Report - jmzkzesy.xyz/dl?adb=0&b=view&cx=1118&cy=386&embed=1&file_code=gp5lqtg2d7ue&hash=81533-62-74-1728474094-ff19f2df531a29728c035b1b2ade4c46&prem=&referer=bflix.sh

Report Overview

Visitedpublic

2024-10-11 04:10:41

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-10-10 13:37:19	1.3 kB	3.6 kB	23.33.119.27
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-10-10 13:37:10	981 B	2.7 kB	23.33.119.57
jmzkzesy.xyz	unknown	2024-07-30	2024-10-07 05:24:57	2024-10-10 14:50:05	1.2 kB	2.6 kB	104.21.96.55

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-11	medium	jmzkzesy.xyz	Sinkholed
2024-10-11	medium	jmzkzesy.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (9)

URL IP Response Size

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-11

Last Seen2024-10-11

Times Seen2056

Size504 B (504 bytes)

MD5e8655fceca672a60b40615879037e742

SHA1a58e96e869ed3caf523c47cc94e5808d67ff033e

SHA2567442a4ec6cb6cf290cd3677c77cd85ad4145048d536fb22872fa980e9cd9b708

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "7442A4EC6CB6CF290CD3677C77CD85AD4145048D536FB22872FA980E9CD9B708"
Last-Modified: Thu, 10 Oct 2024 20:49:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12606
Expires: Fri, 11 Oct 2024 07:40:21 GMT
Date: Fri, 11 Oct 2024 04:10:15 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-11

Last Seen2024-10-12

Times Seen1745

Size504 B (504 bytes)

MD585587957f115a41b4d266a01ffa9d2a2

SHA14587aa98c2eab3ab844d28001cf948dbba5fd000

SHA256e2c7d2c5b96353b104eddbfe4fa3a93659bae1f72dd3e9fbecbf2c65ba49a1bc

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E2C7D2C5B96353B104EDDBFE4FA3A93659BAE1F72DD3E9FBECBF2C65BA49A1BC"
Last-Modified: Thu, 10 Oct 2024 21:01:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6468
Expires: Fri, 11 Oct 2024 05:58:03 GMT
Date: Fri, 11 Oct 2024 04:10:15 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-10

Last Seen2024-10-12

Times Seen6906

Size504 B (504 bytes)

MD54fc341baf18d0af4cd0a80be702333a3

SHA1fb736dc59047ff1913f784fa875cb7802046b133

SHA256b6312d866ed45266b465f79c3825413745fd03f86a0075406b439586d5ac2353

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B6312D866ED45266B465F79C3825413745FD03F86A0075406B439586D5AC2353"
Last-Modified: Thu, 10 Oct 2024 16:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3598
Expires: Fri, 11 Oct 2024 05:10:13 GMT
Date: Fri, 11 Oct 2024 04:10:15 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-11

Last Seen2024-10-12

Times Seen4554

Size504 B (504 bytes)

MD579cc92870c237da0a800ef6a3c32181e

SHA1db1eafb8715ecab04572ae3a2509e1482604e857

SHA256678a9d9c7a94705e293236ab03c6db471fec41d7b2ee0dc2f2ae92a59c9b21f6

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "678A9D9C7A94705E293236AB03C6DB471FEC41D7B2EE0DC2F2AE92A59C9B21F6"
Last-Modified: Fri, 11 Oct 2024 01:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12540
Expires: Fri, 11 Oct 2024 07:39:16 GMT
Date: Fri, 11 Oct 2024 04:10:16 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-11

Last Seen2024-10-13

Times Seen8461

Size504 B (504 bytes)

MD5af0d1cea6aa0671f0271828695f79be4

SHA1ae58030b5e611aa6a2a4b608a18e49f7f4cbe9c3

SHA25633e0e5962e66d1ce7c82595b0bca02808bbddc350a471425a2046aeb2a4e9260

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "33E0E5962E66D1CE7C82595B0BCA02808BBDDC350A471425A2046AEB2A4E9260"
Last-Modified: Thu, 10 Oct 2024 21:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14612
Expires: Fri, 11 Oct 2024 08:13:50 GMT
Date: Fri, 11 Oct 2024 04:10:18 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-11

Last Seen2024-10-13

Times Seen8461

Size504 B (504 bytes)

MD5af0d1cea6aa0671f0271828695f79be4

SHA1ae58030b5e611aa6a2a4b608a18e49f7f4cbe9c3

SHA25633e0e5962e66d1ce7c82595b0bca02808bbddc350a471425a2046aeb2a4e9260

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "33E0E5962E66D1CE7C82595B0BCA02808BBDDC350A471425A2046AEB2A4E9260"
Last-Modified: Thu, 10 Oct 2024 21:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14612
Expires: Fri, 11 Oct 2024 08:13:50 GMT
Date: Fri, 11 Oct 2024 04:10:18 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-11

Last Seen2024-10-13

Times Seen8461

Size504 B (504 bytes)

MD5af0d1cea6aa0671f0271828695f79be4

SHA1ae58030b5e611aa6a2a4b608a18e49f7f4cbe9c3

SHA25633e0e5962e66d1ce7c82595b0bca02808bbddc350a471425a2046aeb2a4e9260

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "33E0E5962E66D1CE7C82595B0BCA02808BBDDC350A471425A2046AEB2A4E9260"
Last-Modified: Thu, 10 Oct 2024 21:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14612
Expires: Fri, 11 Oct 2024 08:13:50 GMT
Date: Fri, 11 Oct 2024 04:10:18 GMT
Connection: keep-alive

GET jmzkzesy.xyz/dl?adb=0&b=view&cx=1118&cy=386&embed=1&file_code=gp5lqtg2d7ue&hash=81533-62-74-1728474094-ff19f2df531a29728c035b1b2ade4c46&prem=&referer=bflix.sh

104.21.96.55

200 OK

0 B

URL User Request GET HTTPS

jmzkzesy.xyz/dl?adb=0&b=view&cx=1118&cy=386&embed=1&file_code=gp5lqtg2d7ue&hash=81533-62-74-1728474094-ff19f2df531a29728c035b1b2ade4c46&prem=&referer=bflix.sh

IP / ASN

104.21.96.55

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-08

Times Seen5720864

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectjmzkzesy.xyz

Fingerprint92:36:3F:C8:24:7B:5D:29:EB:2D:F0:3E:64:B2:31:3C:A7:D7:20:26

ValidityFri, 27 Sep 2024 10:24:43 GMT - Thu, 26 Dec 2024 10:24:42 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dl?adb=0&b=view&cx=1118&cy=386&embed=1&file_code=gp5lqtg2d7ue&hash=81533-62-74-1728474094-ff19f2df531a29728c035b1b2ade4c46&prem=&referer=bflix.sh HTTP/1.1
Host: jmzkzesy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Oct 2024 04:10:16 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUrwGXPzHjJynAaViIXWDj7hsY9h%2BhuWS1xGBm9rQtBCGs2YBYAC1Vfzhner6J8VuwdT1Err93hBD8SEwxgb6uf%2F0UYkTMHX5LyWPz2bZbxdmxw2QrJrnuqepzDC7ec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8d0bffdb285f7130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET jmzkzesy.xyz/favicon.ico

104.21.96.55

200 OK

1.2 kB

URL GET HTTPS

jmzkzesy.xyz/favicon.ico

IP / ASN

104.21.96.55

#13335 CLOUDFLARENET

Requested byhttps://jmzkzesy.xyz/dl?adb=0&b=view&cx=1118&cy=386&embed=1&file_code=gp5lqtg2d7ue&hash=81533-62-74-1728474094-ff19f2df531a29728c035b1b2ade4c46&prem=&referer=bflix.sh

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2023-05-06

Last Seen2025-07-15

Times Seen336

Size1.2 kB (1150 bytes)

MD5f7b404d04734d64575f577b506c22a06

SHA1485d344ea5ace3529dd472f3fadaa621f046eaf5

SHA256c53b6a1e519b835191c058325f17d0f3ea15e1507ca47313c94cc54b68741500

Certificate Info

IssuerGoogle Trust Services

Subjectjmzkzesy.xyz

Fingerprint92:36:3F:C8:24:7B:5D:29:EB:2D:F0:3E:64:B2:31:3C:A7:D7:20:26

ValidityFri, 27 Sep 2024 10:24:43 GMT - Thu, 26 Dec 2024 10:24:42 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jmzkzesy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jmzkzesy.xyz/dl?adb=0&b=view&cx=1118&cy=386&embed=1&file_code=gp5lqtg2d7ue&hash=81533-62-74-1728474094-ff19f2df531a29728c035b1b2ade4c46&prem=&referer=bflix.sh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 11 Oct 2024 04:10:16 GMT
content-type: image/x-icon
last-modified: Mon, 02 Feb 2015 19:26:28 GMT
etag: W/"54cfcf64-47e"
expires: Tue, 15 Oct 2024 16:00:24 GMT
cache-control: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 216592
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YzNDNydAw%2BMlLUw7eGAXoaHD4YPjRMwi9PtDqKxI9M52DCm%2Btr3veSPc8a5012XlMriwaNan9LvbFDcybTo2Yb7gMg8GNUXwgsnFd6joZshmtrEknNupQEXVwiu9pew%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d0bffdd8974b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400