Report - www.thewebhostguru.com/sevset/webmail%20(2).zip

Report Overview

Visited public
2025-04-11 00:02:46
Tags
URL
www.thewebhostguru.com/sevset/webmail%20(2).zip
Finishing URL
www.thewebhostguru.com/sevset/webmail%20(2).zip
IP / ASN
156.226.44.228
#135097 LUOGELANG FRANCE LIMITED
Title
星空网页版登录入口-星空（中国）

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.thewebhostguru.com	unknown	2024-09-06	2021-05-01	2025-04-11	990 B	2.9 kB	156.226.44.228
www.zuizhongjs.com	unknown	2024-11-11	2024-12-07	2025-04-04	18 kB	1.5 MB	202.79.171.15
collect-v6.51.la	91421	2005-01-17	2021-03-08	2025-04-04	1.5 kB	1.6 kB	212.247.59.123
sdk.51.la	88367	2005-01-17	2021-03-08	2025-04-04	1.3 kB	110 kB	212.247.59.123
www.ptfafajs.com	unknown	2023-11-25	2023-11-25	2025-04-08	428 B	2.4 kB	202.79.171.15

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	ptfafajs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed
2025-04-11	medium	zuizhongjs.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	From	Size	First Seen	Last Seen
	www.zuizhongjs.com/js/ky1.js	ScriptElement	1.8 kB	2024-12-19	2025-05-02
Pretty URL www.zuizhongjs.com/js/ky1.js IP 202.79.171.15 ASN #152194 CTG Server Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-19 08:11 Last Seen2025-05-02 12:38 Times Seen21 Hash f63596c900ea9b3efb1b6ee73fc7aee0 ea5a9afac43e840e866e43885142430af06e6d9c 6dfe24b342ab5dcf9a2435517d922af20a9ec43089dc5a4da3603759292a793a Loading...

	www.zuizhongjs.com/go/kaiyun1/ky.html	Function	39 B	2023-04-12	2025-05-07
Pretty URL www.zuizhongjs.com/go/kaiyun1/ky.html IP 202.79.171.15 ASN #152194 CTG Server Limited Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 04:16 Last Seen2025-05-07 14:55 Times Seen4278 Hash 26421ac860f4dba7f27811712a149502 aaf37d59cb4b28ac48ecefa82a2824a8e6210d5b 266f482d6e5dd0302fca1871e22db5996e068d1188d1ba9cd96b892552fbcab3 Loading...

	www.zuizhongjs.com/go/kaiyun1/ky.html	ScriptElement	160 B	2024-09-19	2025-05-02
Pretty URL www.zuizhongjs.com/go/kaiyun1/ky.html IP 202.79.171.15 ASN #152194 CTG Server Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-19 08:05 Last Seen2025-05-02 12:38 Times Seen62 Hash c0e542a00c4f67dcf361b2f1ca4ac319 53d829ff898a01d5262bbc061db94b8566077b3e 12829b2fd951e9ae845ec6c99dfadde459cc5a0080a0783fdbccac10f230d3f5 Loading...

	www.ptfafajs.com/js/24/9/8/ky1.js	ScriptElement	2.1 kB	2024-12-27	2025-04-26
Pretty URL www.ptfafajs.com/js/24/9/8/ky1.js IP 202.79.171.15 ASN #152194 CTG Server Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-27 00:16 Last Seen2025-04-26 07:32 Times Seen5 Hash 8db266e3e78979ad83e943c04f810be5 698ae897fdeb910260bc1d988bcf5c64c0585047 3dc6def5188082fb5099d21c4b66b5894a19566496fd967ce4df19c0dc51a8b4 Loading...

	sdk.51.la/js-sdk-pro.min.js	ScriptElement	36 kB	2025-03-10	2025-05-08
Pretty URL sdk.51.la/js-sdk-pro.min.js IP 212.247.59.123 ASN #1257 Tele2 SWIPnet Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-10 03:40 Last Seen2025-05-08 02:32 Times Seen5288 Hash b8a41c9449b73e8ba0224c6be1f0b7e8 33d79319d4110bcf5c44c36f7dd4a291972ac546 52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565 Loading...

	sdk.51.la/js-sdk-pro.min.js	ScriptElement	36 kB	2025-03-10	2025-05-08
Pretty URL sdk.51.la/js-sdk-pro.min.js IP 212.247.59.123 ASN #1257 Tele2 SWIPnet Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-10 03:40 Last Seen2025-05-08 02:32 Times Seen5288 Hash b8a41c9449b73e8ba0224c6be1f0b7e8 33d79319d4110bcf5c44c36f7dd4a291972ac546 52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565 Loading...

	www.zuizhongjs.com/go/kaiyun1/ky.html	Function	39 B	2023-04-12	2025-05-07
Pretty URL www.zuizhongjs.com/go/kaiyun1/ky.html IP 202.79.171.15 ASN #152194 CTG Server Limited Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 04:16 Last Seen2025-05-07 14:55 Times Seen4278 Hash 26421ac860f4dba7f27811712a149502 aaf37d59cb4b28ac48ecefa82a2824a8e6210d5b 266f482d6e5dd0302fca1871e22db5996e068d1188d1ba9cd96b892552fbcab3 Loading...

	www.thewebhostguru.com/sevset/webmail%20(2).zip	ScriptElement	498 B	2025-04-11	2025-04-26
Pretty URL www.thewebhostguru.com/sevset/webmail%20(2).zip IP 156.226.44.228 ASN #135097 LUOGELANG FRANCE LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-11 00:02 Last Seen2025-04-26 07:32 Times Seen3 Hash 3e01e7e1d6195061a79ff6d0150e5a7e d66abf1544a1faff9f40fbaa59aebec6ad94931b 21b9cdd3dadb695fda33b2f9d8b4c52e5ce75d5113e1743eed0b09ff8847405b Loading...

