| |  188.114.96.1 | 200 OK | 5.8 kB |
URL User Request POST HTTP/1.1IP188.114.96.1:80
File typeHTML document, ASCII text, with very long lines (14154), with no line terminators Hashe5f5f26fba76677360761a32c956fa22 f6a99a2b01eb0d090ec84a6ddf031a418f24af75 ef5895dfe015a79c8e320fde123879a569e9c82764f31a02dc191d4989172026
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 29 Mar 2024 01:40:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: lvpfF/IBArfUUyRj6iza8jiknix8cPO4tAzyJ82NiTWj5SCiKxyDeM8IRq40OMczkSyKfvmDyyu8cWv8LaEYdKSxj0sI8Wyr9r9cLJE6+J4=$v96ay5srGkrke/GjZkEAuQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wMTUiDV4myEQMWWyqtyyujPSiWu7LE9sWjDpB1rsTeG2kgJ4R24Y6XRQt91XIFHtaCG5zHGYXtUyqq%2F704jq98hRm5hJrr%2F8mARNej2HcT52vPM%2FE2WE8V7uA7F7DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc270028c1568b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=86bc270028c1568b | 188.114.97.1 | | 151 kB |
URL hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=86bc270028c1568b IP188.114.97.1:0
File typeASCII text, with very long lines (65536), with no line terminators Size151 kB (150790 bytes) Hash871e0aaffd3200c2c6e48cdc61e04ae3 8fc6d1c73151ca66a128e34ddf79f2c87783a56a e5f411a0283cf56be84db3be7d870193b0fac04b155bc0715867e4ddea12bb95
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=86bc270028c1568b HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hoxy28mx.cc/?__cf_chl_rt_tk=DSp.68PWlbvC5bMOalznr3HkIZFPcozoi.y_R5rTX8s-1711676431-0.0.1.1-1450
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 01:40:31 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1bWOPWga7p84lhFklZqGXbvTkyNv%2F53XNjwCiw2i2PRqaaQZ%2BM%2FDSiFg3d10aYR6f9Tg411JpiJSMnZomL543X7OyppwvbMsaJphAWJVsOgHo831rxX5jIsbbNggg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 86bc2701ed82b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/2029857732:1711674683:2BGEul4GX9WcNYZB3VNSCo6WpuOIG0ttfHl0O3enWYM/86bc270028c1568b/0e4ca5c42b2932e | 188.114.97.1 | | 12 kB |
URL hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/2029857732:1711674683:2BGEul4GX9WcNYZB3VNSCo6WpuOIG0ttfHl0O3enWYM/86bc270028c1568b/0e4ca5c42b2932e IP188.114.97.1:0
File typeASCII text, with very long lines (15896), with no line terminators Hash7ecceb5fede4879617cc89179806cc70 d860687a456cd659a42403d94caae08bf4856604 7b8a295df7def724ffb7b869784b56d49ac363a56a4697fc0d7bb20e552b8c5a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2029857732:1711674683:2BGEul4GX9WcNYZB3VNSCo6WpuOIG0ttfHl0O3enWYM/86bc270028c1568b/0e4ca5c42b2932e HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hoxy28mx.cc/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0e4ca5c42b2932e
Content-Length: 1702
Origin: http://hoxy28mx.cc
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 01:40:31 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: uz2XAJ3y792hN3jrWhNHngA/XP8e0P6/Oh5UYblz/n3qPupRw/cEm9i0N98q+0+C$A3WSSuvywYrboItws/Cixw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zpu7IHtzaKOu3mFipdOXooeTCMwLwbKSx%2Fctj%2Bz6HAIbGSN1E4pMVFJIrxm4a7jgGc2r%2Bwsm4k0OWPDAAibIYuypjrI6ikMdWZnRtpwLs8MjqhRY1E32sUZ7vggwjw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 86bc27035c041c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/favicon.ico | 188.114.97.1 | | 996 B |
IP188.114.97.1:0
File typeHTML document, ASCII text, with very long lines (2702), with no line terminators Hashf0d72a7889ea1365ec5f7710dd165e7c bcb106e102f16a5122be3b119dcedf3e3b64a1d8 843d26b7b8b1aa54f438a3540c96444609bd0ee9395ee0dba07d7e58924bd575
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hoxy28mx.cc/?__cf_chl_rt_tk=DSp.68PWlbvC5bMOalznr3HkIZFPcozoi.y_R5rTX8s-1711676431-0.0.1.1-1450
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 01:40:32 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Last-Modified: Thu, 28 Mar 2024 23:31:27 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xoxgy3x4SEMEaA3w4zkV%2BuCGTz2RloivPm8W2xJ8xHb4UrdOfA33QbEQMVTVM9ANOTyqoQvZZUJxkc8QqTrstiTnhAEKwc1jZmWNT7KD%2BoTQ58sfkWStdWM%2F4A7Xdg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc27022da5b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/favicon.ico | 188.114.97.1 | | 1.0 kB |
IP188.114.97.1:0
File typeHTML document, ASCII text, with very long lines (2702), with no line terminators Hashf0d72a7889ea1365ec5f7710dd165e7c bcb106e102f16a5122be3b119dcedf3e3b64a1d8 843d26b7b8b1aa54f438a3540c96444609bd0ee9395ee0dba07d7e58924bd575
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hoxy28mx.cc/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 01:40:32 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Last-Modified: Thu, 28 Mar 2024 23:31:27 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Ja1jU10sOxBJf99muT%2Fi4zXQkGUUlE3rX%2BHH8ETZqJLHAvYg%2FODk%2FRPj%2F%2FqvyedqQEBLyK6Hy5wv9Dp6E3pb6LpSCUDIn%2FsEFcEydG%2F176U%2BZzcomkVeh5KFsCsXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc27028b99569c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/486246280:1711674900:JkB_uUtkcZU6-s00UjZdbX7K2SdG8l5sIEp4fCv8L10/86bc27042efab511/0cde9ce0b5f73a0 |  104.17.3.184 | | 78 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/486246280:1711674900:JkB_uUtkcZU6-s00UjZdbX7K2SdG8l5sIEp4fCv8L10/86bc27042efab511/0cde9ce0b5f73a0 IP104.17.3.184:0
File typeASCII text, with very long lines (65536), with no line terminators Hash1dbe2eccbbfcd669ee35ddf655dc7707 b241bf70a5fb1066547c7492c2bf7e943bd76299 765b2b2a9a731dff65a534410d981f9c3e91ee61fbb0cef621a9f14e03d095ee
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/486246280:1711674900:JkB_uUtkcZU6-s00UjZdbX7K2SdG8l5sIEp4fCv8L10/86bc27042efab511/0cde9ce0b5f73a0 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ltfnx/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0cde9ce0b5f73a0
Content-Length: 3155
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 01:40:32 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 4xrWIfFafN8Rti/3cnfPf4N4jVTBNa85iQeB62YiNAmu/9vtb2hzapzLnc7+MuTSrZc3tC/BcSmtGDXuo3SgQgGwemb8iHDbxgRRo/kzcHWI8EQkRUO51ifRhmBNv8HXzZO7s5c59AqitmdHi+reIkOiSBrm4hYer9m67hb++yRVRi4QI4WFKKXQ7X8V3+woP1fwJP8P+Wt6xNiIwr2ItWoWXLSaxiwk/1TlaxgN/OYKRUZIPkdh2V2nHaO4kho38zU4SYTJVzjjSUVxk2pC1S2lTBfJFJHSPX7Uhvp/U3OZuEQWl2+56vNxANXJgnQ0Vrn30SNf22Dv/JoOC94xIDEZxck4IJEJXxUAZ7VBEbF2pGZ6w4FQMggqgNcAYysqcSM7jFsk91KhCNiGigGXMnIlnjPLUQMyB7cFweTIewjL1CpkhA2DUtebud9XfrNJ3o5Nen8YXZfAHaxK57VvCITxn4s8qt2m2RfotiTde3o=$L8Hg1Wv3ROvhhcMwwzH7rw==
server: cloudflare
cf-ray: 86bc27067fc1b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ltfnx/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.3.184 | | 175 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ltfnx/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.3.184:0
File typeHTML document, ASCII text, with very long lines (41919) Size175 kB (175227 bytes) Hasha61c0c4952284339c4036ecb58ac26da 434a0bbbfbfca57306c740b7f88409145113f910 54920910ff424d1c8013a2161da2adfb343fac421ab5966f813ccc850c6b8671
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ltfnx/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 01:40:32 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 86bc27042efab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/2029857732:1711674683:2BGEul4GX9WcNYZB3VNSCo6WpuOIG0ttfHl0O3enWYM/86bc270028c1568b/0e4ca5c42b2932e | 188.114.97.1 | | 1.8 kB |
URL hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/2029857732:1711674683:2BGEul4GX9WcNYZB3VNSCo6WpuOIG0ttfHl0O3enWYM/86bc270028c1568b/0e4ca5c42b2932e IP188.114.97.1:0
File typeASCII text, with very long lines (2332), with no line terminators Hashc3d130341c24600866efaa4a00a0036f 0aef75ec00f485ac7153a4c0889864a15f5bc05c d92e9a8f3566a4fe14c499bfb7d1b4a2097d799eeb1bc81c73f07290a490417a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2029857732:1711674683:2BGEul4GX9WcNYZB3VNSCo6WpuOIG0ttfHl0O3enWYM/86bc270028c1568b/0e4ca5c42b2932e HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hoxy28mx.cc/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0e4ca5c42b2932e
Content-Length: 2379
Origin: http://hoxy28mx.cc
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 01:40:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: FWf4oQQkb2nfAPrTosFNFA+MtlqSNAbEg9pBNGNTOJ8dnUsZnNlgG95so9XadZ2vZOqsH6lrw8fnU2SNv7wThuNSMbS7G/OKHnKa7xSKW+o=$YaYecb1ra9r2CQ1ZeS/s4g==
cf-chl-out-s: 9ukk3iUpcdlfmp0nRc6ZtCRYxVtx611YW4QRpBE9J54CCVrkTzLGlJ0gUy0hShaPj+W7g9Pff9tjQWLLzXOK5WQM9wDL/O/PSMURmuBHOKU=$vDNIwPQmd67kL6/yiyHdYg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TrMA1Sx3zVm7Km7FTUDMGw0Kdi5kpCR4n6fxBH8HKICl%2B4A6Hot6cIbRSjL1XjFHBBr%2F2P0NT7V1O1LUZw1AD35021rgObRKs69bpTnYrigzI63vyg6X9hIWJ1QKsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 86bc2720becbb521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| | 188.114.97.1 | 200 OK | 5.9 kB |
URL User Request POST HTTP/1.1IP188.114.97.1:80
File typeHTML document, ASCII text, with very long lines (14197), with no line terminators Hashe4f4c50e955cfb2c1afdce9cd7259617 f321b1dd5737a53349dbe5277eb3800e2fc68e0e ec09d40c9e14c9ada6314ab26db0c7c26f1a819f8543718688ed471d6ac3f5ff
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 29 Mar 2024 01:40:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 0R5KNDKHTzIX3QETiKIkkrNXlr3Nuq2OPWJkhTWUjWGV/r1l0sOCcmQGL72XlhpzY6W1VnXzj3CZUWoVzbI1WyeEJ6O2tvqHrk7QdkhBaNQ=$qM1F+WAhIHrE9iVmXlx2lw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lw%2FwMJCVRtlQQZLizPkqPmWI4W2Wn80uX8lSALTDFUBZvUltztZOPLeB92YKxm57LMz2Eo6N%2FfroQcVuIflLUNkjLmoTw7dCRyw5ScMbfBk5kzpVt4WpEJOpzvpMpA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc272d7da9b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=86bc272d7da9b521 | 188.114.97.1 | | 149 kB |
URL hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=86bc272d7da9b521 IP188.114.97.1:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size149 kB (148732 bytes) Hashd49da620f8ef558d87312a649553eac8 2366762353e8142acba609162f7c7f9af3208a5f 36e17f133e8e8ca09c046a8a130a503f3d268fd0aa78f7b4572304f2d7f7ce11
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=86bc272d7da9b521 HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hoxy28mx.cc/?__cf_chl_rt_tk=1YwVKdBFnNzzus2JUc0l.qCXP1J1yqMF7NcZ0octcm4-1711676438-0.0.1.1-1450
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 01:40:38 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a5qJR3vmpWKFUF72OhkU7IIfOb9dKBZ9tGWSrutl4vlFq%2Ba1QTZazNrqQEaNcAiXL%2BSITPKBdbU%2B9CovmRQ6yDofVRc%2FzdMqPOMX05LeiygprUFfM4529OjNddq7Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 86bc272db8411c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/favicon.ico | 188.114.97.1 | | 996 B |
IP188.114.97.1:0
File typeHTML document, ASCII text, with very long lines (2702), with no line terminators Hashf0d72a7889ea1365ec5f7710dd165e7c bcb106e102f16a5122be3b119dcedf3e3b64a1d8 843d26b7b8b1aa54f438a3540c96444609bd0ee9395ee0dba07d7e58924bd575
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hoxy28mx.cc/?__cf_chl_rt_tk=1YwVKdBFnNzzus2JUc0l.qCXP1J1yqMF7NcZ0octcm4-1711676438-0.0.1.1-1450
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 01:40:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6
Last-Modified: Fri, 29 Mar 2024 01:40:32 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OrEp0V%2FgvNF%2FYo7iXpVvLF4j0p5gERaN4awHCcd5lX1zJdVkzuvGEyGTrgOlIR3AhHd5Ltp%2FlpKU45V9547E1UbWJANthqt%2B2a4zKIgfFMrct4zg3RyQ38qWp0gnyg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc272e08551c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/favicon.ico | 188.114.97.1 | | 996 B |
IP188.114.97.1:0
File typeHTML document, ASCII text, with very long lines (2702), with no line terminators Hashf0d72a7889ea1365ec5f7710dd165e7c bcb106e102f16a5122be3b119dcedf3e3b64a1d8 843d26b7b8b1aa54f438a3540c96444609bd0ee9395ee0dba07d7e58924bd575
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hoxy28mx.cc/
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 01:40:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6
Last-Modified: Fri, 29 Mar 2024 01:40:32 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6xlpV13jl1DvsJo45JAACnrlCJy8ejoKXWBoYj69XLEMiyGSOBWOUj9KYvWBznV3l5CU1VG58AL0ldNLFtcSN2vJIKVoTTl5PxLAq4ToRMcFvpla7evjjzbe7NzpDA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc272e78691c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/1958715155:1711674652:D3i-lu2D1kTk0RhDTExa_p8B3fENxjuozcds_7h-tWw/86bc272d7da9b521/d1118907683a40d | 188.114.97.1 | | 12 kB |
URL hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/1958715155:1711674652:D3i-lu2D1kTk0RhDTExa_p8B3fENxjuozcds_7h-tWw/86bc272d7da9b521/d1118907683a40d IP188.114.97.1:0
File typeASCII text, with very long lines (15872), with no line terminators Hash3a2a23d2dfbb681c2c802161acdc0566 a412359b52afa48f292ac40a132bd037c42c583f 7ad8e8355f669f297078addd31d590745ae330b95012da0ac4bec49c6e1477c4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1958715155:1711674652:D3i-lu2D1kTk0RhDTExa_p8B3fENxjuozcds_7h-tWw/86bc272d7da9b521/d1118907683a40d HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hoxy28mx.cc/
Content-type: application/x-www-form-urlencoded
CF-Challenge: d1118907683a40d
Content-Length: 1684
Origin: http://hoxy28mx.cc
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 01:40:38 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: BgaESpg6iFLGG1dILnI8QBE5/DesJedsMIuAh6uCX2G+pGJY/kCCnW1SjY/Z2cDC$KU6uEBmmxjqvuQZvsIFaSQ==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FelCN5N477hj6mo7aD7WL96rwAy1E8FGzRslo1yf7mXMUD9HiLGBFfXwJVUuNc%2FKXzZguY16WFgGGgcHq035z3ZnBdDSni%2Bk2BD55GCGa%2BOR0v49WuRqQerdDxDEHA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 86bc272f38ad1c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kmzcp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.3.184 | | 256 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kmzcp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.3.184:0
File typeHTML document, ASCII text, with very long lines (41919) Size256 kB (256306 bytes) Hashdafa0669307d96a79ad8c43098c3f122 cea2d166dcff34e341200b52380e940a15d6f74b 99cd1ecf76d472e8e623a7d528ab29ddb8ac71b2ff858d6de427f5127edb9759
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kmzcp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 01:40:39 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 86bc272fed3db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | | 12 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash6f7cde6fd3ced08d5d388508aecda59a 05784e102e06149abbb1cce776316cb528d70c34 8a3a9b9e537e952c606defbedee928bd916440c323981075de7dd47c2eed7b40
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ltfnx/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 01:40:32 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 86bc27050f52b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/1958715155:1711674652:D3i-lu2D1kTk0RhDTExa_p8B3fENxjuozcds_7h-tWw/86bc272d7da9b521/d1118907683a40d | 188.114.97.1 | | 2.7 kB |
URL hoxy28mx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/1958715155:1711674652:D3i-lu2D1kTk0RhDTExa_p8B3fENxjuozcds_7h-tWw/86bc272d7da9b521/d1118907683a40d IP188.114.97.1:0
File typeASCII text, with very long lines (3560), with no line terminators Hash4f86d61737bd7cb9745a45519cf0db45 51ab6db5a94c8773bc0c10240aad2a312d9be948 602d271d6ff72f9e7248040d628644d4ffd9f907a88966097b443198840d7f88
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1958715155:1711674652:D3i-lu2D1kTk0RhDTExa_p8B3fENxjuozcds_7h-tWw/86bc272d7da9b521/d1118907683a40d HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hoxy28mx.cc/
Content-type: application/x-www-form-urlencoded
CF-Challenge: d1118907683a40d
Content-Length: 3126
Origin: http://hoxy28mx.cc
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 01:40:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: cf_chl_rc_m=;Expires=Thu, 28 Mar 2024 01:40:45 GMT;SameSite=Strict
cf-chl-out: tG/ofAwLWGwgfP75D9pLkb6paFlN/D6vGFWglXEN7z9mc5Hjq8nPflmrhRRHG+BNLfsLu/q4NizjG/wpDVccbw==$dRotYeOK0J3RiGMjIUFTzg==
cf-chl-out-s: q3+jkb73bMMSop1awE7lO6w5/BFJ5MzwRDSX7sVd3pmeK8m/62m8H9fm8/D3oqHBGZfn+xKJOShB4zfqwwFiIzaRMx95NJAX5/xruK32J5m1C8WOa3fY2woOda9gyfgqMIGKnOBTOwuTW6yi67NKC4TSqxQN1hAR/Sds7wD60uogucbMm2Lsmt9ekRyHKIMovkFBy/6IkbBOTTbmunXVIARfSQ4ZNFQnhvK83c+wT8NeyHEN7V8y5n+YvGZit57ZKtbHgN+l8d18iE70SlCWwn6XuW9UkprDkN5DfgC/FpjPR0PprPuCsy0EOQ4R8gvvAANPm203rF5JXXsTVspwEMgnLhv4PM9YjvsybaTLzww4cgejgeJOi63UD2f7FXq7d40LdNbVU3CRM8FXAymyBkordaM70c9KnwPEIeas93xyksS9pf7/W+7YdCyrVt4AVQDoPmROTeD+zO7AftuarQ==$avtpRLrxVt8PxrIZHDN++A==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIzmc7%2F5Y0STzPJ95151pGidWCDQs8uA8jA6wV1gNWKE%2FO415d6X3WsZGcSoGuomZu1xUdbkcjjvlGyY6k%2BTQSUwY5SbN%2F2sSzyuE6%2FOXZbZqDSokF0u7fsUXJPE4g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 86bc27552a961c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| | 188.114.97.1 | 200 OK | 1.0 kB |
URL User Request POST HTTP/1.1IP188.114.97.1:80
File typeHTML document, ASCII text, with very long lines (2702), with no line terminators Hashf0d72a7889ea1365ec5f7710dd165e7c bcb106e102f16a5122be3b119dcedf3e3b64a1d8 843d26b7b8b1aa54f438a3540c96444609bd0ee9395ee0dba07d7e58924bd575
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST / HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hoxy28mx.cc/?__cf_chl_tk=1YwVKdBFnNzzus2JUc0l.qCXP1J1yqMF7NcZ0octcm4-1711676438-0.0.1.1-1450
Content-Type: application/x-www-form-urlencoded
Content-Length: 2790
Origin: http://hoxy28mx.cc
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 01:40:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_clearance=Ri_RusfkN7Opq_TZiC6p4heaX2XNCXGM83KaEmpKtRc-1711676438-1.0.1.1-Ba4LmY5EIbghrLu0CEjs50vQpfnRBmZg2Q2CEyPoGuuAoFOJkM0511elCD2KZq.z0UB.mR4sN2UWbItXY9Kzyw; path=/; expires=Sat, 29-Mar-25 01:40:45 GMT; domain=.hoxy28mx.cc; HttpOnly; SameSite=None
Last-Modified: Thu, 28 Mar 2024 16:09:10 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q80cbhFezNgyCRic7Z4KfkoWRNSyBgjTZsuDfK0IrvKTNwxhLqcghgLR21rDOedl%2F%2FN7%2FbQh%2B1IiYG00fZH7EjTmDlWHL44W9yyp1Z78b%2Fk%2BxxoFdtinB4STTF6g2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 86bc27560ac21c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/js/chunk-vendors.ea790e22.js | 188.114.97.1 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1hoxy28mx.cc/js/chunk-vendors.ea790e22.js IP188.114.97.1:80
File typeHTML document, ASCII text, with very long lines (14320), with no line terminators Hashb57a30ed779a7e00e0b0168116ce5563 3f818bf576aafe4ad10d59cff5abdf7f7ffef870 fad4a522170ee12c02d71a0ec4fdfd6b7c5a2f08f92e48926b3dc797f65cc1ae
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/chunk-vendors.ea790e22.js HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hoxy28mx.cc/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 29 Mar 2024 01:40:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ggLHfT8AutRSBfWV+kndkqGpnju0hBifJpH5CiwNq+6m4/Mlq0RMp/9HLgN6sCmjfB0pJVJTjR7vnWcKTCh4FR4uYOmvbrkom21l6plq+Uo=$qSPuOFM7VGeXC6wXHcG7+g==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YA01cw1KMM35NiBbkyAx4qY%2FsMcx1yRI5rgvfnlnZhjOcrtlRQWkW0jdvj%2B8BBCxs%2F2Fct74euQFdjkJbWTEO80JKwYrlXFiSw7yztrQY4Eyd5YMHbVsbzlOEP2FTw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc2758bb2f1c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/js/app.df590089.js | 188.114.97.1 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1hoxy28mx.cc/js/app.df590089.js IP188.114.97.1:80
File typeHTML document, ASCII text, with very long lines (14236), with no line terminators Hash6ba5f2014bbedc5c2d3429275465052f bc7f4760d8577fbdc9e4cbb3d31171b4a4a0e7fc 05ce190cf690ce0a5e623755ef21e27473628e0fe56ef97eae5484efe129a7fc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/app.df590089.js HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hoxy28mx.cc/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 29 Mar 2024 01:40:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: hxrmeNvLB3VKYSloj7tyWsTowKzH6wuRTSznL5fzslwRkOwsd8X87ZXUVJ6sG4K/jy6trs+Phd73+gPhEdEZjUXN1hFxw4b29nojwyA8rMw=$kavC+rTv+DH1t5jqipe8oA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IeMLHWUAyPXKNmjsHHDVErU8m4%2FqtqvhLH9R3MeyILG%2BI8mC7RAfQNgfyC5HFwAFPisyUZV7PPzDTVpg63DKG9Uq%2BttHSQ1WfocG19dZrpdMyzNgI2oiyy%2FgoVhyEw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc2758cb38569c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/css/chunk-vendors.c57533e1.css | 188.114.97.1 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1hoxy28mx.cc/css/chunk-vendors.c57533e1.css IP188.114.97.1:80
File typeHTML document, ASCII text, with very long lines (14351), with no line terminators Hash1c051facd85b0836fae9c2be95cd1b78 4ba83044a29b1cad9f0d6bc9c3d07409248e076c 13384884923a2171ff147e868e4a57b4eaa8bb658fdd01824191129562e4ef4f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/chunk-vendors.c57533e1.css HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hoxy28mx.cc/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 29 Mar 2024 01:40:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: V32fG6nbRs3CWjp/EIhf1fPyuJnvZ6g6LTN3afB9V83DZFWjW75frz0bCb8ZhAWaawqA9tfZVynvt6XYptOxPdONM8X1YrxNa7sIO2u6xZ0=$Koqp4pihQtM8hA/MYQedXA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Mq7G5WMhFZe2NmJKakylyUBLbzFsMEN%2FMzqxQm1hcxLc5%2F8WWE8ZPJChvy3a9Rv%2BaVVM9XfnUAhOvhLgZkBfz9RPozypIDvx1yEl0MVEqKvNb6fcSG8MVwTY2%2Fe3A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc2758cae556c4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/css/app.a9300b54.css | 188.114.97.1 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1hoxy28mx.cc/css/app.a9300b54.css IP188.114.97.1:80
File typeHTML document, ASCII text, with very long lines (14284), with no line terminators Hasha1f1b4452f1953f39bb123ff3365bb9d 2fa8697205f5064729f791f0ee092f5bbf5ba674 3f236f4ac8b389a84642e74553d33b877b2f42fedb66c582aa5166adcd7c7aee
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/app.a9300b54.css HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hoxy28mx.cc/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 29 Mar 2024 01:40:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: xjjtBnjRWlJdhtY8d5mmUmO49InvP/lEsZ0Uifu5yXZirpd+InwBFcCndm9KCbxpCNjs+y3CVphJQ42qq+pKO53ZwvC+FK13OuQkf/KiECc=$S65HgWOfhqNztLgIxMrGvg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yjKSOMyfEAL%2Bhb1nEm8v2caIRgvISsVxzBaH19%2BhQvA9eJj9Jw2XBbim6H545HBLKX%2B5qz53vujECIzXB10RiLEu1ijypDiSd12dpu0hp49V7i7bH7vx7sQ613gzzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc2758cb7c56ba-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/img/icons/apple-touch-icon-152x152.png | 188.114.97.1 | 403 Forbidden | 6.0 kB |
URL GET HTTP/1.1hoxy28mx.cc/img/icons/apple-touch-icon-152x152.png IP188.114.97.1:80
File typeHTML document, ASCII text, with very long lines (14408), with no line terminators Hashc1ff05c4ee87bf3f390a010a5812ac16 4b0f53ee6328b863a02380b41119a24d984eaa78 afa661be9f993db18b7fb391102fb94366d0fccd1023db7a1ce1ca3ff6aa37d9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hoxy28mx.cc/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 29 Mar 2024 01:40:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 6TOG7jGEfhIFWPgyTZj0aLq2wHuy+K6Vb1BPgs+S0MGDr5cQyR0k40CyNhv/aLjNuct2wDtfIx1XW+klRjwucUML6+XmyinHJsop7+rx4Sk=$XMrZanSnwCz1KNTq3Cimmw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40Vcb%2By%2BKbFNGZh2O1y0AqQHg02frQ9OOUFWfXykLyPY9dbyELeW3GeyO%2BWZTe3DYNDD59PnpOdQ8nHyPi6fL%2BSyIN0CuZaJVoOdkA4TphwpY0P6uLbKEUOW6aahCw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc2758ea33b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hoxy28mx.cc/img/icons/favicon.svg | 188.114.97.1 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1hoxy28mx.cc/img/icons/favicon.svg IP188.114.97.1:80
File typeHTML document, ASCII text, with very long lines (14294), with no line terminators Hash8d534da86dda2130ef3dd6f7f267d68e 9bed7f07d733dcf7fba80e7d31099957b0683297 11255524e272bc91f093dc172d11ce97a170a9d16f80a1020df5371793a9e059
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/icons/favicon.svg HTTP/1.1
Host: hoxy28mx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hoxy28mx.cc/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 29 Mar 2024 01:40:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: zNXr8Zf97rBxkMYanh25XrEzRwxMqdJxZgnANpDLRJu95NCE/g4nsd/Sn5pHYss4yguU/8AKiohR/wvdNDfCVt5+iDOgQzBjYEEq1neGMXU=$JAmcJvlbqvUODpAQu/QqMw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67GQ0pdt7d5swuzQ1MWWPURxxuBVOPsmMFbvjB9gKW%2F5uNHk5b17wM55Ij0bqXwjEVQ6y9DLfseapOEjOu88M10ePvRezak0jDdYj2clIVUqoiZN0K9XZQLY0O4Bdw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bc2758e91f712d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|