Report - netcine.zip

Report Overview

Visited public
2025-05-09 04:30:02
Tags
Submit Tags
URL
netcine.zip
Finishing URL
netcinez.ch/
IP / ASN
62.182.85.232
#30860 Virtual Systems LLC
Title
NetCine: Filmes e Séries Online Grátis

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
netcine.zip	unknown	2024-06-02	2024-12-04	2025-05-08	876 B	8.8 kB	0.0.0.0
netcinez.ch	unknown	unknown	2025-04-26	2025-05-08	976 B	9.2 kB	62.182.85.232
raunoaptotoaw.com	unknown	2025-04-24	2025-05-08	2025-05-08	2.2 kB	110 kB	139.45.196.60
my.rtmark.net	9054	2014-10-29	2015-02-04	2025-05-08	469 B	834 B	104.18.41.22
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-05-07	432 B	381 kB	142.250.74.168
cdn.bcdn.zip	unknown	2024-08-02	2024-08-13	2025-05-08	4.3 kB	147 kB	138.199.36.9
0019x.com	unknown	2020-03-19	2025-04-26	2025-05-08	1.1 kB	3.4 kB	139.45.197.247
xt64idjwuxgszpzqfzz77aw4bceno56w.edns.ip-api.com	unknown	2012-04-24	2025-05-09	2025-05-09	447 B	271 B	85.10.196.124
gdlhwcdjtqkjqcj.com	unknown	2025-05-08	2025-05-09	2025-05-09	959 B	1.2 kB	139.45.197.168
edns.ip-api.com	467468	2012-04-24	2014-10-06	2025-05-08	429 B	315 B	85.10.196.124

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-09 04:29:30	low	Client IP	62.182.85.232	ET INFO HTTP Request to a *.zip Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-08	medium	raunoaptotoaw.com	Sinkholed
2025-05-08	medium	raunoaptotoaw.com	Sinkholed
2025-05-08	medium	raunoaptotoaw.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	netcinez.ch/	Function	37 B	2023-04-11	2025-07-16
Pretty URL netcinez.ch/ IP 62.182.85.232 ASN #30860 Virtual Systems LLC Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-07-16 06:46 Times Seen301453 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	cdn.bcdn.zip/scripts/rmobi2.js	ScriptElement	961 B	2024-09-27	2025-05-29
Pretty URL cdn.bcdn.zip/scripts/rmobi2.js IP 138.199.36.9 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-27 21:30 Last Seen2025-05-29 15:52 Times Seen36 Hash 33b92ab151fe1191a10a2928b889f1ee ee812568e0447f6cf6400af06787e752411237d5 b8ef43b047d9fb243995974715d2dcd916082ccee77804567d575b9c0ea97626 Loading...

	netcinez.ch/	Eval	18 kB	2025-05-09	2025-05-09
Pretty URL netcinez.ch/ IP 62.182.85.232 ASN #30860 Virtual Systems LLC Introduced by eval Embedded in HTML false Observations First Seen2025-05-09 04:30 Last Seen2025-05-09 04:30 Times Seen1 Hash d8f960b53f6e38f65ea75bb0b379417c cabd6549dcfaebdae7303d36171e2a598f42ca3e c703338990c32cee84dff2875675e562828c77bb6a90acde19ee9fa36dbda526 Loading...

	cdn.bcdn.zip/scripts/mmoneaa.min.js	ScriptElement	28 kB	2025-03-05	2025-05-12
Pretty URL cdn.bcdn.zip/scripts/mmoneaa.min.js IP 138.199.36.9 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-05 19:39 Last Seen2025-05-12 13:37 Times Seen18 Hash 289f3f8e3d39978bea10e110941b4680 0408cc3c49f37fad24a94b0dc91043f3e9e93682 bdefc40030caf62225eed7eebc7ecf2c793b2fe4b1c70939eefd68fda8a23432 Loading...

	raunoaptotoaw.com/5/8858321	ScriptElement	108 kB	2025-05-09	2025-05-09
Pretty URL raunoaptotoaw.com/5/8858321 IP 139.45.196.60 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 04:30 Last Seen2025-05-09 04:30 Times Seen1 Hash 530776e9319d9006c1e2c575455ef87a dd57d84a3c4267ae5204d76d20d06df80fec4ee6 227813020af4a273140f3e3ee9631a684ba8a230a05a8b1766b2235f005a08d9 Loading...

	netcinez.ch/	ScriptElement	180 B	2024-12-04	2025-06-29
Pretty URL netcinez.ch/ IP 62.182.85.232 ASN #30860 Virtual Systems LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-04 14:52 Last Seen2025-06-29 21:22 Times Seen25 Hash 5ecdf986f06e20b0df929d422bcc9475 b74b14fc6bb099328dce3ffb67ab5122da8b5f54 35389540780906440d2566317c3a753b114d3d60fbb2cd15311cf8eec574beeb Loading...

	cdn.bcdn.zip/scripts/scriptmenu7.js	ScriptElement	974 B	2024-10-12	2025-05-29
Pretty URL cdn.bcdn.zip/scripts/scriptmenu7.js IP 138.199.36.9 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 22:58 Last Seen2025-05-29 15:52 Times Seen27 Hash e600be19ee46a37afe487f78801e17c0 57b64eddd07f22e6bc7e113e09002120efdde413 0fd6a39cb7d662168afd79264396616d58a80dd2e699a2944ee047b19ba74812 Loading...

