Report - locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline

Report Overview

Visited public
2025-01-14 15:21:56
Tags
URL
locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Finishing URL
locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
IP / ASN
171.244.33.80
#38731 CHT Compamy Ltd
Title
LoL Cams | Teen Snapchat and Stickam Video Forum

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
images2.imgbox.com	80761	2009-02-09	2017-10-24	2025-01-13	428 B	10 kB	212.63.223.226
images4.imagebam.com	410100	2006-09-22	2021-05-23	2025-01-06	864 B	57 kB	212.63.223.226
img94.pixhost.to	unknown	unknown	2024-03-03	2025-01-03	435 B	15 kB	94.229.45.2
t93.pixhost.to	unknown	unknown	2024-01-15	2025-01-11	439 B	9.7 kB	94.229.45.2
locams.cc	unknown	2025-01-04	2025-01-14	2025-01-14	7.8 kB	90 kB	171.244.33.80
i.imgur.com	5110	2009-01-09	2012-05-21	2025-01-08	1.3 kB	29 kB	199.232.196.193

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed
2025-01-14	medium	locams.cc	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline	ScriptElement	2.3 kB	2025-01-14	2025-01-14
Pretty URL locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-14 15:21 Last Seen2025-01-14 15:21 Times Seen1 Hash ab657d0ccc284f027846296ae424f40a f900ee4e3163eb2f6f78957bee6dc228b4d81a12 801b3854b80918e75c2fe7464ee5c30bc18b9194d663511fbc5ce553d435aaae Loading...

	locams.cc/jscripts/jquery.js?ver=1823	ScriptElement	90 kB	2023-03-07	2025-05-01
Pretty URL locams.cc/jscripts/jquery.js?ver=1823 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-01 01:58 Times Seen4137 Hash 9ac39dc31635a363e377eda0f6fbe03f 29fa5ad995e9ec866ece1d3d0b698fc556580eee 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38 Loading...

	locams.cc/jscripts/jquery.plugins.min.js?ver=1821	ScriptElement	15 kB	2024-08-22	2025-01-14
Pretty URL locams.cc/jscripts/jquery.plugins.min.js?ver=1821 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-22 17:23 Last Seen2025-01-14 15:21 Times Seen3 Hash 8180748a7c27cd13ce99933742b28ee4 9cc1d2c5720f21055ec5ad125f28a88238c50a1a a7a544b67ad229fe5aecdb6863e37f75d7cdbb4b46082939c77df92fc338744a Loading...

	locams.cc/jscripts/general.js?ver=1827	ScriptElement	16 kB	2024-08-22	2025-01-14
Pretty URL locams.cc/jscripts/general.js?ver=1827 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-22 17:23 Last Seen2025-01-14 15:21 Times Seen3 Hash be219aa08a7b7587bb3b00fc38ce0b27 377d6f7ee145563484ba964241cac9e6a8a29311 06dd04d6f914f1370059a56d29768156ab4b05064e934978d0674af85651e4f6 Loading...

	locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline	ScriptElement	77 B	2023-03-07	2025-04-19
Pretty URL locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-04-19 06:33 Times Seen327 Hash e0e774c6eac4073121eb55b9e21d3511 5156ea2435d223d0519ddce05085a2510c7b1807 45a342390daafbd778ec29ac08c0cd3273410c225c6c1101306700c811b530b5 Loading...

HTTP Transactions (21)

URL IP Response Size

locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline

171.244.33.80

200 OK

4.1 kB

URL User Request GET HTTP/1.1
locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (375), with CRLF, LF line terminators
Size
4.1 kB (4118 bytes)
Hash
3a849f302c2e5ec2dfc3d09a4717fbcd
11500234a796038ce6e4c71657756be31a124438
fce10dc99b56e10209a1f13e8b2a517cbaf74a3f27f73706908f19033cdac9fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Set-Cookie: mybb[lastvisit]=1736868091; expires=Wed, 14-Jan-2026 15:21:31 GMT; path=/; domain=.locams.cc
mybb[lastactive]=1736868091; expires=Wed, 14-Jan-2026 15:21:31 GMT; path=/; domain=.locams.cc
sid=2dde321e66f03f0767ec1a32fd4eba52; path=/; domain=.locams.cc; HttpOnly
Content-Encoding: gzip

i.imgur.com/CJ3Hzo7.png

199.232.196.193

200 OK

13 kB

URL GET HTTP/2
i.imgur.com/CJ3Hzo7.png
IP
199.232.196.193:443
ASN
#54113 FASTLY

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced
Size
13 kB (12633 bytes)
Hash
7d5dcea5ec5344f8ef2c7d13bb9643f4
9475a8e45e92cceecced35880f16da5c74a56406
f5c4556ac75717deec8bb4307fb9b1ece3ced030ca2fa8008e94aff9e05d414a