	www.zuizhongjs.com/go/kaiyun1/ky.html	ScriptElement	698 B	2024-09-19	2025-05-02
Pretty URL www.zuizhongjs.com/go/kaiyun1/ky.html IP 202.79.171.15 ASN #152194 CTG Server Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-19 08:05 Last Seen2025-05-02 12:38 Times Seen62 Hash a589a2a51a6cba4f70a4272bc62c9833 fb995b56d0fac026cb6453adc37626e68bbfbccf 9ad9e642a6a17cb9f056fbe037be8414f2123e70d9dea7c91cd786edaf2b1714 Loading...

	www.thewebhostguru.com/sevset/webmail%20(2).zip	ScriptElement	498 B	2025-04-11	2025-04-26
Pretty URL www.thewebhostguru.com/sevset/webmail%20(2).zip IP 156.226.44.228 ASN #135097 LUOGELANG FRANCE LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-11 00:02 Last Seen2025-04-26 07:32 Times Seen3 Hash 2fd1d95d6e2b5e9a8ceb3125b3998c3e f6399fe4bea5f89b23dc34c3d58511dccbfc04f3 88b3bb65ab57e47442a67f6932f4e3cf839a6fdc86409f9b9c46776226afdcb4 Loading...

	www.thewebhostguru.com/sevset/webmail%20(2).zip	ScriptElement	498 B	2025-04-11	2025-04-26
Pretty URL www.thewebhostguru.com/sevset/webmail%20(2).zip IP 156.226.44.228 ASN #135097 LUOGELANG FRANCE LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-11 00:02 Last Seen2025-04-26 07:32 Times Seen3 Hash 89b21b517e7bc28f47770a678a1a36ad 34fe2a2752b754d39ef0ced29a079bb418d01763 63e236eefc628c80cb402ae07784af30080583ba6a8a2fffd6b25d9ed0463e83 Loading...

	sdk.51.la/js-sdk-pro.min.js	ScriptElement	36 kB	2025-03-10	2025-05-08
Pretty URL sdk.51.la/js-sdk-pro.min.js IP 212.247.59.123 ASN #1257 Tele2 SWIPnet Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-10 03:40 Last Seen2025-05-08 02:32 Times Seen5288 Hash b8a41c9449b73e8ba0224c6be1f0b7e8 33d79319d4110bcf5c44c36f7dd4a291972ac546 52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565 Loading...

	www.zuizhongjs.com/go/kaiyun1/static/js/jquery.min.js	ScriptElement	158 kB	2024-05-10	2025-05-02
Pretty URL www.zuizhongjs.com/go/kaiyun1/static/js/jquery.min.js IP 202.79.171.15 ASN #152194 CTG Server Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 11:06 Last Seen2025-05-02 12:38 Times Seen68 Hash ed5d820aae73fcec34ea7157cfddddfc 42febe5a54f6950910af22d5dad70d9f768b1621 00b4b7ac4936e9decea689135a6d4a534a03879b8f48dc14530281b08ea09b6d Loading...

	www.zuizhongjs.com/go/kaiyun1/ky.html	ScriptElement	3.0 kB	2024-09-19	2025-05-02
Pretty URL www.zuizhongjs.com/go/kaiyun1/ky.html IP 202.79.171.15 ASN #152194 CTG Server Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-19 08:05 Last Seen2025-05-02 12:38 Times Seen62 Hash 3cb42a4d27f0ebbbf10a3d14e2cdb592 02e1e8d2ff94d89da85a833907bc0b48ffe6ca2f 92fbb43d098ac30c6170c1c4187a7d572cf44cbea456cd56093722e74009f846 Loading...

	www.zuizhongjs.com/go/kaiyun1/static/js/cslink.js?v=0.42477986199661855	ScriptElement	4.0 kB	2025-04-11	2025-04-11
Pretty URL www.zuizhongjs.com/go/kaiyun1/static/js/cslink.js?v=0.42477986199661855 IP 202.79.171.15 ASN #152194 CTG Server Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-11 00:02 Last Seen2025-04-11 00:02 Times Seen2 Hash a3a7f3dda95a6cedcd1480e225b40cad 374c7db28f8f3db4996533c97644bc8b72d46f54 cedf110cbe7d07e9b5de5fd6243f0dfe4f9eb45fae0a3f7a937d15f6f4af1a20 Loading...

	www.thewebhostguru.com/sevset/webmail%20(2).zip	Eval	125 B	2024-12-19	2025-05-02
Pretty URL www.thewebhostguru.com/sevset/webmail%20(2).zip IP 156.226.44.228 ASN #135097 LUOGELANG FRANCE LIMITED Introduced by eval Embedded in HTML false Observations First Seen2024-12-19 08:11 Last Seen2025-05-02 12:38 Times Seen21 Hash 567646f064a9ec9d9c906faa2b54ac26 4e0f36511484057993ff05fb097cd9331d56a0b2 7626226cef8b4bdbc5705b44e16f7479518b11cf7e8c04466c768aaed47c3573 Loading...

		Size	First Seen	Last Seen
	#1 Write - 78ac2aa5ccc29c90a345c90aab40b442	103 B	2023-03-07 01:06	2025-05-07 22:19
Pretty Observations First Seen2023-03-07 01:06 Last Seen2025-05-07 22:19 Times Seen1831 Hash 78ac2aa5ccc29c90a345c90aab40b442 cac604932faa4add2955602b41de8a8bff362ebd 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e Loading...