	cdn.bcdn.zip/scripts/blankw.js	ScriptElement	51 kB	2025-05-09	2025-05-09
Pretty URL cdn.bcdn.zip/scripts/blankw.js IP 138.199.36.9 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 04:30 Last Seen2025-05-09 04:30 Times Seen1 Hash 633a60f5abb47f88ed33d7ba7ee24509 73f659d376cb0f36865dd40dc83c6d2f22355db5 f1733e281142a54caebaf254adefd7553e53b5203d3ffd661177274cf9c34d75 Loading...

	netcinez.ch/	Eval	37 kB	2025-05-09	2025-05-09
Pretty URL netcinez.ch/ IP 62.182.85.232 ASN #30860 Virtual Systems LLC Introduced by eval Embedded in HTML false Observations First Seen2025-05-09 04:30 Last Seen2025-05-09 04:30 Times Seen1 Hash e331a3a5abb8d3adc438fd38b6aee7d3 91685882666d67908ab66c84a895ab1c35476159 d4043d3abd22bdc94a58fad9f71f1ba0abcf8de7de06873794575d206320055e Loading...

	netcinez.ch/	ScriptElement	172 B	2025-05-09	2025-05-09
Pretty URL netcinez.ch/ IP 62.182.85.232 ASN #30860 Virtual Systems LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 04:30 Last Seen2025-05-09 04:30 Times Seen1 Hash fe19c27906d8aca52f4c7159cff451e4 8cbd5d101a7955544afc8890c224ae4b3a63dd95 9b1d4076d4b53d4d5b2936c337678bd7316d05fa2071531a9fe71ef30a648d86 Loading...

	www.googletagmanager.com/gtag/js?id=G-NZDPYDPLE0	ScriptElement	380 kB	2025-05-09	2025-05-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-NZDPYDPLE0 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 04:30 Last Seen2025-05-09 04:30 Times Seen1 Hash 6eb66d1551820a1204c25650507397c7 4535d703758927ce0916e8fac0a8b86b6ed92605 7b52032421bdde7a00130993343cb8f0e922f199589dd327949ec50d8c2c4c14 Loading...

HTTP Transactions (24)

URL IP Response Size

GET cdn.bcdn.zip/scripts/menuu2.css

138.199.36.9

200 OK

3.3 kB

URL GET
cdn.bcdn.zip/scripts/menuu2.css
IP
138.199.36.9:443
ASN
#60068 Datacamp Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectcdn.bcdn.zip
Fingerprint6F:7E:67:99:13:85:0A:05:44:E3:36:7A:4B:0B:D1:5B:45:F6:34:02
ValidityThu, 24 Apr 2025 04:13:59 GMT - Wed, 23 Jul 2025 04:13:58 GMT

File type
ASCII text, with very long lines (3321), with no line terminators
Size
3.3 kB (3321 bytes)
Hash
b39e4224722e258051ada136b0f816e7
c0f54e986e5b2963ac02b8612aade79229247e5f
0938d3c50285e35bf38c87cd923e5338ff295b801aa8879521c024b262e2b22b

HTTP Headers

GET /scripts/menuu2.css HTTP/1.1
Host: cdn.bcdn.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 May 2025 04:29:31 GMT
content-type: text/css
server: BunnyCDN-DE1-1049
cdn-pullzone: 1552782
cdn-uid: 5e612068-3bb9-4e40-a899-ea27c6001df7
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=1200
content-encoding: br
etag: "66a56e02-cf9"
last-modified: Sat, 27 Jul 2024 22:00:34 GMT
cdn-storageserver: DE-676
cdn-requestpullsuccess: True
cdn-fileserver: 818
perma-cache: HIT
cdn-proxyver: 1.22
cdn-requestpullcode: 200
cdn-cachedat: 03/29/2025 18:25:15
cdn-edgestorageid: 1047
cdn-requestid: 18d9b1e96e701536e8599aa1da9cf7cc
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 1
X-Firefox-Spdy: h2

GET cdn.bcdn.zip/scripts/mmoneint10.min.js

138.199.36.9

200 OK

51 kB

URL GET
cdn.bcdn.zip/scripts/mmoneint10.min.js
IP
138.199.36.9:443
ASN
#60068 Datacamp Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectcdn.bcdn.zip
Fingerprint6F:7E:67:99:13:85:0A:05:44:E3:36:7A:4B:0B:D1:5B:45:F6:34:02
ValidityThu, 24 Apr 2025 04:13:59 GMT - Wed, 23 Jul 2025 04:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (51271), with CRLF line terminators
Size
51 kB (51296 bytes)
Hash
633a60f5abb47f88ed33d7ba7ee24509
73f659d376cb0f36865dd40dc83c6d2f22355db5
f1733e281142a54caebaf254adefd7553e53b5203d3ffd661177274cf9c34d75

HTTP Headers

GET /scripts/mmoneint10.min.js HTTP/1.1
Host: cdn.bcdn.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://netcinez.ch/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 May 2025 04:29:31 GMT
content-type: application/javascript
server: BunnyCDN-DE1-1049
cdn-pullzone: 1552782
cdn-uid: 5e612068-3bb9-4e40-a899-ea27c6001df7
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=1200
content-encoding: br
etag: "681b9107-c860"
last-modified: Wed, 07 May 2025 16:57:43 GMT
cdn-storageserver: DE-632
cdn-requestpullsuccess: True
cdn-fileserver: 861
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 200
cdn-cachedat: 05/07/2025 16:57:52
cdn-edgestorageid: 752
cdn-requestid: a8c5925cdacd77462e96ee4ce67357b2
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 1
X-Firefox-Spdy: h2

GET cdn.bcdn.zip/scripts/mmoneaa.min.js

138.199.36.9

200 OK

28 kB

URL GET
cdn.bcdn.zip/scripts/mmoneaa.min.js
IP
138.199.36.9:443
ASN
#60068 Datacamp Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectcdn.bcdn.zip
Fingerprint6F:7E:67:99:13:85:0A:05:44:E3:36:7A:4B:0B:D1:5B:45:F6:34:02
ValidityThu, 24 Apr 2025 04:13:59 GMT - Wed, 23 Jul 2025 04:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (27953), with no line terminators
Size
28 kB (27953 bytes)
Hash
289f3f8e3d39978bea10e110941b4680
0408cc3c49f37fad24a94b0dc91043f3e9e93682
bdefc40030caf62225eed7eebc7ecf2c793b2fe4b1c70939eefd68fda8a23432

HTTP Headers

GET /scripts/mmoneaa.min.js HTTP/1.1
Host: cdn.bcdn.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 May 2025 04:29:31 GMT
content-type: application/javascript
server: BunnyCDN-DE1-1049
cdn-pullzone: 1552782
cdn-uid: 5e612068-3bb9-4e40-a899-ea27c6001df7
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=1200
content-encoding: br
etag: "67bf740a-6d31"
last-modified: Wed, 26 Feb 2025 20:05:30 GMT
cdn-storageserver: UK-428
cdn-requestpullsuccess: True
cdn-fileserver: 965
perma-cache: HIT
cdn-proxyver: 1.22
cdn-requestpullcode: 200
cdn-cachedat: 04/05/2025 16:37:00
cdn-edgestorageid: 1221
cdn-requestid: e91b125c7c941008b759d6dc287962b3
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
X-Firefox-Spdy: h2

GET 0019x.com/?rb=7dXQO3R7TMzWWNLOXoztrugEEEUlex7LgKXNs6lIhS-q-a4CyzeLO3fr-V6z4O8UEYc55fXu9yjxc76GKvjhvN05-PIk0ozwi6XHXYsj03xHbBi6-JBA1CYnQzMO-V9Qi6-ZLNZMJp2invsmNWPlWCNOYCbpOUc2ftQZ7_nerNnIaGQ5T_SCjCBQUmkMi0l9A3KBs8647O4DueC-XS8CLTVyzuMtJhKehviX-H-McnoVbzka3A3PLEmIfapHpe0jR-jQSxatTY4VDyxUW-YGhFylxVGbB0Om&request_ab2=0&zoneid=8858321&js_build=iclick-v1.1134.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fnetcinez.ch%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=4&wgl=llvmpipe&js_build=iclick-v1.1134.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=-1&bs=8662f23f-f4cd-465d-96f0-874d772a582b&userId=0081c4bad5f6480df9758b210ed18e44&m=link

139.45.197.247

200 OK

2.3 kB

URL GET
0019x.com/?rb=7dXQO3R7TMzWWNLOXoztrugEEEUlex7LgKXNs6lIhS-q-a4CyzeLO3fr-V6z4O8UEYc55fXu9yjxc76GKvjhvN05-PIk0ozwi6XHXYsj03xHbBi6-JBA1CYnQzMO-V9Qi6-ZLNZMJp2invsmNWPlWCNOYCbpOUc2ftQZ7_nerNnIaGQ5T_SCjCBQUmkMi0l9A3KBs8647O4DueC-XS8CLTVyzuMtJhKehviX-H-McnoVbzka3A3PLEmIfapHpe0jR-jQSxatTY4VDyxUW-YGhFylxVGbB0Om&request_ab2=0&zoneid=8858321&js_build=iclick-v1.1134.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fnetcinez.ch%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=4&wgl=llvmpipe&js_build=iclick-v1.1134.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=-1&bs=8662f23f-f4cd-465d-96f0-874d772a582b&userId=0081c4bad5f6480df9758b210ed18e44&m=link
IP
139.45.197.247:443
ASN
#9002 RETN Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subject0019x.com
Fingerprint1A:74:70:52:50:28:3C:32:E8:00:D5:10:3B:27:73:E4:1B:54:93:CE
ValidityTue, 22 Apr 2025 13:50:28 GMT - Mon, 21 Jul 2025 13:50:27 GMT

File type
JSON text data
Size
2.3 kB (2256 bytes)
Hash
38141c6d6e856c5c6e13786910a5e84f
9f5c70a8dd177a7b44b713abf6471420105a9c0b
63b1d065045127dd8a211207fe17603223ec6145dbe1344f72ef3e3ae358dd6c

HTTP Headers

GET /?rb=7dXQO3R7TMzWWNLOXoztrugEEEUlex7LgKXNs6lIhS-q-a4CyzeLO3fr-V6z4O8UEYc55fXu9yjxc76GKvjhvN05-PIk0ozwi6XHXYsj03xHbBi6-JBA1CYnQzMO-V9Qi6-ZLNZMJp2invsmNWPlWCNOYCbpOUc2ftQZ7_nerNnIaGQ5T_SCjCBQUmkMi0l9A3KBs8647O4DueC-XS8CLTVyzuMtJhKehviX-H-McnoVbzka3A3PLEmIfapHpe0jR-jQSxatTY4VDyxUW-YGhFylxVGbB0Om&request_ab2=0&zoneid=8858321&js_build=iclick-v1.1134.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fnetcinez.ch%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=4&wgl=llvmpipe&js_build=iclick-v1.1134.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=-1&bs=8662f23f-f4cd-465d-96f0-874d772a582b&userId=0081c4bad5f6480df9758b210ed18e44&m=link HTTP/1.1
Host: 0019x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://netcinez.ch/
Origin: https://netcinez.ch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 May 2025 04:29:32 GMT
content-type: application/json
x-trace-id: 141631820981e3bb85697a768feb53f7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://netcinez.ch
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0081c4bad5f6480df9758b210ed18e44; expires=Sat, 09 May 2026 04:29:32 GMT; path=/; secure; SameSite=None
oaidts=1746764972; expires=Sat, 09 May 2026 04:29:32 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 16 May 2025 04:29:32 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET cdn.bcdn.zip/scripts/tttttttttttttttttttttttttttttt3.js

138.199.36.9

403 Forbidden

0 B

URL GET
cdn.bcdn.zip/scripts/tttttttttttttttttttttttttttttt3.js
IP
138.199.36.9:443
ASN
#60068 Datacamp Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectcdn.bcdn.zip
Fingerprint6F:7E:67:99:13:85:0A:05:44:E3:36:7A:4B:0B:D1:5B:45:F6:34:02
ValidityThu, 24 Apr 2025 04:13:59 GMT - Wed, 23 Jul 2025 04:13:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /scripts/tttttttttttttttttttttttttttttt3.js HTTP/1.1
Host: cdn.bcdn.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Fri, 09 May 2025 04:29:31 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-1049
cdn-pullzone: 1552782
cdn-uid: 5e612068-3bb9-4e40-a899-ea27c6001df7
cdn-requestcountrycode: NO
cdn-requestid: c4d36e8a50da782e0996d27e4f92a56c
cache-control: no-cache, no-store, max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

GET netcine.zip/

0.0.0.0

0 B

URL User Request GET
netcine.zip/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET / HTTP/1.1
Host: netcine.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET netcinez.ch/

62.182.85.232

200 OK

8.6 kB

URL User Request GET
netcinez.ch/
IP
62.182.85.232:443
ASN
#30860 Virtual Systems LLC

Certificate
IssuerLet's Encrypt
Subjectnetcinez.ch
Fingerprint1F:A6:12:EB:88:DC:45:72:AD:AC:CC:E0:61:0A:B9:F6:3F:EE:B3:0A
ValidityFri, 18 Apr 2025 06:36:10 GMT - Thu, 17 Jul 2025 06:36:09 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (567), with CRLF line terminators
Size
8.6 kB (8647 bytes)
Hash
5b1579c59583242ee2c95d7a2fc476eb
74bf0bfa7a93b5cee2fe38d0e0c2cb40c61a0f44
8d116a3b1a5543406108546f0cb0b0de2453fb3e1c4cc33f920f4aa9f57fcaed

HTTP Headers

GET / HTTP/1.1
Host: netcinez.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 May 2025 04:26:58 GMT
content-type: text/html; charset=UTF-8
m-cache: HIT
content-security-policy: frame-ancestors 'self' *.netcinez.ch netcinez.ch
link: <https://netcinez.ch/>; rel="canonical"
content-encoding: gzip
X-Firefox-Spdy: h2

POST raunoaptotoaw.com/wrr?z=8858321&p_rid=8662f23f-f4cd-465d-96f0-874d772a582b&rb=7dXQO3R7TMzWWNLOXoztrugEEEUlex7LgKXNs6lIhS-q-a4CyzeLO3fr-V6z4O8UEYc55fXu9yjxc76GKvjhvN05-PIk0ozwi6XHXYsj03xHbBi6-JBA1CYnQzMO-V9Qi6-ZLNZMJp2invsmNWPlWCNOYCbpOUc2ftQZ7_nerNnIaGQ5T_SCjCBQUmkMi0l9A3KBs8647O4DueC-XS8CLTVyzuMtJhKehviX-H-McnoVbzka3A3PLEmIfapHpe0jR-jQSxatTY4VDyxUW-YGhFylxVGbB0Om&dmn=raunoaptotoaw.com&userId=0081c4bad5f6480df9758b210ed18e44

139.45.196.60

204 No Content

0 B

URL POST
raunoaptotoaw.com/wrr?z=8858321&p_rid=8662f23f-f4cd-465d-96f0-874d772a582b&rb=7dXQO3R7TMzWWNLOXoztrugEEEUlex7LgKXNs6lIhS-q-a4CyzeLO3fr-V6z4O8UEYc55fXu9yjxc76GKvjhvN05-PIk0ozwi6XHXYsj03xHbBi6-JBA1CYnQzMO-V9Qi6-ZLNZMJp2invsmNWPlWCNOYCbpOUc2ftQZ7_nerNnIaGQ5T_SCjCBQUmkMi0l9A3KBs8647O4DueC-XS8CLTVyzuMtJhKehviX-H-McnoVbzka3A3PLEmIfapHpe0jR-jQSxatTY4VDyxUW-YGhFylxVGbB0Om&dmn=raunoaptotoaw.com&userId=0081c4bad5f6480df9758b210ed18e44
IP
139.45.196.60:443
ASN
#9002 RETN Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectraunoaptotoaw.com
Fingerprint27:BE:C9:72:C8:3B:8C:85:C1:C0:01:20:C0:9F:38:3D:3E:F3:58:B6
ValidityThu, 24 Apr 2025 03:08:15 GMT - Wed, 23 Jul 2025 03:08:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /wrr?z=8858321&p_rid=8662f23f-f4cd-465d-96f0-874d772a582b&rb=7dXQO3R7TMzWWNLOXoztrugEEEUlex7LgKXNs6lIhS-q-a4CyzeLO3fr-V6z4O8UEYc55fXu9yjxc76GKvjhvN05-PIk0ozwi6XHXYsj03xHbBi6-JBA1CYnQzMO-V9Qi6-ZLNZMJp2invsmNWPlWCNOYCbpOUc2ftQZ7_nerNnIaGQ5T_SCjCBQUmkMi0l9A3KBs8647O4DueC-XS8CLTVyzuMtJhKehviX-H-McnoVbzka3A3PLEmIfapHpe0jR-jQSxatTY4VDyxUW-YGhFylxVGbB0Om&dmn=raunoaptotoaw.com&userId=0081c4bad5f6480df9758b210ed18e44 HTTP/1.1
Host: raunoaptotoaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://netcinez.ch/
content-type: application/json
Content-Length: 2516
Origin: https://netcinez.ch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Fri, 09 May 2025 04:29:32 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://netcinez.ch
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET cdn.bcdn.zip/wp-content/uploads/2016/09/favicon-nc-1.png

138.199.36.9

200 OK

274 B

URL GET
cdn.bcdn.zip/wp-content/uploads/2016/09/favicon-nc-1.png
IP
138.199.36.9:443
ASN
#60068 Datacamp Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectcdn.bcdn.zip
Fingerprint6F:7E:67:99:13:85:0A:05:44:E3:36:7A:4B:0B:D1:5B:45:F6:34:02
ValidityThu, 24 Apr 2025 04:13:59 GMT - Wed, 23 Jul 2025 04:13:58 GMT

File type
RIFF (little-endian) data, Web/P image
Size
274 B (274 bytes)
Hash
499981dc9aa6ac6ae5ce8c5330e9cb52
501fca0bffb07f4cc4d07ffccd7c5f8e359b3b7b
d30ab4860c3fdf31e1891bf957fb4cf162d158cd3e5231b3168d2556175c0878

HTTP Headers

GET /wp-content/uploads/2016/09/favicon-nc-1.png HTTP/1.1
Host: cdn.bcdn.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 May 2025 04:29:31 GMT
content-type: image/webp
content-length: 274
server: BunnyCDN-DE1-1049
cdn-pullzone: 1552782
cdn-uid: 5e612068-3bb9-4e40-a899-ea27c6001df7
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=1200
etag: "65cf830f-112"
last-modified: Fri, 16 Feb 2024 15:45:19 GMT
cdn-storageserver: DE-635
cdn-requestpullsuccess: True
cdn-fileserver: 383
perma-cache: HIT
cdn-proxyver: 1.22
cdn-requestpullcode: 200
cdn-cachedat: 03/21/2025 23:45:08
cdn-edgestorageid: 1075
cdn-requestid: 1a5dee67df2146dc9674aa0bba6939ad
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
accept-ranges: bytes
X-Firefox-Spdy: h2

GET raunoaptotoaw.com/5/8858321

139.45.196.60

200 OK

108 kB

URL GET
raunoaptotoaw.com/5/8858321
IP
139.45.196.60:443
ASN
#9002 RETN Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectraunoaptotoaw.com
Fingerprint27:BE:C9:72:C8:3B:8C:85:C1:C0:01:20:C0:9F:38:3D:3E:F3:58:B6
ValidityThu, 24 Apr 2025 03:08:15 GMT - Wed, 23 Jul 2025 03:08:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
108 kB (107723 bytes)
Hash
530776e9319d9006c1e2c575455ef87a
dd57d84a3c4267ae5204d76d20d06df80fec4ee6
227813020af4a273140f3e3ee9631a684ba8a230a05a8b1766b2235f005a08d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/8858321 HTTP/1.1
Host: raunoaptotoaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 May 2025 04:29:32 GMT
content-type: application/javascript
x-trace-id: eb2702ac17a2438d1535c932ce94bf11
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0081c4bad5f6480df9758b210ed18e44; expires=Sat, 09 May 2026 04:29:32 GMT; path=/; secure; SameSite=None
oaidts=1746764972; expires=Sat, 09 May 2026 04:29:32 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET my.rtmark.net/gid.js?userId=0081c4bad5f6480df9758b210ed18e44

104.18.41.22

200 OK

65 B

URL GET
my.rtmark.net/gid.js?userId=0081c4bad5f6480df9758b210ed18e44
IP
104.18.41.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://netcinez.ch/
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82
ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
076f4f8db8316730c85d1dfea9d71442
861f603ecdf24dad1f66f1520469fda83147edc7
810e85bbcfd1d6b1d5f6097ae64378fca77426e8bc6cdf2551d9047e802b9ae9

HTTP Headers

GET /gid.js?userId=0081c4bad5f6480df9758b210ed18e44 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://netcinez.ch
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 May 2025 04:29:32 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://netcinez.ch
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0081c4bad5f6480df9758b210ed18e44; expires=Sat, 09 May 2026 04:29:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 93ce74d468c4569b-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

OPTIONS raunoaptotoaw.com/wrr?z=8858321&p_rid=8662f23f-f4cd-465d-96f0-874d772a582b&rb=7dXQO3R7TMzWWNLOXoztrugEEEUlex7LgKXNs6lIhS-q-a4CyzeLO3fr-V6z4O8UEYc55fXu9yjxc76GKvjhvN05-PIk0ozwi6XHXYsj03xHbBi6-JBA1CYnQzMO-V9Qi6-ZLNZMJp2invsmNWPlWCNOYCbpOUc2ftQZ7_nerNnIaGQ5T_SCjCBQUmkMi0l9A3KBs8647O4DueC-XS8CLTVyzuMtJhKehviX-H-McnoVbzka3A3PLEmIfapHpe0jR-jQSxatTY4VDyxUW-YGhFylxVGbB0Om&dmn=raunoaptotoaw.com&userId=0081c4bad5f6480df9758b210ed18e44

139.45.196.60

204 No Content

0 B

URL OPTIONS
raunoaptotoaw.com/wrr?z=8858321&p_rid=8662f23f-f4cd-465d-96f0-874d772a582b&rb=7dXQO3R7TMzWWNLOXoztrugEEEUlex7LgKXNs6lIhS-q-a4CyzeLO3fr-V6z4O8UEYc55fXu9yjxc76GKvjhvN05-PIk0ozwi6XHXYsj03xHbBi6-JBA1CYnQzMO-V9Qi6-ZLNZMJp2invsmNWPlWCNOYCbpOUc2ftQZ7_nerNnIaGQ5T_SCjCBQUmkMi0l9A3KBs8647O4DueC-XS8CLTVyzuMtJhKehviX-H-McnoVbzka3A3PLEmIfapHpe0jR-jQSxatTY4VDyxUW-YGhFylxVGbB0Om&dmn=raunoaptotoaw.com&userId=0081c4bad5f6480df9758b210ed18e44
IP
139.45.196.60:443
ASN
#9002 RETN Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectraunoaptotoaw.com
Fingerprint27:BE:C9:72:C8:3B:8C:85:C1:C0:01:20:C0:9F:38:3D:3E:F3:58:B6
ValidityThu, 24 Apr 2025 03:08:15 GMT - Wed, 23 Jul 2025 03:08:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /wrr?z=8858321&p_rid=8662f23f-f4cd-465d-96f0-874d772a582b&rb=7dXQO3R7TMzWWNLOXoztrugEEEUlex7LgKXNs6lIhS-q-a4CyzeLO3fr-V6z4O8UEYc55fXu9yjxc76GKvjhvN05-PIk0ozwi6XHXYsj03xHbBi6-JBA1CYnQzMO-V9Qi6-ZLNZMJp2invsmNWPlWCNOYCbpOUc2ftQZ7_nerNnIaGQ5T_SCjCBQUmkMi0l9A3KBs8647O4DueC-XS8CLTVyzuMtJhKehviX-H-McnoVbzka3A3PLEmIfapHpe0jR-jQSxatTY4VDyxUW-YGhFylxVGbB0Om&dmn=raunoaptotoaw.com&userId=0081c4bad5f6480df9758b210ed18e44 HTTP/1.1
Host: raunoaptotoaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://netcinez.ch/
Origin: https://netcinez.ch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Fri, 09 May 2025 04:29:32 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://netcinez.ch
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET xt64idjwuxgszpzqfzz77aw4bceno56w.edns.ip-api.com/json

85.10.196.124

200 OK

91 B

URL GET
xt64idjwuxgszpzqfzz77aw4bceno56w.edns.ip-api.com/json
IP
85.10.196.124:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://netcinez.ch/
Certificate
IssuerDigiCert Inc
Subject*.edns.ip-api.com
Fingerprint0F:51:59:A3:93:CA:D5:9F:6C:58:CD:98:A2:80:51:1C:67:52:E8:52
ValidityTue, 13 Aug 2024 00:00:00 GMT - Tue, 15 Jul 2025 23:59:59 GMT

File type
JSON text data
Size
91 B (91 bytes)
Hash
a5fa2b83b98b1d8e182cefe734460a96
6cf272b9618032946ed2ef4a831c30d167146e7b
910e666fd853a93dade32b8ce34108d10a0d6cbc872b7c77255fa0c7844d9cf0

HTTP Headers

GET /json HTTP/1.1
Host: xt64idjwuxgszpzqfzz77aw4bceno56w.edns.ip-api.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://netcinez.ch/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: application/json; charset=utf-8
Date: Fri, 09 May 2025 04:29:31 GMT
Content-Length: 91

OPTIONS gdlhwcdjtqkjqcj.com/

139.45.197.168

200 OK

0 B

URL OPTIONS
gdlhwcdjtqkjqcj.com/
IP
139.45.197.168:443
ASN
#9002 RETN Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectgdlhwcdjtqkjqcj.com
FingerprintF2:BF:CD:80:4F:7D:11:3B:49:40:1C:18:7E:45:B4:39:3B:E8:10:C8
ValidityThu, 08 May 2025 11:20:01 GMT - Wed, 06 Aug 2025 11:20:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: gdlhwcdjtqkjqcj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: HEAD
Access-Control-Request-Headers: content-type
Referer: https://netcinez.ch/
Origin: https://netcinez.ch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 May 2025 04:29:31 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://netcinez.ch
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

GET cdn.bcdn.zip/scripts/rmobi2.js

138.199.36.9

200 OK

961 B

URL GET
cdn.bcdn.zip/scripts/rmobi2.js
IP
138.199.36.9:443
ASN
#60068 Datacamp Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectcdn.bcdn.zip
Fingerprint6F:7E:67:99:13:85:0A:05:44:E3:36:7A:4B:0B:D1:5B:45:F6:34:02
ValidityThu, 24 Apr 2025 04:13:59 GMT - Wed, 23 Jul 2025 04:13:58 GMT

File type
ASCII text, with very long lines (961), with no line terminators
Size
961 B (961 bytes)
Hash
33b92ab151fe1191a10a2928b889f1ee
ee812568e0447f6cf6400af06787e752411237d5
b8ef43b047d9fb243995974715d2dcd916082ccee77804567d575b9c0ea97626

HTTP Headers

GET /scripts/rmobi2.js HTTP/1.1
Host: cdn.bcdn.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 May 2025 04:29:31 GMT
content-type: application/javascript
server: BunnyCDN-DE1-1049
cdn-pullzone: 1552782
cdn-uid: 5e612068-3bb9-4e40-a899-ea27c6001df7
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=1200
content-encoding: br
etag: "66a55384-3c1"
last-modified: Sat, 27 Jul 2024 20:07:32 GMT
cdn-storageserver: DE-51
cdn-requestpullsuccess: True
cdn-fileserver: 587
perma-cache: HIT
cdn-proxyver: 1.23
cdn-requestpullcode: 200
cdn-cachedat: 04/26/2025 10:20:32
cdn-edgestorageid: 1053
cdn-requestid: 9eee7428e4bdb973e73bcf4e71574d42
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
X-Firefox-Spdy: h2

GET cdn.bcdn.zip/scripts/tttttttttttttttttttttttttttttt3.js

138.199.36.9

403 Forbidden

0 B

URL GET
cdn.bcdn.zip/scripts/tttttttttttttttttttttttttttttt3.js
IP
138.199.36.9:443
ASN
#60068 Datacamp Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectcdn.bcdn.zip
Fingerprint6F:7E:67:99:13:85:0A:05:44:E3:36:7A:4B:0B:D1:5B:45:F6:34:02
ValidityThu, 24 Apr 2025 04:13:59 GMT - Wed, 23 Jul 2025 04:13:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /scripts/tttttttttttttttttttttttttttttt3.js HTTP/1.1
Host: cdn.bcdn.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Fri, 09 May 2025 04:29:31 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-1049
cdn-pullzone: 1552782
cdn-uid: 5e612068-3bb9-4e40-a899-ea27c6001df7
cdn-requestcountrycode: NO
cdn-requestid: 61e1cf90d58ad0614a86138540ce6c71
cache-control: no-cache, no-store, max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

HEAD netcinez.ch/

62.182.85.232

200 OK

0 B

URL HEAD
netcinez.ch/
IP
62.182.85.232:443
ASN
#30860 Virtual Systems LLC

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectnetcinez.ch
Fingerprint1F:A6:12:EB:88:DC:45:72:AD:AC:CC:E0:61:0A:B9:F6:3F:EE:B3:0A
ValidityFri, 18 Apr 2025 06:36:10 GMT - Thu, 17 Jul 2025 06:36:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: netcinez.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Cookie: _ga_NZDPYDPLE0=GS2.1.s1746764971$o1$g0$t1746764971$j0$l0$h0; _ga=GA1.1.1520489392.1746764971
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 May 2025 04:26:59 GMT
content-type: text/html; charset=UTF-8
m-cache: HIT
content-security-policy: frame-ancestors 'self' *.netcinez.ch netcinez.ch
link: <https://netcinez.ch/>; rel="canonical"
content-encoding: gzip
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-NZDPYDPLE0

142.250.74.168

200 OK

380 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-NZDPYDPLE0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://netcinez.ch/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintB7:82:F3:C7:93:B0:60:B0:83:49:F8:74:0D:49:78:23:65:0B:37:01
ValidityMon, 31 Mar 2025 08:54:29 GMT - Mon, 23 Jun 2025 08:54:28 GMT

File type
JavaScript source, ASCII text, with very long lines (6125)
Size
380 kB (380388 bytes)
Hash
6eb66d1551820a1204c25650507397c7
4535d703758927ce0916e8fac0a8b86b6ed92605
7b52032421bdde7a00130993343cb8f0e922f199589dd327949ec50d8c2c4c14

HTTP Headers

GET /gtag/js?id=G-NZDPYDPLE0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 May 2025 04:29:30 GMT
expires: Fri, 09 May 2025 04:29:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
server: Google Tag Manager
content-length: 127109
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.bcdn.zip/wp-content/uploads/2017/04/netcine-header-ALT-1.png

138.199.36.9

200 OK

5.0 kB

URL GET
cdn.bcdn.zip/wp-content/uploads/2017/04/netcine-header-ALT-1.png
IP
138.199.36.9:443
ASN
#60068 Datacamp Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectcdn.bcdn.zip
Fingerprint6F:7E:67:99:13:85:0A:05:44:E3:36:7A:4B:0B:D1:5B:45:F6:34:02
ValidityThu, 24 Apr 2025 04:13:59 GMT - Wed, 23 Jul 2025 04:13:58 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.0 kB (4974 bytes)
Hash
62dccf400e806f4bfd5d60ae8cecc5fd
b23c77b429479bd0856f37913d054e54c76214a0
12a74639eb0fa4c163d8c047fb267a2f552df7fd444e1c9998bcc9237667b7dd

HTTP Headers

GET /wp-content/uploads/2017/04/netcine-header-ALT-1.png HTTP/1.1
Host: cdn.bcdn.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 May 2025 04:29:31 GMT
content-type: image/webp
content-length: 4974
server: BunnyCDN-DE1-1049
cdn-pullzone: 1552782
cdn-uid: 5e612068-3bb9-4e40-a899-ea27c6001df7
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=1200
etag: "65cf8307-136e"
last-modified: Fri, 16 Feb 2024 15:45:11 GMT
cdn-storageserver: DE-1020
cdn-requestpullsuccess: True
cdn-fileserver: 728
perma-cache: HIT
cdn-proxyver: 1.22
cdn-requestpullcode: 200
cdn-cachedat: 04/03/2025 22:54:52
cdn-edgestorageid: 723
cdn-requestid: 6f0eebe4abdda83d02fd2165b7ae1dc7
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn.bcdn.zip/scripts/scriptmenu7.js