HTTP Headers

GET /CJ3Hzo7.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 01 Mar 2024 09:20:44 GMT
etag: "7d5dcea5ec5344f8ef2c7d13bb9643f4"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: 8S8KqreoK4wGCLT6C27UChmwQUy000-DcE7H0BKjp6WOUKXXv1hFRQ==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 14 Jan 2025 15:21:33 GMT
age: 1895321
x-served-by: cache-iad-kjyo7100025-IAD, cache-hel1410021-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 3060, 149
x-timer: S1736868094.615912,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 12633
X-Firefox-Spdy: h2

i.imgur.com/c85tVhe.jpg

199.232.196.193

200 OK

4.5 kB

URL GET HTTP/2
i.imgur.com/c85tVhe.jpg
IP
199.232.196.193:443
ASN
#54113 FASTLY

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 468x60, components 3
Size
4.5 kB (4478 bytes)
Hash
892b0fc35965dacaefe2a70bb36eba02
996aba7a03aa368df0d2f2450928775a7ac22a29
d5920183bc8fbf027feb15ad8bccc860aa892fa8468f8bb0e51f8d9c4d16e21b

HTTP Headers

GET /c85tVhe.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 19 Oct 2023 12:09:32 GMT
etag: "892b0fc35965dacaefe2a70bb36eba02"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: agEtacKUEV582hDjknELzrrzGIShG7Zc4NNkxmYd4iTSeYbpsnIvXQ==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 14 Jan 2025 15:21:33 GMT
age: 2426931
x-served-by: cache-iad-kjyo7100024-IAD, cache-hel1410021-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 17146, 66
x-timer: S1736868094.616245,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 4478
X-Firefox-Spdy: h2

i.imgur.com/SSaV5XL.jpeg

199.232.196.193

200 OK

9.3 kB

URL GET HTTP/2
i.imgur.com/SSaV5XL.jpeg
IP
199.232.196.193:443
ASN
#54113 FASTLY

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 472x68, components 3
Size
9.3 kB (9319 bytes)
Hash
ac5e0ea5afe9b03c41a39256936e0ebd
e401f6162453bcb561744420ed5e91835f97979e
c7fc322a173f9beb1feb3957e07ee2bbfada340850a91d91896d2f47176ae894

HTTP Headers

GET /SSaV5XL.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 01 Mar 2024 09:17:28 GMT
etag: "ac5e0ea5afe9b03c41a39256936e0ebd"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: 7y5DmH5CX8qd4GlbXKIlIvfexQ_FLmc0JTOJteg63xstglplSdjTIQ==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 14 Jan 2025 15:21:33 GMT
age: 3472839
x-served-by: cache-iad-kiad7000082-IAD, cache-hel1410021-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 4063, 73
x-timer: S1736868094.616262,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 9319
X-Firefox-Spdy: h2

locams.cc/jscripts/jquery.plugins.min.js?ver=1821

171.244.33.80

200 OK

4.3 kB

URL GET HTTP/1.1
locams.cc/jscripts/jquery.plugins.min.js?ver=1821
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14798), with CRLF line terminators
Size
4.3 kB (4329 bytes)
Hash
8180748a7c27cd13ce99933742b28ee4
9cc1d2c5720f21055ec5ad125f28a88238c50a1a
a7a544b67ad229fe5aecdb6863e37f75d7cdbb4b46082939c77df92fc338744a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/jquery.plugins.min.js?ver=1821 HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:34 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:54 GMT
Content-Encoding: gzip

locams.cc/cache/themes/theme1/thread_status.css?t=1719495461

171.244.33.80

200 OK

268 B

URL GET HTTP/1.1
locams.cc/cache/themes/theme1/thread_status.css?t=1719495461
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
268 B (268 bytes)
Hash
03f41e435feafb6ae26667c0fec5ce42
9cec5d3fd4f64c93a58845adb5a7f58cce02136d
c1b8b53d7b988635fe075432d3bbcbe8730960c50350eb6d5bcd6e895db57f34