	#2 Write - 0a3a0b592b9c285e050805307cee87c2	6 B	2023-03-07 01:02	2025-05-08 01:19
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 01:19 Times Seen50452 Hash 0a3a0b592b9c285e050805307cee87c2 125a168e24b2bd38aadb84cbb5f87f316b073c41 aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23 Loading...

	#3 Write - 5663cbe92aa5c8aae8e37a067285d752	508 B	2024-12-27 00:16	2025-04-26 07:32
Pretty Observations First Seen2024-12-27 00:16 Last Seen2025-04-26 07:32 Times Seen13 Hash 5663cbe92aa5c8aae8e37a067285d752 fe7fe27affd7ca0a20675d4e68787e580d17fada ff38e27a67f365f0723104842d0e7552b15a7c1464804373cb00942bc6791a38 Loading...

	#4 Write - e1fae4072d6bf71a48f7b8d0156c147d	508 B	2024-12-27 00:16	2025-04-26 07:32
Pretty Observations First Seen2024-12-27 00:16 Last Seen2025-04-26 07:32 Times Seen13 Hash e1fae4072d6bf71a48f7b8d0156c147d 8ed63af3b53956ae91887852a4a73da2e4d8443e 6de1d0479e408a23ac3cf4887f8c89ef50f314296b41428ecc6f05ee83167513 Loading...

	#5 Write - 22217ece081712422510186e7730f074	508 B	2024-12-27 00:16	2025-04-26 07:32
Pretty Observations First Seen2024-12-27 00:16 Last Seen2025-04-26 07:32 Times Seen5 Hash 22217ece081712422510186e7730f074 99ed812a19a314ef033b5799bcd133ca984b20a6 b34065d2dd25dbdc2d5543ad307f345f2295ae654b4513a271606aa4b1360eff Loading...

	#6 Write - 59cf81439a8bf9b569e5577fe5aa0de8	77 B	2023-03-07 01:06	2025-05-02 12:38
Pretty Observations First Seen2023-03-07 01:06 Last Seen2025-05-02 12:38 Times Seen1207 Hash 59cf81439a8bf9b569e5577fe5aa0de8 7310f3ea09ddff6601e9da7bf0665b0edd6d1435 235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4 Loading...

	#7 Write - 38b99736e991d961335f0a6eed5fc930	102 B	2023-03-07 01:11	2025-05-02 12:38
Pretty Observations First Seen2023-03-07 01:11 Last Seen2025-05-02 12:38 Times Seen656 Hash 38b99736e991d961335f0a6eed5fc930 fc7bb9218b7b2813f9b267fddf5d8b476eec564f f586d612c00723dedb1ced3c5f41ec9def9333bd0669dfe697d48f99c9e19fc2 Loading...

	#8 Write - d5030854b6c5711d6f013fedb7870900	189 B	2024-12-19 08:11	2025-05-02 12:38
Pretty Observations First Seen2024-12-19 08:11 Last Seen2025-05-02 12:38 Times Seen21 Hash d5030854b6c5711d6f013fedb7870900 579aee7eff9ea370c4560f014a6917813c588af0 173ff3eee93652ad796cdf0ea392f93b797131b8862f1d4e3f97268fdf3a4a00 Loading...

	#9 Write - cdf36f05f95f71578ca39a0a4caee0cc	102 B	2025-04-11 00:02	2025-04-11 00:02
Pretty Observations First Seen2025-04-11 00:02 Last Seen2025-04-11 00:02 Times Seen1 Hash cdf36f05f95f71578ca39a0a4caee0cc d93d3ac3f32f8a910d60adec0523cdbd3196fc04 22ffd1bd14b7ae043f89ddaf3aaf9d3a4ba63bd3f56cf89a9ff6a97a48625edc Loading...

	#10 Write - c45be88c732ac2ea12ea82c2d32c61af	105 B	2024-12-19 08:11	2025-05-02 12:38
Pretty Observations First Seen2024-12-19 08:11 Last Seen2025-05-02 12:38 Times Seen21 Hash c45be88c732ac2ea12ea82c2d32c61af 3cf5229d9cd023a191504a348644b3ffe5ad43f2 2bef864d44bc8c06e9f2d6092d4b69604babaac75f1cb7be57cc5ad87e859e2c Loading...

HTTP Transactions (44)

URL IP Response Size

www.zuizhongjs.com/cslink/cslink.js?v=0.07714243991483127

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/cslink/cslink.js?v=0.07714243991483127
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cslink/cslink.js?v=0.07714243991483127 HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/ky.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:29 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.zuizhongjs.com/go/kaiyun1/static/image/sport-item-bg.png

202.79.171.15

200 OK

12 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/image/sport-item-bg.png
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 624 x 400, 2-bit colormap, non-interlaced
Size
12 kB (12434 bytes)
Hash
ac76c6c7dd993b8bba750449be70d3ea
2c1111bcdfa2b3549c8e440c472b866553a270d8
b909239d687e0c2dea7608a984bd4a8ad8fe589ec72079a9305f836971c9667c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/image/sport-item-bg.png HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:32 GMT
Content-Type: image/png
Content-Length: 12434
Last-Modified: Wed, 18 Sep 2024 07:04:18 GMT
Connection: keep-alive
ETag: "66ea7b72-3092"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/image/xingkonglogo.png

202.79.171.15

200 OK

9.7 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/image/xingkonglogo.png
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 490 x 160, 8-bit/color RGBA, non-interlaced
Size
9.7 kB (9732 bytes)
Hash
3a22887000ff220a744c4abfb0ca3b0e
126d11bc998cd1140be675cd280ceb0ed9201e93
941823b0c10802ce53f33599300ca8a56c111ad2b0dea45c963f664bcca6e170