138.199.36.9

200 OK

974 B

URL GET
cdn.bcdn.zip/scripts/scriptmenu7.js
IP
138.199.36.9:443
ASN
#60068 Datacamp Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectcdn.bcdn.zip
Fingerprint6F:7E:67:99:13:85:0A:05:44:E3:36:7A:4B:0B:D1:5B:45:F6:34:02
ValidityThu, 24 Apr 2025 04:13:59 GMT - Wed, 23 Jul 2025 04:13:58 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (972), with no line terminators
Size
974 B (974 bytes)
Hash
e600be19ee46a37afe487f78801e17c0
57b64eddd07f22e6bc7e113e09002120efdde413
0fd6a39cb7d662168afd79264396616d58a80dd2e699a2944ee047b19ba74812

HTTP Headers

GET /scripts/scriptmenu7.js HTTP/1.1
Host: cdn.bcdn.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 May 2025 04:29:31 GMT
content-type: application/javascript
server: BunnyCDN-DE1-1049
cdn-pullzone: 1552782
cdn-uid: 5e612068-3bb9-4e40-a899-ea27c6001df7
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=1200
content-encoding: br
etag: "66c691cf-3ce"
last-modified: Thu, 22 Aug 2024 01:18:07 GMT
cdn-storageserver: DE-1023
cdn-requestpullsuccess: True
cdn-fileserver: 728
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 200
cdn-cachedat: 05/04/2025 16:27:36
cdn-edgestorageid: 874
cdn-requestid: 7efcb49205c7b7b584ca8bfbc02074dc
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 1
X-Firefox-Spdy: h2

GET cdn.bcdn.zip/scripts/blankw.js

138.199.36.9

301 Moved Permanently

51 kB

URL GET
cdn.bcdn.zip/scripts/blankw.js
IP
138.199.36.9:443
ASN
#60068 Datacamp Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectcdn.bcdn.zip
Fingerprint6F:7E:67:99:13:85:0A:05:44:E3:36:7A:4B:0B:D1:5B:45:F6:34:02
ValidityThu, 24 Apr 2025 04:13:59 GMT - Wed, 23 Jul 2025 04:13:58 GMT

File type

Size
51 kB (51296 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /scripts/blankw.js HTTP/1.1
Host: cdn.bcdn.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 09 May 2025 04:29:31 GMT
content-type: text/html
content-length: 166
location: https://cdn.bcdn.zip/scripts/mmoneint10.min.js
server: BunnyCDN-DE1-1049
cdn-pullzone: 1552782
cdn-uid: 5e612068-3bb9-4e40-a899-ea27c6001df7
cdn-requestcountrycode: NO
vary: Accept-Encoding
cache-control: no-cache
cdn-requestid: 232378ed91abe708799fe08b8e45c812
access-control-allow-origin: *
cdn-requesttime: 1
X-Firefox-Spdy: h2

GET edns.ip-api.com/json

85.10.196.124

302 Found

91 B

URL GET
edns.ip-api.com/json
IP
85.10.196.124:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://netcinez.ch/
Certificate
IssuerDigiCert Inc
Subject*.edns.ip-api.com
Fingerprint0F:51:59:A3:93:CA:D5:9F:6C:58:CD:98:A2:80:51:1C:67:52:E8:52
ValidityTue, 13 Aug 2024 00:00:00 GMT - Tue, 15 Jul 2025 23:59:59 GMT

File type

Size
91 B (91 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /json HTTP/1.1
Host: edns.ip-api.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://netcinez.ch/
Origin: https://netcinez.ch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://xt64idjwuxgszpzqfzz77aw4bceno56w.edns.ip-api.com/json
Date: Fri, 09 May 2025 04:29:31 GMT
Content-Length: 84

GET netcine.zip/

62.182.85.232

301 Moved Permanently

8.6 kB

URL User Request GET
netcine.zip/
IP
62.182.85.232:80
ASN
#30860 Virtual Systems LLC

File type

Size
8.6 kB (8647 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET / HTTP/1.1
Host: netcine.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 May 2025 04:26:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://netcinez.ch/

HEAD gdlhwcdjtqkjqcj.com/

139.45.197.168

200 OK

0 B

URL HEAD
gdlhwcdjtqkjqcj.com/
IP
139.45.197.168:443
ASN
#9002 RETN Limited

Requested by
https://netcinez.ch/
Certificate
IssuerLet's Encrypt
Subjectgdlhwcdjtqkjqcj.com
FingerprintF2:BF:CD:80:4F:7D:11:3B:49:40:1C:18:7E:45:B4:39:3B:E8:10:C8
ValidityThu, 08 May 2025 11:20:01 GMT - Wed, 06 Aug 2025 11:20:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: gdlhwcdjtqkjqcj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: text/html
Origin: https://netcinez.ch
DNT: 1
Connection: keep-alive
Referer: https://netcinez.ch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 May 2025 04:29:31 GMT
content-type: text/html
x-t17r35a58c97e97-57i75d24: 00000000000000000000000000000000
vary: Accept-Encoding, Origin
access-control-allow-origin: https://netcinez.ch
access-control-expose-headers: Link, X-Application-Token, X-Application-Key, X-Tag, X-Auth-Token, X-DirectionPartner-Id, X-ZoneType-Id, X-Hostname
access-control-allow-credentials: true
pragma: no-cache
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-application-key: 66ncaomdrp36pUrkfJeuqlh8qcumg
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML