| inskdkdksbi.cvxcs.com/images/mt.png | 104.21.68.22 | 200 OK | 14 kB |
URL GET HTTP/3inskdkdksbi.cvxcs.com/images/mt.png IP104.21.68.22:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
File typePNG image data, 259 x 195, 8-bit/color RGBA, non-interlaced Hash8e426074765e681d968e20c28e8e63e4 20b3c4dc173e35cf4589227d6473a758298b1c85 e809a4366aa8bc84f566b8e4f3a73528f5f9b0a49dad4d211391edd99daa0385
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/mt.png HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/alert2.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: image/png
content-length: 13836
last-modified: Thu, 23 Nov 2023 23:14:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2F5BBdN%2BwWkIQGrOp7rda19jMJwcJreWEQnSEtZsUIImhiNyktDdsFEdVBPVy9A1QzFwgic0FYe6yv2T9G%2Bsa6RdgYwTfiHH7UkKqLWWYOrPxH9U6BMYUSKsPM0zdgNOnY4KE2q6V5w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87620874ec915693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| inskdkdksbi.cvxcs.com/images/bg-header.png | 104.21.68.22 | 200 OK | 1.2 kB |
URL GET HTTP/3inskdkdksbi.cvxcs.com/images/bg-header.png IP104.21.68.22:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash0bde7d4b3da67537eaf9188e6f8049cf 64300fc482d01d38b40ab20e15960b6509665e5a 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/bg-header.png HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/alert2.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: image/png
content-length: 1238
last-modified: Sun, 21 May 2023 19:43:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wqNn0ArimOAoS9UXBXu%2FxiznVYS%2BDIvbzb3ktY3dgm8%2FW8%2BMur62lRgNwsY9A0NUxIR0BMn8AxuApB233cftawUnjuLX1Urrm6n9D%2FAa4i835cQAeYdE2qVVgZHqjpv%2BG4HYw3ifoQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87620874dc895693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| inskdkdksbi.cvxcs.com/images/ehe.jpeg | 104.21.68.22 | 200 OK | 15 kB |
URL GET HTTP/3inskdkdksbi.cvxcs.com/images/ehe.jpeg IP104.21.68.22:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 739x415, components 3 Hashd333c176094bb1b212ca5eebda63c288 3144183684aa06da4cfdb3584de69fa008c323b8 fb09b146ace6c742a7e536be388a9b3105a46a39cb3bd3edd8770e0206053a7b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/ehe.jpeg HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/alert2.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: image/jpeg
content-length: 14903
last-modified: Thu, 01 Feb 2024 04:02:22 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5h1Q%2BCkifiMVbd4cTMnOLQbB06FtjFU52OLSbagle8gbue6U3jgqZdoKlrl%2FEv7y9bjaH959M0uIGDJ8WMe3ABsbCGdo7dXPi8BQBbFgfrcUnxCtZxYxXpmFPt66gmUun90nEbBdZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87620874dc855693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| inskdkdksbi.cvxcs.com/images/myt.png | 104.21.68.22 | 200 OK | 171 kB |
URL GET HTTP/3inskdkdksbi.cvxcs.com/images/myt.png IP104.21.68.22:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
File typePNG image data, 4198 x 4198, 8-bit/color RGBA, non-interlaced Size171 kB (171244 bytes) Hash1274ee71c0ab11c8c0e5438d43f4b2e8 6d10512f5c87504326a47604267558bc63e714f3 f0839d462f8f476c0ec2176a6cccbd5944d72ae2d65d9f7e8cef3c7766bc8021
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/myt.png HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/alert2.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: image/png
content-length: 171244
last-modified: Thu, 01 Feb 2024 04:02:22 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RC%2F%2FTskvUYAZVoXtOI21pvXdUUWnKf8NGC8W7i%2FiyW0tK%2BcJ4rA6sXTU9%2FNwZWFJ7I4HtrMdKsFfxT0CvUDgo9pY%2F0bLGT3koFYwSENjfkMWhoPCYBdaZtgqEfBVyXZEIQExDep4uQY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87620874dc8c5693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| inskdkdksbi.cvxcs.com/images/igx.png | 104.21.68.22 | 200 OK | 51 kB |
URL GET HTTP/3inskdkdksbi.cvxcs.com/images/igx.png IP104.21.68.22:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
File typePNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced Hash4d961cbc6acb78f1eb799c0a0399b14b ed9b39da2f031d0c920d45cdbe82a95fb3a13f8a a2665a9d9e70b78dfc45e624932e33ac97a28db45d68fe8754e1a3ef61f5fd34
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/igx.png HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/alert2.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: image/png
content-length: 50980
last-modified: Thu, 23 Nov 2023 23:14:08 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1CGO6kO%2BoGCxrbZCHA6anUda7jQsm0oElKTaIcNUNGTVT0Iqg3k5%2Fy9ZzyByGqb8mcrhRKlmJzZf5u81Ig1b9Q9f%2B%2FIpukhhf9EOHn40qIce6MmMlMl1so6zHPS%2FazffhtssNfBYGE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87620874dc8d5693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| inskdkdksbi.cvxcs.com/js/common.js | 104.21.68.22 | 200 OK | 9.0 kB |
URL GET HTTP/3inskdkdksbi.cvxcs.com/js/common.js IP104.21.68.22:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
File typeJavaScript source, ASCII text, with very long lines (3301), with no line terminators Hash4a5b8f4761c95a1bbb865d844694a1b7 b87929161422f3a86ecd2e20d32f07c55c2b5f23 b373f4c3a8a07ffe8cd303fa460d169789bb08a3779cb0424a242d6dd9f84e8d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/common.js HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/alert2.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: text/javascript
last-modified: Sun, 21 May 2023 19:43:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NMR4S9h5SRYZqeggyttazDhOgtptMNjMKrcpkohOvIlXBnHPPae8xVfGAelkaRWdkJ5U2m58SoX7Vn%2B%2BXfJDhl9%2FBUPJRnLOD8VRVmUzXB%2Fx092rMeGmJ9FXFxDHrh9OKThmdtZIfI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87620874ec945693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://inskdkdksbi.cvxcs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:21:03 GMT
expires: Wed, 16 Apr 2025 03:21:03 GMT
cache-control: public, max-age=31536000
age: 178153
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://inskdkdksbi.cvxcs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:30:18 GMT
expires: Wed, 16 Apr 2025 00:30:18 GMT
cache-control: public, max-age=31536000
age: 188398
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://inskdkdksbi.cvxcs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:25:26 GMT
expires: Wed, 16 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 177890
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| inskdkdksbi.cvxcs.com/favicon.ico | 104.21.68.22 | 404 Not Found | 315 B |
URL GET HTTP/3inskdkdksbi.cvxcs.com/favicon.ico IP104.21.68.22:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/alert2.php
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6RNXuySwIg%2B5vCfsV%2BfNqh1ltcHeKwLekI4RJ2l8wGePtybzLel%2Bx%2B0WgAA%2BdGHu2UpX2xgcnr9hjMvSTvIO4%2Bh2n58rlEiTzNtatvNKMzFBO8Be8DgzWGGRIytQxBDOVt1LgaCXfj8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876208779e265693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap | 142.250.74.74 | 200 OK | 3.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap IP142.250.74.74:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (3220), with no line terminators Hashb24ea82948308ad2eebd6c955aea7ee2 033b53a22ad02d0353ec6bb065b9c5d702832f42 c3c108b6aca64c22406d81d40b843fe57655b7347603c213fd3c303ca5c42036
GET /css2?family=Poppins:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 04:50:16 GMT
date: Thu, 18 Apr 2024 04:50:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| inskdkdksbi.cvxcs.com/css/app.css | 104.21.68.22 | 200 OK | 137 kB |
URL GET HTTP/3inskdkdksbi.cvxcs.com/css/app.css IP104.21.68.22:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
Size137 kB (137256 bytes) Hash7b97d4825c42ecf544bed201d863ca7c a5852c4a9e1fe3cdf31edb91528ecafda1acefe0 16c2bcaf72ed0b422d0843132bae751e3cdee3f12d3a9a8db6d9b50630375b4f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/app.css HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/alert2.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: text/css
last-modified: Sun, 21 May 2023 19:43:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0exfFARbNKlNJXOjc9XJLyrvbLEiWOh0alnCL5W0Gl%2BALJ8JDeueQCvQJRo1XdJEpHbq0wwtkKz30Bih7stFtKLYTSsLWOD9gU3vuPHwHMAw%2B%2F1U%2F8y8Ju0JBsSnbfmrS5BC13iN7o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87620874dc845693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| inskdkdksbi.cvxcs.com/js/app.js | 104.21.68.22 | 200 OK | 159 kB |
URL GET HTTP/3inskdkdksbi.cvxcs.com/js/app.js IP104.21.68.22:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
Size159 kB (158996 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/app.js HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/alert2.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: text/javascript
last-modified: Sun, 21 May 2023 19:49:14 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1QhzP6Z7ohyfqLFEvIw7FzL%2F9g92J67KyFbCHSM0Q9OCsV%2FdDXmHN45I7bpSZezxsLXn91Y5n%2FJFV1oT2Al9WISAz64BAq4Biq%2BTL2alccj831bnAij%2BxP4ni5l3lXpi3KCrqiGcI14%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87620874ec935693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| api.cdnmetric.com/get/static.js?referrer=https://inskdkdksbi.cvxcs.com/alert2.php | 0.0.0.0 | | 0 B |
URL GET api.cdnmetric.com/get/static.js?referrer=https://inskdkdksbi.cvxcs.com/alert2.php IP0.0.0.0:0
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcdnmetric.com FingerprintB9:25:2C:FF:C1:BC:7A:C2:28:30:B3:3C:AE:23:9F:25:E3:6F:3B:18 ValiditySat, 30 Mar 2024 16:35:37 GMT - Fri, 28 Jun 2024 16:35:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/static.js?referrer=https://inskdkdksbi.cvxcs.com/alert2.php HTTP/1.1
Host: api.cdnmetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:50:17 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.2.1
access-control-allow-origin: https://inskdkdksbi.cvxcs.com
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3WCoM%2BKPJhEUfD1GcwoiVulSU0xAIWRxqZUG7AqpSYGqEj6Oe8N9v9jF5K8f2z5UbPFXc7KLBDuAZBYibYf1QIYOlRA3yAoYIAMIG0wjWKkr9Ja48%2Bl4jSpi0uRHkGbMim7Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762087dc91b1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| inskdkdksbi.cvxcs.com/alert2.php | 104.21.68.22 | 200 OK | 6.3 kB |
URL User Request GET HTTP/2inskdkdksbi.cvxcs.com/alert2.php IP104.21.68.22:443
CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6742), with no line terminators Hashfe57915b12f63229c92b6c18d846432e 8268696675e9b90bd7ddf3f94860791ce51b37e9 12b70473386ca37b90dfbf1856cd98b57274c2c75ca964297427c7cf044f6e13
Analyzer | Verdict | Alert | OpenPhish | phishing | Facebook, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /alert2.php HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATUcuT%2F%2B2FFb2NrDmm9k%2FBbV9onlcOc%2BIWCWGdY2B13tyqNbVSou40Q3oULPbB%2FZrTGcx4FTYuqM4BhZUPiy3BBBYIIBywAQyCniM2b%2Fqy54Zva9Kgt7qrs5AI3jLWXpQw0aDh1Dg%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87620872ea7a56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| inskdkdksbi.cvxcs.com/fonts/logo-white.svg | 104.21.68.22 | 200 OK | 1.2 kB |
URL GET HTTP/3inskdkdksbi.cvxcs.com/fonts/logo-white.svg IP104.21.68.22:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
File typeHTML document, ASCII text, with very long lines (1276), with no line terminators Hash24b426fea67958554911ff4c943fdfe4 b92889146d4c1bbddccabe58ca15c814ea066f72 335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/logo-white.svg HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/alert2.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: image/svg+xml
last-modified: Sun, 21 May 2023 19:43:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pPsWUeXuVMg9%2BuX2Mb%2BsFP8kihhlK6gwuFFjDq22Od7R7vwzxHZVE3jl6uhXONbqZ4RaOilZE7D4SgTBjc9QqKR4SWmz8yih2DlI4Ms5tliNx9I5FoSMJVwApl6ROY6j0Sv6lRZV11A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87620874dc875693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| inskdkdksbi.cvxcs.com/fonts/sprite.svg | 104.21.68.22 | 404 Not Found | 315 B |
URL GET HTTP/3inskdkdksbi.cvxcs.com/fonts/sprite.svg IP104.21.68.22:443
Requested byhttps://inskdkdksbi.cvxcs.com/alert2.php CertificateIssuerGoogle Trust Services LLC Subjectcvxcs.com Fingerprint61:09:AE:B5:E0:DE:B2:02:56:2F:44:AA:F0:04:CF:C6:F9:98:C8:75 ValidityFri, 15 Mar 2024 13:16:03 GMT - Thu, 13 Jun 2024 13:16:02 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/sprite.svg HTTP/1.1
Host: inskdkdksbi.cvxcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inskdkdksbi.cvxcs.com/alert2.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 04:50:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YtMRQZRToBIM7sHm4nPe%2FCKm5zJqIxD89pPZKjCzF04B6ua6qsbbuEK2YD%2FO9eKRMnJhdIAg%2F1e7ullS9ciO6r30CvVkIarEZn75cE1q1CHedt9x2IL7wAkQyeiFJSGxMxEj6OyLL48%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87620874ec955693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|