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/image/xingkonglogo.png HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:31 GMT
Content-Type: image/png
Content-Length: 9732
Last-Modified: Wed, 18 Sep 2024 08:35:10 GMT
Connection: keep-alive
ETag: "66ea90be-2604"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.407a95e9.woff2

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.407a95e9.woff2
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/iconfont.407a95e9.woff2 HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:31 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.zuizhongjs.com/go/kaiyun1/static/css/main.css

202.79.171.15

200 OK

104 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/css/main.css
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
ASCII text, with very long lines (22005)
Size
104 kB (104132 bytes)
Hash
c8aa0f3b199f14c4e5fe23f1704ba5f0
141603a644ad0ca43b8e8ee62edaf9834050692b
db49690ecdd2cddf91c4831ea7d33db8696d30d0dad49076c1621b61705537ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/css/main.css HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/ky.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:28 GMT
Content-Type: text/css
Last-Modified: Wed, 18 Sep 2024 07:35:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"66ea82b9-196c4"
Content-Encoding: gzip

www.zuizhongjs.com/go/kaiyun1/static/picture/rbsmgwmigzeaqeisaabdvano3pe24.webp

202.79.171.15

200 OK

45 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/picture/rbsmgwmigzeaqeisaabdvano3pe24.webp
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 206 x 173, 8-bit/color RGBA, non-interlaced
Size
45 kB (44556 bytes)
Hash
6194ced01b173481e68b89111c85d6b1
35a559992114129a74eac4d5c165bcd9a6a2e3f1
bf9c1ba4745317154616c229e8abf30963b05a905c43e0e38b3d795c714b6074

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/picture/rbsmgwmigzeaqeisaabdvano3pe24.webp HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/ky.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:29 GMT
Content-Type: image/webp
Content-Length: 44556
Last-Modified: Mon, 25 Dec 2023 15:21:02 GMT
Connection: keep-alive
ETag: "65899dde-ae0c"
Accept-Ranges: bytes

collect-v6.51.la/v6/collect?dt=4

212.247.59.123

210 No Reason Phrase

0 B

URL POST
collect-v6.51.la/v6/collect?dt=4
IP
212.247.59.123:443
ASN
#1257 Tele2 SWIPnet

Requested by
https://www.thewebhostguru.com/sevset/webmail%20(2).zip
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
FingerprintAE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C
ValidityTue, 18 Mar 2025 04:08:22 GMT - Sun, 19 Apr 2026 04:08:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 413
Origin: https://www.thewebhostguru.com
DNT: 1
Connection: keep-alive
Referer: https://www.thewebhostguru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 210 No Reason Phrase
date: Fri, 11 Apr 2025 00:02:28 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.thewebhostguru.com
access-control-allow-credentials: true
via: EU-SWE-stockholm-EDGE1-CACHE5[247],EU-SWE-stockholm-EDGE1-CACHE5[ovl,245],EU-GER-frankfurt-EDGE7-CACHE1[ovl,172],EA-HKG-EDGE6-CACHE1[ovl,19],EA-HKG-GLOBAL1-CACHE34[ovl,16]
x-ccdn-req-id-46b1: 6664f4107828d8915e4426bdd1158f2e
X-Firefox-Spdy: h2

collect-v6.51.la/v6/collect?dt=4

212.247.59.123

210 No Reason Phrase

0 B

URL POST
collect-v6.51.la/v6/collect?dt=4
IP
212.247.59.123:443
ASN
#1257 Tele2 SWIPnet

Requested by
https://www.thewebhostguru.com/sevset/webmail%20(2).zip
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
FingerprintAE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C
ValidityTue, 18 Mar 2025 04:08:22 GMT - Sun, 19 Apr 2026 04:08:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 410
Origin: https://www.thewebhostguru.com
DNT: 1
Connection: keep-alive
Referer: https://www.thewebhostguru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 210 No Reason Phrase
date: Fri, 11 Apr 2025 00:02:29 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.thewebhostguru.com
access-control-allow-credentials: true
via: EU-SWE-stockholm-EDGE1-CACHE5[550],EU-SWE-stockholm-EDGE1-CACHE5[ovl,550],EU-RUS-mosco-EDGE2-CACHE7[ovl,528],CA-MNG-ulaanbaatar-EDGE1-CACHE6[ovl,201],CHN-GDdongguan-GLOBAL1-CACHE67[ovl,18]
x-ccdn-req-id-46b1: c56e8fa9caf530083bac0f7c94a02f66
X-Firefox-Spdy: h2

www.zuizhongjs.com/go/kaiyun1/static/js/jquery.min.js

202.79.171.15

200 OK

158 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/js/jquery.min.js
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
JavaScript source, ASCII text
Size
158 kB (157860 bytes)
Hash
ed5d820aae73fcec34ea7157cfddddfc
42febe5a54f6950910af22d5dad70d9f768b1621
00b4b7ac4936e9decea689135a6d4a534a03879b8f48dc14530281b08ea09b6d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/js/jquery.min.js HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/ky.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:28 GMT
Content-Type: application/javascript
Last-Modified: Wed, 18 Sep 2024 07:04:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"66ea7b7c-268a4"
Content-Encoding: gzip

www.zuizhongjs.com/go/kaiyun1/static/js/cslink.js?v=0.42477986199661855

202.79.171.15

200 OK

4.0 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/js/cslink.js?v=0.42477986199661855
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
Unicode text, UTF-8 text
Size
4.0 kB (3993 bytes)
Hash
a3a7f3dda95a6cedcd1480e225b40cad
374c7db28f8f3db4996533c97644bc8b72d46f54
cedf110cbe7d07e9b5de5fd6243f0dfe4f9eb45fae0a3f7a937d15f6f4af1a20

