQ9B2rOxXws72JRbukRV4oI1oADYRA9HfkOOdn3Ra4nITliCelwjcz14RMRT4jHxFq3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1307&min_rtt=396&rtt_var=1227&sent=2675&recv=694&lost=0&retrans=3&sent_bytes=3326765&recv_bytes=9986&delivery_rate=48992481&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4965&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/icon_public_145-CPlV_eO6.js
200 OK 1.5 kB URL GET HTTPS
tl7p8z.top/assets/icon_public_145-CPlV_eO6.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1506)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.5 kB (1507 bytes)
MD5 78ff22331b830c9a09adff90c561e21f
SHA1 9fc64160bfd8ccc3171ba517c296ef6778bdab31
SHA256 195aaf72b4d3fbe5ed2a6822ac5b6e84555917e9ac2d5600d49242216d218783
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/icon_public_145-CPlV_eO6.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKLEmVOFrKa02v4jh9GX8id1cJYsAfIPEfRoAGQQ8XUU0yWyd2FT9244tfQjUStBVhaN2RWQ7gC2QHQsw0A5cCCcfgHj6DkFYTQukL0TVN00qZGEfs4dyGBnBecb"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2ba"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cbdb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1463&recv=304&lost=0&retrans=0&sent_bytes=1404238&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3756&inflight_dur=478&x=80"
OPTIONS api.tl7p8z.top/games/search?game_categories_slug=fish_MX&page=1&limit=54
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/search?game_categories_slug=fish_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/search?game_categories_slug=fish_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqQlbvFYaNhevLNEl%2FJvGx0x%2F40Bpk9Z1fAq4Y00KTDRq%2FgKlm3HOFsshf69bgSg%2F0bxRaKiNKikJJWLW4bwqcuOdmZ5XxzG2hCRGNoUX5Qn1OqhE%2F13CfIm2A4raFj6qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf4286ce28b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1098&min_rtt=563&rtt_var=557&sent=2573&recv=446&lost=37&retrans=38&sent_bytes=2543437&recv_bytes=70916&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6829&inflight_dur=1212&x=80"
POST srz.salesmartly.com/client/log/log?plugin_sign=b915751e8afce78eaba4b9d6b4b3f114&plugin_id=gt044g&over_time=&env=chat&_=1749457751888&_lt=&_u=
200 OK 47 B URL POST HTTPS
srz.salesmartly.com/client/log/log?plugin_sign=b915751e8afce78eaba4b9d6b4b3f114&plugin_id=gt044g&over_time=&env=chat&_=1749457751888&_lt=&_u=
IP / ASN
54.240.174.22
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2023-08-03
Last Seen 2025-08-10
Times Seen 268
Size 47 B (47 bytes)
MD5 77e652f404f47086bb49598b43b92d9a
SHA1 9b4981aa40e98879d7f2efda3261e0f0c76a0d78
SHA256 052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
POST /client/log/log?plugin_sign=b915751e8afce78eaba4b9d6b4b3f114&plugin_id=gt044g&over_time=&env=chat&_=1749457751888&_lt=&_u= HTTP/1.1
Host: srz.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 472
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 09 Jun 2025 08:29:12 GMT
access-control-allow-credentials: true
access-control-max-age: 86400
x-powered-by: PHP/7.2.34
access-control-allow-origin: https://tl7p8z.top
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wRVqP5iwzvwyo95aPo5BHdJEUd1f3QlEfIY_w-juOdBrPlbVe8jvJA==
X-Firefox-Spdy: h2
GET plugin-code.salesmartly.com/chat/widget/code/js/chunk-common.f9eee743.js
200 OK 29 kB URL GET HTTPS
plugin-code.salesmartly.com/chat/widget/code/js/chunk-common.f9eee743.js
IP / ASN
54.240.174.71
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (29310), with no line terminators
First Seen 2025-06-07
Last Seen 2025-06-09
Times Seen 8
Size 29 kB (29322 bytes)
MD5 cd2e37fb8093270882c31fee95794b51
SHA1 5cfe3154bbefdf22974311866cb6189e149f7182
SHA256 ef8af5ad3ad44da52f8506573adc4a8921efac1b43f03528078e486f2c981999
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /chat/widget/code/js/chunk-common.f9eee743.js HTTP/1.1
Host: plugin-code.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Wed, 04 Jun 2025 02:49:23 GMT
x-oss-request-id: 683FB433B6769332320BC866
last-modified: Wed, 04 Jun 2025 02:48:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16932964402008205735
x-oss-storage-class: Standard
cache-control: public, max-age=15552000
content-md5: zS43+4CTJwiCwx/ulXlLUQ==
x-oss-server-time: 3
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jPtfDDsEfU4xCqirqfFw1etOLBsRZpL0aeN5AicLweoS4HdEmh0XTw==
age: 452387
X-Firefox-Spdy: h2
OPTIONS api.tl7p8z.top/games/categories?type=casino
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/games/categories?type=casino
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /games/categories?type=casino HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuAnhP2FrkoIhnkIRj%2BcU06FhctNGLvHgGnNwcnVK2fSmE67ASik2t7aZSa2TQiUdhloME9bBikLDaXyvWDeyQOik9T73R53ZlW16698kY4FVRnBb0pIVQzFCjRkdpIVNw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf42843dbfb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2708&min_rtt=608&rtt_var=2127&sent=2165&recv=393&lost=37&retrans=38&sent_bytes=2132077&recv_bytes=62361&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6416&inflight_dur=964&x=80"
GET api.tl7p8z.top/vipdesc
200 OK 8.3 kB URL GET HTTPS
api.tl7p8z.top/vipdesc
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-05-23
Last Seen 2025-06-09
Times Seen 2
Size 8.3 kB (8313 bytes)
MD5 1ce8ffd01fb831251bd635c3b9ca6f8a
SHA1 bab7d17e029fb069ac5c2273899fa0107eb0cfd9
SHA256 861714c28686ddb7adc03b1c2b0438226613f568ea0ea4d4995eaedbada5a54c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /vipdesc HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8OPXkAD%2FU9vQJfnZ0hIiqx8M1051%2BLshQhZvBw%2BmqN1okQusTi4Hdx3jRgvn%2FkCvFNpbNKruiYXpMlqRc7yPGInfirE5Q5s4l256HSa8snwf9mWs4f5pKgwuZXDeU5Fjsg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf42853e08b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1373&min_rtt=563&rtt_var=830&sent=2547&recv=439&lost=37&retrans=38&sent_bytes=2526109&recv_bytes=70132&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6798&inflight_dur=1181&x=80"
GET api.tl7p8z.top/games/search?game_categories_slug=fish_MX&page=1&limit=54
200 OK 2.2 kB URL GET HTTPS
api.tl7p8z.top/games/search?game_categories_slug=fish_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.2 kB (2222 bytes)
MD5 fdf6bef94d6776a2af7aee814bde0cf9
SHA1 4e007a0095855b5a0e996b928464bb85a73ff601
SHA256 baf9a7040db6f0bd786bc2d005fab8102836a17cc4af8248bf0e462296ee8e95
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/search?game_categories_slug=fish_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QlugHruaUe15tO%2FCFuqL1kcbzsp64KqPVsmNw5hW7LbFWAcl3NJfNI6M0s91C1IMr9%2B6bP708k70agkO6whvXCFst3byLI4rSnOSGbkr92CtWQn6NJJcBL9GVY5IhkZ3xA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf4287be38b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1240&min_rtt=563&rtt_var=682&sent=2596&recv=459&lost=37&retrans=38&sent_bytes=2551916&recv_bytes=73745&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=7069&inflight_dur=1279&x=80"
GET res.tl7p8z.top/upload/game_image/68938896733372433_20250603044537.jpg
200 OK 54 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/68938896733372433_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 54 kB (54361 bytes)
MD5 f85e74cb31967b672b0f678f5625e9e9
SHA1 58c62a715dbc4f795ab83fc8ce1392a0e52a62c7
SHA256 ca8b4aa61f943fd182e4d08e7b41110018e102b19b2478e9059709d615a846b9
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/68938896733372433_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 54361
cf-ray: 94cf428b8eaa5699-OSL
accept-ranges: bytes
etag: "f85e74cb31967b672b0f678f5625e9e9"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2FW%2B3mtbrnhuQLTRJayTHNeklrXcSbMH6ePQA2b6tXatCucdbWpusOoEJZi4iIEBvUCgciZ9VsHZhQceBorGQkd0vC7h0sqbw18Vo%2BJb%2FxU3HH2oHIiJZA3mJ6QxaXueeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=641&min_rtt=396&rtt_var=110&sent=3758&recv=783&lost=0&retrans=3&sent_bytes=4718672&recv_bytes=10021&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5283&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/index-U6SimiM5.js
200 OK 1.4 kB URL GET HTTPS
tl7p8z.top/assets/index-U6SimiM5.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (1399)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.4 kB (1400 bytes)
MD5 f2cfb0be4220367ad3f4d4f199bee537
SHA1 f86a2aa3c184971e96870f622fa5dccc14478a21
SHA256 39e75387ac3f787c7a7d84bb34e177e9f2e24f17c209c33d5bafefac23fb74a9
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-U6SimiM5.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UcuQ4e0MKvJwUXPI8rnTt73G06weoGMk%2B9vY%2Fun6BulMNj9NlBUttMvYleFDQadbslNY0Mxb1SY5KPDN0LeqD%2B5YJSXw5JoOZ4fgdwZ526BSVNZwOaoMzVwZsgOh"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2f4"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf4273fc93b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1651&min_rtt=608&rtt_var=520&sent=1343&recv=272&lost=0&retrans=0&sent_bytes=1322829&recv_bytes=34628&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3697&inflight_dur=419&x=80"
GET tl7p8z.top/assets/nascar_icon-Dtze6ad-.js
200 OK 3.8 kB URL GET HTTPS
tl7p8z.top/assets/nascar_icon-Dtze6ad-.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3775)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.8 kB (3776 bytes)
MD5 284c9ee0b9369c215e2447ebb241c82f
SHA1 cead24ef35dd62725ffddbf27181123590a25a12
SHA256 16599eea96c87269f63b2b382a4cfbdc2e55bf669ec94630ba8c98925c4eadd4
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/nascar_icon-Dtze6ad-.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1624
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PHQgHwEfFRjg94aIC3gr84CueYdrvXJ2gLHtlnr3HUy%2F5vhhBIwJ%2Bx4NrZK2Mx9XMYNjxn%2BWaEmPC5oWc4n2xOm5UpOoDaSaXTZFDtoJug5L73Xp1enWkybPSVXW"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-658"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426edc43b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1827&min_rtt=608&rtt_var=923&sent=1190&recv=247&lost=0&retrans=0&sent_bytes=1185797&recv_bytes=30059&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3239&inflight_dur=306&x=80"
GET tl7p8z.top/assets/moto2_icon-Cup9Ha2W.js
200 OK 3.6 kB URL GET HTTPS
tl7p8z.top/assets/moto2_icon-Cup9Ha2W.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3566)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.6 kB (3567 bytes)
MD5 da17ad80c86ed75b02248c435dfd25d9
SHA1 24a9147f08f06500580a1befd15cae7a6fcf5ba0
SHA256 55e621058d2f913864d514bdf091837aa78200bc431e2f82399b1b668b9bc540
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/moto2_icon-Cup9Ha2W.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHcfLtDKAWHuK%2FaNwbRs%2Bt0LPN7s%2B3B5tGxk6MDriwiStq5KLTflqUTohQxtN%2Fxr2BmyfT9IFChnCursRYMDANdOB7%2F6wctoMnfBO0waKspB2xwQWq1AzkxF4grp"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-568"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ecc40b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1153&recv=246&lost=0&retrans=0&sent_bytes=1155367&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3212&inflight_dur=279&x=80"
GET tl7p8z.top/assets/gameItem-Bqb-UI1x.js
200 OK 2.9 kB URL GET HTTPS
tl7p8z.top/assets/gameItem-Bqb-UI1x.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (2891)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.9 kB (2892 bytes)
MD5 f082ab1b01126022f654039616aa4221
SHA1 aa971fc1a9432a7b1642410660da46d3806a599a
SHA256 e19e47c02b85c2c3eafc9b959d1a8dbcb7e833f76703ca29ce01431f24744272
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/gameItem-Bqb-UI1x.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1339
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJl9mLbYrIYqm62RSCP%2BporkliG2OfgqVWjqas1k3bMJ%2BgnEQpcSFbdAzvc3wKCtxPGu3z684mBVThUz9zVGnQTf2RAPTUdT7M5iZ3fN3kB0%2BTNfSbjy1eRudljx"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-53b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42740c99b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1499&min_rtt=608&rtt_var=544&sent=1358&recv=275&lost=0&retrans=0&sent_bytes=1333041&recv_bytes=34988&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3704&inflight_dur=426&x=80"
GET tl7p8z.top/assets/icon_public_138-BvQBR85F.js
200 OK 3.4 kB URL GET HTTPS
tl7p8z.top/assets/icon_public_138-BvQBR85F.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3428)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.4 kB (3429 bytes)
MD5 a0037839c7e5c5b39523109e9b1ebc96
SHA1 28acb3f7a37b7cc5c0f3be74aa5e7529943e88de
SHA256 538613e7caed4a3aef0dad91175731c9744bf166dba47b23a30e06a2c382e131
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/icon_public_138-BvQBR85F.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UGiYHiS8lzH6T58gZ1yZhcngCcePSUjTVS2QFDXl1enZrnr7NpNjZ%2BFeWZVpVeAJdcOcMqKgRWRc%2FffLDu7L5icwOuBj1i6lhkyLGFKrJ1Zc7Ono6P14ELVhf%2BlR"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-5ea"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cb9b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1284&min_rtt=608&rtt_var=429&sent=1486&recv=305&lost=0&retrans=0&sent_bytes=1422097&recv_bytes=47730&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3762&inflight_dur=483&x=80"
GET res.tl7p8z.top/i18nlocale/es.json?1749457750186
200 OK 338 kB URL GET HTTPS
res.tl7p8z.top/i18nlocale/es.json?1749457750186
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 338 kB (338169 bytes)
MD5 bd2d18a6f99a385fa52b4fa946a33e81
SHA1 a59a48b3584ebf2df80359da31fb3d037d9d30a7
SHA256 05853d62c4b3710c98ad41bfae10cda4d5a3e75f1a795ee1e57d55ea37da4e1f
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /i18nlocale/es.json?1749457750186 HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: text/plain; charset=utf-8
content-encoding: br
access-control-allow-origin: *
etag: W/"3031c45fef5d1b16806457ceb3989f77"
last-modified: Fri, 06 Jun 2025 15:29:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDQGrk2%2BeeaRI%2BzyyBuFZrvUgYddyEQv1lcJpPiO7wno4HEYJq%2FLRiuAfUmkLX9PGgGrgvrJ6CtFgBCk3yAQEhAuWcB3k9m0NZCKG4PipEW9w7SxVI9MQJ5UYKVan97oWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94cf427abaf85699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=634&min_rtt=400&rtt_var=88&sent=96&recv=79&lost=0&retrans=1&sent_bytes=98789&recv_bytes=1936&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=2295&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/logo-loading.png
200 OK 55 kB URL GET HTTPS
tl7p8z.top/logo-loading.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 919 x 234, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 55 kB (55252 bytes)
MD5 18e7f30f9d467cdb7f3ec602c5da5528
SHA1 98305ff1986f5f77747289dd8985111ea73d4584
SHA256 c39b97dfaa14e995d9313d42ffa5babcd1bc5f2ad0cb4aefb0add3bc69007f02
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /logo-loading.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:06 GMT
content-type: image/png
content-length: 55252
server: cloudflare
last-modified: Tue, 03 Jun 2025 12:11:51 GMT
etag: "683ee687-d7d4"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VjSunaxH0AL8Y8dg0u3bnJBHxerrskUV%2BrywsxYV8lBcjMeo5CSyVKwwBD35VJ5AKHGJfW94y%2BcD5LUT47AmGb1c9TJ7hgGo"}]}
cf-ray: 94cf425e5e3e0afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/icon_public_142-CJUxWKfi.js
200 OK 3.1 kB URL GET HTTPS
tl7p8z.top/assets/icon_public_142-CJUxWKfi.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3079)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.1 kB (3080 bytes)
MD5 270e0f72e28a3c0144f243dbbb4ef7f5
SHA1 b08258d67a579329d37cc6304fcc0e0ca408669a
SHA256 8201b3ebaec46efdaf0f23a9610beea90b3395f9a9c62b6181e24102fecb3b90
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/icon_public_142-CJUxWKfi.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1310
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0%2BBeZlBrzsaioCyY7DNl19TsIjQRC3OF2scp70xpiVhKHk24paDh%2FjzTHGEAKHTd29iWWE1hJs8kazJeJVw7uUdpU7wtcsynRUbYKWw7RxjGQhrWFOwIpAoATPg"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-51e"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426eec52b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1827&min_rtt=608&rtt_var=923&sent=1179&recv=247&lost=0&retrans=0&sent_bytes=1177661&recv_bytes=30059&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3235&inflight_dur=302&x=80"
GET tl7p8z.top/assets/feature-CPgyEJlR.js
200 OK 97 B URL GET HTTPS
tl7p8z.top/assets/feature-CPgyEJlR.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 97 B (97 bytes)
MD5 47e235bd214564b9639fa49fb0be789b
SHA1 5b95bd51534e48334433ad4f87503e3a405138c2
SHA256 e2ac77f9b441805ae0a5b9fcaf5e0c630a987012693b86bb45cab7f0511316e3
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/feature-CPgyEJlR.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HmwKn3u8XKuLaW9XVlJNPxQ49m9CKupTl35vxD5bXviHJJu8P%2Fi3f0HNCDa7IBMDJAJsc8GUzZUTEJLaq69nJlhNLxTg5yaV5%2FHK1BkgGi5Dc7d6V05nQu315TfB"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-61"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 94cf426f0c67b529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1215&recv=248&lost=0&retrans=0&sent_bytes=1205056&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3253&inflight_dur=320&x=80"
GET tl7p8z.top/assets/index-CzQ4ZtV-.js
200 OK 2.5 kB URL GET HTTPS
tl7p8z.top/assets/index-CzQ4ZtV-.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (2527)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.5 kB (2528 bytes)
MD5 274183af8a610726d2a95ed718b3b636
SHA1 f32e1d279652bf39dde162822d1b4cd232b3ef9d
SHA256 e56d03a1797f472881e1df28729df397679ef9b81ac952d8f373499182ae93c7
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-CzQ4ZtV-.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: application/javascript
content-length: 1116
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aTTINfRVF9DX87fN58NXYuCFaxWCQaaHd0ebZSVFBMXv0Iruf9xyV2i71uxN%2FcS4w7CEOK%2F9WlMsQb2XPk4LdrHs3HawXfb%2BU61xaRoen4nHZGD1XcNUpSeeIhGC"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-45c"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf427d1d6bb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1819&min_rtt=608&rtt_var=777&sent=1937&recv=341&lost=37&retrans=38&sent_bytes=1923461&recv_bytes=52784&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5272&inflight_dur=688&x=80"
POST srz.salesmartly.com/client/station/log?plugin_sign=c3b8d430be3cb7fb040070de0bf81f78&plugin_id=gt044g&over_time=&env=chat&_=1749457751984&_lt=&_u=
200 OK 87 B URL POST HTTPS
srz.salesmartly.com/client/station/log?plugin_sign=c3b8d430be3cb7fb040070de0bf81f78&plugin_id=gt044g&over_time=&env=chat&_=1749457751984&_lt=&_u=
IP / ASN
54.240.174.22
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 87 B (87 bytes)
MD5 f5ca70ea39c74af2429d127be9dc6868
SHA1 6828e798fa895e71b2875026b68841f859b146ca
SHA256 bf6c92c26310f705bcd60a02d3f127b1d27e0386f29802ceff61ad2ba24db293
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
POST /client/station/log?plugin_sign=c3b8d430be3cb7fb040070de0bf81f78&plugin_id=gt044g&over_time=&env=chat&_=1749457751984&_lt=&_u= HTTP/1.1
Host: srz.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 335
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 09 Jun 2025 08:29:12 GMT
access-control-allow-credentials: true
access-control-max-age: 86400
x-powered-by: PHP/7.2.34
set-cookie: ss_uid=6e586157d46e1f27d414ad744c139b5b; expires=Tue, 09-Jun-2026 08:29:12 GMT; Max-Age=31535999; path=/; domain=salesmartly.com; HttpOnly; SameSite=None; Secure
access-control-allow-origin: https://tl7p8z.top
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wJou9ycpcH9U_VOYbodDUQmUGjt3ulJKCzmxz8PP97_blN4K2CxbHA==
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/126172382829215760_20250603044537.jpg
200 OK 52 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172382829215760_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 52 kB (52490 bytes)
MD5 c98024a89a516ecb864e0a1d0b04c17f
SHA1 5bf0f50250c5d85918277c14209dc049b2d949c9
SHA256 8ee6aeda78ca60ee523f23af6f4504857f711d0fb7e2461f06a0bb6ae28b5ebf
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172382829215760_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 52490
cf-ray: 94cf42880a655699-OSL
accept-ranges: bytes
etag: "c98024a89a516ecb864e0a1d0b04c17f"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1o6JRP2S6X%2FM7t0t6detOWQWrNQO78r2CYYsS5DYI6j%2FRfXcfqj6dM8LlQupI1eIVUr%2FEPRHhRq7vIlylpIBN8BojQ7mUPl8E6Z4%2Fapxs%2FJQpI7ZFZ%2BlP9I4Kphoh53EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=609&min_rtt=396&rtt_var=93&sent=503&recv=283&lost=0&retrans=1&sent_bytes=545016&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4420&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/56469896845852683_20250603044537.jpg
200 OK 50 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469896845852683_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 50 kB (49819 bytes)
MD5 a3960313eee67a02f571dad766555d23
SHA1 205bf92054a52545a4ea4ec68eaa0847f6f7efd9
SHA256 e423a77a6fb3600d45594c4d726b2a9f455c2b570280a234adebb5db8e065b6c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469896845852683_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 49819
cf-ray: 94cf428b7e825699-OSL
accept-ranges: bytes
etag: "a3960313eee67a02f571dad766555d23"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UdClHuzvJSvqiXWaF8wMb6rw%2FpI19JdW8Iesc4bqdGOmwDuho2vR%2BIiVMRXufmdSC2vzcMaMkmnRPd4kodSQr3J1DnCDoaX3TEgJ6%2BcFSJli5PGsTWXtQOtCdoLnWZx6%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1910&min_rtt=396&rtt_var=1411&sent=3011&recv=709&lost=0&retrans=3&sent_bytes=3756098&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4997&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/127342192954966035_20250603044537.jpg
200 OK 54 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342192954966035_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 54 kB (54408 bytes)
MD5 b1a07a4591fcc3db8ae2de818166f6b2
SHA1 c71d3e9d79cfdf38a9de791f4f9840d8e004a624
SHA256 45ee289408a6f97da51b940adbb2f18362b06d6dda085cafc5cdc78203fa313e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342192954966035_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 54408
cf-ray: 94cf428b8ea75699-OSL
accept-ranges: bytes
etag: "b1a07a4591fcc3db8ae2de818166f6b2"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wOWPud3tXewQUAzn8IdLUqc2ttoDuoFpTidJXjh1l0bq3wXIkAyEqMEum552d2TutVmKqjjysV1h7xwlgfb%2Fj5bKll25ion1yHOwkltN1jc%2B1ZiTyCkDspSMdMls%2FVKl8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1210&min_rtt=396&rtt_var=814&sent=3326&recv=729&lost=0&retrans=3&sent_bytes=4164527&recv_bytes=9986&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5015&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/liveChat_icon-CaovBjsT.js
200 OK 1.7 kB URL GET HTTPS
tl7p8z.top/assets/liveChat_icon-CaovBjsT.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1658)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.7 kB (1659 bytes)
MD5 d15934e747fcf76ee75a47ba92006a35
SHA1 c125b86dabda8463c7119b2c5d2ef4ca7af2e879
SHA256 d0905f262934ff1132d0c40c1a44721773e901aab5e5fccdd2add98685c3a996
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/liveChat_icon-CaovBjsT.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 718
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UrjQWLUGwNPkQGxCda36%2FXTv3sBkVL8B8Lk%2F6hNu9sE0kZYIS9zu38CQDs1%2BE0QPuwPcMWCbLTy5ij0LLBj5uxvNohTl%2FdA8XNn5LDtUk%2BkaVrR8MuiNfxb6xjlq"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2ce"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426eec4eb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1827&min_rtt=608&rtt_var=923&sent=1175&recv=247&lost=0&retrans=0&sent_bytes=1173857&recv_bytes=30059&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3234&inflight_dur=299&x=80"
GET res.tl7p8z.top/upload/game_image/126172382745329676_20250603044537.jpg
200 OK 55 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172382745329676_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 55 kB (54630 bytes)
MD5 31378c6c2ad481d8ddd8bf25f455e582
SHA1 d44d8c170385fca778e2226f811084142c2946df
SHA256 631a868b79cc0c72d678777b27e59d5aa1d5f413636e036ba3c9daf53fc47851
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172382745329676_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 54630
cf-ray: 94cf428b0de25699-OSL
accept-ranges: bytes
etag: "31378c6c2ad481d8ddd8bf25f455e582"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h5xhziW7i3L0kupx24i%2BPnQEViqUNJ2NDZEw5yVd0MSXQpqQuHReTNAcRlI5jejpxcEw2GSL%2FIT1gTMfTglx%2BaEKfQfuuSTPLmWQIbLrWFntrCsDz3BmmXiSr%2FFA%2FzORmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=941&min_rtt=396&rtt_var=377&sent=2360&recv=669&lost=0&retrans=3&sent_bytes=2916311&recv_bytes=9986&delivery_rate=44986407&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4937&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/sideBarMobile-DBfuo3qc.js
200 OK 13 kB URL GET HTTPS
tl7p8z.top/assets/sideBarMobile-DBfuo3qc.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (12696)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 13 kB (12697 bytes)
MD5 6e4df0b6283b76eb985c46ed3b6ca4b2
SHA1 bfaa289cab0949a3ee993bab6527d51e9447edec
SHA256 bb1ee167d8869275770ddcbe887b73aa36becfbac358be99950b7852a0563306
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sideBarMobile-DBfuo3qc.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 4147
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSNgoNLjlYLa4VD4vTh2zHDV8gc6BRr80isCa7sKhaoV8Sb6r0UtjPgnVbUDzsS21a8Q%2FIJ0ncrgsO1usc40oBEUVu7EQwXuIXsd6cziPk%2FmOFwdcGVlcCy2p0zX"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-1033"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42741ca3b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1339&min_rtt=608&rtt_var=471&sent=1387&recv=286&lost=0&retrans=0&sent_bytes=1349067&recv_bytes=40577&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3717&inflight_dur=439&x=80"
OPTIONS api.tl7p8z.top/vipdesc
200 OK 5 B URL OPTIONS HTTPS
api.tl7p8z.top/vipdesc
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-19
Last Seen 2025-08-10
Times Seen 25
Size 5 B (5 bytes)
MD5 99d8cdc2d135a13f30612390e94db874
SHA1 ff0447dd084564eb0d0c65bebec8ebe75598785b
SHA256 9121626393bb26af1c0fe4f7414124ca4b415d5be27cfcd46763b150f5e2ec93
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /vipdesc HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,dev-id,fp,req-id,source,x-country,x-currency,x-language
Referer: https://tl7p8z.top/
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: application/json; charset=utf-8
content-length: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQDgELUh%2BqF%2B2Z83CnkMpTCsGRBKUv56B%2BoHMAQrYnXQCrgxzjlD6uFLGkqrQXUBrDqhTzvMpVIGHmSbYmO%2Frs3iVD2XzU4kkXuJ9Jx%2BpmkJqf4uNBGSCGySE%2FvaoIqV0g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 94cf427d5d70b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1394&min_rtt=608&rtt_var=522&sent=2082&recv=353&lost=37&retrans=38&sent_bytes=2083614&recv_bytes=53554&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5550&inflight_dur=767&x=80"
GET api.tl7p8z.top/games/search?game_categories_slug=livecasino_MX&page=1&limit=54
200 OK 14 kB URL GET HTTPS
api.tl7p8z.top/games/search?game_categories_slug=livecasino_MX&page=1&limit=54
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 14 kB (13745 bytes)
MD5 b731dab186649744e7a094aba9f1c4f1
SHA1 fd5513b1016470d65ad9eb5768978be491690ab4
SHA256 1136542feb4333db12cdd166181e15421040b12cc9167f01c37ba59626ca598f
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/search?game_categories_slug=livecasino_MX&page=1&limit=54 HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilvYzaAYN8TV0ZwzuFFi7MUy5hk%2BQrOIdolLz6hxrYSBRozi%2BPJZNZzQDKBreZDQlGrOVanZtUwqmPSfK5pRt0Fyir69Lm%2BxexQdUiH2sPI3fkQ2009E53cqsLWfKXppKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf4287ce39b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1247&min_rtt=563&rtt_var=491&sent=2603&recv=462&lost=37&retrans=38&sent_bytes=2554879&recv_bytes=73881&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=7074&inflight_dur=1284&x=80"
GET tl7p8z.top/assets/icon_public_144-DD1tfRUv.js
200 OK 69 B URL GET HTTPS
tl7p8z.top/assets/icon_public_144-DD1tfRUv.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 69 B (69 bytes)
MD5 72598966d4483c5e86586b4540f692aa
SHA1 c53f8d2ce8c809dc7a75d2340d98152ce143af9a
SHA256 3a05c27f3df77abd9d39c4d068518551e12c5e9c8ff7f47c1b4a3f02d10ec375
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/icon_public_144-DD1tfRUv.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTiofnX%2BMm7UsZ%2BSzp6JKndQ4TbMMVkok9eEseoc4mEqHgqeQrzbndIOVGNDig%2FVpGVsvKPHEfpBKKi1IYSy36d2PBvy938azkclz6IWmzFSNK%2BQEcabhOEoKr85"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-45"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94cf42745cbcb529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1284&min_rtt=608&rtt_var=429&sent=1485&recv=305&lost=0&retrans=0&sent_bytes=1421340&recv_bytes=47730&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3761&inflight_dur=483&x=80"
GET tl7p8z.top/assets/common-header-back-B74iTo9o.js
200 OK 307 B URL GET HTTPS
tl7p8z.top/assets/common-header-back-B74iTo9o.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (306)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 307 B (307 bytes)
MD5 f5c576c059c0d09ecb2d8d245cdc5722
SHA1 838490c9d7f58045fa90d2982b9f6b5df78a4428
SHA256 ee3bdd000f41cced23d57b572d87f91801474cde3c04f4546990ce599c72df55
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/common-header-back-B74iTo9o.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 234
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CurU2Nk0T5nBCeETtpA75jCQGN%2FMpdFdS9FLN3AQIdYvsMzCRKQ80My%2BO6RA6gCKfnJ0ccPl6w3iQrRW3QygaDihE7ARA0F%2FFA1X9C%2FE3T5UDsD3ooLr8XV5WlwG"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-ea"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ebc37b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1165&recv=246&lost=0&retrans=0&sent_bytes=1166404&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3228&inflight_dur=291&x=80"
GET tl7p8z.top/assets/rewards_icon-BlkLby2Y.js
200 OK 4.0 kB URL GET HTTPS
tl7p8z.top/assets/rewards_icon-BlkLby2Y.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3964)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 4.0 kB (3965 bytes)
MD5 78ee8e08dbe5fd61f815ff9ac60bf519
SHA1 b87d7982e3bedfd3d36bf8a6ca3266529f3ba9df
SHA256 a6e13175d377ed64a27a6e74735e0aeb9c381294b51573b7d69dfaf2c79aea12
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/rewards_icon-BlkLby2Y.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2MR6LOWDGVz9qbkzllneHL9rqriUDpz%2FkA9oI%2F35r6Eo4EorOdqzTrx5335tkkjtmr1uANaYpgjr%2Fvd4TrjNVhV4V2xsgQmJGFWq0%2BdAujjAE329jIQSk1WsrF73"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-614"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426eec4bb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1221&recv=248&lost=0&retrans=0&sent_bytes=1210154&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3257&inflight_dur=324&x=80"
GET tl7p8z.top/assets/refer_icon-DdKr5l-M.js
200 OK 3.2 kB URL GET HTTPS
tl7p8z.top/assets/refer_icon-DdKr5l-M.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3204)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.2 kB (3205 bytes)
MD5 27e3bf68353e0894a3f745ba43493d93
SHA1 53f432eeaa2783bee5a22bcccbe5b5f63f768fc6
SHA256 f9ca98c350a24c25cbba4a4b36fe65785c6b530adec044a6984cd92f11706702
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/refer_icon-DdKr5l-M.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1240