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/theme1/thread_status.css?t=1719495461 HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:41 GMT
Content-Encoding: gzip

locams.cc/cache/themes/theme1/css3.css?t=1719495461

171.244.33.80

200 OK

592 B

URL GET HTTP/1.1
locams.cc/cache/themes/theme1/css3.css?t=1719495461
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
592 B (592 bytes)
Hash
0b2778ece01f802366f87dab9d536497
eddbdc7f857aa17f7c1fcf4bb0f4e5e0226c2750
f22ef965ce52b180c7a33da82a489001b79183fa5f81ca5505969aa48cd50c06

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/theme1/css3.css?t=1719495461 HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:41 GMT
Content-Encoding: gzip

locams.cc/jscripts/general.js?ver=1827

171.244.33.80

200 OK

4.6 kB

URL GET HTTP/1.1
locams.cc/jscripts/general.js?ver=1827
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (322), with CRLF line terminators
Size
4.6 kB (4633 bytes)
Hash
be219aa08a7b7587bb3b00fc38ce0b27
377d6f7ee145563484ba964241cac9e6a8a29311
06dd04d6f914f1370059a56d29768156ab4b05064e934978d0674af85651e4f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/general.js?ver=1827 HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:34 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:54 GMT
Content-Encoding: gzip

locams.cc/cache/themes/theme1/global.css?t=1719495461

171.244.33.80

200 OK

6.2 kB

URL GET HTTP/1.1
locams.cc/cache/themes/theme1/global.css?t=1719495461
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
6.2 kB (6191 bytes)
Hash
cd3008aa19797fc17501b04952a358e2
4bfb9f1d2fe94977caf854181fa490a10c9f79c1
4882539039fd793ea590e582f9697792f32eac081d1018c224a9c2904ada26b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/theme1/global.css?t=1719495461 HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:41 GMT
Content-Encoding: gzip

locams.cc/jscripts/jquery.js?ver=1823

171.244.33.80

200 OK

31 kB

URL GET HTTP/1.1
locams.cc/jscripts/jquery.js?ver=1823
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators
Size
31 kB (30879 bytes)
Hash
9ac39dc31635a363e377eda0f6fbe03f
29fa5ad995e9ec866ece1d3d0b698fc556580eee
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/jquery.js?ver=1823 HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:34 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:54 GMT
Content-Encoding: gzip

images2.imgbox.com/ad/24/KoUmVeGK_o.jpg

212.63.223.226

200 OK

9.9 kB

URL GET HTTP/1.1
images2.imgbox.com/ad/24/KoUmVeGK_o.jpg
IP
212.63.223.226:443
ASN
#50827 SpaceDump IT AB

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerGoGetSSL
Subject*.imgbox.com
Fingerprint5A:6B:D2:2E:15:1B:62:D6:8E:55:AD:38:B3:95:0A:EB:B9:C5:52:86
ValidityFri, 15 Nov 2024 00:00:00 GMT - Sat, 15 Nov 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 472x68, components 3
Size
9.9 kB (9928 bytes)
Hash
1d0e8e6a50af4ab4672077b5d2cce151
c6b0afe9bfc14a0c65bb8c71d2a29b7b08f3b195
05eec284e4176a57025fcd9eab935c04144dff18e30e35165ab63bc3660c7a56

HTTP Headers

GET /ad/24/KoUmVeGK_o.jpg HTTP/1.1
Host: images2.imgbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx/1.14.2
date: Tue, 14 Jan 2025 15:21:35 GMT
content-type: image/jpeg
content-length: 9928
vary: x-s-token
last-modified: Fri, 13 Oct 2023 10:12:46 GMT
etag: "26c8-607964c3fc380"
x-cache: HIT
x-whom: srv1535
accept-ranges: bytes

images4.imagebam.com/f0/09/25/MEW1MQY_o.jpg

212.63.223.226

200 OK

12 kB

URL GET HTTP/1.1
images4.imagebam.com/f0/09/25/MEW1MQY_o.jpg
IP
212.63.223.226:443
ASN
#50827 SpaceDump IT AB

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerGoGetSSL
Subject*.imagebam.com
FingerprintB3:7B:BD:C4:71:57:E9:3A:FB:A2:EF:CD:8A:85:14:1C:0C:6C:70:D5
ValidityFri, 15 Nov 2024 00:00:00 GMT - Sat, 15 Nov 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 472x68, components 3
Size
12 kB (11946 bytes)
Hash
7577d743171de29d7d2d0de19e8ec1f5
3fc60cf9212a832dcff4fd2b6f01a2ac9e72e589
4bf2e0031249f3d37677cfaa9eca897f32b93ac70c62e7a1754f5898f4845af9

