| re-captha-version-3-265.buzz/ | 188.114.97.1 | | 167 B |
URL re-captha-version-3-265.buzz/ IP188.114.97.1:0
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET / HTTP/1.1
Host: re-captha-version-3-265.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 07:21:55 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 10 May 2024 08:21:55 GMT
Location: https://re-captha-version-3-265.buzz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5Qr7rGHk1oip1ib%2Bmu%2BTzidcUqMfHE%2BuTo0lUGN6zQHr%2B1lPtX37cEJcpcCkQZZ1WkblwjToTA%2BAFtqbZsDyUMVaOW6szORE3JOKDLgUVjT3HbLzITqwynYPg4uZGxmkY573BW258o0NgQIpmzP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88182cd759830b3d-OSL
alt-svc: h2=":443"; ma=60
|
|
| re-captha-version-3-265.buzz/ | 188.114.97.1 | | 15 kB |
URL re-captha-version-3-265.buzz/ IP188.114.97.1:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9729) Hashb01cf5dbd6b56447663bb6786bd9f50b 148979848e4ca07a484dac1298f762930bb108fe 6f3527a21e904833824ac3327ecfe302be5b30f8f82f57746c039d32a7d576a0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET / HTTP/1.1
Host: re-captha-version-3-265.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:21:55 GMT
content-type: text/html
last-modified: Thu, 25 Jan 2024 15:41:36 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G82zIV78DzU%2FeB8l3a8e0RVST0H7t7XNCM9pjoiEZIhdWYLLKl0zIUW1Pa%2Bo9qqITUUy9iTRu6DXSPYsukbuNEOkAZ38mRedVe%2FUeIpc5%2BKkdJ%2Fv4VzyP3ye0MOpqUf%2FNWgB9BMirYxwkUyW5Q%2Bj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88182cd79e8e712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| re-captha-version-3-265.buzz/favicon.ico | 188.114.97.1 | 204 No Content | 0 B |
URL GET HTTP/3re-captha-version-3-265.buzz/favicon.ico IP188.114.97.1:443
Requested byhttps://re-captha-version-3-265.buzz/ms/0805_desc_B?a=l21182&c=ba7a0f03-b009-4c75-aac2-382e58579875 CertificateIssuerLet's Encrypt Subjectre-captha-version-3-265.buzz Fingerprint71:43:8D:15:B2:4C:CB:BB:97:EC:70:F1:33:46:78:2F:95:CC:F4:DF ValidityMon, 06 May 2024 18:05:17 GMT - Sun, 04 Aug 2024 18:05:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: re-captha-version-3-265.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://re-captha-version-3-265.buzz/ms/0805_desc_B?a=l21182&c=ba7a0f03-b009-4c75-aac2-382e58579875
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 10 May 2024 07:22:01 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WagjV0rEOKpBnh0TNdpAiOymcZj%2FFU81IgZLXEJ8%2BFDFzT1S7WiPbSBBeuF%2B4LGVfPPkgbOsbWkxfL8MJD%2BHpsYz0RZzevoMnSbDtp%2FWbtUkxfXr7cVs2c7v%2Bn1%2Br8XzlKwpNdNf%2FVAcWi%2F5CZ18"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88182cfd68e90b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js | 142.250.74.35 | 200 OK | 9.3 kB |
URL GET HTTP/2www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP142.250.74.35:443
Requested byhttps://re-captha-version-3-265.buzz/ms/0805_desc_B?a=l21182&c=ba7a0f03-b009-4c75-aac2-382e58579875 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (28368) Hash9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://re-captha-version-3-265.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:28:12 GMT
expires: Sat, 10 May 2025 06:28:12 GMT
cache-control: public, max-age=31536000
age: 3229
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://re-captha-version-3-265.buzz/ms/0805_desc_B?a=l21182&c=ba7a0f03-b009-4c75-aac2-382e58579875 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://re-captha-version-3-265.buzz
DNT: 1
Connection: keep-alive
Referer: https://re-captha-version-3-265.buzz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:50:52 GMT
expires: Fri, 09 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
age: 106269
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.35 | 200 OK | 9.9 kB |
URL GET HTTP/2www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.35:443
Requested byhttps://re-captha-version-3-265.buzz/ms/0805_desc_B?a=l21182&c=ba7a0f03-b009-4c75-aac2-382e58579875 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://re-captha-version-3-265.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 102863
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pushbizapi.com/api/errors/install?message=TypeError:%20can%27t%20access%20property%20%22register%22,%20navigator.serviceWorker%20is%20undefined | 136.243.216.232 | 200 OK | 0 B |
URL GET HTTP/2pushbizapi.com/api/errors/install?message=TypeError:%20can%27t%20access%20property%20%22register%22,%20navigator.serviceWorker%20is%20undefined IP136.243.216.232:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://re-captha-version-3-265.buzz/ms/0805_desc_B?a=l21182&c=ba7a0f03-b009-4c75-aac2-382e58579875 CertificateIssuerLet's Encrypt Subjectpushbizapi.com Fingerprint28:BD:9F:68:03:AB:2B:0D:09:EA:3E:A9:8D:B1:CC:0A:0C:1B:BF:BF ValiditySat, 16 Mar 2024 05:48:13 GMT - Fri, 14 Jun 2024 05:48:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/errors/install?message=TypeError:%20can%27t%20access%20property%20%22register%22,%20navigator.serviceWorker%20is%20undefined HTTP/1.1
Host: pushbizapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://re-captha-version-3-265.buzz/
Origin: https://re-captha-version-3-265.buzz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:22:01 GMT
content-length: 0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
|
|
| re-captha-version-3-265.buzz/ms/0805_desc_B?a=l21182&c=ba7a0f03-b009-4c75-aac2-382e58579875 | 188.114.96.1 | 200 OK | 60 kB |
URL User Request GET HTTP/2re-captha-version-3-265.buzz/ms/0805_desc_B?a=l21182&c=ba7a0f03-b009-4c75-aac2-382e58579875 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectre-captha-version-3-265.buzz Fingerprint71:43:8D:15:B2:4C:CB:BB:97:EC:70:F1:33:46:78:2F:95:CC:F4:DF ValidityMon, 06 May 2024 18:05:17 GMT - Sun, 04 Aug 2024 18:05:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ms/0805_desc_B?a=l21182&c=ba7a0f03-b009-4c75-aac2-382e58579875 HTTP/1.1
Host: re-captha-version-3-265.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:22:00 GMT
content-type: text/html
last-modified: Tue, 07 May 2024 23:40:12 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FXo0s86oZ3KofDjBZ2lvWYrm5zF%2BQZW06NAktOvdsYvUr2RTjlMA1VQFke6uyKkNpnCwPWXGw3OYUlFM8Qac03lSjCmrOrPAoUeuNh7O%2FwUTwhKFRzsFE2QreOvMUVvLUopMky00yUFSVEJwTD%2FB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88182cfabd130b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|