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3x40uAwd95raNtutWFoOA6XMdfpwu9jAiyA8VV4A%2FWA8B2bj7ZzHOG5dbo1VyNg3w%2FOJ8qWepqNWDt8WjhfS0ggb%2FZYSejsZbRQb3ervOdMYbA4aBDrgR6fCVYP%2F"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-4d8"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742cb3b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1425&recv=290&lost=0&retrans=0&sent_bytes=1382001&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3729&inflight_dur=450&x=80"
GET tl7p8z.top/assets/sport-D_TtLpEm.js
200 OK 1.7 kB URL GET HTTPS
tl7p8z.top/assets/sport-D_TtLpEm.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1677)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.7 kB (1678 bytes)
MD5 8a12523b4b8ea0b1d14e0048fc8b3ad2
SHA1 43ba49bdab4619e8556e7610ae2ebe2d6bc60612
SHA256 a10ef15a6e127d8d8498a384850b6b122a1e5153ab5c40ee3e015a25ad50238e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sport-D_TtLpEm.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 779
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xT9g9u4F7Twmj7bqEIh4sD6HI5KvzB2g17XvGJ1VAf%2BxyttpGrOTQUu1bWjOAYs4PDqKf8zgzOsAqg1Wodh9zCGAoW%2BsprzZbcCsbnGWZXO26W47fZfvVLlAVLR5"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-30b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742cb4b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1492&min_rtt=608&rtt_var=667&sent=1440&recv=299&lost=0&retrans=0&sent_bytes=1389544&recv_bytes=47231&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3748&inflight_dur=470&x=80"
GET tl7p8z.top/assets/sports_leagues-RtCLlfUO.js
200 OK 975 B URL GET HTTPS
tl7p8z.top/assets/sports_leagues-RtCLlfUO.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (974)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 975 B (975 bytes)
MD5 a34de2ec6ec36ac3a5756cca5c674a74
SHA1 9b6ba49f4934e0015ed200b773149d5ca1bc01d7
SHA256 cf4b483ac32590a06d79ef18aea410beacdb8a5f31331030d46b3c29c3ad4395
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sports_leagues-RtCLlfUO.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2yANEYaa8YxYYI%2B4M9zlRoCBKsM5TnaZgdw1GL97qmABCphFWottiwhCYW%2Bqb%2BK6mTi33MrgmZx4%2F97ZelHA6FNFzq60hclBg%2FcDhHbRxoK55V4rIxyP874X5ZwM"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-219"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cc0b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1461&recv=304&lost=0&retrans=0&sent_bytes=1402982&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3756&inflight_dur=478&x=80"
GET res.tl7p8z.top/upload/game_image/56469908019544082_20250603044537.jpg
200 OK 53 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469908019544082_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 53 kB (53102 bytes)
MD5 ef84d04560cf064f4c069e25eb1b7b52
SHA1 9333c90f5f4254152172270a5198585a94f1ea53
SHA256 a7ed481bd13832688fe31290b7ac46efe9b8cdaeb57526558133dd3da6de3866
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469908019544082_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 53102
cf-ray: 94cf42881a6f5699-OSL
accept-ranges: bytes
etag: "ef84d04560cf064f4c069e25eb1b7b52"
last-modified: Tue, 03 Jun 2025 10:45:40 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LEY76Od6ijZdtPSyQts0Yv3A%2FpTddV%2BDDEs7VU8CSsnzRIFO7FOr7MsdkFNYFDW5JyGUCKL5ME%2FwHhEqz4810jTr%2BUxR0JZg7EaPxVX8pI5BzOZzr8fLFEc7RE7lM39HXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1025&min_rtt=396&rtt_var=543&sent=395&recv=265&lost=0&retrans=1&sent_bytes=406280&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4416&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/index-CWI2BX_d.css
200 OK 126 kB URL GET HTTPS
tl7p8z.top/assets/index-CWI2BX_d.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 126 kB (125689 bytes)
MD5 c03438b53970499351c1fa5b13ef4d4e
SHA1 76e02dd5e6778bd62dbeec24d55f40a063844d32
SHA256 d1550aebd94e61d7545c4f5a76f83e3bdd7e4768bb15816a5b603320d9052325
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-CWI2BX_d.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:06 GMT
content-type: text/css
content-length: 19192
server: cloudflare
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-4af8"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ohbzl1faFh8mJ%2B1xy48vDn7etmpQ9Q7SnXfhNgr6jMRDCuDvLhrAP9LbjVZUl9bOvD5oTEShF9WtuHtxKzifg1s%2FQzRHbJox"}]}
cf-ray: 94cf425e5e3d0afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/index-BcN0oQS9.js
200 OK 9.4 kB URL GET HTTPS
tl7p8z.top/assets/index-BcN0oQS9.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (9443)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 9.4 kB (9444 bytes)
MD5 2bdeb77fbbbe6de7a17159ffeac65c6a
SHA1 9b6e96d109f28011a61891c11ce0604c44b66318
SHA256 44b4bd999215789aca2c1b28bcf891cde22b0684d7730f8002835736acd7f033
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-BcN0oQS9.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: application/javascript
content-length: 6154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lbQSUQdg6D8y2f7bY0byhAf89nxEKF4TMPUFxqzo3CRRDDAWHdgtoGRnXunu3PuZiqidJGWQSiKUVWzQSQS%2BiMZlIde5Nxjt6XuoSa2S8PsTEIkrj0VFg6nQpgJ7"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-180a"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf427f4d85b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1447&min_rtt=608&rtt_var=780&sent=2075&recv=351&lost=37&retrans=38&sent_bytes=2076603&recv_bytes=53462&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5502&inflight_dur=744&x=80"
GET res.tl7p8z.top/upload/banner_image/20250602_958381e03e1678944797a67283c6d412_1748867613268.png
200 OK 598 kB URL GET HTTPS
res.tl7p8z.top/upload/banner_image/20250602_958381e03e1678944797a67283c6d412_1748867613268.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 2091 x 753, 8-bit colormap, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 598 kB (598176 bytes)
MD5 ebc4af1dfe33501f97be4c005000fc28
SHA1 39ae6352155b26b631350726c65d6096b4956321
SHA256 e7f62f36978b8cba1cf1354f92e0f0827021e1e53691ebababc747c27c12a194
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/banner_image/20250602_958381e03e1678944797a67283c6d412_1748867613268.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 598176
cf-ray: 94cf4286c8b55699-OSL
accept-ranges: bytes
etag: "ebc4af1dfe33501f97be4c005000fc28"
last-modified: Mon, 02 Jun 2025 12:33:36 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FM3dzKjEqL8oQVD05xICb8otPohacKN0zScvhLgQ0mRL29ppGxD%2BO15a1UHy3cfScmDO80fOOlzxt92gOCWHb%2FMc696%2FO8ksUzN3ASXAGAnXSVnqcXBNxTW09io%2FCxvQuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=519&min_rtt=396&rtt_var=107&sent=224&recv=204&lost=0&retrans=1&sent_bytes=203374&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4280&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/vendor-BeeVRaw8.css
200 OK 367 kB URL GET HTTPS
tl7p8z.top/assets/vendor-BeeVRaw8.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 367 kB (367013 bytes)
MD5 7b96161af63b3843408e0423b40c7973
SHA1 e954538fe242a88c3b7d7d5c9b6a9ea2f3e5dd73
SHA256 944ed49c8c5d07dd7e552df3522be625fd4a115bab3605f8b79adbed56f24879
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/vendor-BeeVRaw8.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:06 GMT
content-type: text/css
content-length: 51788
server: cloudflare
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-ca4c"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zUTE1qh5Z%2BiVN6wQ%2FSKO34Ulj8nZVa4xdgn15X7Kav2BnIQlj9WS24bzAq4uPmPpVi7on2dogGm0I3J9SAMCD15eLTyz42Y7"}]}
cf-ray: 94cf425e5e3c0afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/left-menu-btn-CvYrfWzB.js
200 OK 1.2 kB URL GET HTTPS
tl7p8z.top/assets/left-menu-btn-CvYrfWzB.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1241)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.2 kB (1242 bytes)
MD5 c85a656d82931832c34094368d1d72b2
SHA1 bb1a01118ccc4de38e7067a3c53727f815c6d85f
SHA256 fb27f7112919dcca1220a5fed2b43ad0dffa43c9468ac543b3b678fca4cd8ad4
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/left-menu-btn-CvYrfWzB.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t57liaJ%2Bx%2FRxcXGT77M1ejNRXoCZ5xuFIC8dr8KDxQjYJYEfI0EWYNjco1I03AZDDylYys8X5UBR2U9hdQoag7aVCdO92O2d4q%2Bd%2FXCR0XOOHtSWuRTYc4Y6gnNW"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-21d"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f0c64b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1212&recv=248&lost=0&retrans=0&sent_bytes=1203043&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3252&inflight_dur=319&x=80"
GET tl7p8z.top/assets/cycling_icon-BU7k0nuk.js
200 OK 2.3 kB URL GET HTTPS
tl7p8z.top/assets/cycling_icon-BU7k0nuk.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2312)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.3 kB (2313 bytes)
MD5 4e4b90117eeb91289a7154ae344bf5c1
SHA1 50db82fb67a603978287928390cb5efdefe263fe
SHA256 5d80f39d25420bbe0c1da0763a88f4ca474848e25c546c5908437539d080bd4b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/cycling_icon-BU7k0nuk.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5z1Cn1AzEZS34Ao5ux79vdj%2FsIXuxTB6IT2X1xcmHXTWiEp08nHBndGbAeG0TSnrocWb5ld7v%2Bm9WxSe%2B6P1GEE27kVHhX4phZml78Br3fKZGFbhRUkz3y6FW3I"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-37b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742ca9b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1400&recv=290&lost=0&retrans=0&sent_bytes=1357703&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3721&inflight_dur=442&x=80"
GET api.tl7p8z.top/vipdesc
200 OK 8.3 kB URL GET HTTPS
api.tl7p8z.top/vipdesc
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-05-23
Last Seen 2025-06-09
Times Seen 2
Size 8.3 kB (8313 bytes)
MD5 1ce8ffd01fb831251bd635c3b9ca6f8a
SHA1 bab7d17e029fb069ac5c2273899fa0107eb0cfd9
SHA256 861714c28686ddb7adc03b1c2b0438226613f568ea0ea4d4995eaedbada5a54c
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /vipdesc HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp:
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vc2T4ACRcnWhz4eC%2B21V5oIJF70KxYrQWZG86nR%2FSb6tiycpbQvOPyj4jwBRMoGW5xXGV5%2B6ENZ3p7EuifnH7utkIVofHk%2B1FaaSrnXmFqMfIVXZz398cEwl7BFDJhBGpA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf427fbd8ab529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1650&min_rtt=608&rtt_var=1014&sent=2105&recv=368&lost=37&retrans=38&sent_bytes=2092278&recv_bytes=55843&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=5795&inflight_dur=859&x=80"
GET tl7p8z.top/assets/boxeo_icon-W12sfk4B.svg