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/js/cslink.js?v=0.42477986199661855 HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/ky.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Apr 2025 04:48:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67f74d87-f99"
Content-Encoding: gzip

www.zuizhongjs.com/go/kaiyun1/static/font/montserrat-black.be2a4b98.ttf

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/montserrat-black.be2a4b98.ttf
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/montserrat-black.be2a4b98.ttf HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:30 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.woff

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.woff
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/iconfont.e7187704.woff HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:30 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.zuizhongjs.com/go/kaiyun1/static/image/ag-66-4.png

202.79.171.15

200 OK

189 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/image/ag-66-4.png
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 750 x 694, 8-bit colormap, non-interlaced
Size
189 kB (189185 bytes)
Hash
93c0060e234caf0bf804261f3cfd574c
284959e512593ed4a2d9163b5bb604df7ca860d0
3b3517b2a149662c9083c8307dc28e5c514a2f5e726e5ce9ce14ea931fcb304c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/image/ag-66-4.png HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:31 GMT
Content-Type: image/png
Content-Length: 189185
Last-Modified: Wed, 18 Sep 2024 07:03:31 GMT
Connection: keep-alive
ETag: "66ea7b43-2e301"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/font/latin.fab57614.woff2

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/latin.fab57614.woff2
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/latin.fab57614.woff2 HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:30 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.zuizhongjs.com/go/kaiyun1/ky.html

202.79.171.15

200 OK

17 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/ky.html
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.thewebhostguru.com/sevset/webmail%20(2).zip
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1181)
Size
17 kB (17301 bytes)
Hash
2b3234add9401cd9414cb7dbbd2bffc7
e052018ac20c9d0721c7904333d0c91e9b5c20b5
f7053f5a4a4233bcbfc75f5f1072da4b642592415104d285813f9e81daf58aeb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/ky.html HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.thewebhostguru.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:28 GMT
Content-Type: text/html
Last-Modified: Sun, 09 Mar 2025 07:26:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67cd42bb-4395"
Content-Encoding: gzip

www.zuizhongjs.com/go/kaiyun1/static/picture/rbsmgwmmnw-ahnf9aabt7ce2zgq87.webp

202.79.171.15

200 OK

22 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/picture/rbsmgwmmnw-ahnf9aabt7ce2zgq87.webp
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
RIFF (little-endian) data, Web/P image
Size
22 kB (21484 bytes)
Hash
ccf323bf4e1c41b61aaa296ea59b8b81
83f1f27a2fc6c58c751b5e7fc627015a1991b374
c7959283d90c9940056378a35789761735a565490945094cd5b77c6b4bf1cc74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/picture/rbsmgwmmnw-ahnf9aabt7ce2zgq87.webp HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/ky.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:29 GMT
Content-Type: image/webp
Content-Length: 21484
Last-Modified: Mon, 25 Dec 2023 15:21:03 GMT
Connection: keep-alive
ETag: "65899ddf-53ec"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/picture/sj.png

202.79.171.15

200 OK

19 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/picture/sj.png
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
RIFF (little-endian) data, Web/P image
Size
19 kB (18810 bytes)
Hash
cdb0153d8cc3dbec5e43d569a03ab2c4
0a7c9c3952a48a331a76089f57db3e1b618b0821
11d707bf46d3e44e7057580208377df9b8839b00403b94495d3a9f85db23842c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/picture/sj.png HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/ky.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:29 GMT
Content-Type: image/png
Content-Length: 18810
Last-Modified: Wed, 18 Sep 2024 07:08:50 GMT
Connection: keep-alive
ETag: "66ea7c82-497a"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/image/background.png

202.79.171.15

200 OK

182 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/image/background.png
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 1920 x 1030, 8-bit colormap, non-interlaced
Size
182 kB (181983 bytes)
Hash
05bf65d40291d266c59f26f96e67cc72
a82f0c303aa0db6e99b37cd73853d7a6810c3e47
1a977499b07e4c440c3b1c4284f83140194739f0308cd5090f5f7157a1cd34f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/image/background.png HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:29 GMT
Content-Type: image/png
Content-Length: 181983
Last-Modified: Wed, 18 Sep 2024 07:03:42 GMT
Connection: keep-alive
ETag: "66ea7b4e-2c6df"
Accept-Ranges: bytes

www.zuizhongjs.com/js/ky1.js

202.79.171.15

200 OK

1.8 kB

URL GET
www.zuizhongjs.com/js/ky1.js
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.thewebhostguru.com/sevset/webmail%20(2).zip
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
1.8 kB (1789 bytes)
Hash
f63596c900ea9b3efb1b6ee73fc7aee0
ea5a9afac43e840e866e43885142430af06e6d9c
6dfe24b342ab5dcf9a2435517d922af20a9ec43089dc5a4da3603759292a793a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/ky1.js HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.thewebhostguru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:27 GMT
Content-Type: application/javascript
Last-Modified: Mon, 11 Nov 2024 09:10:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6731c9ec-6fd"
Content-Encoding: gzip

www.zuizhongjs.com/go/kaiyun1/static/image/anbologo.png

202.79.171.15

200 OK

5.4 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/image/anbologo.png
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 240 x 120, 8-bit/color RGBA, non-interlaced
Size
5.4 kB (5406 bytes)
Hash
1117f1432adbefcb2b2db448c9b307fb
b317321d05f4fab93058c4485c4e09b6a0c94b09
c3cbaf1c3861450c9817e3d70fddc6158a1dc16814bd1c316e04b6f5847d55a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/image/anbologo.png HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:31 GMT
Content-Type: image/png
Content-Length: 5406
Last-Modified: Wed, 18 Sep 2024 09:04:01 GMT
Connection: keep-alive
ETag: "66ea9781-151e"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.599951c1.woff2

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.599951c1.woff2
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/iconfont.599951c1.woff2 HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:30 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.ttf

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.ttf
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/iconfont.e7187704.ttf HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:32 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.zuizhongjs.com/go/kaiyun1/static/picture/rbsmgwmigyqad1n-aaa_2muwpem57.webp

202.79.171.15

200 OK

16 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/picture/rbsmgwmigyqad1n-aaa_2muwpem57.webp
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (16344 bytes)
Hash
be49e8277eb92cafb253fa49edb79022
5cc65c308aa4f315b27936fc4647b37f58efdeae
1b8cb8ad18ad2b3e0738be463ac16ec39c2bab4d56afe06cfcc5b0fa59c45391

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/picture/rbsmgwmigyqad1n-aaa_2muwpem57.webp HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/ky.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:29 GMT
Content-Type: image/webp
Content-Length: 16344
Last-Modified: Mon, 25 Dec 2023 15:21:01 GMT
Connection: keep-alive
ETag: "65899ddd-3fd8"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.ttf

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.ttf
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/iconfont.e7187704.ttf HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:31 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

sdk.51.la/js-sdk-pro.min.js

212.247.59.123

200 OK

36 kB

URL GET
sdk.51.la/js-sdk-pro.min.js
IP
212.247.59.123:443
ASN
#1257 Tele2 SWIPnet

Requested by
https://www.thewebhostguru.com/sevset/webmail%20(2).zip
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
FingerprintAE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C
ValidityTue, 18 Mar 2025 04:08:22 GMT - Sun, 19 Apr 2026 04:08:21 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (35899)
Size
36 kB (36115 bytes)
Hash
b8a41c9449b73e8ba0224c6be1f0b7e8
33d79319d4110bcf5c44c36f7dd4a291972ac546
52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565

HTTP Headers

GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.thewebhostguru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 00:02:28 GMT
content-type: text/plain; charset=utf-8
server: openresty
cache-control: no-store
access-control-allow-origin: *
access-control-allow-credentials: true
via: EU-SWE-stockholm-EDGE1-CACHE5[276],EU-SWE-stockholm-EDGE1-CACHE5[ovl,274],EU-GER-frankfurt-EDGE7-CACHE1[ovl,202],EA-HKG-EDGE6-CACHE1[ovl,41],EA-HKG-GLOBAL1-CACHE26[ovl,38],CHN-GDdongguan-GLOBAL1-CACHE42[ovl,33]
x-ccdn-req-id-46b1: 5f8ff61b2c88511c649ee77070f2f361
X-Firefox-Spdy: h2

sdk.51.la/js-sdk-pro.min.js

212.247.59.123

200 OK

36 kB

URL GET
sdk.51.la/js-sdk-pro.min.js
IP
212.247.59.123:443
ASN
#1257 Tele2 SWIPnet

Requested by
https://www.thewebhostguru.com/sevset/webmail%20(2).zip
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
FingerprintAE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C
ValidityTue, 18 Mar 2025 04:08:22 GMT - Sun, 19 Apr 2026 04:08:21 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (35899)
Size
36 kB (36115 bytes)
Hash
b8a41c9449b73e8ba0224c6be1f0b7e8
33d79319d4110bcf5c44c36f7dd4a291972ac546
52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565

HTTP Headers

GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.thewebhostguru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 00:02:28 GMT
content-type: text/plain; charset=utf-8
server: openresty
cache-control: no-store
access-control-allow-origin: *
access-control-allow-credentials: true
via: EU-SWE-stockholm-EDGE1-CACHE5[264],EU-SWE-stockholm-EDGE1-CACHE5[ovl,262],EU-GER-frankfurt-EDGE7-CACHE1[ovl,192],EA-HKG-EDGE6-CACHE1[ovl,34],EA-HKG-GLOBAL1-CACHE8[ovl,32],CHN-GDdongguan-GLOBAL1-CACHE65[ovl,27]
x-ccdn-req-id-46b1: 50cc1a4b20572e268ef562ba98cc1589
X-Firefox-Spdy: h2

sdk.51.la/js-sdk-pro.min.js

212.247.59.123

200 OK

36 kB

URL GET
sdk.51.la/js-sdk-pro.min.js
IP
212.247.59.123:443
ASN
#1257 Tele2 SWIPnet

Requested by
https://www.thewebhostguru.com/sevset/webmail%20(2).zip
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
FingerprintAE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C
ValidityTue, 18 Mar 2025 04:08:22 GMT - Sun, 19 Apr 2026 04:08:21 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (35899)
Size
36 kB (36115 bytes)
Hash
b8a41c9449b73e8ba0224c6be1f0b7e8
33d79319d4110bcf5c44c36f7dd4a291972ac546
52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565

HTTP Headers

GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.thewebhostguru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 00:02:28 GMT
content-type: text/plain; charset=utf-8
server: openresty
cache-control: no-store
access-control-allow-origin: *
access-control-allow-credentials: true
via: EU-SWE-stockholm-EDGE1-CACHE5[224],EU-SWE-stockholm-EDGE1-CACHE5[ovl,222],EU-GER-frankfurt-EDGE7-CACHE1[ovl,197],EA-HKG-EDGE6-CACHE1[ovl,45],EA-HKG-GLOBAL1-CACHE17[ovl,36],CHN-GDdongguan-GLOBAL1-CACHE35[ovl,31]
x-ccdn-req-id-46b1: 6a3fbfacc406769b7a3743ca121f6b71
X-Firefox-Spdy: h2

www.zuizhongjs.com/go/kaiyun1/static/picture/rbsmgwmig0oaqpqmaabq2kzlptk31.webp

202.79.171.15

200 OK

40 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/picture/rbsmgwmig0oaqpqmaabq2kzlptk31.webp
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 206 x 173, 8-bit/color RGBA, non-interlaced
Size
40 kB (40503 bytes)
Hash
b6e859bef31336d0a03ad2ed18cd4e31
db8b7b1e320d7e115254a646d97ab5780c52e0ae
170ec291fd15ea3d6ff4112026d4cda5a52127fbb9afdec2360c067bc69c4047

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/picture/rbsmgwmig0oaqpqmaabq2kzlptk31.webp HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/ky.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:29 GMT
Content-Type: image/webp
Content-Length: 40503
Last-Modified: Mon, 25 Dec 2023 15:21:00 GMT
Connection: keep-alive
ETag: "65899ddc-9e37"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/image/ldlogo.png

202.79.171.15

200 OK

221 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/image/ldlogo.png
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 3600 x 2000, 8-bit colormap, non-interlaced
Size
221 kB (220743 bytes)
Hash
492093dcf4b1ba9c13b19de1903d974a
5e4a03772362bf9c43bc9a5ad75682564f5d0f76
009a0d5c28b46ef15643b4f1b90f4af852846bce2b65a443d231d41cd21e24f5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/image/ldlogo.png HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:31 GMT
Content-Type: image/png
Content-Length: 220743
Last-Modified: Thu, 29 Feb 2024 07:27:24 GMT
Connection: keep-alive
ETag: "65e031dc-35e47"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/image/htylogo.png

202.79.171.15

200 OK

6.7 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/image/htylogo.png
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 216 x 86, 8-bit colormap, non-interlaced
Size
6.7 kB (6696 bytes)
Hash
f9038799f684a3fe4635f8ffa6cb0e05
e13a9c966a7e0a8165c306d0309268d917076e65
c10e575138e2d70a4e1afb59b668d89b9824a7e8fa272afd11f1692e9bd6530d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/image/htylogo.png HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:31 GMT
Content-Type: image/png
Content-Length: 6696
Last-Modified: Wed, 18 Sep 2024 07:03:51 GMT
Connection: keep-alive
ETag: "66ea7b57-1a28"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/font/montserrat-regular.949efd65.ttf

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/montserrat-regular.949efd65.ttf
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/montserrat-regular.949efd65.ttf HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:30 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.woff2

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.woff2
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/iconfont.e7187704.woff2 HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:31 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.ptfafajs.com/js/24/9/8/ky1.js

202.79.171.15

200 OK

2.1 kB

URL GET
www.ptfafajs.com/js/24/9/8/ky1.js
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.thewebhostguru.com/sevset/webmail%20(2).zip
Certificate
IssuerLet's Encrypt
Subjectwww.ptfafa.com
Fingerprint01:A8:60:9E:2C:87:70:A7:6C:93:61:5C:BB:FF:96:FA:93:3D:54:CD
ValidityWed, 09 Apr 2025 06:52:04 GMT - Tue, 08 Jul 2025 06:52:03 GMT

File type
HTML document, ASCII text, with very long lines (555)
Size
2.1 kB (2126 bytes)
Hash
8db266e3e78979ad83e943c04f810be5
698ae897fdeb910260bc1d988bcf5c64c0585047
3dc6def5188082fb5099d21c4b66b5894a19566496fd967ce4df19c0dc51a8b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/24/9/8/ky1.js HTTP/1.1
Host: www.ptfafajs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.thewebhostguru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:26 GMT
Content-Type: application/javascript
Last-Modified: Mon, 11 Nov 2024 09:15:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6731cb47-84e"
Content-Encoding: gzip

www.thewebhostguru.com/favicon.ico

156.226.44.228

404 Not Found

13 B

URL GET
www.thewebhostguru.com/favicon.ico
IP
156.226.44.228:443
ASN
#135097 LUOGELANG FRANCE LIMITED

Requested by
https://www.thewebhostguru.com/sevset/webmail%20(2).zip
Certificate
IssuerLet's Encrypt
Subjectthewebhostguru.com
Fingerprint13:41:54:03:8D:9F:A3:11:5C:BB:E6:38:E7:D5:07:BD:E4:DE:DD:4A
ValidityMon, 10 Mar 2025 11:08:58 GMT - Sun, 08 Jun 2025 11:08:57 GMT

File type
ASCII text, with no line terminators
Size
13 B (13 bytes)
Hash
1e6cd917ed71a1241e4bedc29264bd98
5b65037351caeb0e5a48d963d7ffa88d0271d546
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.thewebhostguru.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.thewebhostguru.com/sevset/webmail%20(2).zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx/1.14.2
date: Fri, 11 Apr 2025 00:02:29 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.zuizhongjs.com/go/kaiyun1/static/image/1.png

202.79.171.15

200 OK

376 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/image/1.png
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 700 x 480, 8-bit/color RGBA, non-interlaced
Size
376 kB (375671 bytes)
Hash
16b85bfb3c5900c9a2ae11265b83c9f3
7e3fbaddfd99d9f0da4dec4054aeeb9bce19cea4
23f2fee730f4a41090ee7fb54df6cd6535458f25c97a53d2d5297b2076d2256e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/image/1.png HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/ky.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:29 GMT
Content-Type: image/png
Content-Length: 375671
Last-Modified: Wed, 18 Sep 2024 07:03:21 GMT
Connection: keep-alive
ETag: "66ea7b39-5bb77"
Accept-Ranges: bytes

collect-v6.51.la/v6/collect?dt=4

212.247.59.123

211 No Reason Phrase

0 B

URL POST
collect-v6.51.la/v6/collect?dt=4
IP
212.247.59.123:443
ASN
#1257 Tele2 SWIPnet

Requested by
https://www.thewebhostguru.com/sevset/webmail%20(2).zip
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
FingerprintAE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C
ValidityTue, 18 Mar 2025 04:08:22 GMT - Sun, 19 Apr 2026 04:08:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 414
Origin: https://www.thewebhostguru.com
DNT: 1
Connection: keep-alive
Referer: https://www.thewebhostguru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 211 No Reason Phrase
date: Fri, 11 Apr 2025 00:02:28 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.thewebhostguru.com
access-control-allow-credentials: true
via: EU-SWE-stockholm-EDGE1-CACHE5[246],EU-SWE-stockholm-EDGE1-CACHE5[ovl,245],EU-GER-frankfurt-EDGE7-CACHE1[ovl,171],EA-HKG-EDGE6-CACHE1[ovl,17],EA-HKG-GLOBAL1-CACHE34[ovl,16]
x-ccdn-req-id-46b1: b729e5b430617021113888a471b2d1e5
X-Firefox-Spdy: h2

www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.woff2

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.woff2
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/iconfont.e7187704.woff2 HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:30 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.thewebhostguru.com/sevset/webmail%20(2).zip

156.226.44.228

200 OK

2.5 kB

URL User Request GET
www.thewebhostguru.com/sevset/webmail%20(2).zip
IP
156.226.44.228:443
ASN
#135097 LUOGELANG FRANCE LIMITED

Certificate
IssuerLet's Encrypt
Subjectthewebhostguru.com
Fingerprint13:41:54:03:8D:9F:A3:11:5C:BB:E6:38:E7:D5:07:BD:E4:DE:DD:4A
ValidityMon, 10 Mar 2025 11:08:58 GMT - Sun, 08 Jun 2025 11:08:57 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (514), with CRLF, LF line terminators
Size
2.5 kB (2549 bytes)
Hash
2d08c13234de23114a517dffb5b8e949
b301a96b9f43bac5b351fa95364b51980a22564e
529e3ec0a359d09dcbe07f167be73193f8243708a6e24bd0e9e8a0fe9635c0be

HTTP Headers

GET /sevset/webmail%20(2).zip HTTP/1.1
Host: www.thewebhostguru.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.2
date: Fri, 11 Apr 2025 00:02:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.zuizhongjs.com/go/kaiyun1/static/image/jiuyoulogo.png

202.79.171.15

200 OK

77 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/image/jiuyoulogo.png
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 339 x 278, 8-bit/color RGBA, non-interlaced
Size
77 kB (76609 bytes)
Hash
ae04b3e8bbab1316a17ae05be865c217
1d0bbef81548ae783a1564cd8ebc05338343198d
93b79ced81d5b8b4568992f5e94622f5eea72b72a3687ddbded1d0be783dfa97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/image/jiuyoulogo.png HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:31 GMT
Content-Type: image/png
Content-Length: 76609
Last-Modified: Wed, 18 Sep 2024 07:03:58 GMT
Connection: keep-alive
ETag: "66ea7b5e-12b41"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.woff2

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.woff2
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/iconfont.e7187704.woff2 HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:30 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.zuizhongjs.com/go/kaiyun1/static/font/latin.fab57614.woff2

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/latin.fab57614.woff2
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/latin.fab57614.woff2 HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:30 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.zuizhongjs.com/go/kaiyun1/static/image/kaiyunlogo.png

202.79.171.15

200 OK

15 kB

URL GET
www.zuizhongjs.com/go/kaiyun1/static/image/kaiyunlogo.png
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
PNG image data, 814 x 200, 8-bit colormap, non-interlaced
Size
15 kB (15054 bytes)
Hash
5bdb83ec9f353d69c2ebc9c36cef090e
e3a542a5b41ab05a8a444c3f106186806d1f025e
fc148ba9a62f11da475123e65ced85cb59d9715e2c202655e4322942803bde0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/image/kaiyunlogo.png HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Apr 2025 00:02:31 GMT
Content-Type: image/png
Content-Length: 15054
Last-Modified: Mon, 28 Oct 2024 10:05:10 GMT
Connection: keep-alive
ETag: "671f61d6-3ace"
Accept-Ranges: bytes

www.zuizhongjs.com/go/kaiyun1/static/font/latin.fab57614.woff2

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/latin.fab57614.woff2
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/latin.fab57614.woff2 HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:30 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.woff

202.79.171.15

404 Not Found

520 B

URL GET
www.zuizhongjs.com/go/kaiyun1/static/font/iconfont.e7187704.woff
IP
202.79.171.15:443
ASN
#152194 CTG Server Limited

Requested by
https://www.zuizhongjs.com/go/kaiyun1/ky.html
Certificate
IssuerLet's Encrypt
Subjectwww.zuizhongjs.com
Fingerprint0C:10:CB:F8:33:78:4E:5F:EB:38:27:3C:26:14:87:BD:D1:E3:C6:29
ValidityWed, 09 Apr 2025 06:51:08 GMT - Tue, 08 Jul 2025 06:51:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/kaiyun1/static/font/iconfont.e7187704.woff HTTP/1.1
Host: www.zuizhongjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.zuizhongjs.com/go/kaiyun1/static/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Apr 2025 00:02:31 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive
ETag: "619e0cae-208"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML