| mozartbulls.top/_marine_meta/?login=&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null | 172.67.193.115 | | 833 B |
URL mozartbulls.top/_marine_meta/?login=&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP172.67.193.115:0
File typeHTML document, ASCII text, with very long lines (1847), with no line terminators Hash017d60afcf3ec712aab4016bf23cf4f5 318293082be7d0bae553bece200f7bba08a7da1f c312c3632293c7e9cac422b97cc2220d43ac4fa28cfc7287728d2d6c47672c45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/?login=&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://antican.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 04 May 2024 06:50:48 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ER8T7vkzeP9Z1YHAwAgHpo%2F0AJ%2BkS0smp7bi9N%2FnArmdF71PRlG7T52q6Lxz%2BnUaMH9c8GCdpB6Y4ObEk3IRkIBDdZcL%2FYAgAu%2FAP%2Fj1eVacDrK%2B7B%2B5KETnkkeWazLEOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e68f022c975690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.74.74 | | 31 kB |
URL ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.74:0
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:48:21 GMT
expires: Fri, 02 May 2025 01:48:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 190947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mozartbulls.top/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.193.115 | | 0 B |
URL mozartbulls.top/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.193.115:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 04 May 2024 06:50:48 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HWXFlFeHByOOJPigdjwU7mFnfUGeeHNcx87JzvNQdCZJapUmkmrVzf0OL7GrehC6528kMhOUJ%2FuRPfscegti4AvvLClm5D%2BKysDuBnrR72StR3l%2FYZi3VM34nSfMpt2c50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e68f075c9cb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ytibw/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:49 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e68f084df8b4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/cdn-cgi/challenge-platform/h/g/jsd/r/87e68f022c975690 | 172.67.193.115 | | 0 B |
URL mozartbulls.top/cdn-cgi/challenge-platform/h/g/jsd/r/87e68f022c975690 IP172.67.193.115:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/jsd/r/87e68f022c975690 HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12289
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/?login=&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=dkpSRyMfL34yOWYFsAT3Hx6B.wOq3XhkUlo82Ykejaw-1714805449-1.0.1.1-ElC.al6fFqCG6jgjBSHmY4XkRPkUwj63JlCxQJdmlutKr2cJZ4W1iNq3gyATGqUoNytMxDKp5.sIicQFL4hiUw; path=/; expires=Sun, 04-May-25 06:50:49 GMT; domain=.mozartbulls.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jQZ3z9xMIu%2FkF6kYfqVOdlGx5WaVZZkHSP5by95Zzkc%2BapG1JjYO75YGP%2Fp0pIICr8xmuusnQ04Y4oO1dqF4%2FMZiUORGRGE9eYTj%2FE6psY3w7DZdAB6IveMt48MBmrViOqU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e68f08de32b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js | 104.17.2.184 | | 15 kB |
URL challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js IP104.17.2.184:0
File typeJavaScript source, ASCII text, with very long lines (42565) Hash65b0a652c40c95d12c4ddb3b4567c1ea c654efa19d01d6553ed4e0f500d350011e023ad1 c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7
GET /turnstile/v0/g/d0ff3ebede6b/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mozartbulls.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 06:50:48 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e68f0579ff56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mozartbulls.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js | 172.67.193.115 | | 30 kB |
URL mozartbulls.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js IP172.67.193.115:0
File typeJavaScript source, ASCII text, with very long lines (7901), with no line terminators Hash3fd1edf1f65cd60c72d17438ad12d3c2 6a102b4e24bd9446476c5cdc0b7240f5e81f5f30 35cef64c04deb7d89878d07b29fdbfba248e77873b4e18473509baf387987603