HTTP Headers

GET /f0/09/25/MEW1MQY_o.jpg HTTP/1.1
Host: images4.imagebam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx/1.22.1
date: Tue, 14 Jan 2025 15:21:35 GMT
content-type: image/jpeg
content-length: 11946
vary: x-s-token
last-modified: Fri, 20 Sep 2024 00:57:27 GMT
etag: "2eaa-6228285e483c2"
x-cache: HIT
x-whom: srv1535
accept-ranges: bytes

img94.pixhost.to/images/82/450013628_logo1.jpg

94.229.45.2

200 OK

15 kB

URL GET HTTP/1.1
img94.pixhost.to/images/82/450013628_logo1.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintEF:67:08:20:EE:C7:91:56:E9:CA:04:62:E8:40:A2:42:07:73:F4:3B
ValiditySun, 12 Jan 2025 04:36:26 GMT - Sat, 12 Apr 2025 04:36:25 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6], baseline, precision 8, 493x70, components 3
Size
15 kB (14917 bytes)
Hash
28bd7adae0c5d4b7497128ae521ed4d2
95c8f76baa4db10948ff53e94f55f1a31d219e5c
564457a4fd44b4c396ebfe8f5fe221a8c633eb1a9466d7fd51d978077857bf84

HTTP Headers

GET /images/82/450013628_logo1.jpg HTTP/1.1
Host: img94.pixhost.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 14 Jan 2025 15:21:35 GMT
Content-Type: image/jpeg
Content-Length: 14917
Last-Modified: Fri, 01 Mar 2024 07:32:36 GMT
Connection: keep-alive
ETag: "65e18494-3a45"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

images4.imagebam.com/0b/91/b7/MEPGKWU_o.png

212.63.223.226

200 OK

45 kB

URL GET HTTP/1.1
images4.imagebam.com/0b/91/b7/MEPGKWU_o.png
IP
212.63.223.226:443
ASN
#50827 SpaceDump IT AB

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerGoGetSSL
Subject*.imagebam.com
FingerprintB3:7B:BD:C4:71:57:E9:3A:FB:A2:EF:CD:8A:85:14:1C:0C:6C:70:D5
ValidityFri, 15 Nov 2024 00:00:00 GMT - Sat, 15 Nov 2025 23:59:59 GMT

File type
PNG image data, 472 x 68, 8-bit/color RGBA, non-interlaced
Size
45 kB (44731 bytes)
Hash
5dc04640a2447d0b093e4cba51cec2f4
0ca53866e4ed6e5a98a40a6c6c90fdc4dd40417f
c4120403408d7087e1c2a34f1794a920c98233e878b3df4b5d9e877ed260ea79

HTTP Headers

GET /0b/91/b7/MEPGKWU_o.png HTTP/1.1
Host: images4.imagebam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx/1.22.1
date: Tue, 14 Jan 2025 15:21:35 GMT
content-type: image/png
content-length: 44731
vary: x-s-token
last-modified: Fri, 13 Oct 2023 10:07:48 GMT
etag: "aebb-607963a7d7522"
x-cache: HIT
x-whom: srv1535
accept-ranges: bytes

t93.pixhost.to/thumbs/176/437410747_banner-jbz.jpg

94.229.45.2

200 OK

9.4 kB

URL GET HTTP/1.1
t93.pixhost.to/thumbs/176/437410747_banner-jbz.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintEF:67:08:20:EE:C7:91:56:E9:CA:04:62:E8:40:A2:42:07:73:F4:3B
ValiditySun, 12 Jan 2025 04:36:26 GMT - Sat, 12 Apr 2025 04:36:25 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
9.4 kB (9388 bytes)
Hash
c99a64572051230e72d616fc8c3fd9a7
dabde13e1de4982dbf7b43256bfc10596f603593
26ae0fa15793f4011461258789bc318b80373027639b91fd8d69079497ea577a