200 OK 7.2 kB URL GET HTTPS
tl7p8z.top/assets/boxeo_icon-W12sfk4B.svg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 7.2 kB (7201 bytes)
MD5 573134d914cc91629a407a20fbd5c160
SHA1 579f7741d35dfdb22a193adcbdb4ef1eb89da93a
SHA256 712b7019d1c9098dcbcd5c724b1256a7571876ec9f564fd38f574625e13c0859
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/boxeo_icon-W12sfk4B.svg HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: image/svg+xml
content-length: 3214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4HNxMnQUMa5FKYYPF3FAiIRC1jbB5CfYZyvdceh%2B9BQQfjpEQ0DAXuLbGpUX9vEITQF2o8l9ftC5pFGQk2d%2FfyOVO3du0DpVBpr9uItq3S6oLkOQAgUBVxtDYkF"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-c8e"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf4283cdb0b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2897&min_rtt=608&rtt_var=2637&sent=2138&recv=386&lost=37&retrans=38&sent_bytes=2109314&recv_bytes=62042&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6338&inflight_dur=899&x=80"
GET res.tl7p8z.top/upload/game_image/76622871006281756_20250603044537.jpg
200 OK 50 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/76622871006281756_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 50 kB (49749 bytes)
MD5 8187f98d0974d943aa8734bc33a9557b
SHA1 d2d1650c8bf26fa2fdca496c66e4b5c71f849e24
SHA256 088dc022156faf884ff6a5f3472b79f11b694cb42fc2f236c0c3b5f6c145e226
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/76622871006281756_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 49749
cf-ray: 94cf42880a5f5699-OSL
accept-ranges: bytes
etag: "8187f98d0974d943aa8734bc33a9557b"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6eAxtktCaoJ%2Fd0bt%2FS7hn%2BLWKdo8qMSszaGzuWr2qZupfCHvnS2veDOMiWkwb54qTUALhEv7%2BcUQkM0amcbQmhlMVvKqFynxN8HDye81gsLaEr%2FU0ca1Cz0jz5576fOr6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1017&min_rtt=396&rtt_var=748&sent=367&recv=262&lost=0&retrans=1&sent_bytes=372321&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4415&x=0"
X-Firefox-Spdy: h2
POST msg.salesmartly.com/chat/chat-auto/user/trigger?login_token=5f71c924494c637226ebcade1580c2d3&chat_user_id=c1e8e75bbecb5ea978106566f4f7ce36&plugin_sign=6a09294cfad91aadb48bdfcbed47b1f4&plugin_id=gt044g&over_time=&env=chat&_=1749457753838&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b
200 OK 49 B URL POST HTTPS
msg.salesmartly.com/chat/chat-auto/user/trigger?login_token=5f71c924494c637226ebcade1580c2d3&chat_user_id=c1e8e75bbecb5ea978106566f4f7ce36&plugin_sign=6a09294cfad91aadb48bdfcbed47b1f4&plugin_id=gt044g&over_time=&env=chat&_=1749457753838&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b
IP / ASN
3.167.2.129
#0
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2023-05-07
Last Seen 2025-08-10
Times Seen 246
Size 49 B (49 bytes)
MD5 78d539ac5b6a06a8bd02b3ace8debb63
SHA1 8e22651d8d1e678777cfebdb96983cf7df6e751a
SHA256 d817b79090a73b71e09ad6e2daa2c137408a7cfb7916aef50da18a1b1b0229f0
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
POST /chat/chat-auto/user/trigger?login_token=5f71c924494c637226ebcade1580c2d3&chat_user_id=c1e8e75bbecb5ea978106566f4f7ce36&plugin_sign=6a09294cfad91aadb48bdfcbed47b1f4&plugin_id=gt044g&over_time=&env=chat&_=1749457753838&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b HTTP/1.1
Host: msg.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 13
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Cookie: ss_uid=6e586157d46e1f27d414ad744c139b5b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 67
date: Mon, 09 Jun 2025 08:29:14 GMT
content-encoding: gzip
access-control-allow-origin: https://tl7p8z.top
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept,External-Sign
x-cache: Miss from cloudfront
via: 1.1 4e0a1f367f79652e0e7d03fa585de7b2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: Icy9nAd1pvsY6bTTH4uvrWIrGEZ8e9MyyETVe7krqvsSik5AZDcdEA==
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/index-CcKm5TY-.css
200 OK 2.4 kB URL GET HTTPS
tl7p8z.top/assets/index-CcKm5TY-.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2375)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.4 kB (2376 bytes)
MD5 fdc45ed8c78fe1c3fa3e68d586a81d44
SHA1 4cb915eece775f45d6126d6c5983dd68b3c053af
SHA256 eabb432e376780ca9cbdb4f8427e646929e38cbf247dcd849b93201956cdb727
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-CcKm5TY-.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJWbv0VTrMN3oqBIkwl3NUIjr3oBGWNa2L3aaEmDoSyZm5aTXqHaOC9dQSATdF9fY8VRYGhriVzokfmu08nKCsEq6L5a%2FfyIx3S4IM2jLnSP%2FR%2FDzMsjTgd9knil"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-28c"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426e5c2ab529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2828&min_rtt=608&rtt_var=2094&sent=1116&recv=239&lost=0&retrans=0&sent_bytes=1127322&recv_bytes=29696&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3166&inflight_dur=244&x=80"
GET tl7p8z.top/assets/gameItem-Bqb-UI1x.js
200 OK 2.9 kB URL GET HTTPS
tl7p8z.top/assets/gameItem-Bqb-UI1x.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (2891)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 2.9 kB (2892 bytes)
MD5 f082ab1b01126022f654039616aa4221
SHA1 aa971fc1a9432a7b1642410660da46d3806a599a
SHA256 e19e47c02b85c2c3eafc9b959d1a8dbcb7e833f76703ca29ce01431f24744272
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/gameItem-Bqb-UI1x.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1339
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BpOJPvaJWfraBymfTOvsx6YiAUxL1PqL%2FBy5FfNDsgtdWAdYoGap1vTGBZODvdWeoNoDrvP8zCcRGQAjx%2F%2BlPUvYkr8O2NWbCqMbmbd0fX8NNFSDpyLfs43BXeIp"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-53b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f4c73b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1970&min_rtt=608&rtt_var=914&sent=1249&recv=251&lost=0&retrans=0&sent_bytes=1235232&recv_bytes=30244&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3296&inflight_dur=359&x=80"
GET tl7p8z.top/assets/bwCountdown-Bzmzg7-z.js
200 OK 747 B URL GET HTTPS
tl7p8z.top/assets/bwCountdown-Bzmzg7-z.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (746)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 747 B (747 bytes)
MD5 7bd29afa2bf83824ac5b0a3b4fc6db9e
SHA1 f68184e38d3bc3d2807cf345d82b12cd20b2cc3a
SHA256 1438506a64561608c54a4f4dbc5722706a76164f84fb11689b0de903af79bec6
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bwCountdown-Bzmzg7-z.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 421
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVf5JKOHJHAySPCFT5bAg4QkRtR2EvwKPQdlfitDkT%2BQNAHNyGBO5M%2B%2F9%2F1v72I3T7KZtKy0%2BKW67wz18uZudMj7Rl0DcykATGr37ZHbUisvNHfXLANIcd4my135"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-1a5"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f0c69b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1236&recv=248&lost=0&retrans=0&sent_bytes=1224954&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3267&inflight_dur=329&x=80"
POST api.tl7p8z.top/marquee/info
200 OK 1.5 kB URL POST HTTPS
api.tl7p8z.top/marquee/info
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.5 kB (1525 bytes)
MD5 d6bc693051aa1dfb853634c377331d26
SHA1 38bbaaf4dabfd2c524ad5a4e3290cb8e2646bc14
SHA256 d2743545604e1fa1eb33b57b4090e0f67ee812ae1f6cd921ab60a249a8f7f51a
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /marquee/info HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Content-Length: 28
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=goaUEefou4REdz8cUB4rJZu%2FljWzq1teRtDzHqG2CuD0ZflZjoOW8kHSGNLEobrOgAfhh3U%2BehVB98zxf6MDSMyEN5ET52BFoh9m42YztL89%2F%2B2nj8jou6L5fl6s%2FqUIrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf42854e0bb529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1319&min_rtt=563&rtt_var=730&sent=2550&recv=440&lost=37&retrans=38&sent_bytes=2528006&recv_bytes=70180&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6801&inflight_dur=1184&x=80"
GET res.tl7p8z.top/upload/game_image/126172382560780306_20250603044537.jpg
200 OK 55 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172382560780306_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 55 kB (54642 bytes)
MD5 1f8a8a5dbd5960e7994ede2477d9bbaf
SHA1 e0444307d9aee0d7c8f2b2631262a0805ad3dfe9
SHA256 29da56bee5912214152e57d263efe5d9d0d4de7015c00edd859519ea18920920
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172382560780306_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 54642
cf-ray: 94cf428b6e765699-OSL
accept-ranges: bytes
etag: "1f8a8a5dbd5960e7994ede2477d9bbaf"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBDmOjCQQhrlgdu03Zb%2B9I%2FYY7%2BxCF89%2FanQV78ciTZXkx4XZsyt27Mnf8kJihNgFz6LzHSToa1OqG7pdnBb%2F9Fq9eXJlRP5js6LHC%2Fbl8CKIs2wpo0z%2FKyY%2FyFRKxmISw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=888&min_rtt=396&rtt_var=520&sent=2634&recv=693&lost=0&retrans=3&sent_bytes=3271425&recv_bytes=9986&delivery_rate=48992481&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4958&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/moto3_icon-BJjgQs8W.js
200 OK 901 B URL GET HTTPS
tl7p8z.top/assets/moto3_icon-BJjgQs8W.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (900)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 901 B (901 bytes)
MD5 9d315162783202100c2bc9305627e967
SHA1 26ab5de97189ec9b919e54ed93a4f7acd6861c4f
SHA256 ddb751e5015db99d135c09fb00db4d51fe21d805f7896685253f508f1bb4da79
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/moto3_icon-BJjgQs8W.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 429
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dml6kO0zDlVw4HNkt5Fk5dA4v0X9ILgJTAo0nLRZ0h3%2BhxGz3yRDkZnNlz484fmJrLcDHXfTcjs5Leo3LgF44OF0k9SPqlwrQXC6Kk8uOWrfPFNlugTYag%2Blc6Zb"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-1ad"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426ecc42b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1165&recv=246&lost=0&retrans=0&sent_bytes=1166404&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3228&inflight_dur=291&x=80"
GET tl7p8z.top/assets/index-B1Ac6Xly.js
200 OK 42 kB URL GET HTTPS
tl7p8z.top/assets/index-B1Ac6Xly.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (41678)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 42 kB (41881 bytes)
MD5 1a5d81fa5c898383870ccfe17b8d0e64
SHA1 03fb5e143047317369713346b4f158486937911d
SHA256 7c83c984e236b64e382c8c0fdfef9015b6f8caf946064194e7549ab6e71cac31
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-B1Ac6Xly.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 13189
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ifi7TpRsUGrxz5fdtERisQLeaeeJtvORhYDATQEvBlTG01NC8Zyah%2BD7xoWiSNb6v9oIHJxwN7gBLOKCImrTnW2Y0zYphXMD57BKnRLI5cpo1xiM%2F%2F7Cf5j2tH60"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-3385"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f3c6fb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1970&min_rtt=608&rtt_var=914&sent=1266&recv=251&lost=0&retrans=0&sent_bytes=1254818&recv_bytes=30244&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3300&inflight_dur=362&x=80"
GET tl7p8z.top/assets/index-B1Ac6Xly.js
200 OK 42 kB URL GET HTTPS
tl7p8z.top/assets/index-B1Ac6Xly.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (41678)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 42 kB (41881 bytes)
MD5 1a5d81fa5c898383870ccfe17b8d0e64
SHA1 03fb5e143047317369713346b4f158486937911d
SHA256 7c83c984e236b64e382c8c0fdfef9015b6f8caf946064194e7549ab6e71cac31
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-B1Ac6Xly.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-C4sLo-pF.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 13189
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAXbeGcSpOMx0sr%2F4tIVDzDMtHpbS2TFvkqJvxT9O6FDSuMUa%2BtJxLwWWltNkylmBF3s1CtVi%2BkJWkR4FxxqhcjdYstGXy7DNq%2Bcw8ZQLjwaiDC28TkNMceipqFV"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-3385"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf4272fc85b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1643&min_rtt=608&rtt_var=683&sent=1291&recv=257&lost=0&retrans=0&sent_bytes=1279327&recv_bytes=30741&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3547&inflight_dur=408&x=80"
GET res.tl7p8z.top/i18nlocale/es.json?1749457749050
200 OK 338 kB URL GET HTTPS
res.tl7p8z.top/i18nlocale/es.json?1749457749050
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 338 kB (338169 bytes)
MD5 bd2d18a6f99a385fa52b4fa946a33e81
SHA1 a59a48b3584ebf2df80359da31fb3d037d9d30a7
SHA256 05853d62c4b3710c98ad41bfae10cda4d5a3e75f1a795ee1e57d55ea37da4e1f
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /i18nlocale/es.json?1749457749050 HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:10 GMT
content-type: text/plain; charset=utf-8
content-encoding: br
access-control-allow-origin: *
etag: W/"3031c45fef5d1b16806457ceb3989f77"
last-modified: Fri, 06 Jun 2025 15:29:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TO09zeOjXg%2BXH1HjHFDqlbAaRkfWj6s8EnDxWtXFeOPYXS%2FhYJL3oSsV7U1gT4JhTelnvYayoSdhODEcbbuXuxY6hGqcA55uIfh9eaWUEvANPC3b3wtokegiEZ9Rijz7IA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94cf42747c775699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1394&min_rtt=400&rtt_var=1237&sent=22&recv=19&lost=0&retrans=1&sent_bytes=6146&recv_bytes=1757&delivery_rate=7350253&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=1964&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/127342192501981197_20250603044537.jpg
200 OK 50 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/127342192501981197_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 50 kB (49991 bytes)
MD5 cf3142f32afa0e700ffd1d3fd602d4c7
SHA1 aeaab7c118f899e586dec18bdf89a3409a8f89f0
SHA256 457c97a29866a641fb39314a68caa6598502c7ebf24ae7587a814c42caffc9b4
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/127342192501981197_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 49991
cf-ray: 94cf428b5e555699-OSL
accept-ranges: bytes
etag: "cf3142f32afa0e700ffd1d3fd602d4c7"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMLxIrKzLXX%2FaTgk%2F5yNA7BKSBebaUSNcaUgOL7aBGpfj48RTheSuGLllCT7kP5KmzWJJ2NzQXCtAotcgVk24g2QlOH1JVm9woEOl%2FFSR9Tuld2RTFXRhn41oPZaTKjwsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1514&min_rtt=396&rtt_var=955&sent=2764&recv=698&lost=0&retrans=3&sent_bytes=3440757&recv_bytes=9986&delivery_rate=49931034&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4982&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/refer_icon-DdKr5l-M.js
200 OK 3.2 kB URL GET HTTPS
tl7p8z.top/assets/refer_icon-DdKr5l-M.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3204)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.2 kB (3205 bytes)
MD5 27e3bf68353e0894a3f745ba43493d93
SHA1 53f432eeaa2783bee5a22bcccbe5b5f63f768fc6
SHA256 f9ca98c350a24c25cbba4a4b36fe65785c6b530adec044a6984cd92f11706702
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/refer_icon-DdKr5l-M.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 1240
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfM92GMGC5rpLsJMOlKB8CpMr1RwibJ9jXlrrJm92vf7VY%2FumQNyYbUqyANLqPaQhWJyYzvEZTOxfdR9aT8xUQq1diDz7ayNiEq6RueE8AN0xhbMQRDbVWX96xwP"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-4d8"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426edc4ab529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1853&min_rtt=608&rtt_var=1159&sent=1170&recv=246&lost=0&retrans=0&sent_bytes=1169881&recv_bytes=30013&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3230&inflight_dur=296&x=80"
GET tl7p8z.top/assets/icon_public_144-DD1tfRUv.js
200 OK 69 B URL GET HTTPS
tl7p8z.top/assets/icon_public_144-DD1tfRUv.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 69 B (69 bytes)
MD5 72598966d4483c5e86586b4540f692aa
SHA1 c53f8d2ce8c809dc7a75d2340d98152ce143af9a
SHA256 3a05c27f3df77abd9d39c4d068518551e12c5e9c8ff7f47c1b4a3f02d10ec375
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/icon_public_144-DD1tfRUv.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aLFDsWQTEIWPC%2BDf2STLnDcW7r7UyQuZrLaVDO%2BjaeoBjgDmGGKU16NQlYT5uT%2FxHx7mPSWvo%2F7xqkmyoiaHlNb8X9m3wzBQqJIJgQIY2WPUFCQZjC9vGZL3TOGX"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: W/"683ee6c1-45"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 94cf426eec53b529-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1827&min_rtt=608&rtt_var=923&sent=1187&recv=247&lost=0&retrans=0&sent_bytes=1182969&recv_bytes=30059&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3235&inflight_dur=303&x=80"
GET tl7p8z.top/font.css
200 OK 811 B URL GET HTTPS
tl7p8z.top/font.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text
First Seen 2025-05-23
Last Seen 2025-07-31
Times Seen 4
Size 811 B (811 bytes)
MD5 a2b4d8b338f3baf8d09575fb3412e675
SHA1 2a7e7fe16d7394e6465dbb16f916391ad148db36
SHA256 6f40feb79472b0a44054cac71db8cdb899c21d5f6adcb331504d8977d341b581
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /font.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 269
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGJX64t72U2ox92wJAgVodXcb3%2FKzMbJnT0lLVQu3aXAx26CKiHytsEKcY2xFleMHAVwV2Lp7dvWV32U0rYCcQS4s1KjFG6vm3f1jpbjbyav2Tk4yJT0elYcyMck"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:50 GMT
vary: Accept-Encoding
etag: "683ee6c2-10d"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426f5c77b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1937&min_rtt=608&rtt_var=622&sent=1276&recv=253&lost=0&retrans=0&sent_bytes=1264789&recv_bytes=30336&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3321&inflight_dur=374&x=80"
GET tl7p8z.top/assets/index-CD3Vznvo.css
200 OK 56 kB URL GET HTTPS
tl7p8z.top/assets/index-CD3Vznvo.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (55582)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 56 kB (55583 bytes)
MD5 cc12a377fa89ab4b43bd279e4c8c2e11
SHA1 067dc9343a60f8bd90a6e5b39c5ae6ca80f49019
SHA256 36bda230de7e824a70823602e5d0f1f799be63bb1b8e16374a9bc3e8b7741d0b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/index-CD3Vznvo.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: text/css
content-length: 17116
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcApDAuRs%2BxjqGfijRxQB%2FJMwANkgxKQEWpC%2B0Yjcz3MTmcdho%2FnxeCM1CJpQKTGg7Rl2IEHBjC6L0xT0qtwentYRA02DakGhZ80UzEQLXoxD1fS7dmU6OZFC8qF"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-42dc"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426e8c2eb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2430&min_rtt=608&rtt_var=1403&sent=1126&recv=242&lost=0&retrans=0&sent_bytes=1133112&recv_bytes=29832&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3182&inflight_dur=261&x=80"
GET api.tl7p8z.top/games/bigwin
200 OK 45 kB URL GET HTTPS
api.tl7p8z.top/games/bigwin
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 45 kB (45363 bytes)
MD5 fc76c6bbc6c838a6f4e73c23d5289fe3
SHA1 f0ef9d4cb2270c2649d018d088148966316c445c
SHA256 5ab0ab36c0357cacfbc94591a57ca77e9bc36c5c29a782366a20d5eac335dc39
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/bigwin HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mg4iEON8NPR%2FPPNvA0JQqxEPPxYRIG2QzxReXC%2FXvrJeVIRNEHXMX8i09q8FoASdM93Z5l6DbgxBt7c1BOqbCyFyDh10QLF8IKAGbo5uEAxxLgoTTWQE4BeJMFfBr0DUJA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf42852e06b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2605&min_rtt=608&rtt_var=1896&sent=2292&recv=416&lost=37&retrans=38&sent_bytes=2251780&recv_bytes=66681&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6569&inflight_dur=1088&x=80"
GET tl7p8z.top/assets/icon_public_145-CPlV_eO6.js
200 OK 1.5 kB URL GET HTTPS
tl7p8z.top/assets/icon_public_145-CPlV_eO6.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1506)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.5 kB (1507 bytes)
MD5 78ff22331b830c9a09adff90c561e21f
SHA1 9fc64160bfd8ccc3171ba517c296ef6778bdab31
SHA256 195aaf72b4d3fbe5ed2a6822ac5b6e84555917e9ac2d5600d49242216d218783
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/icon_public_145-CPlV_eO6.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ibJxz2xOPA0TL381yVeEkX4S68FjpO0ULFCsfMMn0viTA5VOSlsHiMt15Ev1J4ITpkLci5ylTiL3GV0DTlSsDCy8FHRFFDFXsBQVui61M3P%2F8leNLlfM9Avqr2Mp"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-2ba"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426eec55b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1208&recv=248&lost=0&retrans=0&sent_bytes=1200349&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3250&inflight_dur=317&x=80"
GET tl7p8z.top/assets/bwCountdown-Bzmzg7-z.js
200 OK 747 B URL GET HTTPS
tl7p8z.top/assets/bwCountdown-Bzmzg7-z.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Java source, ASCII text, with very long lines (746)
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 747 B (747 bytes)
MD5 7bd29afa2bf83824ac5b0a3b4fc6db9e
SHA1 f68184e38d3bc3d2807cf345d82b12cd20b2cc3a
SHA256 1438506a64561608c54a4f4dbc5722706a76164f84fb11689b0de903af79bec6
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bwCountdown-Bzmzg7-z.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 421
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtdZOo9CWIpzH7oFNqOq9sJI3b%2BHoOOqhjZWIbTzEcGzOhYJuHRMrPggNZcBOX%2FHj%2BM59pxQWIlzTqxX3AR9RyETUWKDRijvyMmbnFoA8kyexrTP5U9kVkHAMRqL"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-1a5"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42741ca1b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1408&recv=290&lost=0&retrans=0&sent_bytes=1366073&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3721&inflight_dur=443&x=80"
GET tl7p8z.top/assets/moto3_icon-BJjgQs8W.js
200 OK 901 B URL GET HTTPS
tl7p8z.top/assets/moto3_icon-BJjgQs8W.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (900)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 901 B (901 bytes)
MD5 9d315162783202100c2bc9305627e967
SHA1 26ab5de97189ec9b919e54ed93a4f7acd6861c4f
SHA256 ddb751e5015db99d135c09fb00db4d51fe21d805f7896685253f508f1bb4da79
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/moto3_icon-BJjgQs8W.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 429
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R1QFtOSvXu4H3wGmey7hf8SnPIOSaqxSaG8KzordiFj2jZpHgpGcSZIrksc2ITUw4C2cvAizzxEDEmrdTXuRJc2Td%2F2fY7N2ijdkEvylAEYTADrl%2BAeJQQfyKXmF"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-1ad"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742cabb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1398&recv=289&lost=0&retrans=0&sent_bytes=1356561&recv_bytes=41161&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3720&inflight_dur=442&x=80"
GET tl7p8z.top/assets/sports_cricket-DbNeBt6l.js
200 OK 2.5 kB URL GET HTTPS
tl7p8z.top/assets/sports_cricket-DbNeBt6l.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (2530)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 2.5 kB (2531 bytes)
MD5 48d88f06a6e67224e446266fcc57e37a
SHA1 c3f57c1bc4b21df7d93a5886593e57ab5a5fb246
SHA256 584946946aa660a1f6fcacf7fd6bb762a2968053bd0bcbc13ed84949710c4bc6
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sports_cricket-DbNeBt6l.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bWVdI%2BgJohcpib53z7Mo5VJ5wztX8D8gFLh7%2Bt0QmMrxjP%2BworzV5LvcENbj52YiI6Y3ocQzCX4TBkvCny8s0Rc%2BmPFEKDrWxWKpTPwyGdqstWD0RFTqMlgulP30"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-447"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cc3b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1437&min_rtt=608&rtt_var=609&sent=1444&recv=301&lost=0&retrans=0&sent_bytes=1391090&recv_bytes=47548&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3752&inflight_dur=472&x=80"
GET res.tl7p8z.top/upload/game_image/56469920837271564_20250603044537.jpg
200 OK 44 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/56469920837271564_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 44 kB (44441 bytes)
MD5 0f1a54990584e089607efc6ba66be18e
SHA1 02414d67a4a6598828bc868bda3dcb4dd88d9170
SHA256 a173b4d861c497ae361eff25c43d1a7ed531b49e8aa9cf75cc0c4e0379afd734
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/56469920837271564_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 44441
cf-ray: 94cf428b1df65699-OSL
accept-ranges: bytes
etag: "0f1a54990584e089607efc6ba66be18e"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxEm56d6t8cWewTHa86zvJP7mC7Y79douvB7E1Xlxzesc%2BIHDDb1WgH52Ihtu9IDZCbGs%2BzATmI2c2wppbsLCb4YKtZ8ZyiREwIE%2FohXA4ar94z9lM%2FB%2B70QeZpgdC554w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1104&min_rtt=396&rtt_var=627&sent=2454&recv=678&lost=0&retrans=3&sent_bytes=3039106&recv_bytes=9986&delivery_rate=44986407&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4946&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/casino_icon-D8-wi0zY.js
200 OK 1.8 kB URL GET HTTPS
tl7p8z.top/assets/casino_icon-D8-wi0zY.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (1836)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 1.8 kB (1837 bytes)
MD5 9b08329eb0a3136cff4f42642e88980e
SHA1 7b7904d42aa03fa8a088859dd3be7a9473bed540
SHA256 015ff4682f326c91a2f00db374a6783a1b66ae3cb18d17d86b235a877f7f591b
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/casino_icon-D8-wi0zY.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-B1Ac6Xly.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 875
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQFkoa6ZqOQtzQhLiEKHSGevMM%2FepT6spCwV%2FgfRyOyATfQvx6QqkluCsYfqm%2B1kNe4eHtfW3SPSBV9YMbpwP4qmDiFuURiw37Iw%2B6Cm7SNQhiuNaKLZF6Pv9Pbk"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-36b"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf4273fc90b529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1651&min_rtt=608&rtt_var=520&sent=1341&recv=272&lost=0&retrans=0&sent_bytes=1321236&recv_bytes=34628&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3696&inflight_dur=419&x=80"
GET tl7p8z.top/assets/bttom-arrow-ClNnGRm_.js
200 OK 473 B URL GET HTTPS
tl7p8z.top/assets/bttom-arrow-ClNnGRm_.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (472)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 473 B (473 bytes)
MD5 0ccb283e3a5b50af9dded7a31078eeb5
SHA1 3451fccb577efb89eef20e1b41259af58a961929
SHA256 06f72fd161da1ec77a1272cc693dab3842e556e26481484c1a4979228b0cecc5
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/bttom-arrow-ClNnGRm_.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtAvyQLdSzalFqbzZ%2FiGIIy6lnpi9ABvEWE9EbqCDp49bG685GGa12rMa4KsCZ0MvTMdTIF3tgj8FXKtwlVQvN7KyRogpK7K4sDdIHAvEo%2FUQcv7g6sgEbH0ts1d"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-195"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42745cceb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1327&min_rtt=608&rtt_var=456&sent=1471&recv=304&lost=0&retrans=0&sent_bytes=1410454&recv_bytes=47684&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3757&inflight_dur=478&x=80"
GET client.salesmartly.com/js/marked/v14.1.2/marked.min.js
200 OK 36 kB URL GET HTTPS
client.salesmartly.com/js/marked/v14.1.2/marked.min.js
IP / ASN
54.240.174.108
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type JavaScript source, ASCII text, with very long lines (36340)
First Seen 2024-09-13
Last Seen 2025-08-10
Times Seen 348
Size 36 kB (36489 bytes)
MD5 4726c8d370952011c5137ee8e13eb6bb
SHA1 96c7a41fdc5d4530bb46f1a629f86ecaf068de82
SHA256 eeaba2c06a990d4602b4142cce579f4cce16fba404e6cc82c5c2f7ccb1e7bd1f
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
GET /js/marked/v14.1.2/marked.min.js HTTP/1.1
Host: client.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 05 Jun 2025 09:19:25 GMT
x-amz-replication-status: REPLICA
last-modified: Fri, 20 Sep 2024 06:38:39 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: JFBntxsrfZ64VoXBE8CHtNjr4.xFrBV4
server: AmazonS3
etag: W/"4726c8d370952011c5137ee8e13eb6bb"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L9x4sR48O5utOQufzplH-3jAXluQ7r1fsG6bctq8oIB6wXR5_1oWQg==
age: 342587
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/sport-BD1lVVyl.png
200 OK 5.1 kB URL GET HTTPS
tl7p8z.top/assets/sport-BD1lVVyl.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 5.1 kB (5149 bytes)
MD5 84fef7c8d40dfd5cc16ec959db732285
SHA1 b457b13ae1449201bb668f057bfddc07824d02f8
SHA256 fa349064b6bb35b874701fb596aaee613d9c23c63e92a6c7c74b061ccd580c5f
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/sport-BD1lVVyl.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 5149
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kGB1OOTS%2FsXFqH8y%2FL72XVtE%2BLToKT%2F6MU8OIrUQ42TnUglWeInYIX9DjGGsmH1fiaZCJi9FdU6Cl278clrHebS1pYuGAUAwKuyQNj%2FkHOqiC8HwMTTFTdKkWGWO"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-141d"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf42867e22b529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1912&min_rtt=608&rtt_var=862&sent=2529&recv=434&lost=37&retrans=38&sent_bytes=2512866&recv_bytes=69896&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6782&inflight_dur=1167&x=80"
GET api.tl7p8z.top/games/categories?type=providers
200 OK 8.0 kB URL GET HTTPS
api.tl7p8z.top/games/categories?type=providers
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 8.0 kB (8035 bytes)
MD5 b85bf2942eb5bfaa591455fa9160bcdc
SHA1 57f630756ade3cca2dca702dea8936bf1901d429
SHA256 85a8f6e4b7440394fa205c9bd05c2946eb77eefd4e3ae2c895a73311003f7ab3
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /games/categories?type=providers HTTP/1.1
Host: api.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Req-Id:
Fp: 6786838544e257bbd8395259505dd5e355cc49eff3af3e4fa9bca3e518904876
Source: pc
X-Language: es
X-Country: MX
X-Currency: MXN
Dev-Id:
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wsROJpKsSoXDAzRBjFYY5Qc6CoAz5PAzIrY96bGd6fDmxt975ym7TXFXLzqwD10bG%2BRsU6Lp1qMWJbq6PZpqWcaCMfHUwDhzu7mcUN0CTPxL2J7QxqIRAEsfpbqK6eBiWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Length, X_CSRF-Token, Token, session, X-Language, X-Currency, X-Country, X-Param, Content-Type, Fp, Req-Id, Source, Dev-Id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
access-control-max-age: 172800
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94cf4287ae35b529-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1240&min_rtt=563&rtt_var=682&sent=2591&recv=459&lost=37&retrans=38&sent_bytes=2549317&recv_bytes=73745&delivery_rate=38765004&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=7068&inflight_dur=1275&x=80"
GET res.tl7p8z.top/upload/game_image/126172384741818378_20250603044537.jpg
200 OK 62 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172384741818378_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 62 kB (62023 bytes)
MD5 bb450e104ffb336af92ce134b94b1af1
SHA1 04a03588393b454455e80b8429b8383491f05a81
SHA256 4ca8d35f286b0ee36734973362794fb2e3dd543b1efb4ab14bd6bf0b3619d2c4
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172384741818378_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 62023
cf-ray: 94cf4287fa4f5699-OSL
accept-ranges: bytes
etag: "bb450e104ffb336af92ce134b94b1af1"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vuNAAM3JWbXQeiAQKHi%2F40QQl9X%2FNS5ym3k%2FCQNYgTA9%2Brvloe0%2FiGrHnpnpFZNUsMB6AH3QjzRKnuguRfipwAs82OK15cFPenNr%2FGz2b9s6%2ByI649ymatMLR%2F8LzjlVmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2314&min_rtt=396&rtt_var=2373&sent=303&recv=243&lost=0&retrans=1&sent_bytes=292126&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4406&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/126172385949843471_20250603044537.jpg
200 OK 53 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172385949843471_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 53 kB (53151 bytes)
MD5 4fb2a06065692a33150333a2d16ba29f
SHA1 fab37890a66c28171454a6706eb66c86c58a8045
SHA256 083544464f5f679c839793c689708e27974a2ac1b81cc9212b21a48bd9c21e3d
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172385949843471_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/jpeg
content-length: 53151
cf-ray: 94cf42880a645699-OSL
accept-ranges: bytes
etag: "4fb2a06065692a33150333a2d16ba29f"
last-modified: Tue, 03 Jun 2025 10:45:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=71FEuT97HPaPGBUjnxw2pDBgCGfbEbL0Ll0J4tr%2BmHTeFc%2BoHjEYaH6G7xOpFGyxSBg0QOapOg5fdK%2FWghiFzicPNsv3EycaPUt1xGXi11koyvwTzXR70oAQs%2BqhhIsl0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1017&min_rtt=396&rtt_var=748&sent=365&recv=262&lost=0&retrans=1&sent_bytes=371383&recv_bytes=5645&delivery_rate=41569377&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4413&x=0"
X-Firefox-Spdy: h2
GET res.tl7p8z.top/upload/game_image/126172384456605708_20250603044537.jpg
200 OK 49 kB URL GET HTTPS
res.tl7p8z.top/upload/game_image/126172384456605708_20250603044537.jpg
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x310, components 3
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 49 kB (48839 bytes)
MD5 cc25bb1a0b873644e79231916c0f899b
SHA1 d24d65d6b6e70d0e61b820f3a25536c67eaedd02
SHA256 58e6e7669ead4532ce7eaa73b7b89327684f431978325b12f61e87d01900581e
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/game_image/126172384456605708_20250603044537.jpg HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:13 GMT
content-type: image/jpeg
content-length: 48839
cf-ray: 94cf428b9eb65699-OSL
accept-ranges: bytes
etag: "cc25bb1a0b873644e79231916c0f899b"
last-modified: Tue, 03 Jun 2025 10:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EoJp2LM23fAO2lqvBWZYwc7G81hL0cNfJy4ppT0hrhOuli7f%2BvTxBLwhG2XS2y%2BIVkQfZfq4r7KhvIe3Qd4WFnEbIMm8vwM7K6waW42Yzkba4Spp3AEkqfCfaCZyRkVmLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1210&min_rtt=396&rtt_var=814&sent=3328&recv=729&lost=0&retrans=3&sent_bytes=4165526&recv_bytes=9986&delivery_rate=82301953&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=5016&x=0"
X-Firefox-Spdy: h2
GET tl7p8z.top/assets/moto2_icon-Cup9Ha2W.js
200 OK 3.6 kB URL GET HTTPS
tl7p8z.top/assets/moto2_icon-Cup9Ha2W.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (3566)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 3.6 kB (3567 bytes)
MD5 da17ad80c86ed75b02248c435dfd25d9
SHA1 24a9147f08f06500580a1befd15cae7a6fcf5ba0
SHA256 55e621058d2f913864d514bdf091837aa78200bc431e2f82399b1b668b9bc540
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/moto2_icon-Cup9Ha2W.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/assets/index-BLqJ-ndz.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:09 GMT
content-type: application/javascript
content-length: 1384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lt3H55tFCOY0KrSPt32MOaffFKSx7B%2BWg2cvAvpt7eJnZeTt5Y0UXGiyoYlrfETO5DZuHKNE72ojLKycGFmAkMyKD8U4oWav8tfzXHe1p202mxyPSHZ8QoBYQdox"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-568"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 94cf42742caab529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1264&min_rtt=608&rtt_var=503&sent=1400&recv=290&lost=0&retrans=0&sent_bytes=1357703&recv_bytes=41669&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3721&inflight_dur=442&x=80"
GET tl7p8z.top/assets/arrow_bottom-DSgdI6tl.js
200 OK 373 B URL GET HTTPS
tl7p8z.top/assets/arrow_bottom-DSgdI6tl.js
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type ASCII text, with very long lines (372)
First Seen 2025-02-23
Last Seen 2025-07-31
Times Seen 6
Size 373 B (373 bytes)
MD5 c15e219293331a58ef885e9801d447fc
SHA1 ce957ca892d13bdd73c764893467682792aade8a
SHA256 5fd29541e4bc1c1ea25578238501a595897bdd6b3cbad0c5e228fe36045040ff
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/arrow_bottom-DSgdI6tl.js HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tl7p8z.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:08 GMT
content-type: application/javascript
content-length: 329
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CGBOlWcc%2BtrzaNAurPj5DFyRAUEWIdZ81gz1Kx1B2Epaax80ar7LSn%2BFu0Gp%2FALBYGNYWH1Bf1sYShssR44REGk9csuBur8VKBVIpBdHXFZ%2Bfyqw%2FBRrbgcwcT%2B7"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
vary: Accept-Encoding
etag: "683ee6c1-149"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf426efc5fb529-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1933&min_rtt=608&rtt_var=905&sent=1230&recv=248&lost=0&retrans=0&sent_bytes=1219643&recv_bytes=30105&delivery_rate=23142414&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=429900&unsent_bytes=0&cid=40c9c63fa90b9432&ts=3259&inflight_dur=327&x=80"
GET tl7p8z.top/assets/float_silder_bonus-BasEVo2y.png
200 OK 5.8 kB URL GET HTTPS
tl7p8z.top/assets/float_silder_bonus-BasEVo2y.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 5.8 kB (5766 bytes)
MD5 7262729e681236ca922af78936b8e930
SHA1 8d2f6b4878a4fa40243df08d5d3451faa13ed7bf
SHA256 15113e61b21b79550add45f9a06c486fcae67945fc6860d2afed33256297850f
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/float_silder_bonus-BasEVo2y.png HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 09 Jun 2025 08:29:11 GMT
content-type: image/png
content-length: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F8vcl4GjRS46INGi6wrN%2BmHIJsy2YtbOejIwrWWcXYC5wv1qlwKqlsX%2BKxH1jVRWdT4bivh8kUwgmXNBcuDYYwtFAz6GufqKzrnfX%2FEkaNqLxG%2FtfXnuz9Eab2K%2F"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 03 Jun 2025 12:12:49 GMT
etag: "683ee6c1-1686"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 94cf4283bdabb529-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3117&min_rtt=608&rtt_var=2929&sent=2125&recv=385&lost=37&retrans=38&sent_bytes=2095833&recv_bytes=61997&delivery_rate=30262738&ss_exit_cwnd=300930&ss_exit_reason=3&cwnd=300930&unsent_bytes=0&cid=40c9c63fa90b9432&ts=6328&inflight_dur=893&x=80"
GET res.tl7p8z.top/upload/banner_image/20250531_6d23149872347e7c2b2af02561c7cf81_1748684041878.png
200 OK 117 kB URL GET HTTPS
res.tl7p8z.top/upload/banner_image/20250531_6d23149872347e7c2b2af02561c7cf81_1748684041878.png
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type PNG image data, 666 x 420, 8-bit colormap, non-interlaced
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 117 kB (116826 bytes)
MD5 894ac538a22796e2aadd7c376c57bc7f
SHA1 8ea9a2ace5d0713dc34ce740fe1972bd6469b8d3
SHA256 38a62ebf754d6ada37dd2aa3d754922b8a16991bacc21651928114923acbae7f
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/banner_image/20250531_6d23149872347e7c2b2af02561c7cf81_1748684041878.png HTTP/1.1
Host: res.tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:12 GMT
content-type: image/png
content-length: 116826
cf-ray: 94cf42886acf5699-OSL
accept-ranges: bytes
etag: "894ac538a22796e2aadd7c376c57bc7f"
last-modified: Sat, 31 May 2025 09:34:04 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hwDkOg27PBCe8z6ev2lDn7C8kvRyg4nsSsx6K1fwl9NGqYJemneCKyCMbl0vDBymi5sMAykS1aT6fvoZpviwbiT4bnvB58M2jJI4ZokzyXnHsbOqyPWs9UnIxc%2FTPedFPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=835&min_rtt=396&rtt_var=401&sent=1058&recv=425&lost=0&retrans=1&sent_bytes=1254289&recv_bytes=5645&delivery_rate=100408759&cwnd=257&unsent_bytes=0&cid=7fca1b3969daef88&ts=4493&x=0"
X-Firefox-Spdy: h2
POST srz.salesmartly.com/client/station/log?plugin_sign=890d7f9ac53ec9e1b8f44880c3d8d1c5&plugin_id=gt044g&over_time=&env=chat&_=1749457754349&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b
200 OK 87 B URL POST HTTPS
srz.salesmartly.com/client/station/log?plugin_sign=890d7f9ac53ec9e1b8f44880c3d8d1c5&plugin_id=gt044g&over_time=&env=chat&_=1749457754349&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b
IP / ASN
54.240.174.22
#16509 AMAZON-02
Requested by https://tl7p8z.top/
Resource Info
File type JSON text data
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 87 B (87 bytes)
MD5 f5ca70ea39c74af2429d127be9dc6868
SHA1 6828e798fa895e71b2875026b68841f859b146ca
SHA256 bf6c92c26310f705bcd60a02d3f127b1d27e0386f29802ceff61ad2ba24db293
Certificate Info
Issuer Amazon
Subject *.salesmartly.com
Fingerprint 0D:8A:81:F5:6B:9E:32:22:4F:33:1F:6B:89:B3:44:12:B8:C2:01:C3
Validity Thu, 05 Dec 2024 00:00:00 GMT - Sat, 03 Jan 2026 23:59:59 GMT
POST /client/station/log?plugin_sign=890d7f9ac53ec9e1b8f44880c3d8d1c5&plugin_id=gt044g&over_time=&env=chat&_=1749457754349&_lt=5f71c924494c637226ebcade1580c2d3&_u=6e586157d46e1f27d414ad744c139b5b HTTP/1.1
Host: srz.salesmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 487
Origin: https://tl7p8z.top
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Cookie: ss_uid=6e586157d46e1f27d414ad744c139b5b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 09 Jun 2025 08:29:14 GMT
access-control-allow-credentials: true
access-control-max-age: 86400
x-powered-by: PHP/7.2.34
access-control-allow-origin: https://tl7p8z.top
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1rcbS43IOmGQ8ApLGI8uq4MayJkHPvp7wA3cNBUjwIgr5a0VIJR0mA==
X-Firefox-Spdy: h2
GET tl7p8z.top/variables.css
200 OK 1.3 kB URL GET HTTPS
tl7p8z.top/variables.css
IP / ASN
172.67.210.93
#13335 CLOUDFLARENET
Requested by https://tl7p8z.top/
Resource Info
File type Unicode text, UTF-8 text
First Seen 2025-06-09
Last Seen 2025-06-09
Times Seen 1
Size 1.3 kB (1311 bytes)
MD5 f9224e6e4c98c0c2aaadcbec929d7ea6
SHA1 2380e732633bc53268aa2d4a86cf6857ffefecf3
SHA256 d2f4ee43609d146aa812f5c8dce9fc88d2941e4a7abef66986f1db91dd1f59f2
Certificate Info
Issuer Google Trust Services
Subject tl7p8z.top
Fingerprint 97:E8:D4:65:F9:ED:91:87:37:D3:2C:B0:25:7F:FC:FB:B6:6C:54:10
Validity Wed, 28 May 2025 11:47:00 GMT - Tue, 26 Aug 2025 12:45:34 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /variables.css HTTP/1.1
Host: tl7p8z.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tl7p8z.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 09 Jun 2025 08:29:05 GMT
content-type: text/css
content-length: 650
server: cloudflare
last-modified: Tue, 03 Jun 2025 12:12:50 GMT
vary: Accept-Encoding
etag: "683ee6c2-28a"
content-encoding: gzip
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BJn3XOB60Xlg02cNmnR07uGs2O3fRFb53cCnP5UWaWVYSDl61xKuOsTAbca70Lj6v8cFWw8XwjLsX7t%2BmYyojnJfdES%2FW8Lp"}]}
cf-ray: 94cf425e5e390afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