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:48 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oiP%2FH48fbe2Fg8vlR0cC8sg201pEm76m4YMZyzTp8FXC6IQ2RvqBTnp6nGGy9ukWlbX9a24sH%2FK8yyYO%2B%2BQzK4jnX2JyWQdQh6eP08TdQ2JAPOJ1AGzcNJ5T031ni5tSbU4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e68f076caeb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/291917060:1714804300:kKZ9ih0JgHSUzJdrk53MVmTwwX6q-72xORVFxd_38ok/87e68f078d60b4eb/99b1df8a70e7bd5 | 104.17.2.184 | | 112 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/291917060:1714804300:kKZ9ih0JgHSUzJdrk53MVmTwwX6q-72xORVFxd_38ok/87e68f078d60b4eb/99b1df8a70e7bd5 IP104.17.2.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size112 kB (111675 bytes) Hasha3c1ebb6ca6af17a427feb1ce1cdc401 be93059024f7b885d566f7a616c1ebc4f13b6974 e3e2464c0866d667d071c228bb296480f8be55ab36e9d9ac603e6b0d89b9dc9c
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/291917060:1714804300:kKZ9ih0JgHSUzJdrk53MVmTwwX6q-72xORVFxd_38ok/87e68f078d60b4eb/99b1df8a70e7bd5 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ytibw/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 99b1df8a70e7bd5
Content-Length: 2736
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:49 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: lUm8C76Rrad8G6i9ZJcZgwU7YTgYuz+EcM/pJVlFTFXepqphqiBR22eHS480cGS4rMbnJAjhjkWse1l06fCjU7b5UUIm6fuN6y8bp07KwluZrxNRL4eO0wVLk8PreWT2SOnhCloVx5/EXsr4JdcvuBhrFitCydgpn3XBL+j2GL3aIu6zqXQ92BE7w9ZATNtHdxJkcih4Ll3zGcxyNF4v+sQUJYl9VlLyz8SrTo1IakArpyvsLVb0MZi2DfxrqEKyNVaInLWtJAUXEu+YRqYcIpYOBnz0lSsNFOGKQHK9NOa6GKsln/wT2AElI8Hk5Y1kvEL758ReFDhlJNdPHXGpMZGnABzI1DkGEvm9B4bGFY5nbiwO1PyM50TIGof1h9pmzmBxNMGRiLdBxA8AgxMqPU+cPxGSY4wBql3IagM90VI=$ESViOOVcqhZQXpFCt0T5QA==
vary: accept-encoding
server: cloudflare
cf-ray: 87e68f0a1fd3b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e68f078d60b4eb/1714805449308/axFPkTLHJwQnYI5 | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e68f078d60b4eb/1714805449308/axFPkTLHJwQnYI5 IP104.17.2.184:0
File typePNG image data, 73 x 52, 8-bit/color RGB, non-interlaced Hash8ff92d14e2c5c4a8b3dcc79dd14bdccc 752fab43d8696533372bddf2d5b8a6e36b65b597 14d803b92e43a95d61d0df8e2655ae0966f2ae871788990d84ecdf46e9da5602
GET /cdn-cgi/challenge-platform/h/g/i/87e68f078d60b4eb/1714805449308/axFPkTLHJwQnYI5 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ytibw/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:50 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e68f0fdd91b4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e68f078d60b4eb/1714805449308/24a9c29fa40c01259e8108b924114b27e4001af4bafbe0b8a2b4249508a68472/6L7Pzv5g88AY9DC | 104.17.2.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e68f078d60b4eb/1714805449308/24a9c29fa40c01259e8108b924114b27e4001af4bafbe0b8a2b4249508a68472/6L7Pzv5g88AY9DC IP104.17.2.184:0
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/87e68f078d60b4eb/1714805449308/24a9c29fa40c01259e8108b924114b27e4001af4bafbe0b8a2b4249508a68472/6L7Pzv5g88AY9DC HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ytibw/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Sat, 04 May 2024 06:50:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gJKnCn6QMASWegQi5JBFLJ-QAGvS6--C4orQklQimhHIAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAycESnW8nWijopFBbXs0ShsFXencIiaM4x8DmoYUMDVIj9LKs0W82Vt7SxGoLjV854ZLsONjPcD9gaNsV1U7ial-U1eHrh6bc6pi2_dUVK8NsyLnCLOtvOiP0SY8vabqRR4dPd6S61Y-diDWwToPoCSioJqJhohK4pCLZ5_YF-5VfEFiyMTtIeFQadCwQWCTWWHJgK8wlIzn3e6mBeQZJ1VsOf21BzIlCKUydJy4Pf1ah0N7KjgN2pp4S9j2sSUl0ZbfnPznB7zO130ijqjcDO7wydsvznYw_ApvEdn5mKTlOFBQM1jktH72KBkAGAS-M4Zko5MazCXVbKxK3oLAhkwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tICSpwp-kDAElnoEIuSQRSyfkABr0uvvguKK0JJUIpoRyABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 87e68f109e56b4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/291917060:1714804300:kKZ9ih0JgHSUzJdrk53MVmTwwX6q-72xORVFxd_38ok/87e68f078d60b4eb/99b1df8a70e7bd5 | 104.17.2.184 | | 4.2 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/291917060:1714804300:kKZ9ih0JgHSUzJdrk53MVmTwwX6q-72xORVFxd_38ok/87e68f078d60b4eb/99b1df8a70e7bd5 IP104.17.2.184:0
File typeASCII text, with very long lines (4400), with no line terminators Hasha4a611df0cbc0e7132274cdd04cf76f9 f63aaebb47f7373fee95603882d978c4cf2d042c 8f7bc2da0c4a2908f737162fc681f44f6702915076cb8f5605ca320bffc994c0
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/291917060:1714804300:kKZ9ih0JgHSUzJdrk53MVmTwwX6q-72xORVFxd_38ok/87e68f078d60b4eb/99b1df8a70e7bd5 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ytibw/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 99b1df8a70e7bd5
Content-Length: 27315
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:51 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: D0ruIhkveT3jhkxScbsMtKNkuiUyebJh54MmmmACFc2/gpU3DKPl1PmnzHWcEWqkzcSLJDCN32rHpGi61RwJh/aY+2RVzs7NQIlGWE+EF3WK3ze86C1/3WU72YouLt2K$6EL67I7Q4i44YZmrLAeAJw==
cf-chl-out-s: 6fYBldqCxm8Ph8uGJlK9jQ==$CIGBoUIzJoy0asqLIFo5Kw==
vary: accept-encoding
server: cloudflare
cf-ray: 87e68f16dc09b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js | 142.250.74.74 | 200 OK | 85 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP142.250.74.74:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text Hash2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:40:19 GMT
expires: Fri, 02 May 2025 23:40:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 112233
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/s2/favicons?domain= | 142.250.74.164 | | 1.6 kB |
URL www.google.com/s2/favicons?domain= IP142.250.74.164:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1136) Hash4c897ae556077ac19ca558718789ba76 a673a81ea0a3e7a2fdf759a014a608df15efecbd 2d841defe31ddac7bb79861466085b6a632a04ea330532a98d8180f7dbaff68f
GET /s2/favicons?domain= HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 May 2024 06:50:52 GMT
server: sffe
content-length: 1580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/s2/favicons?domain= | 142.250.74.164 | | 1.6 kB |
URL www.google.com/s2/favicons?domain= IP142.250.74.164:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1136) Hash4c897ae556077ac19ca558718789ba76 a673a81ea0a3e7a2fdf759a014a608df15efecbd 2d841defe31ddac7bb79861466085b6a632a04ea330532a98d8180f7dbaff68f
GET /s2/favicons?domain= HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 May 2024 06:50:52 GMT
server: sffe
content-length: 1580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mozartbulls.top/_marine_meta/?login=&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null | 172.67.193.115 | | 7.7 kB |
URL mozartbulls.top/_marine_meta/?login=&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP172.67.193.115:0
File typeJavaScript source, ASCII text, with very long lines (317), with CR, LF line terminators Hashc1847f252606c019d57ceab9a05374b7 87788e59543c7a2df208e692f92594a01057419f edd0a105cd995db48558648778097ebdaa19b54776e6308653fb57b4c17e7936
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/?login=&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://antican.click/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:52 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=emgdsit9gpnobqlkdagpqq73v5; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tuloFXCrr9n0UpSCFs%2FnfI4kZeFl7NMoD9DhNQjVrii6pP8XNjIUpYOshQjyqRrMXrjoM87eePgNh8k%2FFFSX%2FsgZewWqeNV6qGM08DjXZbFbQuOnJblzjuG26yXXNAok0NU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e68f1aee90b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_marine_meta/functions/spinner.gif | 172.67.193.115 | | 46 kB |
URL mozartbulls.top/_marine_meta/functions/spinner.gif IP172.67.193.115:0
File typeGIF image data, version 89a, 48 x 48 Hashbab0ad7ce20e911217791c00bcd4e35b 0822ac44951def4349090998b9ecb153128f03d5 bd750f550a5db2901c0bd52ec564da6adfbad55562b862b1f125d96d9d62b026
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/functions/spinner.gif HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/?login=&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1; PHPSESSID=emgdsit9gpnobqlkdagpqq73v5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:52 GMT
content-type: image/gif
content-length: 46341
last-modified: Wed, 07 Oct 2020 21:45:56 GMT
etag: "b505-5b11ba3eced00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ca%2FN3FC09%2BVjHL8B0jYOJyRYAxfLSDGkR7lWu8b93xdhWCLkAdX1%2F0Zqu9%2BaXOFG69YPqxLYWdIT%2FFHoHzZU%2FbKPikjdYgUwbgbFzlE0Wuq%2BDtG%2BPzHn%2FJLxEulU3Xar7Gk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e68f1bcfb8b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js | 142.250.74.74 | 200 OK | 85 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP142.250.74.74:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text Hash2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:40:19 GMT
expires: Fri, 02 May 2025 23:40:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 112237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css | 104.17.24.14 | 200 OK | 10 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css IP104.17.24.14:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (58392) Hash76cb46c10b6c0293433b371bae2414b2 0038dc97c79451578b7bd48af60ba62282b4082b 876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
GET /ajax/libs/font-awesome/5.13.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 06:50:56 GMT
content-type: text/css; charset=utf-8
content-length: 10301
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-e4d2"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 307458
expires: Thu, 24 Apr 2025 06:50:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ahda87jHaC2OWR9reV4r5%2B5741W7o6hGKr86rfJUcXuiCpesEBnc2cHGb%2B7O04IJh2r6Y3cgqQioM46Z5BVA6mbxve06%2FXyJ2YKmFf7m3jtqB7pt65R%2BIFAtfDILBNr9nAsJxea"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e68f355ad6b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=&page=null&hide_email=true | 172.67.175.80 | | 3.8 kB |
URL wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=&page=null&hide_email=true IP172.67.175.80:0
Hash3fbed96f5eefcb8c520bfcabd5706b52 f2964e2b3311f3f2e7dc5ad96a54d4be72c372f5 694d8e712391d4cc894ea7140b2210ebfedc2fa92c2cf3afb80bfd5969089475
GET /usp_Enigma_premium_users/admin/kfud_loader.php?login=&page=null&hide_email=true HTTP/1.1
Host: wakandos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 06:50:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YwXT6YIS8O1w33nYeWMhnX34iDlf6o1l8ha215yFvQuOrJqeVF9G%2FhIowrM74ENCn6i2VFfXDiwKle41qW2kNviXblY%2F5r8i9AIexfKC2kSnDWPKHC96ulaIJubcoj8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e68f1e3880b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/favicon.png | 172.67.193.115 | 200 OK | 43 kB |
URL GET HTTP/3mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/favicon.png IP172.67.193.115:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typePNG image data, 1201 x 1201, 8-bit/color RGBA, non-interlaced Hash61b2ad5f71e3b5aff667399326f629c5 73352c23c4ef36d897982b29dbee57bf0c1a945d 601bbf7565cf796dea3733ac80ee6f81421d820138f192c9c9b7df9859deffb5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/favicon.png HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1; PHPSESSID=emgdsit9gpnobqlkdagpqq73v5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:56 GMT
content-type: image/png
content-length: 42948
last-modified: Sat, 26 Aug 2023 01:38:50 GMT
etag: "a7c4-603c985e5be80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N2U68cb5426wBWZ2fDhEKge9g%2B6OPFBkyiiJ%2F5pbuKQcuqpT1sIaaWYTFpdSdZ9An7865%2BN2K7QVKxo3E8rrrMxm0n5Ys0A8N6ewHXz7DnoJbhoBPH96uOoWG5u7q4P0PHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e68f350f5eb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2 | 104.17.24.14 | 200 OK | 14 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2 IP104.17.24.14:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13584, version 331.524 Hashc20b5b7362d8d7bb7eddf94344ace33e 260bb01acd44d88dcb7f501a238ab968f86bef9e 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
GET /ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:57 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13584
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e60-3510"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 225138
expires: Thu, 24 Apr 2025 06:50:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o31Zn8%2FV6UCNkLQd68VCDRpJzIAIH1aR7PDIQDjoW7l1bl0FoAmmGaaUm2sFnaDVUUELHJG%2B%2Fmn9GMKKo4jH%2Bgbw9QbiqaJfofmIy%2FW0rbi66qv6EaBpsOMMQIiR8p3bFtuAArc1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e68f3bcd0c56a9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null | 172.67.193.115 | 200 OK | 52 kB |
URL User Request GET HTTP/3mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null IP172.67.193.115:443
CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeHTML document, ASCII text, with very long lines (364) Hasha98c742e1ca574923feac9d0a8df7986 06b7de9b053ca081e65945fe424be2e365458c21 84df8f01609dc05e76c9660451a04e94c4a58ee33c88d6bacffdbf87fdb2bb46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/index.php?login=&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1; PHPSESSID=emgdsit9gpnobqlkdagpqq73v5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fGTsVw%2FGdy46p7NhsTM8WbaT7txBkAUWkwbA%2FPIMhHqOXVvO79%2F43YpjPe9T4mVvc%2BoeDybK2u5DsaX6DDAjoEeeaYr1dufaGioZ3G%2FhamI6Lbk4xviXPca%2BTfhLrAEa5vc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e68f340e3fb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.gCTwf0GZEAw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoP-ZGN-qHHxi5dM0EEICNP69DsLw/m=el_main | 142.250.74.42 | 200 OK | 75 kB |
URL GET HTTP/2translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.gCTwf0GZEAw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoP-ZGN-qHHxi5dM0EEICNP69DsLw/m=el_main IP142.250.74.42:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (1613) Hash416b0fc07995be8d2b5b67aba46171b0 dd355df12143ce031c19ed0b2b8bf512b6c7d5f1 99a05e6c4657850662d766688752248659646b186aff567879d5d159812d1904
GET /_/translate_http/_/js/k=translate_http.tr.en_US.gCTwf0GZEAw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoP-ZGN-qHHxi5dM0EEICNP69DsLw/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75088
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 01:41:07 GMT
expires: Sat, 03 May 2025 01:41:07 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 12 Nov 2022 06:10:12 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 104990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate.google.com/gen204?nca=te_li&client=wt_lib&logld=vTE_20221115 | 216.58.211.14 | 204 No Content | 0 B |
URL GET HTTP/2translate.google.com/gen204?nca=te_li&client=wt_lib&logld=vTE_20221115 IP216.58.211.14:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?nca=te_li&client=wt_lib&logld=vTE_20221115 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
content-type: image/gif; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 06:50:57 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-H_ifd9bsn3otM1B56EcXIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzjEtDikmLw1pBicEqfwRoExEI8HBe3Xt_IJrDicXcjEwB0Dwl1"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=19.SE=TteTzROjLMM_T72b5GJmcH_FYmoX_5SZw-5y0eHo66z1JKZob7HLmUIAFE_y0fvuTOUVSFQw8JcTBstvtYfJfGmXrBGD-Tl6h-i2TM9tdSomiv0ej9glTjhUohtLh-UKfxD_sHF7L_i4_d4GMa66g069eYchgB4-OgPOCyShSRs; expires=Tue, 03-Jun-2025 23:09:15 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e68f078d60b4eb | 104.17.2.184 | | 179 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e68f078d60b4eb IP104.17.2.184:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size179 kB (179163 bytes) Hashf0138dadb8dbf3633cadef9b5476c080 4d5004b15e03dcd27d34f16e009c7092bb6992dc 9f33def93c1adf320539c7717f19f06b927f1120fa3cbd913f80311bf1428e80
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e68f078d60b4eb HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ytibw/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:49 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 87e68f084dfdb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/lazy.min.js | 172.67.193.115 | 200 OK | 94 kB |
URL GET HTTP/3mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/lazy.min.js IP172.67.193.115:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3895) Hash31981ce3478934a1cda1995278b40dff 98bd72fbd634f5be64bd3aa325e58e6241520f87 5992e78ca3ce1b9be202bbcdef3a32d9ebd6a3609bf039a21b379b5f77076f7b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/lazy.min.js HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1; PHPSESSID=emgdsit9gpnobqlkdagpqq73v5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:56 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 11:07:22 GMT
etag: W/"170eb-5ee3568c56e80"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2Fh2onzmAkKdudIzPhOMzt%2FwW1eKt5O9kE2p%2F7DOOUYXtbufmIlZ3jZ3PoJlLYs6r5yM6GIekBZtthT89sWF9Zt7ryNyf9Azr0EKIrqxMsFdgGyeuN%2BgYnBUyK3gBKMjEQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e68f350f58b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/index.php?login=&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null | 172.67.193.115 | 200 OK | 2.5 kB |
URL User Request GET HTTP/3mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/index.php?login=&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null IP172.67.193.115:443
CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeJavaScript source, ASCII text, with very long lines (2783), with no line terminators Hashde85d492a6dce675691d2918556fa4dc ed74660a04048b644c2488f283445a93e5c9624b dd5c92ce6b20e31346e03cd310acf1d5cfb8770faf8bd367c06d8db4929ffe64
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/index.php?login=&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/?login=&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1; PHPSESSID=emgdsit9gpnobqlkdagpqq73v5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:55 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXk9HFmFjTu8fuDRpkUDA0GT20PKRvo44Hc2BiIsVaN5LLJlJC3l0cqkdMoAtYXPKNuCBseSFkLB4z3FZcM6e5gqbH6vGJm0Z3JYqwDp%2FX%2F4d9%2F6Ov%2BmNUPWQapQCjGWB6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e68f32fd17b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/world.js | 172.67.193.115 | 200 OK | 7.2 kB |
URL GET HTTP/3mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/world.js IP172.67.193.115:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (8147), with no line terminators Hash168ce4bb8d0ba0c08bbd4c6ff24d273e 9a25927fc93a26fa817da6f6ea8dd25db83d7dca 981923cf5da0541987755036c02192e5851f8dfd8cbdafb045af2a5e2000457c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Generic phishing | urlquery | suspicious | Suspicious - Anti-debugging code | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/world.js HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1; PHPSESSID=emgdsit9gpnobqlkdagpqq73v5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:56 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 18:52:48 GMT
etag: W/"1c25-605a6a6002000"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d30b7F%2Fi5OhPpnE%2FPUeq33WvOsOenHPFIRmG6vY3%2BwpfJc89bXtP3onzTWpSqdrVr%2FyH1UoUOZUpfBXUBU5y5f93SRXlT6xfzJzO3RnHqkJ2X%2BGYxtCwQEwdbSlY2w8LcU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e68f351f65b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/element.js | 172.67.193.115 | 200 OK | 76 kB |
URL GET HTTP/3mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/element.js IP172.67.193.115:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeJavaScript source, ASCII text, with very long lines (560) Hash0488b0a11637f1cbf4c98b1eb5da3fc6 0af19be63182dec40cc1ac5e44ed3931dcd9e905 ba50c8f42aa8a0da326900248ebd80ef8eecece26db4aafc47042457bbd14529
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/element.js HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1; PHPSESSID=emgdsit9gpnobqlkdagpqq73v5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:56 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 11:07:22 GMT
etag: W/"12812-5ee3568c56e80"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DP4LgVAf73APd43x%2FThE7wjTigBPCeFpfCaso75Ks8x1VTJ7VpP8EwCj3EA55EO0gaAhejF41ikl%2BAO9%2Fz%2FR5VXaOyZcpMWbavfKwSGGiiLpZpzntjImk0IlDHMDlroz0qM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e68f351f72b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/bootstrap.min.js | 172.67.193.115 | 200 OK | 51 kB |
URL GET HTTP/3mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/bootstrap.min.js IP172.67.193.115:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeJavaScript source, ASCII text, with very long lines (50758) Hash67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/bootstrap.min.js HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1; PHPSESSID=emgdsit9gpnobqlkdagpqq73v5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:56 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 11:07:22 GMT
etag: W/"c75f-5ee3568c56e80"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2BJMF6Uqcet51wN5RwTzK1R%2FR1zQ8Q%2F1DKs4e4jt%2BL4Lh37y2UDWf4hMiHBeLjlWk2r0YPhCSBgcFVxOKWh9Ggst%2Ff3p87ZtqshyVYlgkx2YarNFz5VvwetQu5iMdCItGo4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e68f351f62b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/favicon.ico | 172.67.193.115 | 404 Not Found | 302 B |
URL GET HTTP/3mozartbulls.top/favicon.ico IP172.67.193.115:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeHTML document, ASCII text, with very long lines (313), with no line terminators Hash291bc76aa6afb795fcf0aaec04864d82 4e2b042bc38f18adb351893551a4ea31c6217c42 6d0be7ec98ecd1191197ca744fd519347f5bcedad054f6b5dfa71623e44ae3c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1; PHPSESSID=emgdsit9gpnobqlkdagpqq73v5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 04 May 2024 06:50:57 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJkW%2BwS7LU98BLQgr1lBsQhissSjLg%2FYN9sGR7vW40yHVsu4urO560JFMVM%2FZnCEd8RwfN7cYiSz0mmkuUgt0ClEiFvQ4lceO1GVh6bSvaclCJslX2B6hsssvM308wjh8uk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e68f3c0dfbb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| translate.googleapis.com/translate_static/css/translateelement.css | 142.250.74.42 | 404 Not Found | 0 B |
URL GET HTTP/2translate.googleapis.com/translate_static/css/translateelement.css IP142.250.74.42:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 May 2024 06:50:57 GMT
server: sffe
content-length: 1602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/jquery.min.js | 172.67.193.115 | 404 Not Found | 302 B |
URL GET HTTP/3mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/jquery.min.js IP172.67.193.115:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeHTML document, ASCII text, with very long lines (313), with no line terminators Hash291bc76aa6afb795fcf0aaec04864d82 4e2b042bc38f18adb351893551a4ea31c6217c42 6d0be7ec98ecd1191197ca744fd519347f5bcedad054f6b5dfa71623e44ae3c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/jquery.min.js HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1; PHPSESSID=emgdsit9gpnobqlkdagpqq73v5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 04 May 2024 06:50:56 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7D7LyOghnZzZMAq6MezLsycrUSLwdx%2B0EgWc%2FBVkYRRmnK7vKKqz%2BfBKsEi1vFuWHeeod0yUlVOjOtBRTzBDNQwJKcL8Lrrk0m%2BsvLug8tk3OqNwRa5zxUDsilVlfkxFtqo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e68f350f52b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/style.css | 172.67.193.115 | 200 OK | 452 kB |
URL GET HTTP/3mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/style.css IP172.67.193.115:443
Requested byhttps://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeASCII text, with CRLF line terminators Size452 kB (452452 bytes) Hash9e4c341286f64a30098a5d74a2b8467d a437144b96f3ce5f625b2d5f972ee945f042305e 4cf0ca7b90144acb209b510a8d73dffd5197caafa83f545a15cc6071c6933acb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/resources/style.css HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_marine_meta/zone/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=EG967tfhwDISK1jT7tDApPnzcKyLVxwA7a0N09rzYtM-1714805451-1.0.1.1-MW_5CFtGQcvMd.Bzh_k.ikckLIG8DsO2pkgyLvLcOnAKu1RwwHlk2eKByOurniXHV3ducf.w1wBFsQ4rmbdQLg; captcha=1; PHPSESSID=emgdsit9gpnobqlkdagpqq73v5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 06:50:57 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 05:47:16 GMT
etag: W/"6e764-5ee592bafe100"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uzjWa2uK0b9nQbLVKNn1ANEy6knLspMOWCYeKjejAFiRlFoBQGvDuN7ywcdOBTZvRn7RSk2MptZwalz03Hfh24Wub0%2FJGtsa%2FX6MGJ%2BPVRu1FuRWxKqoxQc05YDQzRtkzjU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e68f350f56b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|