HTTP Headers

GET /thumbs/176/437410747_banner-jbz.jpg HTTP/1.1
Host: t93.pixhost.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 14 Jan 2025 15:21:36 GMT
Content-Type: image/jpeg
Content-Length: 9388
Last-Modified: Mon, 15 Jan 2024 04:03:30 GMT
Connection: keep-alive
ETag: "65a4ae92-24ac"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

locams.cc/images/nav_bit.png

171.244.33.80

200 OK

86 B

URL GET HTTP/1.1
locams.cc/images/nav_bit.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Size
86 B (86 bytes)
Hash
918839ed4dd4400570446568b618d34a
b5e3d9cc407bf5b777d184e17cda2d1962abdb26
59d3751e6d307cdf95243f8d969e93de7a67f631e173b7d7d9faf3086d2afc9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/nav_bit.png HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:36 GMT
Content-Type: image/png
Content-Length: 86
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:43 GMT
Accept-Ranges: bytes

locams.cc/images/tcat.png

171.244.33.80

200 OK

131 B

URL GET HTTP/1.1
locams.cc/images/tcat.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
PNG image data, 2 x 60, 8-bit/color RGB, non-interlaced
Size
131 B (131 bytes)
Hash
10b96a318e186e39860a5945a9071b92
daa068efc07bb97ff0a2af218aedebbb28c9f1bb
91697e7d6cc941b2bff9f05520c0c22b95d460a655e65b480452ce60da209cdf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/tcat.png HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/cache/themes/theme1/global.css?t=1719495461
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:36 GMT
Content-Type: image/png
Content-Length: 131
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:42 GMT
Accept-Ranges: bytes

locams.cc/images/headerlinks_sprite.png

171.244.33.80

200 OK

2.3 kB

URL GET HTTP/1.1
locams.cc/images/headerlinks_sprite.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
PNG image data, 16 x 196, 8-bit colormap, non-interlaced
Size
2.3 kB (2342 bytes)
Hash
e38f7f29cf3f740d7dc3651cb82098ec
65787e91831d3707a9ec747ab272c1fb5d52b2d8
bc8ea31d4d1a30effac6bed60a41d1ec64a7cd42a711c694a103e42da7aa4c0a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/headerlinks_sprite.png HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/cache/themes/theme1/global.css?t=1719495461
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:36 GMT
Content-Type: image/png
Content-Length: 2342
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:43 GMT
Accept-Ranges: bytes

locams.cc/images/thead.png

171.244.33.80

200 OK

115 B

URL GET HTTP/1.1
locams.cc/images/thead.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
PNG image data, 1 x 40, 8-bit/color RGB, non-interlaced
Size
115 B (115 bytes)
Hash
96dfa0b7296d710946b220639f5a9d1c
40838eabc4f6384d72ec9adca7a773fc4db21c44
d2d9d86e65050d0197318b4478cff3931f3e7a071bdee4f12364c2c47d4d576f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/thead.png HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/cache/themes/theme1/global.css?t=1719495461
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:36 GMT
Content-Type: image/png
Content-Length: 115
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:42 GMT
Accept-Ranges: bytes

locams.cc/images/logo_lol_370x100.png

171.244.33.80

200 OK

31 kB

URL GET HTTP/1.1
locams.cc/images/logo_lol_370x100.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
PNG image data, 370 x 100, 8-bit/color RGBA, non-interlaced
Size
31 kB (30696 bytes)
Hash
8a711b9bdff4511ef0899654d5beb648
5e5d7a0b363221f44f8ed10413f0c0ccd4aba085
2faefad0882c079892867c93e7b21cc8fdb201572eb88154d1a5fca0e9195a66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo_lol_370x100.png HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:36 GMT
Content-Type: image/png
Content-Length: 30696
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:43 GMT
Accept-Ranges: bytes

locams.cc/images/favicon.png

171.244.33.80

200 OK

2.1 kB

URL GET HTTP/1.1
locams.cc/images/favicon.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Certificate
IssuerZeroSSL
Subjectlocams.cc
Fingerprint1D:4D:BC:D5:C5:2C:79:32:46:07:68:CA:5A:3F:1E:2E:CB:2E:21:36
ValiditySat, 04 Jan 2025 00:00:00 GMT - Fri, 04 Apr 2025 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2114 bytes)
Hash
c018922e067a9e71cd3f09e0f6861f32
f12df0b06a91ce85da1b15892f432d46ffa5817b
2bf462ae2fdb024c9886b606dc8535ae2c37cef6ba1e088f2253e39fe43923c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: locams.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locams.cc/search.php?action=results&order=asc&sid=ea158cec7fd9b6a699c7ceb3647ebae2&sortby=dateline
Cookie: mybb[lastvisit]=1736868091; mybb[lastactive]=1736868091; sid=2dde321e66f03f0767ec1a32fd4eba52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Jan 2025 15:21:37 GMT
Content-Type: image/png
Content-Length: 2114
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 13:37:43 GMT
Accept-Ranges: bytes

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate