| www.googletagmanager.com/gtag/js?id=G-QSD3M3XHPZ | 142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-QSD3M3XHPZ IP142.250.74.168:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101456 bytes) Hash9859b866caddc91062742375d8d06f1c 49f36b0fbeb4bb92484e6b10a7bf7c3d68a5543e 02d79a9f145938add29fe2c7179e8fa741d033308c5bf8dd1199b3c462409c84
GET /gtag/js?id=G-QSD3M3XHPZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 21:17:38 GMT
expires: Fri, 19 Apr 2024 21:17:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101456
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| adscashnqx.buzz/login.php/assets/js/jquery.min.js | 104.21.94.106 | 200 OK | 3.1 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/js/jquery.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/js/jquery.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6uYGBu0XyCmihke%2BNW4Gi59yo2TFt1GPrxygum4th8pQp5RpVD6N%2FKBkz2H1xm7XU%2FPL5aQg9VhY3K7MvZMyGoGu4NJULhp5QtoHdQEpVZ6ZfY%2Ft3CbRFqkN1IIzI4sUQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2ce871b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 3.1 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJRHy8SKz8LhD%2FR53nacmXuzqybE6KmBFqXH1MJbt%2BVLfeCTTdPlzPeaW5moULJtMZTIrC9NgI9euEFeKeEA9MaIaGvfyQg3QSE8A9OLy7BRVB2QvMhF47rx88%2FrIqk2cIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf883b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 3.1 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BL9qVhWdlr49hYy573wXs%2FRXdo49bfrfH8yBxfcYfiKBw%2FkIye7jBg0QKhjudZxOo43uXQ%2FUxw2ngTsaueiU2%2F%2Fqk9MRA0sOX%2BirAZNKysez0xNUoFkd5zn39kfl6IzVo0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf877b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 3.1 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2je%2F5AOQDNo%2FEjEvhRcLUXiiiyyIJwYvs8KzbzB79CUkU3Ezs0ClIn%2B%2F5aC4ZSzyRkLJUGAk9sty0l%2FIGOTGVe5jufQ0nbxGivUnIlgUx6Tr88siF91adVCkvi%2FBXt8j23k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2f8aedb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 15 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y0RDxz%2FbAY%2BI98G9lmJ%2BbmM9Oc8cCgct4ViGtfjx05UJS%2Bk8rU0iGBiKRhyhTCUBaejPGeeZvzGzrSx4gVRATpimU%2Fe0VWqtlFQpNE%2B7B8rlOTdcWGXRcvExgK7qts27umc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf87eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 76 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OMJhfzEpUsd8GNejIvTSjtXpHaVk2w38zTWqJKlq0IvvQr8%2FTY0%2BZebTxEFonS9jY0mAK%2F%2FCS9SiEjogtHKCaEgxPuv%2B%2FKk3Ren4ENqD6Vdn7u0cdek5S2nbwIZS6ottuos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf87db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-QSD3M3XHPZ | 142.250.74.168 | 200 OK | 101 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-QSD3M3XHPZ IP142.250.74.168:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size101 kB (101361 bytes) Hash9b30bd2e0a44522dc980013d6d91c1b6 71c6ecf9f150e40bd1a3c0bf68562f9b3d43f75b 170a4f7d007c469291f69f71ab2b3f2684ff5d5fb71d0fbf65b357aba9571faf
GET /gtag/js?id=G-QSD3M3XHPZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 21:17:39 GMT
expires: Fri, 19 Apr 2024 21:17:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 88 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash55e22333c4750b9c1f1781e5550d345d a4ab1f559e194b759a0712ab88dc6898479d0fde b454af7e7d5fb895c4e0f938938216ff10160a4d59297206facd22f4ac65a892
GET /gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 21:17:39 GMT
expires: Fri, 19 Apr 2024 21:17:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88518
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| adscashnqx.buzz/login.php/inc/assets/js/social-proof.js?x2223 | 104.21.94.106 | 200 OK | 78 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/js/social-proof.js?x2223 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/js/social-proof.js?x2223 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9RsSv5H2xl4bMsaedIcAdPclyvsvZ0PcUzjgprMDkFC2GO8FVm1v7YvjQ79CHM%2F%2Bn8qLdODhetg5QVb9%2F283nn328ZK8Zig66UFZXd4yd9TU%2BhC9sOM1iFgtDuycxAxS6vw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30ec31b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 88 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash238af08500bd61670eb2917673d98d00 e7b8679d310bcb364919602041342496cfbf8b2d 35175c5ba429984e3b0da2fc297a26f558c893be996fa1721ad2a5b2f0b75960
GET /gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 21:17:39 GMT
expires: Fri, 19 Apr 2024 21:17:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| adscashnqx.buzz/login.php/assets/js/bootstrap.min.js | 104.21.94.106 | 200 OK | 109 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/js/bootstrap.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Size109 kB (109224 bytes) Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/js/bootstrap.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RMtN9Go2XiTpB07nVBL33eHT%2BtLJFF8%2B1ED9t85FVPsZczz%2FOxLILot0JTrgH4A3ekdiK67EK9nv3zQvDfoIWZv95xPfOLUjeohmILrOASkQ7tc1ZR8nyx4XeMzbc8is3eA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf885b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=UA-263154244-3&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-263154244-3&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash7ad8106b5840df13002beabaa7aea0b8 2933f6f78f0a7704b17d00461e6ad6f170655f5c f32b632db645816e8008d712ef861d3ebab1cfbc875d34f3a28bcdaab9c198d2
GET /gtag/js?id=UA-263154244-3&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 21:17:40 GMT
expires: Fri, 19 Apr 2024 21:17:40 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73182
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 88 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash5e9f67f0be01321b67eee2d04da31e8b fdc86e75321caf14983db5f1a78ce5267dfca2f1 0353a8ec0e2ed18fc81cb102d97b859ad8b317c9032d428084cb472743b99a5e
GET /gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 21:17:40 GMT
expires: Fri, 19 Apr 2024 21:17:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88523
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-QSD3M3XHPZ | 142.250.74.168 | 200 OK | 101 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-QSD3M3XHPZ IP142.250.74.168:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size101 kB (101361 bytes) Hashc32db645b57a7962098a96ff77d1bc79 bce93106d499465d231435c3fe6da17b9809fb7e 177ee812eda3f48b0f16ca00a571fb98caa9cc0d1cb023ec058cf9a982d18af0
GET /gtag/js?id=G-QSD3M3XHPZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 21:17:40 GMT
expires: Fri, 19 Apr 2024 21:17:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| adscashnqx.buzz/login.php/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 78 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQGNhjbuAkTzFmjIxUmOm64PAp0daAF2QAmfKjYL4I2VdtThawp0GHykd%2BbNV3ioetC6ujCq6kyXzQyuX2duAIVr6USdRrRL5jLfE4Y4A2Z2jvWvosIrM4lMMv1fbds0tCg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec36fa40b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 88 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash238af08500bd61670eb2917673d98d00 e7b8679d310bcb364919602041342496cfbf8b2d 35175c5ba429984e3b0da2fc297a26f558c893be996fa1721ad2a5b2f0b75960
GET /gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 21:17:41 GMT
expires: Fri, 19 Apr 2024 21:17:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/css/font.css | 104.21.94.106 | 200 OK | 107 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/css/font.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Size107 kB (106603 bytes) Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/css/font.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhKpr3i33%2FED7AqkZVdYCEV8a%2B0K9yzAy9FEpMFCI%2FFyIrIxZPUQBDnYaQgqnoQMXfx%2Fd2%2BuQFL9qSie6z6mySOL4UGh2J8GToVQKY24uPExy7uoO8Jua8WE6JzNQXjvTgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec384b67b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 84 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B0m%2F6d7FP8AsKoWYWuufAqa8KjNjA1zye3lqRHgNSf4BNHgr7zpl0chnEL751g4tWON9k9jFsYo4arrT3QdVBgt37ZQbzM8uNqlE%2FRlNKR69DWR4UgHaXdGfpIBItUhNI1M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec370a44b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 91 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rLPunIQNAkVUMd5cEFf5uB2ufFMCozmNzKMuy0VO760tn8eEy7vsKtz0ncz78gJxn3DES%2B48vueDhgCObytyfmDGfnH3dT7%2ByFwpEfk8pW0DGKiWj5OpOpGI4JznLxhvE9g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3e2929b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 114 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Size114 kB (114466 bytes) Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dW0wQ6qjjT6fNsTN7t1hTSH1bZbLLlskIumME7Be%2FscSmCwzHGogqh48mhvyUI0%2FmEvigVTrNJx3XKIi%2BUQr7RJJyA4fou%2FvBCTn9UIB1EbBkK8%2F9K7ZHRjomuho%2Br4MlUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec335e9bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/css/styles.css?d=3 | 104.21.94.106 | 200 OK | 89 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/css/styles.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/css/styles.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7w%2FSBhTPovghY0GAria%2FBGaI9a9xDaNqaHMXTmzyxwCtGtPtJ0qbMNS6Rqh8wSgY%2BqJ0E5ge5N33NgJ%2Bn22QAvzJn%2BLFONMVAypuY%2BRkJs7vTsmEZ6nhSfXfSXcyqPwItfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec384b69b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 96 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3es5vR85jmHW9fMJtaRGshtUpkSVZWAiKcpkByLaBxKO3hHXxkZi6TkvwIXaWRFemtxQ%2Ft2%2Bq19tykLjHqYFqquShuLOUy8VafGShZPimRgDbzxEzwzxGAdbA62xifcqzac%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec335e97b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/social-proof.js?x2223 | 104.21.94.106 | 200 OK | 109 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/social-proof.js?x2223 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Size109 kB (109317 bytes) Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/js/social-proof.js?x2223 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gil9zKszkRa5ZTyrvPrniZ6%2FQgGvF8L246vpML3%2F5nOZk%2Fjq1uGtg4gLq6FyTgm%2FeVIh0Z0P22vdIlF61Gvnx0UkferpN3%2BkjR3O%2F%2BuC%2Bq3a7hgcdphukCuBUgfiTyiVyjM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3beebcb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 84 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khKxnlmUrHRpv6vah0RTOlXkjxw3st2PLvB%2FiHDXGO9NlMHm0wik%2FPInzrRfSEpI%2F5HtGXIR1g3W4y1EggD7GVwdxYHKun8td5HOqbw%2B1uAjlrakw9VzCtM36BxZqB1fPTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec335e98b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 96 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NW%2FuNstYuD4QmbgET0eBDkF2JcEfTg%2BMI88wBadb%2FkTjra15v9qmGLpEDhbwWRKl8fEi3XO%2B4s1yPLS5bH1SoOcjOQH2cm5ZTkicYNpI7Bf88XqkpktGFdNuMV5VKrIwR4I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec41fcbcb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js | 104.21.94.106 | 200 OK | 107 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Size107 kB (106603 bytes) Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJHJu%2Bl68YIeWcZZw%2FaxNQxix%2B3QY8iyu4arPrX765oZKhmS1qgFyavwrXFrvlBHfsSQxpJN933viOyZvCKPr97sLU69VbA8gNiLzaT7%2FAcVRdf4h7hyfbWkcb9qGlTofzs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec431e10b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 100 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u1D7hjQvJrf%2B1Tifum3O1q6HZ1FD1%2FszIODC2qrHUEFdiSGnLoQuYvuHz9duTp8lsRx%2By9kXH8X078BVAjNz7lln7D1Ve4OrCOQTq7v57KmtuutcKEXey2UnePqN%2BgxfaBg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec370a47b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 88 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash8ca4887d2339b3bfaaef42ae987f2c69 28753eca7051ccde9ef5a5120fe93ffc5600729a 6bfcc61ee556d72875843c6952918d660dfe28185df8df51ee8ea8e0f0a14f53
GET /gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 21:17:43 GMT
expires: Fri, 19 Apr 2024 21:17:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88544
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| adscashnqx.buzz/login.php/inc/assets/js/jquery.toast.js | 104.21.94.106 | 200 OK | 122 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/js/jquery.toast.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Size122 kB (122327 bytes) Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/js/jquery.toast.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4SLD%2FDIwDkDsl8v5gxkpj7JslLz0%2BoRiV2hoelfAQ73K0Tvjgwoo%2FoE9ZK%2Bmmv3l1T8l2mGmwVM5tjRpiuBokm12AMC5Dtu%2BCrBLzQdZZP8OzgsEsPTPXPIN52zpMlk%2FKNY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30ec2fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz | 104.21.94.106 | 200 OK | 84 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EBSVh0Iu%2B6hByhaMPZVaQWw9rDzFZq%2FLqdvtMTeBfa%2BbQYdY9sZAuHzdss6vw7BOG%2BtIjboIFLSVWuzTeNVCBNriADC6V%2FayNlqcR0XTLbXoArvEWKrbfJFY8LGIalF0mOs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec36fa30b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/font.css | 104.21.94.106 | 200 OK | 99 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/font.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/font.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mQmeNlQHESjmbFf0zR11YVJS%2FMkxyjNHVF4YHj4zJKbH0yVyRBzrf2RwjsR9Hl1ADj9vtcYLLYtEyE8Pe%2B4d7Jo%2FD%2F8ztmTcT0rkaxXzUHOp8lzLL1olKFRpR8YydWMs78w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46999ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 109 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Size109 kB (109224 bytes) Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xr4%2BrgccWv6S3MsCvTUHSyhk%2BXNN%2FrYjvOWuypEgJEVi1Pe1DwJ3MiDJiaACxKrLn%2Bbmv3mn5ogspo0X4KLSWZu63yqoufds3ARiU94gTeEv0OUM%2FcMln4Fi2XFaVVyMqDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46a9a4b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 81 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L9TNGWmDXsb0ItCDDG8rWaHypER2VfiDYU6EliRB1pPvxTs7MXTZH%2FLIB5z2KtGz%2BbqMMZkb9RLslqih8m9nQ%2FIBfRWTtq1tbmz6FqK7lU3mC%2Blwg95ax9GMGL2M%2B0UYzPQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a6d2fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 89 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash8fedb3eeab84a3768ccac7e80c2636cc 7a83dda30684fd25e144c7099a03f80ad5572723 288cdc0a5b5c68a4f74126e32162b4790b5cb5d86339eced74759f9201c6c8bb
GET /gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 21:17:44 GMT
expires: Fri, 19 Apr 2024 21:17:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89086
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js | 104.21.94.106 | 200 OK | 11 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Q9QswC%2FLiDpkxYTwjTVm78ceG06uHKllngcvEE6eNsV4SdN9ZB2FObuaaaPAjGkz2dp%2Bj%2BbSAtz408QXT6LA2R973LrYZGm150VSqmWKsERgKEXNeeq4Ysv1fmgSa3OobI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec433e4eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBN9nmM3Pf%2FGdljIHS6iytlVBdjmr0GMrmCqLfu59ammp4i3BtTlvyGsW8CIcL7q9zJo%2BZHweIiknVSamrm05ksvWS%2BcQieCgc7pNLrCUJ5Q7jLzHtAg2im7TW1gXCmiltE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cd821b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/intel.png | 104.21.94.106 | 200 OK | 8.7 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AaEmh%2BTzLlX2lGN5PJYwTaZnD%2FThFb92Wvp7vpGcWwdDwV45b0qpyAJlxVv5EOpLvDmrrlZXQ6Us%2FgaSYupZLV%2B5PgnPmCgMkMbenww9rK5PY7s5eku5%2B3W%2FnXxnDU8FypQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4f2a2eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJ%2BPfT19vjfE4ee9Gzh2H4k5qWOCqrqyaoMQO3ETO3W%2FTtMSlT2X0XMKu8hhoVifDWj%2BMCz01%2FRgaK%2BVb0xfiQ61v%2F8P%2FtwPU2ixBIdCaB63qvCLuxeMTaLWY9rGxZlGEuU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cd826b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/css/bootstrap.css | 104.21.94.106 | 200 OK | 8.4 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/css/bootstrap.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/css/bootstrap.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BeQuwe0ho%2B5k4jkujASlHjTq%2FARZ2ShgnfOwLX5gM8%2F6%2BFaTjFsgiNHnOSngJEbZLoddTv9sng%2FuI5J5ebdObySD0t8ZA4gInIW1vp4GTyAeY3WqanuLmTg9ph%2BZRMCStDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3f7a58b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz | 104.21.94.106 | 200 OK | 36 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeHTML document, Unicode text, UTF-8 text Hashac83635f936423f3440727010c04e4e1 1c13a94acf4996ba9cf47e8dd9c5e4376b9cd379 0601bb4b4bc8f4a4bdca89a3d81a52ccc51b056eb824eb5708dea5a8a99bb4e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/mytongji.html?utm_source=adscashnqx.buzz HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:18:05 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: loclang=en; expires=Mon, 22-Apr-2024 21:18:05 GMT; Max-Age=259200; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKEvU3P%2FwggzuDRAmaYGb%2F%2BVE0PWw8ShKtKQzIOvxq97nsv05%2FDrkhCE%2BSdzfHLnaI82%2FYcjGSwaGf5BOVFVvytR7z%2BN2jTmeJyNTeBWAaI8SmdHkWWR5v%2FiUvChe1%2Fhnyw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fecd13a89569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IwAKveEPDNjddcrfy2rIcLsKeFzlsIUmiGaGNCjAYhJOqVgKUtDs4UimzsGkdYuYgj9RAw%2FG1AUNIdATNdv8Y7qYlxBTrrq1%2FuPmLmwbBe632d7z45DfQ66LyQ%2BN18dMTM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3faa85b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Ueh%2FstlNVIGEGrzuagLbFnTuGhzPuzIU2KfQTiEL79I9V1NC3OQOU5B%2FcjKwNfF4GDRAsiGq9WuisftLxC3ypjRFBr4Cl5zx9Zv6TUFJX9Nxnm75gudPJHc%2FAsTWn9uXsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec41dc94b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/js/jquery.toast.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/js/jquery.toast.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/js/jquery.toast.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KA6Kz1c6vGh4dMBW4tRwgOJg0QOlEe%2FR2PxdyLBoDyjI4exMHDByB3dBJHIlRRsFGsU1i5mc6yjrAClT4AeulIaHSA1lA0uK%2FO379xqxh7DaCoy7aJDHQK42YkM5XtFOxdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec34aff1b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLJyLCovPjdOIMwtw5zD0XxVTIBZiJ0Mcnb1BbO4zKXRzTzCc9nJ0KXTuI7YVIeD1sopyovzwY4FhRFjTvQiV%2F6XDv2HuMoJ3CyfD6T3mboSKDAVMjtD7CfF8wwTDdMsVWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec432e34b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ra9OAIYEcUxj%2FCFIctSm6mJCc4xq%2FBkDuQAUCIywYqhzKA7HLUNqxqXvGQzazdBAKaMUYANLFbRoZZnCfoxcR5Tz9MSu8elbpQL5MW41d5G4Ffl8cNym3SnHhJ2xnPp1lDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a5d20b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oli0ZSORyEO3uL%2FUyAh2laNgijKcJd6G0Gew97lw%2Ft7%2BllORncWHkQ293jgdfgwS%2BUWx3MqRpkFInnlJBtnDG%2BRxfLVCP3yLlBPE6ADVURlRkhsOStPSeADgle2Ncm0l2sI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3bdea4b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHddZ5LLuvy1wxUwdzWmEKJqmmwQxuWowFepO%2FgmjN8T9hYTQCnijhPzJ%2BDuC5OyFiqcqDerSgan%2F%2FzzWwnPPp6ZedZWIZemB7k8ztXRU4xZCM6FElT6Jr%2BZ%2FaeKwMaPHGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec491bfab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=je%2FJoaP4NFicKKoDYzO%2FH0yeRJjGAw%2BgiNU3XkRUZVttC21qsXPmPS3%2BhiARaBBT0sCzD%2Bf%2BNcXqoi8ydFZYBLKVRWGzp0Fa130GuochTqxzLuqt0U%2FnjNx1WTp7WT2EeSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec492c0bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1DV9Gt4RxJSEp74yuK5jZbWQdYekozgvvjPfgxVTGTPXr9b2cZL%2FUNC%2B6%2FcZUaq9Ks18NoVHgIzblAB8YaG6ZJ9UWI3NTaQO8gSChk6YSsQWAjbfDm7hk%2BbNK0MAQNj88sw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec432e23b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kisipmvTVKPctKJ1Bno3reDeIFhmWWdwFZ4X8TMDWjNAe7rLbbBhQbhdYsFAybnEyTDJQL%2Fhp5JgZOTxFjHcuPsIEF0PrPb9nC7gUmG95d0upaBA08rwKua9vR8RP660rxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4f1a22b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kZUFt1KTgPX4U93Ios5t0RUnmsQQxob1Ly3CLTzmlWlFIi9kQ5y5E039JvVyzTbr5EeiWK582ANSaTAovn99y20r06WvSxr9Ie4r4UHkSlhXw32cGwE%2B113lRC%2BRqNtBpbk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2f8af0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMpFWLxQsr%2BMQ7CmY1cIdkIPZlxkMipCk22gruKHIX2UragPq8eTfR8PZK%2FdJRziyGt1oE1pnx4Rj0KGOgc9oKao%2F4khqHRaMwrugE1qhElPSVrjPGTEpioR9wMjT2rQH3M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3e2923b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cj4RomxdWz2U5S8Grx5hn4Osl7pn8XeauSvFDvgXxwxdRLRVvgeL2Y0a%2Fk88MHHfDD8sgnV9OfTdGZprRk%2F4BschdPXWaseKyYcccSc0epG%2Fx6VgVERTA0k4czohyJZmtOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a5d21b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3AItc0LL0%2Fl%2BFEnCx3oRlHMBsAUs4bkmTqqx%2FASC00Gqi5hLWrEbJNJ6ffUiSWGXPDc3fBNq59xShLkG3co2HEDkeyIV4l4AylHrgxbXx4myzyt1AqSdfvkMrDYYP2o4R8I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4b9e5db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZoxrOCoqT%2BCEakPYuekI5MdYith7Y%2FNRDxTf%2FPL7VkeY9Hcc9Q2wxaKbNp2qdKEq%2FHzAOHfzGcR0Km%2BFCiLOH%2BP7hm3TFjpsR4dHmMV0zeejFElZXopq0c5fCTCDJV%2FQNxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4bae6ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i9Za5Oh8%2FvDu0guSxZOfrU0vuLp1CUnn1f59dhrL89Fvs013fk1uCy%2FJflrE4IXZPNG0baXAWl1Df3mL1CmLYyA0CPZ6N7%2Bc77TXL%2FRcEjbbZQcwSJOVuxCQtldmgtKyaCE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3f9a7ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYbwGS7nfrvT%2BuF4j4sWdh0EE18M%2Bqwo8F0%2BYEXYwl7IqGUD2O8g46rVUl%2BNIqHdJnyXxoxxwbvOAh0VVoFSAJAg5LZdS%2B35MsQ6byxcRoopQfjHmgn7CNcJDGmJgGN8q%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec433e38b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0w0jxHZnFlMRgC2mEHa6F7fAkpygZ4l8vfukHNhxd7AwVjZ54jJ8hOFPFIPmxuAKDKysg4BEEKXlPtJpjpfIjUKlO8gCS8hk4v4DNaVhZdxR7XFFE0kbfxU22t6ONX6UrA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46999eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4qAzAGhqT3jfro%2FiDya2qtIhPHzbt5RHagPcowFFkKt996O2bsf8qCC6%2FM23k%2Bs25g7gvOpbhYM5aod%2FM4z7n73q0i4nPKB7%2FvPqouTLw2W%2Fo%2F0TvHFvdevHJmArRFoqCg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4f2a30b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=irt6jogBdaVsPYjYRwRYcqO3JRDb%2F0Wg3WCRyg%2BGdF5mx0tRIhKSbYZbKgXViet%2Fqp1DpP0zNlh2wQT9uVqd6fP5YwLNcWgL3qfr8n88p4DppYXTFWo8O0nfYS06zfYsnjo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec432e29b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/ | 104.21.94.106 | 200 OK | 13 kB |
URL User Request GET HTTP/2adscashnqx.buzz/login.php/ IP104.21.94.106:443
CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/ HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 21:17:38 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: loclang=en; expires=Mon, 22-Apr-2024 21:17:38 GMT; Max-Age=259200; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cK5dWNUTkl70JVYntfJU8pWDUV2Hg2M5L7G%2Fo0vZibxi6kkSobx81s20MiwxgVUXa5AKv%2BwfKjnSK78amZrhteD37yg9q%2FqXd7IA3jIT1boeM8n%2BH1MZC52ESxBsOdJ%2FObQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec29efa10b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/js/bootstrap.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/js/bootstrap.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/js/bootstrap.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tuMuC53iXHbIzRCarVIlbb9737UtpdBbwqUDeUaB7fIFjyyz1rCZRM2g0K0SVWjYopEVC6mcLLm2HGUy80%2F4lBDcROeoIZf6sv7X5aoenz3lA6CucvECv9Cgdrpa5NUT%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec385b80b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pNJN1pz1%2BDm5dtTYHVG%2ButBoJUtTeSpGO3hDdnEvfKl6hfWkgR9c%2B9UVuYpntdTZLRIk9LK8u6b8%2BtLihyelBAfIcH2pITInuIkVLNrtn%2FiiTiuT2rj2WGMMKMmWB%2F6oek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a6d34b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/js/popper.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/js/popper.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/js/popper.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8AY%2Fm8c0GE8mUHW0mf8Q4ISAja4l6Wq1dSNByl56fqfkcm%2FYDMnn8nY%2FVJlSMBhYO0%2B5y1ip33pxzGzT6%2BJSo59sjd5YPRN584MSSb1aHmAF2S3WfFCHPneZYqyqxICsTQY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30dc25b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/js/jquery.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/js/jquery.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/js/jquery.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnycDiqLbWChqh2FUHvV3dNC%2Fy6Zn6Riql0DFcQA431ts6RnkAc5Wao91718odfNt2GsXnDQUCvGoYOwJRfzOfGiq7Fy5IlzRyQmXAdf2tWurq8t2kMgJcug8ubDIlpfypY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec348fd2b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/js/app.js?e | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/js/app.js?e IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/js/app.js?e HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=npS5uuuX7tcdtnlrP6DYt6bB7DD%2F4Zonotk%2FoGpkSep5Itt7EvkVNVNld0%2Fg0iKZ0GER8wJPD2RSPLv9z1Pzz2cSluMQdllNjp%2F0IQ4sWqsswZwcuoiIXUwIy4vvR%2BywHmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf886b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLwbepioYNJh1f6tQIXVvu2s40VBmR3OvcDyQHfh6sOiV9BJyxbzxYoQoFdNDEU6EdetGxJJTCD8oxxCxS8UAyfo76%2BnL7020bCgmNtIv2WJF0lQOkriCZu%2BZ0Q6DVspWgs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30cc10b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bSS%2BObzsCqleCiVR6DW7yH3Cna5hIuLrPt%2BfSlCtV6gBpjJbX6DZyhg1LrXGYqevoKIS%2BFXKARsH7YD8JxFmJ7sa10NRqbMFMnTnhlZnBYsN2EmILLgYXglUMiLUdEKjMSE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46a9a6b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VDclxPBvQa9q9jZL3kXgjZN39Y3IbQlETJh3d0%2FvqDUxS%2FiclfljdDPrXJMQ3uWEjm6oP1YQyjC8TIlrc%2FbLje3ikzwapDiaZ9r2u8fBvBkjOs91ic%2Blc3RTX7hEmdZqjH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a7d40b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n88ZFKnd6E475XZ6Al9xMp2wXEqZSE4c7YzewCCsZu7vvNYZIHIcClNS1akN0ygmxDujjnDAJzHORi0rOR23uxsnV%2Bja3ZvmIEGuwzzKUH65TyEz4kvWhrf4kFTITu5x5ig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec335e93b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/jquery.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/jquery.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/js/jquery.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VnB4DbYFMQuZ%2FBC7MGwqXq4PTz4Wi3nbx2tieH6IRXxjtK8F%2F9We%2B2Xs7mrclH9sLXAgHbp4CXxo0q5XdUr%2BI3B41cats8y%2BURJ5LAGIAsw0bo6gOaLjOx7EnPezP%2FOy7u8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3f8a6bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1EMOFEke6cFNMTVWL1eV4SP%2BBwwyrA7398b%2Fdxxiq064oq0Yb%2BOcPPo8pt9Yy%2BM8uJsrxE5%2B%2BDVBb40Im0zKATWL0ty%2BH7v%2FQG3Uytnl8Qv8MpWArG4ExHdJHEgOP9nWArQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3bdea6b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LcA0PIlAOXSreDe7x8NaXtg6EulaTXYD73GpvnW2Jn5hs6%2Fu0o0QHdO%2FziQE4dXoLu9E0mGyZlWXTcc7e1bnf6FCcG%2F%2FSu%2F2UHvtXl%2F5%2Fo0F2hVIKjYLyBCPv6sl5PN80m8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4bae67b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ChjerDb86PVjJUEISJ0%2BRSEUHWBJtdHaNpngzw0pxWd8mOL70se7dOnCRGAPnoetbXj%2BVPRInATVj5SByDVh1ZWpShsCC4O4sMYgnKglc5BuWxdPolu3Bt2JzdtP%2F0naIoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30dc1fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3HgWDvrRnofjCJi6bp3TMsBkoXekCdsTPPaGN%2FD8SByXCIFABlfxYQkVtJQIzLfwAt3NZpkGr1kc8RFbhnziz8d31kTRGmL9dOKNZF1aJ71Xl6o%2F0BdAJOnAtiu1wjFaO4Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec348fd9b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C9RuByv3KtH67Jv3mi7RZOhMbMjf1FAc1ZjNqZl9%2B3XY2eT%2FjGEL8ht6nXuL67fAwkpbmtQguu%2F56ZIEDz8QMesYDx9hAn3BDyrHRh5Gj9s%2Fekx%2FoWmPEpKEn9OgtRK28Ec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec349fe8b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KrTIhmrPQwWx1Rjt4lakoXkhn1vzqQM9ffzs4RlumDvzvVZd36SutpbeezxLk9zkkaKS%2BtSiftaX5R9fD%2FFMudwnGFw5GDHEUTJ8f0nfGz%2BCmaoxDkuM61cvLbvjMuGgEVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3a9d80b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/app.js?e | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/app.js?e IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/js/app.js?e HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3S3E%2BItXNpxvNR78VFxOBsrHu78hw5ba1cZSJWUjKTTPXVg7ZoWAMHCOl4b%2BTzmjLuj%2FCnmL0A5nDZUC2pO18e4cZPbEqiAVUlVu31UcmbEKgoQ5KqTa2%2BxnJ%2B33Aqpdnw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3beeb8b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpBQk6rRtdhkuudNxanOSFGC4OhIWxMdS33O11CvZErpFdi%2FSg40zMUDPKPdXS0CTjqzTFdzq15v19BWnAjSixztW1bFGkWSSmc9oA%2BUHxY7LToLssPtpHIhQ7tYlPXB88g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3bdea8b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3r5hnKlEFJ2q3%2FNxdVzeo1ovvgggnDzSHEifmlDU9ujs72%2Bo%2BAXyBXjBePDFQNh8I%2BKw27zc%2FqIazp1pOcmRuFQm5w2Jydb05WojSjZLAYkDHQIiCdWqDJc2HWCSZsW6%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3faa96b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nSxxpR84zAEf%2FVSWhy2zSNi6W6Jepcr7wRFm8vo1oKafDciBoQyEpDv874MAyXhRPNp0XRI%2BcBNUY7Gx4XPAgjlO9N5EkfAoNd9lJWQ%2FJsfx%2BKwloUEV7VYmfaLH0t0Z%2FIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a4cfeb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o3QxFAD4Ecp%2BcHDKXd5%2B1e0nizS3c1nYmlk4Cvh%2Btd6jY%2F5KcgDTX1hNBSAtKtl44UlImT19P8j3FjbP0J1Si8dlO%2FN6XUoeOYfRG9QyQ1X%2BxhbDNcyJIeus1TjBchp1csg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec335e95b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVYK8gA9GEOl5XzdtaBAk4PkRBd2guukVEIODlasKGzz1tTy1jQoju4N9uYgTYVszP6e2ot1oNkeA3gXb1UaJ9WMBaWa8ZunHgQXGF1hEb0nSIPiLg0TYQiAS4UPOTlLvFU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec41eca4b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/app.js?e | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/app.js?e IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/app.js?e HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YMFN0GDTI0aYQH5j%2BlgSRZPzipMAG65XWM73kBNKO%2B73PGAc7t3i0eESOGkkfY0jsXIkWfNdIIcEFBrud8BEei8fPONeaDsPBt1hG2yQ%2FC%2FdwvzVQFLZN3eOdmgobxT6rd4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46b9c2b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5j1vWt03sKqGhL0uXQ5S0nFHXn3Q50EA8UdpK2KjE%2Fe9nIpAq7BLp5LT0wBOjMmwS4nYt2WbOD01%2BHDwC%2B0jUqZOxjPgp0VB71ubICBwGZTxgs1fgHf6etcNgFOqqs2MVQA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3aad87b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rh7QKepTVF7JvJbKoMb5MSbTP1Cgbjjaq0v3tEofNnEaXcll%2B6udf4YpAChk2DYr%2B8qmiS9gn6iKpwM3iPRAYg%2BaRxVC1h3wuwuH76H5u%2F07xwxNA%2FYtBZqzvfVutFa%2BhkA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec432e1db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HG8hvC3bPaSWVXYWbZAWvNWA3r2C7UVJ5o6gx%2BmXlTr3hXPzxQbRJR3dJogUV4j76IlyaanDerAvAZm%2FmBGhS44XPnTkurXJH2DqLXucleFdAjnl1aWqAZZkhplZQxk%2Ftl8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30dc22b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qEEw0bGz7lmNN9q%2F4xKuYiVhoHD8CgEdWWkjkiLRu6aw%2BB2%2FHyXOZVwrvSMW7NWcKva%2FAR%2Bh%2BiIOW9OXzztgAGtiosyBqHQ18ojHPdl%2FYGo5ON1ZxMpslNVpwdgW189DxHQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec335ea1b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Khmf8LcTm8bjc%2BcFo2FLkcfvUAEFJHpgs6JqqPHzgo%2F7ZXfeCWBqKlhVTrlb%2FLd7zKmhx4Qk3NSrU0l4jjxFfOuK81EWD3dPbqXs9PgCECX6XTjpjV%2BlHaER3ir%2BKYttxnQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30dc1db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Jsho%2FqizLbPgSO%2BxfLWjtE5ibpzYRaVI14oXcAiOTtopxqx9gNctEJB1%2FC6N%2FOSb8AOjn7IiCm%2FMiO1dP62tAm%2BC0bL%2BuEKytzv4j5cvtuxTOa97G2wPYjI00x84jra5Lw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3f9a6fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BS3MMBn95QKesAG12ISd6%2FCTkvLIKM60VTbRqydw89jwlHqPk16rQs3f2x%2BxCTU1pu7p1GIoovbloLTUbc7190STh9gnkmehNA%2FBWJkSOl01IoNYy5%2FNgDIntbWBBhRHgDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3faa86b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Upqc5H1G1TSyIt%2BAgojj0QuKwMPOGG4QnrreFk%2FdD5%2FX7e9AsoCGT%2B5EkvE6pnZdQMPk9LFLytbOl3YKY01dA1YZKHOZyo1zdH3E1mS8mTua0kmxWy0iBusinKUUWkip2%2BI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec349fdcb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/css/bootstrap.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/css/bootstrap.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/css/bootstrap.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2FPc9P7GHSrxeuU%2Fd5lv4l%2BBbokOu2cFXBalHbd%2F%2FUOhTn8Q38Ut2pm2VGN3a%2BcDD0XWqUrkgcn4w2P8KaMALm%2FlhcSXZyCzFf6vnu0JLZic7Ry07Mj7RSOokaN7lvMwobs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3bbe8ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59wB7kwuyCX61kG%2BsJMia6UgMBQPxUWXpe8%2FPt7XCIFvFLcCmCJL9W1nVVUnVFndImOluF7y08E2CKJVC9anw3n4Oph7NJ1%2B0jr0q3ccfBw4LF1spPohwb%2BId4NP0ENnA6Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3f9a77b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWQutW4YxZI7edyasoo%2BISMVq%2BChiy3AJkPn5hxaalc5CJXBGoH1khvA%2FSR0N6F3JjfzDTwuN6RQEzCN4VZIeyFaC2Rsrj24a%2FgSk%2BnzFwn1mv5GauJO82PZd35NOIuGn%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec433e52b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Abrz2%2BgNqvTjNgPWu3tpDz6Gv0huPvmJHiOzS2xbbK3NALgsq2n4nrIWvJSq446rNZvK2Uy5Vgi3Q%2BoDBREnjSN5bSSxOgelaBL5DnnuYGgKpI%2BL0aTHah%2FrxFfrFS60pvQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec434e59b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iTdEyuTJAlbxkm71bVqfjzO8tBsOYw0XWkahLeJAZLp8xBe%2F4P1rNPxlxJPTlcHHkMyXGAlcxRxjm2udVl6FHCVakqUsac2qOk2unIbMv4hSvoFHDOyWgSNtSjtdcDCCE1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4f2a33b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N4HZ8xKkpFAqOUyn63F6fUrntP9MtBU3BGbmeFYZ%2Bz1BNnM%2FcP5JpjQmJgFIH1iTsLRam7pr4D8R0ufFiCNq23GtLkNw7U2gfB9JBlHDW8tjLInJ9dfOzi7TFzpmLIXD2MU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf87ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zo0b35L8Mo884JUCRNyDAb40wZkx0oR%2ByMapy2pfuFqXu8gAl7lIwSBUapFg9JdUIvt2k1mt5ba%2Fpx899GBUfgzhWTbnz4XXBkgxHrAll45lGmRGTQG0YaWAnPpO2CCuuIY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec335ea0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n48R9zm2FY5TCLDjjMOKEgphQp5U5AqYIO2TOKcpp79Nctamuq8F%2FRa34c%2FoTrruaTHiaKPuSD57kXxMcmtIYi3zwTV7aZXMPBwIwZ9r0J9bd0A%2BvptBxUGlq6cSd1e9Jyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3beeadb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpCw4ygmmnA57Dvg0dW4KpTFUu3lLEiSmItZk1b7VQM3PwRr3CHreuW2LHnc7GqMAQVUVQwBgh5TMc7Gmv%2BW0D4MZrG6pqiSqeKx3PMNkse6Lmy%2BCAs%2BXZ5QuKXSkjZsnlA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec432e1fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kr1N%2F%2FNysijRInlQZF8V%2BXE3CUL1L0dYKdl1WMaolFX%2BVYJaKL3uhDk%2FYlVksafsqOJnqh0MyvTLQNY9KESziejHOkct4h9%2BgUXzj4KYX0GZLCbTfxhtDdQLcPKt8LgXpOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46a9b8b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlB11YQTm4SDA571Os0pODYCj7z2%2Bzhx95IE5awr4JEFiETanKsTVzhzeN0g6WAW1%2FRwOs8QUmtzRbZQVh%2BxkerYLqymBPG2t%2FiihHroF1VRgb4aatWd1hMMzzVaJNc%2B%2FrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46b9c1b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsMTC5RIC2BgN1WYD1xmpBXA3fJxE8c6bn3DDmfXupfSaD7e52E3VOsJPgd1q%2BNOuOJoBe1WewyBH7z%2BV2%2FvusRali3Y7hqSyA9LFpVackGTpacW8KAtiScUYcY16cbWuSY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46b9c4b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVxMvVZtlLHLAel0jN9uaj2h6SEhxDRQz5AYRYIMCL5dtZdlY3abWgQ%2Fc8pjHlOss1nEe041%2FW6kim4Nsnp9jehuYh0XMIYerST6F77ymefq%2FIRXc7VjpIIzkL52RoWeLdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec491c01b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/jquery.toast.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/jquery.toast.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/js/jquery.toast.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fTdJBNT%2BFXOd9U%2FVc6paCF%2FVRPZz4sgw1QMNy%2B8fI%2B6q3gnmShjdQDQLxbOqDezPk47DCNYYzhjjvqJzNf%2BbwDMvNaY4vLrZOHDnV3mW9iWZy40gx6syje9DJ0A358nbsFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3beebab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFM3S7jl92uY75e1RJ60EQwQct0IgLvKa5yd6pP6XCeQSFt3z6SzAk5SPSKB4os7GADGgqpGDnOlFEnJ6LMk1EZ1IThCjaUZ5%2F32mZ8K8gTZUR4YTzFaqy2yjU%2FfqlK0YSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec431e01b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4XjXIAsd%2FDhtkWpil%2F%2BcvPcPo7S0GIhPEOFYlID3EpQNchlJ38vPoloDO3ai%2BKoNz5Yi3J2vpOGgYEET8Q%2Fb4rcH8NMXNJ1dLfGMJIRaSNDPXENO5X5nf6JpqxxxPHZwSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3e392cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GkHOsPv8Y%2BqIzlAtyjkxzB9w25Hxoh0WPKXjVgNrj4byLcuPdnx7DgqdBhH7MqHYvsaAIUx12HbmSYPNHJdJzVfCEfzG0hXvGRfeOK40at9iO7mWq%2F1xWlIEG9EeFlFxqww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3f9a72b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mZKLxkM3I7OibW3qKMWd5xzwfUr0NA8yxP9DmXU%2F5a%2BnReauW20KaGt8LjB%2F2vGnXDbu9QBdW7LnYk%2BQIrbbc321zlxy5o9hofl3OJ3XxHWUz8v3CAZMEDp8lQawQyTW7UQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf882b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aTwVsCGNfVDDg8bfaTtDTTnw62iMFW79AVatDEJToSi1N3NRu%2FV%2ForDjhR7UBzx0FrzQpOJnFIuhtrPTOfoaZgUmZjw6bXrIhh8hUdGdIeNGimA2ETvhRor9uvKyyN9eWb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec349feab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/js/app.js?e | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/js/app.js?e IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/js/app.js?e HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QJLQT3f0lciMS8gp59PiQYQZXzJJPeG5qSx6mvGvLVtFJvZqYqWhsnxEgr9lAichOQOF%2BkjE1RQ%2BFwfOhEGcxf%2BpBvSrKFD%2BwxC6F5jmkvZAmvz8VeDEwHzTkngPIBxchuw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec385b81b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mWNHI45ax5Yk82Bzggs8%2FZhhurFhLCGZAKLY8KOcVKzkiW%2FjPLXakXQHy8ixXSADOh9fKWZHawF%2BRCmznzNgK6gseNca7RsLX1Lf5mYCnlvwrf4Zwbtc1VSjzHOuPAPJw64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec491c06b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNI4aanBmW0OZgQNbz4605vw9BR7dwHIB1P11JtvfmNaZd71HNODxdgB%2FqSGO1a5JPqVIfxLmdW6Adj4uqgfGB1%2F9W%2FsyrV30eL5LY6V8mjuk4F7Fjo4XUnWS%2FidtGRDKBs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4699a0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWLQrD1NixF10p%2F7t7pSldVlS1FVH3GzC1aSThcGqVoI11IQt99IUYFK1wxE8bwgOyqXLcAZPMXBD%2BMlP1V%2FsubJ%2BBMhBYPpciCHFwS%2BlJlcIlAxQZwQiaYZnSorchVtn4I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec491c08b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Pk9PMxM7MesfKAk1vkVjFHw0OFZN4ST3yigv%2BkBGgWhf%2BE4Bt9TTJ5ZejoG%2BjUDuaPlIMk%2B%2FKswZ3NBg0Eu3IdEnOgGojzKAkeAYtFChZow%2BN0acLInQ3szkggpnUqfClo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a4d0db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/js/app.js?e | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/js/app.js?e IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/js/app.js?e HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rhVBIRTrnIoI3PTGPm%2Fc2PN8I7NXT2u0A42IRJvOhc0CaUjJbsyPOPPYfj66sDcPHz7KRFjeMs9zwoMPfd2KlaUVg0SZEFCQ7omZUkTOtZUsWzdEIJWEQfGG%2BO7VJpd9HL4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec34afefb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=koug7VeHfrv0o3FDZlfoyrkfVQtGSNy0AB0Yz0K7MUWT9c0ujTvhneuNszsfEnRWqcOvJwTv8Vmgc%2BAFMnkbKKMLJ5wscwI30SHh%2FRnjSSefdZweBiROi8jfLwkAGATLKj8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46b9c8b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEc2XwsTnVQk2p123hrKpD69ma6z0%2FLQtu0je8uzelIOu4WiPDEsSDo7nSRYZca0mFxlIFdc41Nw6ZtRjXI7Iaa6HbsCAUdqFIriRM7choNgpGQF2tk0LpBFt6LHZD8rGEo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec490bebb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQnfN4IuC%2FGlvvMALHuDRSvrTGNuqRACr6FpG4h8%2ByAA2PtU9l9wg7wEN95AHL8BezOWa9dOAjgEeIa1vsIcIdT7VU79lMRKtMUdHxyFWC5FfDPs5o4nbj7ktTtvdayuUlo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cf84db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zsCuHKdqQisSp78amkSWTH3P%2FIBwG6LsfxnCZU0V3hcRjmfFuwzBbMqZq8dxv8cMw%2BpZYCyeIztnNWY3wDl1dC5kJU%2FpJL9dG3VZmExSH%2BshpfBxUnl7I8NnooRpThpa4nQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec349fe1b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=143faajfaKCJZRmB4d4CkrtWPnlTCdre6n%2B%2BysaJH97k1GebMx%2FW3mMvWrS270JqxghzfbPvRRYCOi8C9t7Pg8U9dtUxIFg4TIHSW56e8VykLUybMemRlOHOgzvPCsnI0I8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a5d19b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VTWN64pwEAePCDJ0TDqJIi3q4TPcVqSTNyr4IvsZGkCCKcLd2T4qCmFo7cfdtk5oNAUVlUlkzTUIfxoeX3lyBHVbWAfXhNc5YVWTV8a2smiGoSrfn%2FZ765gXftnKifgCAXM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a7d45b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mmx8r%2F8Q8xxq%2F0To0UloHzhgQGmKvjvVJJJqQo1NMBb5xWJYKfrHCxiBpsSTha0WRm2V1tqMY3t5IFXu7H9BcVRovTAcbxP1Rj9d9TL5lW%2FZ%2BeM43HOsY2loBkzjia%2BHSWE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4ce83bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/app.js?e | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/app.js?e IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/app.js?e HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rh3bX%2FbtdbZNgubGq4LpqI4vjanfRvVOnaV8KwSX9bJpECX%2FwihctNrIqgvZmxkLPb6iG%2FnBC9DI3l3cgZnzjtY1eIHDBXMixnFrhi5FySGWqIxthFRFWIant88BLIY%2B988%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cf849b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oV97HEvPhusSApHUtadpi7V1ADoO19UHN6mN15UiRIzdKs9Lhe7xbt9JY%2FYyiTLCTmW9aStBp%2B%2B9A40MxRPutBtmPc8dJQWuFSWawZcjuP5dYVxwvDVCzjJsT4DM5CjSXHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec384b72b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6jZxY5naC%2F9vzYtprkWmidLxf1bJi%2FQjXfMU8ktbNt%2BNMwoTyfutzEaKWkgsQ%2Btc93m67WX%2FMTnhvbUeDqiiySaxJMeomp7OtWlKjT2p9RPaYoTJ9w6xAB9vrZYWj1R6j0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46b9bbb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDB%2FehfeM%2F885C34PJXhy2k4vy4F9JHDCudIlOXjebEW1%2B8EiVcqSapKfDl3K4%2B7CTu%2BgYk8k0mxGUrfHHrOrNUWcHbdPsR0Ep8DIlSNSGGhbTU4%2F4kuzO6ooUknWqL%2FF3I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cf843b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.toast.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pX1ljTfnK2WeO7KfDlecVwog3PhnzzkdoUpdTkMxhbTRfPJxYBOLOtO02Ewy7YiUW7WRvLfg4ad6wqA4vmWo45DKyrx9TZ62KF%2Frx%2BLupyAFRKd%2B09Wt%2FrXlt97OcoFRAr8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cf84cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRXbgPZtW1y9U2%2F776dZN8L07PSYEhpnMm8nayesHU9xTRL5r0xS6zuXvO7ju2dnmSTqr6n%2FvmLx8j%2BCM7cv6LP2trorf8VZ7yrJpvZ8fy%2Bc4wWiY7sljxrKoiDUWwPtu2I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec336ea3b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WUFIZc0%2FfYqx%2BBlefz8EhZg%2Fc8dOAYO7PReVMwHno8klmIAWqkcR%2F%2FsEJUVBQpyAQnyPXrXqaSNUWgSrLm0g3IaNDlDCcT%2BqbwxnDBwlYRPl5aDVcgU%2F1m1f6LPj3EN%2FSHw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3a8d69b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tg3f2ath1qDwm%2FSGNDM5%2BO0V56fkF%2Ffty%2FmVXyGrrnhh3q6sXdJcOlAqFbk18EZyVsDXtiKyLu7I%2FcPYEglGpXbg%2BGGYDDHvSX7DpoNpvIR%2Bkln1kOMIxnfS6suCM4MSlA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a7d39b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NrYojUlbEuMq4%2BtKsKzIZzLNDPj8VKmzMidnFoJdh6kyafKh62kpx0ymR%2B%2Bwhkw5p0Wyu506G06DbwxHRS%2FaYX3Iifac6KCgdjvZCsvMktDZTiv9Po%2FV3DGRkkfAn1VOWP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec370a43b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KH64KemVqSHojY3X5sKmBTiTdUPZPhn33IHExmr%2FPBRQScSGkhW4QJlMDj8hTexMeadZygZ1crAVQkjyC%2B5%2FiTlqIb73%2B5HBaYuDGYAODP62PtPlRa%2FO0RfRH9bScW3kfDI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec385b78b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4x2N05p4wQ8c60aGaXoDswqtyUpXhcqkM6baZPo9IiNQjhSjQ6jZRkWM8C5ETe1WC3QyuQnLdaVRnoSXeiRQCYn4PvlFnfwFa1T3dxljuCq4As1MJ9WM6NBtltXWrDpaaYE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec385b7cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O5BfxtbP5uneD%2B%2FNNCVXyr%2B%2Fx4NHgugQCNdLDNnZ5zE1aD7fXFsQH%2BK657IsEHZdQIfRcgsjnjwfP8Xld7pO5L9bGjI0BmzHEu%2BqCfyP0kKjWDrhnm3XMTELfynkpY9khrg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec41fcbab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mIm7gkn7sC7df469yUIek6hlHo9Mo%2BDF3CCisuivndEIEXGJCyZe4iZCxgq6cKBhI3Tb3opMGBTMcB9TVghjKkviFSnN1Tqr%2FEK5dEQr%2F10GUo0RAFSX0w0R3BMxKoFdp0U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec431e07b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NYuEVMFwOHFlcsvQGqnd9QnQcs7Z29MKWr%2F%2FhG9t2ck2quB2hJxZzJITLoDiDE1aMRRR%2BitNncYRPG3UTEaJINb0npLXkKTUQi804BS8%2B4fSGEeHY3wbVLw8r0rTpWC9ZO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec335e9db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jc32oV4Y1dcNEfWLTwoeYacWUM3j%2BZDC9xFaP%2BDHpbKSWIyItyMRGpT6RBthDxoj70wIyi%2FxhoyFnhcqhprkYm1x%2BMVvavWRQLxSNWb8hJ%2Fbfdi50770UUln9V%2FHZcTQ1cM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3faa8db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/popper.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/popper.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/js/popper.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KzEQOgAvCRVDxloxZKwbLp8qfFWTZje9iilxFGOF8n2CL1rlqE8%2B7eVHScNwXRdgNRf%2FfMY913EqJqE0dJhCW4AFhEc6675oZJU9xlZmYlWrY5r901GNTS%2B1yCoxuOVcfOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3faa90b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7L1fE2O5nILz%2FX09kiwiF%2BRDRNb72wZr8fDNgYl57AHWLcJo6edzkCIDSmcvKEM0w%2Fk5%2BNyxmX0sHWMzX%2FQ0VFezETM74FRS8QAlGMw%2F0SW0JtItlEUbjTA0jA6xrrqxV4Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec456886b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=476btzCNmSIyhpIBco1IHGla3GQqZ1X7SRW3MT6PcaT6%2F%2FdmqXYAFarnsYrdFzx229Mquh6zowPJvSwwn4VK94Rrqw6iF1z9brm0ZFOUq8Y3rCQoe7y4VBwaeJEzzs5yxxU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4f1a1eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKkbDta%2BEPAMnRjZuBBqHGexF%2F8DHr%2B538ta6OD%2BvKeo0UxcA%2FVNSUiWeZsb5L0ltMbqw%2Fyo0qHiCBmHJ8I%2Fv%2Besy0DVlxYcHAvGl2Gq5Q6YgLxdjMbEqR4qF9KskgKo50o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec45586ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfyIujiq4jxnhzMFbtWUo0bL1TJSZqkYrxovWfQCx8EMNhAebuUCzSdrrrXhQY2ThrTdQZeYnyvW1Ca7jtSmEY7%2BMp8LKyadiKVQTf2ESTJwr7qryjXkYiPcgZGuHHmWXPM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46a9b0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/app.js?e | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/app.js?e IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/js/app.js?e HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=myPyDmHsK%2BJQVVSRN6tTXn38oI%2Fc7hi6wYqz%2BuXJTnoIcV1iAxNje2i1HAw6mn6td%2FnFoVL1fNXbJHFS%2BQ2ZvHi4SKDMCyBY86MpQFM2PioKIXKRKcYDpMkilbDnrjVDt08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec434e56b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vkUEDdF%2FA42CWS30w3NhYPlA3OIbQLDAOc59aJ2T4C%2BIwZh37vRjo6LrYceXAHK62k%2FqB1FHQ%2FHiRF8s%2BKkzcqDo9FgFDcLPvfQaZCzBUIEfjpWuTLityCOTzsKDLjiMeBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec491bfeb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQaNo0VqHFzoFc4YnEvmrTgiNFurFOs2M4kK7CNWQ9PERkdynrdFYbTuts3j0AOywiuQzkKhSW%2F2OD%2FLLlaeeLLboLyU%2FRwIvt6Har5Ziu5y%2BqhRFCu3Nk%2FC6vhLjbneiKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a4d0bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ga%2BdRfZAbXXFqWu4HukInLXCZvHceTEHKZseefaRk1pQXEAber4fNWXT85Srr%2BQfyzjWocqdSHCpysDx2puPHYZlB5QDBdV4wDDi4FD%2BKKQ1o2jtrdP1f94r44aAkmmvxcw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30dc1bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JL6SMsspVs7bkjGPFzpIPRrigrAgOGHjmvf0CjmslWnUvpOkkxFOYLeUW9ehSpENAZtN8BNlkF1NyCn66CFe8qpS8Grz8Gd0opUtVQ4zYh6lq6ishPCBJXl8Ttqql9t7rtc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3beeaeb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/css/font.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/css/font.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/css/font.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2BFh2TxY2bsiRUmMVfd%2BzAwmK7%2B41p1HIN2sfQzq0FA0iAOSpVBItP6CK8MjusRBMo%2B9eKHNuCCqxBWmupux2%2FPJ%2BQhbw3L2lemjF3xRICAbAaWveGEdnBRbKalYR3hkZb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec431e04b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GG4%2Fokr6Ot2psD06bnU4GcjrqJEJHiCsjpYqyC5A0wB3QQ6GKMhuyWdr35I4gS%2FI9pBJd0q%2FUsbvcM0pCXD3HvV%2B8yxupzjrahxGoEKMGSH%2B%2FcMghkSZganUaAS4RCCO9WQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4ce83ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilmKHxCGCjFtIy5HjDCI40uJD%2FoWYYkpv7X5YvYC6CRUT93tWdif5l6E5X4jIlNXkQmEQgHeJHF03Nd66K8V%2Fr%2BluvbuaY%2BTFfwzGkJbQ1P%2FFIkTUf5RltN%2FpTBK3tpmNu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf87bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4pbxMejW52kl9HGm%2B0vM6PUcstwKglLXtvE3JVZzSCjRZ%2FpnBVn6WcOlrQTPKdriMe5%2BZC5oLdrmegqwDCxXTwx25vTLm79Q9a3WnUyjKAk604fe5udikx50eKbhNeKsdxs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec384b70b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bb8IgAM6gX3CEzprn%2B5apsZhhZ7n2nb%2BLvrHwJF4FzFCfwWmy5bR8eGKZb8lsUu1PW6dNSGmDexX5ivh6AfVh0vVhCA9rrcq57QrG4uPeuvu9hFonIVsLbBKR%2FuMIgHYJHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec469991b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/js/jquery.toast.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/js/jquery.toast.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/js/jquery.toast.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORuyIV0%2F%2BwbyDo%2FHTWPUNsUTq2cZ1ts61U9aWM8MOEFmtC7sUulyFaPluOWGIU8Ps8hA4L1L7nm5K1snR8cBtLjEQj%2BvTV1izCsIq5wtCQL34h1l6LD4w%2B8FzMS0jswqL%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec385b84b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xlDlFpVpuXHB0tpNV26oZlXIPPugHgWDo6mJoXVRAjCrvoRoW9Om0C%2Fu13l2Pe9s2NQ9H%2FHQPG%2B50%2BsWwzisEBhsHaj1%2B%2BEdJk0MFtYTCEAlLwtvacyQ%2FjFMRvP4lvIGzzw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3fbaa2b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLEoHaevgZo1k2WSaIMn6Z8vNOsRlUrz7HO2g2LINIDwbtAYv6zO7zkiaUX1O9JUU%2FGu1bQ7p8268zkbljulfSc0KVaCWiFB1ilVmJvOPX2FPaqaj%2Bk8xqAn%2FbryhSbJeUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30cc11b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GiF1yAw%2FAeQX48BhqRWEEY82HwCdYygMlZcoTz22Ms0TdLDwUXIhwi3Lx39UYM%2Fehfwid8zLqVLv9w3xZ4ZKtSPC7KYCmMB%2FDFupRORBWbMQULZX2UrTVPQ%2FtQvycDR2QFY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3aad86b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9oJrTToMDeh%2FMN7GBSbevpL6r%2FD1fgp0JdPKYXhL3GO7SEjaXWlYWo4w1rIJZh%2BZmTlh7CDIbj%2FWRGOGIWAnahd972fjstf97WhbV7dX9XQ1FdfrLvA828daqNB3Zgagw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4f1a17b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rk8HZrosKfab0gh5I%2F%2FUwLgmw%2FYVbZGHqDSUgkgAmTX7S%2BOJZ3ir0YePHCj3PvDPx6FSRVHQ5ftGQbSHhgdSZEmyixHv9ifhpjDPavmMdbo3N0z6hmQey7Ha%2BTWpSpyq9zQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a5d16b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/css/bootstrap.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/css/bootstrap.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/css/bootstrap.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rLZRRNmCoJecMGUvJbglCV52ScHk0%2FRerPYv3bXvY54SswY0mfyqZhrPgPWZHdkVHhajpuagHS06bruvAuMI%2BXizzK6ZfwXHHsmPAouCSZfiRc2rghZOZplNmMCmHZc%2F3A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30bc03b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpYknAPDuRlULMWtGxc7hdDby3zC1DWrWbRow8tKJu5xqcPIwWTYRU3dH7HRrFjb6SK1jqBk7dAOxbILZrHboIGBCDeGysRrnqfRUY4kX0qKNpay9JyQ1lgyRDSWIGshqJM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec334e87b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gTUuxLKI0aQk%2FfE%2Bf54bnjeM64oTprpeBg1Ut%2FGGroUO1dR21elR2ZUlrUKnx540b2FC%2BNJ%2BKyQ8YMPJZFoyrLKys2OODu8gcFlVJiAIhmUijHLTDP0dojpb3iTjlQXl7Ls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4ce833b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mr8r0p7bqp9g%2BftMPjpM2nTF%2BNiKJay%2BfJMMj6QVp2YzrltH4wq4tlAfmeYF3EgHLdOD59W4ljBbYgNCWmbrhTSz%2BQJ4qFgzTo0aH44Eam6ZFEcQPZxXwTiCYxHfMiqjc8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4f2a2fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VINswmxhUTrbtyQF%2BnSDmN2Z02ot9MRM5GMyAwFayzL%2B07bH5%2Fk5muMlGkJr9qjISapdg3fw6xoPF9W2RFVusUuiA6OMTMPshU%2Bai58btfpcKmLzgQjgF2PYQXj5T6hdQrE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec348fdab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncqqcDf3CKJz4u3XhNyn6FYF%2BrGypJNuUH%2BKSKIvI6QaxTX1frK%2BNhVtU2jdOefUp7z7hKQI1bpr6uZ2udsoM4nRjcU%2BTC5OXaetlKpDJsz8%2BoqWUKE%2FqUUBiV6V652Lx94%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3e2926b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OpHQB5%2FvGnb9%2Fp89SeRXZcqbLfcreZfVs75GziuHLqVXU3l5J0H7ApSgKcC4c4wViWcbJIJxjoN4b3DrIKUUpnX3unWjxN4oAeNF%2FLQ0d6tLZTpyIEWpeEfD6U9xnTGNMIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3f9a75b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/css/font.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/css/font.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/css/font.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GgnbyBbhqjkoh5aWPcqgdMlHU93zJwjVeINSkl%2FYuVltZLSh5E4n2tISfWQImvH6qW0qaZYcxteJJj7ftLxQS%2BsVdOg3lFaQEf7rG02eEqt1B6fFokhQ9LQDzKeMTHprfKg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3bbe8cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7n8LqwyNfIycZa92pmXv0WMjigYBTg0J6ZZoXE7PLoOYcpGnzj8v%2FoP88kECpywNv4xrDnAM%2FHcycSmY0zsXiHeg%2Bya%2FfavbWflC9NqdkzGBAnTTGz7EVt2vz1%2BE3QTQees%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec431e17b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HLKQDX6n2VKsxRiJklVeOGQnHKtRleWkRyOPJnRKHmsDsLgjgdXNgssPaAyoMDR4LJrG84HF%2BaFqqXZv%2B%2FVghLf9HFVcO%2BDvGxHncqGIyAXq7c4ROpPW95XOBTdOh3ilkRw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a5d12b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/bootstrap.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZZxK8VBWI19ysJpcoR6kZbu6B6UYko39gKiijV2Ihf4KU%2BHOb3EgisVbvrRS8NfvvIkarXw3oG0u16lXwp1PuwpYs44xx8O288gWxW9U3VlDFpy%2Fy%2F42tmxSgRkwqOpPyY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cf847b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7F3p5XSRqjKu5Pua9HnR%2BIwIdYGl2QTWTr8LpPr0yWIZ%2BlW%2BXZ%2Fk%2FE4ZEdUCEkv18nc%2Fv9Frz5DrE8tjCjPZDGnF9LOO8j8wAA129oBuOrbO0WLxl0VajemTWoZ2OwqLxh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec384b77b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w18O7x5sj6YEPZD6HnJObiv24bhpO7RiNbs7NALikv358KFj%2FOfQZ%2FSLydnc6mIJspjcvjyCQVMZMcldBTMlKGYk5CxEVPQAGIT7pec2oHxT0pulWyPRDJY1hUUN52n7HRg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4ce82fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/js/popper.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/js/popper.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/js/popper.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8LGYZAkDuyr67THmYNPG7mMCBT9u9syhC1kLC7Z8vINnux2KosyYbu4BiCxEdeJ52qlDWK7C40S1bHf9ndNxNPMVR3H68xNC5rLJnt1pTYCkjhtU1E%2Fq1VeZefRZs1R186E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec349febb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Dj1nLT5Mlh%2F3e1stbKxZ9Z9vGRWwlAzIZZdImrQgrThcobCRjI5vH%2Fyf4p1hFQmsgaq5E49%2BPFbUQ7%2B1oH57TLMu0AgnN5yxfGbNM6vQUrLZgFRk3T19MNIcDjRRRzNp8o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3bdea5b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXqkUJaHj07GJzEge0VH2uKp96xs6pBIy%2FtavEx3Ago545X%2F5vm066OCX1hVFSeE%2B%2Bcc5ASvZqenzhFJOXxXbJOSymRlqS346fVRI1iUf8oA5MSmTFAGtgnX2GWMOlhUzEU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec41ecb0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1voY383mOcAaZvn1kmgN9J%2FQ22VvCsJBid%2FBgsaJbY%2B09DNbz3Wr5an45ObzoGbrBUN94lbCrmta8DrelwFs%2BgU2K6jy3Yks6u9bq1Pyc9WiOMUOB5AFnZNo3ff1nTX1h4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3f9a7eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/jquery.toast.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/jquery.toast.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/js/jquery.toast.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yw38%2F4idOFyPhXzRL9a85gk11an4HADHyt%2Fq2TxDP5cLXomAJOWPOGXgOQPtqAH7YZQQcKgIs4cW1YbQArSHlDosR%2FOez%2FmFKiSyrhRqt1FOzitICcIj4FzCxrM4TbC1to8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3faaa1b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VIhZ1Kp7%2BYWt8YEJwIwFK1BqwhWcjPGIiJPYZDYRij9dT4aPfr3Idl1XJ2OIaodywmbAXTRBfppMQhKvfMjsCao3O3xiflpW5qU93HvScUQ6wTFS0YHn5KNKDmPHBEkWqF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec432e30b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbNx5zqxuVKt8hDctxUJsKxMmUvNTEN3ZyHcnzZxyirqmPeJbXfcehTT%2FDfIoV%2BVyeTCQTQUAN1QTQDhus6snfjZZSKEjmKzIh6jKYVJdAMYoRV1U6fRaPmSRdvUgbzanws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec456888b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/css/bootstrap.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/css/bootstrap.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/css/bootstrap.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0LnTpplVuksDaC9%2FiHF6WM2bAFzu8T9PFODZXBrZSpG%2BCMucR5VYv0EukNwKvSHyNTnmC28zXZRqzvnSolB6vSOSVyqcDwKdH8MtC%2FvDDTs7PI%2FeJXLFlee%2B%2F9%2FBIRSfLM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2ce86cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rE7ExO0wB7iCZkcdZW%2BMrlOqKgzTUyJK0RT9MJEmqZhhaN2AYqzgsH5905%2Fn7ggmon9di0ai1GGOkdKCf0rMGf4L7vArD74XKyH4izpIAPj%2BubF9BJOeKhlp%2B52b4Bo6A8I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec384b6fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aODclUW35Wknu9Y3%2BZ3HD%2FajXSu%2F0RgjOQq99Fzv6Ql1iexRPLgg8c1XFketVPKXx59cl9ZBNSe1t5L%2F3gOXoyKXn4nokw84hMCY2j1GyOyp%2FQFHtzCqKraYYvcAeoToVsU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3bdea2b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/css/styles.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/css/styles.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/css/styles.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2B2vxtxq5XXLP8c5HqkJRpmgM3VDL5DIiLvme2Nis0jtVJuRSrqpF3i6M5SnpqPJa%2FxW0VC6LWQ7AsbXuU5WdIF5TrGsNHcxLRJ4o4pIDOQRr%2Bw6kUZ058J6rnEfTg%2BxHLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30cc08b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fk0CgQMR5Eg39PsZqF3c5vj%2BdZ0N2puas%2BrTlrEfqvBX3ZCzPIPbf5UeLf3pvnjpDNEGiLTLvvXmxezdfcv9dC0Ry47KoSvig%2FAvVP%2BQ%2BOrsc5i%2FO%2F1CfYXLqLbFyWtiXSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec370a42b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAkJH4TOjM7%2FvmKWo9oA4ksBDbkJbwoz8%2BNRFlIzNomnD%2BWRE2%2BMTfpaQ%2BiEpO3louc3ojwxPKAkkQHQ45Mr9pidHZMSj8Uf%2B10mQULjoWqSvJiF%2F6sdSsaMSnEbuoDK%2Bhk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec384b74b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KgicLtOX6t3qyHmr5%2BlIVu6fg9E6MYm8I%2FQ4muvj%2BuzP1x27Ze23O%2FL5jtmhvNOo2LppRfwreyJ4G8TN%2BGgAEMVO4KP%2F6Np%2BK3%2FTUYOZWBRzEC8rHAu2T9XMp%2BEyTlByAJA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a4d03b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/js/app.js?e | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/js/app.js?e IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/js/app.js?e HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Tfo6JdvbLSHhfB0DjxHyiZX%2BI3CCQpLGrDmjt1HNPr2jjxycvPYxXfDdAgTEAGCCKAdySecNHbLNqGHgmZdbXFLr1iXayAMIW1dvrg9483YCiToApO38g5zRWjdUzUsePA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30ec2eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/js/bootstrap.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/js/bootstrap.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/js/bootstrap.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGMpvzMbPhSvKI6%2FO%2FZZNLekE7V6r3hzO3E0ZP4XzLF164256xykSo292DLl1AT6yZKWtJRrR9sqCW23rbeAZTEh9fPB3qZDI4iY8SL%2B3%2FMzZ3PQ6VvU4Lo3F1f4eCwBzZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec349fedb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5b25DFPD8U%2BKT5oFqdw%2FJ%2BVSDwni0W0e3OC4ep8JnyKjWGRM4eWuyYNAuodlL3YAqQDErHApqh0GqTCd4FTQ%2FUp2lTwiRgDql1ZoIjDVEJf4RR1hbt8FXua7H77gj7Yf%2Fdc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3e1901b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8CUax%2FwkeDweNbDmNO77pvOerwzQNQD%2B0L3CgF2bplm%2B8PsXdlJdnQjbLgv7kv5T2pcZdQykWOKEiuls0QFJCKg%2BktlGigjzaaknfTxzg2dKGAQMG9yNcgRxCrWIJRIhbL8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3e3931b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KlVDyQJGJ3%2F%2Fm0AbuXn%2ByAy3YzATjb86%2FIEVm9oWBbJzYy0lD3ajyuh7iq93n7t4QJnysZn4G%2BIxxmT0d%2F5QkMrhXhSDWMQGAI0NXcBv4vmpU9R%2FKri8BfLLqIvwlc8ClWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec41ecb6b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U8SFs%2BtEFUrFMFlAboLP7HJVVy6OwHLB8dIFbtl4SaAUb590YUoTYS%2BwG7oYp2B3xpllnFFHPJWiVS77Zie07rBPw%2Fxna5f%2BOOJGfZnwW59O8nMgDnbIsXPDPapJJVQ8mLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cf846b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IKPe5CouPM7FNFbQenq6f7XzB2yGKmYbl%2Bvcg3DwP2bPnl2a1nc1Jz5udUcjuA2anGS%2FM1vcFB6kBJrLd%2B84sMEQ59uSQSVPO6JOMlxyjcmcVyJIPhCgXsriQU6z8aBq0GA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf881b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/css/bootstrap.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/css/bootstrap.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/css/bootstrap.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mmc6sOVwNcIHBvnn07DSKclcYVxvSs2cQtY7YFqJOS0Rr7Z6wp2tonE0nAHSno4tCWtODpAbGrwerayfC6yURMy33Q7gRcFpKtkPOGDlGUPQJt3hrfYXWWH1TZmLEhIlUPM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec347fbbb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=grnHDhfauLPtAKoWwH%2B%2FoBQBR%2FvFvG80%2FP4lNslmwb%2BB%2FcEgcAEETxrWP%2F0YNykluwYR22bE85O0M4ZYg7jJM6aH3NhzmpG5QIHw4D1OwY%2FwUWIsarvB%2BT%2B%2BODAPnlMAzDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec384b76b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/css/styles.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRXpvkDLHKkajwIv%2FbmM22QoD5B8Nztffj0HMWlcAeOfcce4KCBQAsOxqMiDjxe5hm6v6nF4CMrAeETDPi9NQNGQaq6CDnkJ34MBcwaFoLdLnje9Fj8tp1Zj1s3k21I9D10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3f8a64b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zoe6iv63C9ECXAzu8bcYP2MJCr%2FnZk2T%2BmITTTca9zon9rAg0uL%2F0dimgRRWwprcnBTtMT3sZOFo0yoghqB8ktwQOU1yIM%2Bnq%2BumVqOL4c9wubpHOVTP24mkOqAK8TBwM38%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec45687fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGFnijI9UsIhrzZpLF1Z5tulFsQR%2BOhAEA1K7MSVa%2B%2FTI5hrVcI5TWCNOd5VnX4BO8e5rXUZSDaggvoM4IWhRVed%2FGp9I6eLEMUR0j%2FC%2BF%2B2%2Bqlfg6v6mgPJtETOnJjB1Ds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46a9adb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qfUjCgg2Dqgd0IEpa6xYCca5NPFUUR25EzshPVLLj6mp%2FmHOBJ3Q3pIr773LFy7lALVHGzSceZT9NgTBRs9YonpwirWG1RWNUGntUErzl8DJO5JjpozUCnP%2B84%2BKLQDxe2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec491c02b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/css/font.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/css/font.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/css/font.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YLdAPG7jJAu%2BI2F1ZxfrbWQvwodO3r1qzuwJQJkdUHFlDDalmZzL4haGdOTtVGa1Fx4MWAP9ZVUb156rNQBDuOUA5njNtjGJvx%2B7FZxJVs4oxd3%2FO%2BtcJ%2BADE1liIYBfo1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30cc07b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/font.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/font.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/font.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISn3iXVsabfzhRbrj4mo2cwtgq%2Bk%2FtXaTqqKQ4Z0fx3NPO6g1dgKDXgZXW1HLCrk%2Bqdk8BVvM%2Fx%2BeYZUablHpMlmDAd%2BWJFjbpXlb9FSfarOwS0FrdpeFtagPkzXIyecYqE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cd81cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nD5x9f7oGCHzMqmRWB33Z49HmXrj5l8Y5%2BhNHu%2B%2BNKOgjNc97M4dxaar%2FoxXa0KJYkp8aL3rUWGxmZNvIacut0YuLspoD0uRltvh8V57iltmHPvw7jqAN2VafooNm1pAXsk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4ce839b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w1GJju%2Bnel4y%2FE%2FDTu31vt1A1r%2FTJrN5hQVGDfZbYe5dbGFTZK8xYuOesK6TT1x1wRD9jNbw52QCAOB1gSs5Crfms2940woCO0YNmDAXdUre85MMUndjTFrpWTh1UQAh19E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cf845b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/css/font.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/css/font.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/css/font.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cQFAfNc1QURXgnt5RH%2Fl2a3kmW7iSthHtWdPrSgJeQaYgG8r%2FAQrHHrfK2kPsmJmv61yH3w67oNIW75d%2FWpL%2FWkGpFNoq7qbIYYfNedKQTPwNEQtToCnGENTNmg3CpDnWto%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2ce86db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NmZoll4clIhHJOQ1F%2BagBaxyTWX3yEvGj0XvMLS09vgtv1EkffTlDaBKh5HM0QdhwZMpxy0gPQpB7ShrxxrM97lu2qn07JjjC5sm5y3tBDVA%2BAC9LFqjGsRS4W%2B1o0kA%2Bp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2f8aeab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/bootstrap.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/bootstrap.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/js/bootstrap.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9d9lC8x4D%2BtAqkFZ0eUK2NQMtXQlZXKw%2BtBaPEfumHSdWuVdEm3ZrezANXTVe6lC9g%2FCf6cLGw2OJ0tFyKuyw1%2B2hNsyrpzpugedvARwVoCx5ys%2FkKxJoEAWuJEtqsdhN6g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3beeb5b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E3o%2F2lFdf9mQwyF%2B2NpCWgoRhpj8n4i9lLLLpe6RKTVpw%2F53iAYe4H63lNqyBsTs6KN7y%2FfyQiah2dI9ofN7OTRgIFxapFSFBWrP07ZP7%2BcpiRAb%2FgBhMNqtmoDSDwHoFvQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec433e40b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ueg6tQia0M5eDj1iKtSl2zF6ZHQxX%2FQ147oO8GKQ3XPbbNCvDPEGNrPLW4LbQOcYtum6r5%2FsWxxyewNYYMe2iWBbf9l8m57FM4YpjQV9YFw6uUm3uvhBFTaEkYy7kYHgoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46a9b7b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/js/jquery.toast.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/js/jquery.toast.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/js/jquery.toast.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xj9RlkPYvkSJAz8N53JmhwE9TAML4Q7u5d%2BVuUaQzxarWZAPTLq%2Fqyn1khtOYasDIVEE5oxvW43L7F7wooyFj0U%2Fo0YbLJ8nzfY7RAW5W%2BrZZGmmk8OcEd253q3mJb8c7hk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf888b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/js/jquery.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/js/jquery.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/js/jquery.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJ5MUivDUD2GuidEirmobbfpEFWst42vqCWWGtGz9gCA0cv%2B4wujtWOAFzxtxUDKxZEdpWWz9TteSFBD3X9%2B4tyl2Zu8o6Gu4M2Br9MLMBJA8%2FvGuMeEWm8v%2BlRF28gCUfw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30cc0bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/css/font.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/css/font.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/css/font.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GZ1IuTZt%2FAUPHuEB%2FbRaULqUaHmTd2sniiZlVPuhEWhHNgc%2BpM%2BGpbvuka1Up62Vsp6HkKzZ8VDY0%2F6wltnBi2xudCKUoQaM3cJ45MmAZnlsQPUvV5W0f4hRPyC%2BwS831qM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3f7a5bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=syf7r5kYZ1TBUArv7%2FROOMrkPKGkZ2G9lMaM0c8lbDhUsbAQ5Nd5YDgfFb289i4%2Bh3HuLCeJRX%2B1IY3VFfyMbe%2BUcA6a%2B%2BGAptP0F5F9VhwdleBBullJ18NtoJAa4sDXUoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec385b7bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/css/styles.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/css/styles.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/css/styles.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=thjeNVmhf43qmpBXpjRO6nKLWqjm%2F%2B8BLJ7%2ByYoiJXHfe7Pz3%2F4IsN4lzaNUCbdahHZ38ur1W0SDy1KLLglc99p8OESEIouOu3WsJkdoitg57k%2FZBZzRM4cvtbjLPG7YKu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2ce86eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2B94okBiRvllFxKIceush8euYgOmyd%2BsVHliVkGIB8LX5CKq4rmZ9ZXMT4F2ZNcYXNXtrnPeZe1IqhWrAi%2BudFlUOHwglbfUC1WnWTJIfU5f4b%2BW4mpMUPUubK2dpGreDRc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2f8aefb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/js/social-proof.js?x2223 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/js/social-proof.js?x2223 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/js/social-proof.js?x2223 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdVjvR3xp0NNYmFpqPcDdLt68tNy5kM89MDEJgcqkskVm%2F5VxB0oi%2Fffuz81%2F8VIadIFlCinauAarofq7IK%2FY%2Bl78l09ArGy6S5US9X1kwkuq%2B98BgjbrLyjLUjp9J%2B7N9I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec34aff4b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUWa6A5cqcxIQy7cjMC4j%2BODeO3ZBuuoDs5RTFw5NGW35ySuYrlMUfcLZwOTQftoPuKesZwKcbg0zdHwlYjXVluFhblik%2FALVSTkwqp9R76vYCeyqPwnMje2KXJ0U1MRfb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec370a46b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/js/popper.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/js/popper.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/js/popper.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkzVfxQeZ2716HxEf3UNhYvPU4Sy0y%2Fs7WeoxfdPD5dIln9gKxV187lXypmCRKYKcPPu2TdofWm5GgIYv1vJwwYyu3pvYIxQkH4eDMKW5577wvxEzww5afhRwn5w40NJQYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec385b7fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZnRRE%2BZ%2FHP9TwkTSTigD9KZ2u0LZGp0SWALEhs%2FfLEw3bXH1eBq0%2FVxCkRzbYPIq%2Fk%2BtMVk4Xp6l1tI%2BH2rIIfuVW2qEd5UA948U60%2Bc2eowe05j0NCzEkFmIwc9TisFigQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec41eca0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AoVTBdf9BYK%2FAds6baJsd7Asbr9szySjI8sLWE82gA8bijBzYKUqqJ0D1YIZLWzOQSzCn4AlOs%2FWjv%2Bo36lBNXjLNHii4anug6J4hZcr8a%2FN96kquvLQypaQOQp6q81QTSw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3bdeaab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/app.js?e | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/js/app.js?e IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/js/app.js?e HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EOXUvtAAYYiPUHxrQnTnF5JUbzWJtY0RK%2Bk2X8xG85ij7fnsgB3Acyq2hQa7CRwD3B9uhtJ4ed6aq4hTMHuu2FXSs0JOntcKAvJHN6AEfLDBoAayZo%2FIED%2F5aJUxuWWikp0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3faa9eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTSad6WPrEgmDnGjoxtBlPmJE4SwzvDVR0B0s9TgH%2FlxOIAYLGgWKBiWEf4ZvzyvD3ITHNGaNsGs4qt0G48AOEz90BmzWyR4se9FOwbZNZkEWoLkb3JmLv3vyxmshq6%2F2Vg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec456881b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/font.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/font.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/font.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2FASLJksqpsew6Q89Fk7oL1bE3u4yqBgqTSpWqP%2FdfxBXtSQqOu4GzTnwQhgkybfnIkLu52fN81aXxxPL2uiwlNarsw3Qq49Tsh4X7jD7kQvNzQSNrT5Tt3Swyt6GXlsqkU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a4cffb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/favicon-16x16.png?3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/favicon-16x16.png?3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/favicon-16x16.png?3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RbuCRiVlVAV%2FsLhUvayx%2F3i42iZNVD27p%2B3Udy3Dxb3rEsf79ndCk3U8fKmTrno%2BftGM%2B1BjnR3UbiOWPrpIGvJu2IkDqoVg1lfpRvndpAo%2FAeiI5465xNx09M9xs2ZFt4o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec305ba6b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/js/social-proof.js?x2223 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/js/social-proof.js?x2223 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/js/social-proof.js?x2223 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=daMzvgJzmy0EebmaCJqvpGq4gZBz3%2FStVcoXE28%2BNVUBC5Hixu4ywNQRKtFL7wXofVQdA1aZy6yUk9atNbZUiZzTGAYYUf%2BclXkFNydZpb8hJXlSwPepyTR5%2FbF55QuOYHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec386b86b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/css/styles.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/css/styles.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/css/styles.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OX9Gh2vKJLAC%2Bnd1iuDYjNp042lD39fzRCi6mBRl4%2BkchZf5HpHiS505iaA25P08RK1tAL4XYyewISocVZMhkdX5Sa5T54FPXRcx5lVE0IOoVwTBbCSkeQipB6FknuG3LI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3bce90b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/css/styles.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/css/styles.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/css/styles.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0kjITpNmqY%2FbwuDjnBUC3VzugYCBFdxkIhD4io0NBzgZARWdhge0mTRKPUDWp30zwXgGmlc0j9oP4%2FdTZTN0pDdqeTttNLKW0xcENscPcwDVfwGMwWUKC8ntqkRWsmYZEi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec347fc7b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rCCWj2P7Jdk5AaGb4L8otlo5n9FkhytJ3sBtw%2FB%2Frjny%2FEpXaJc46pmLfetBNKIbP6w6GtabI87sh1lLfWHr5ldE3gc%2FbKbWeEkk11iorje1P%2FbiE8aOlR9du9VpwnHipCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec434e5cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lO1pAp4s7DGTAmXIhaw2LAET9enpLIkVn53ZtlgysR0JAKOKgCFR8U6N0CAmHPkr6sXAG0QZI9Vkvztz2N2klkdjxyxdlh2MscPpvu5M7TTk1BC3rS4KOvXpqVVfYzTCUQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4ce836b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mA%2BZBIIGkDsNHOim%2BkQwYmKFeX8AF0jhBt63YsX7abbJdcwstgkzeHpiTJpjiqtnvaf9OncDoeftVKqJSGG%2F2AA1vJ7KOg%2Ftzo0edfINZreMD7kYvrWXsKtMwKSfedIvEb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2ce875b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1J19b50eRVble8abuDSRDENWK9bMQSrk6M6mbceiFxEqCWJPporwWV4Ls5SBgdFrKXXR8BSRNghmNET7m68w3of3QDs0v9z9mJlCY1M0nxVimAVodoGdlicpd%2B64CT8uS0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46a9afb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/css/bootstrap.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ce%2BXAyXjMCe%2FAOV%2FO8wc3Sb9x0r0j9HVvMHUzgOR07z%2BxW2g7URuvl7l4K7%2B4p4r6sFjh9YDhwXcGdd5thQ89OP2K5oleaGWtWnjt7WF8LA%2FQtY%2FQOujbpkLJM%2B01tABFLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cd817b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/app.js?e | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/app.js?e IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/app.js?e HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8pV0UYsafM%2Bdf05r9wFCvB7mXNUCbsUKB5GRq%2Buj8B6hSGY1%2BpgTnXYD9k61CAzE9mKXVcF7%2FZgov6nNwL9J9f42SkxDuk8Wr0jgWTsYlL6b1pukqQF1FQSKHx83z8vuqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a7d44b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OX%2FvVS7aWBNd%2BbPiXSVVUEX2rfbtZVPhve%2FsZ0%2FD7SLX0TldY72cTb0j14vcqmteEN9ycc%2BT0nlenJob8giLjAr8dZ3l86WuGESqZ7oWNw5XyHaPAyz75BdfkKx5XxCrHqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46a9b4b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/jquery.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PDyvo4igVgiritpgYz82WozYgxZqNDA0T8DED%2BiPCPbpBreJNJXmDetPh%2FQrE2OGS1zILrL5rnyLP1oDADSNUxXxBBrutxJVy8YiDrC%2BneOzN0w5SBhMJS9iy56z0GJt54U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a4d07b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nv89wpWEbmRjSThWWNQQEqcSOo9pQj7IYPIaAIXNceMf%2FhzV7VOkmSnH0hRzYWFqbO%2FhgfVZSKX%2BrqZe%2B7Gw2I0opPNHz0NZHXOJWzftwyTEu%2Bx9D9jSatys12YL0AdXnLw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec349fe3b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kQpmVlW%2FxpNbqJHxUGNCNySy8E1mhYpSwLW6OJnW8CMHXJgS5N8xD%2BLJZQNwLqmPhb2qG1aHtDZLptpsqfAhF4nanBwgdxAh31Lsihw0iOEh5tjOIvr1La4seKhlaRqxRSE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3bdeabb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3yjjbR4vW8gWYCEfgcWIdbI8Xm6u9B0AbPh8gCJGxZAptBhNh1fI8GYPLkYb8%2BBRwdAPfk4vzLkiSAUr6ICY6fkvXNCknJoAoeoplAAGVQCALyxnXVaCr1EngT5IRHypIK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a6d32b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/js/social-proof.js?x2223 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/js/social-proof.js?x2223 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/js/social-proof.js?x2223 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4auduuoedk8TYaWgQ81%2BAZbCr0J352zJBlJWzMLBxNUEof%2B0nmHcZkNbPAu0t%2FnKXeYzz9RYcxK5YsIrLKkQ2p8zfLbdORgsIP5egKek4VU%2BpNNcVNNeGoi94PgHBPevl9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf88ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dz0A4L7gODGMLdA5fJ%2B7AxdOruyAHaXRqdIDmCwwMO%2F47Ave3VmuvsJIENi7qhE8XIeejYkTaCg5rpYqaimq91fPlXTY%2BBAEiRH60GCsIf5Drz44iYCOpns4iPorjHnGs%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec336ea4b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJHU7wdzsM6mlKhdSL0qRmsyPLV0OQWleR1vRBlzTz%2FJPhTvgNwbH6dt04%2Bv8C8XC6pQz6V9YFPJDhgvonjaDu7zbBL0tjmm6gpRp3VnUBA7dkb9M2Jwc0SQfQKYvw%2B2ldQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4cf83fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/css/bootstrap.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/css/bootstrap.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/css/bootstrap.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8dSNZZ%2FI7gLhN3uwOhlUEC7rdsmVT0E6eEc1xR4MwrtClZL6yjT7sDP%2BZDltTNz7TQa2aQgETUrfe%2BROYIV43sK9CbOcUNrH2Vii7Trui%2FLtV9vyaS3lfyPqtlnsQEgmf1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec384b65b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KOUtxo0VLoYcMFHJFW2D%2F1CPjlzJ2s6JaHZi3jZboTYL8v%2Bf7hNbODdmlJY1m9CwxEXnwFHN1wJZZmGdXYTt7tecX%2Bgr25%2B7QCdh7Ut8emWqeryuuPY57NfzNmKf0KUzeac%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3a9d7db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F47S6sVQPv7csEru15fhA5Qml981SINzNvk%2B5yfopSr9b%2BpKSIePfuExKMDSUrlxJbuckahNmf3M5rI13fgwaQY8biQu6MRs7nnBYHt1Jcrb1Q3gxAsvLWkcW4WAwDgQtmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec45687eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/js/jquery.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/js/jquery.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/js/jquery.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bM2lWiwtg9OMTxMh56ocNyK%2BjE%2FikqdxoMFJrMucug5ZUs30JyBUQxhmgatIHGDnaVdUL3gZCiMMKWJ2aVhxO09U3DpeJKueP591%2BDu4bHcmPFfhNTFmnwdI9y7jTxt8Ifg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec384b6bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/popper.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/popper.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/js/popper.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SA0oz8ZRJQ%2FOZxhctl3mxrneWwTlawpoZhMZHjNIX5bVncJNR84fPZaLvAyVZe3wfOjIELFH%2F3NOovqFACeRYkpz8%2FpKLb2MxzMToY2JhS4mUAHJBw0VS0mr4GvCUErTb%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3beeb0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUFiPa0pftAIHxpo6KaPRzMkGbbYfSEA%2FgTJp5DNZ5otsO0nkCp0kdqyoVA3QSoh6XLM3rUaJDL6gVGPB%2B%2BDnkW5wdozDjVh6lwy5A88JAjG0%2FHGegjWF5Bu%2Fmgx5H2Y7y4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec433e3ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rsmoDIazyZrzCbaIChthatM8CxUkMal52UjznxFvWmVYJLLIRDOI9fJOk7Venb%2BYZpXH%2BjHqvJC59VErHJHYcQ1QdFJUDYRQVfExnwmBeROze%2B3TaVyol10q9OfJumI4FbU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4f1a2ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/js/bootstrap.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/js/bootstrap.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/js/bootstrap.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IfNKvnK69n5MJLzzYyLwvGP6z0i6K2NN1mX9MuswkBklqaypRiIQU5Um9FE1FtjPegg5zKSc49jSGtva3XOgVKjitHhJR7zKN2mt0QDa94vkfoe5sbfwT%2Fz25NwJtGKGYu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30dc2bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/js/popper.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J7P16kTDAMOQ3NQtrQr0rtH2qIErDSGMnxIxsedweZ8TXrShhuH8koe%2B9rlLg4fTZSPCtpjytd5ual14dxy4RFpq%2BtkP3n7eJXUfx0bPOfMWs7m%2BMjdSdMhqPbdx8NzUQDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46b9bdb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3hqgqSIZJc4N%2FFhrU%2BrOZJTg%2FH71yPNfVxEX3w33FF1ZI1HzOPVlK0Asu6sMegDKuRE%2F6DyqSclozQGHsa76336hewA0kDdZzLimuEcLlqztL7ecO7T5z5XwFtoJiYnTioY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec491c04b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9cvkUqMGFnO2KDy2lYU9pnmGFHZeDpOoMjBZrjo5X%2FJsRyTExvxHt%2Bs%2Fd518rtZYqskSCV1xHay0zyy23YNk19lcoQEc%2BmSfmhCNzVRpX23vieRY3ERenxdjga%2BYLM3CNtU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4b9e64b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/subway.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AlndsMzXfRoSLm%2BVuE6iD732O1O%2B9%2Bm820DDJ0Kxh1fkk9DIjdvCKlOGWEF33E7Tre1%2BmBWovv7wrRc8OHm8Dkg2P9FwmWrSV8L7fN%2BaIMwvrzgAv1Fn7mT0I3f7R4tJHYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec41fcbdb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1cJIfxlOw4K9cEFa18HmoNzSbdwQDHdL4w%2FVj1ENWmQJM3vT%2FDLJHQiHWN%2FTmysjJ00p8P2aOuwWmUq9cINrRQkvS6%2BvyXvA%2BmbzUF3J6xwxQnrjoK9nAbBrL6rQ3QWKXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec45687ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hH3jVmOJ%2F7jM%2BC883h9JwElOoqqImxX0FsEopmSQAJklbPedi%2BYYJTVIVj6BHKANFoIIGAYRACVzqV%2FpoVjWFHnfbIvwdQ5K1fqF%2B%2BcrLo0YvS3TjulNtfi7nSYkvqQ%2FfXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec456884b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/assets/js/social-proof.js?x2223 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0f3I3LIZZQm4JrkqkxOy%2FPkR6gYLEax%2FgOJmpP0MWk0dmjpcQ4NJ9JPQ%2BHPgDqO1%2B7QI%2BiWCk4n7tOUS3H2zgySAZY%2BU9l9Wah0%2FjieRUSAyAVDow5wSvYb%2Fkjqe2P621Z8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4a7d47b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/js/popper.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/js/popper.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/js/popper.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7P4q31W6WGPL3hU%2BWdr3qUzkNIdKyJN%2FygR2uwdHTZk6aF9gEedcTbsO5%2F1%2BFnGgSk4wS6X7cXpQz844xIJAylNx7bt6%2B0%2ByV%2Bd23dgzIQ5GyS2Bc5jg1VyflwYzdVL5qw4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf884b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EFfR4fY7V3g1K8rLJBa%2B%2BzX1PMTJxTHHvebfcFsfD7Czxol%2F3%2BZGsQobUAFZh6qDqvhm48FUGYnxlVR8SUcGOmENAR1DGyG3zRJOMOtPrAENBUXjJGQITsyhX%2BwENT%2B2yqw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec385b7db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/jquery.min.js | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/assets/js/jquery.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/assets/js/jquery.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHhZpmo9tTWqQ19s%2FZr8oGwz%2FjhoCHcCklmGMxjX2YF%2FtFg6DsiNT%2FenxTIqvbXSBLhO2yGa2WTC1q1biys7geBdzk59XfW1woCXFtYZ9hgZJhgyoFOc8S08b4bps9bF888%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3bce94b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5oBZskZw2AlbgW1MyY8DByhSIeoGtySAgxqbjtopuCiaigvIcZPRKEROTF83obwrMtpu4%2BMlKu%2BdR29A7jPxSu1ulx4XFfFylMl4oJ7hgnXC4ScvY3%2FC5FScugZ84Ah8LXU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4f0a15b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561463.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561463.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:44 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NIylL4ZG%2BtuPUF7Q8N9%2F8s3MC%2B9awhx5t6rIscJJqFKSKcTxqktxb%2FJDGU3EHCMWiqKNTh89Zck1LIui8wpCijqEuHYPKpx9c%2BO3ltMZfEqiEZr5C11pDWLSEUKBvs0NySA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec4f2a2bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.0.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bR1aZSXVksZJ8sukrgzH1NDxCe627mANx%2BsfWFd%2B52XqYP4Je7gX5T4kr6INlQcJb8bP0po93zqG9IG7YuC4yeImSu3VovwQdaqkDH0eZCD%2B2mvP3ojC6CLntpX%2BA8I1S%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec30dc1ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/assets/css/font.css | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/assets/css/font.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/assets/css/font.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561459.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.0.1713561459.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IYt2VhFt1hKpzn1jwMsWvicQpmPN%2B%2BT0iIriaGkYZUtmiunnXYPmZzr4%2BEblE4QwRkw3W0FfY4sef19p52TSt5jc7nBvSEjG86VKfAvPY9sJVDeakelNSdoOq81A%2FpyEr5E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec347fc1b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561460.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561460.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:41 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mpgjUBWkgZ2o2X3MlOeELUCAXpuBgjMMwKQir9FGfuAUx7hBvDzARcn9%2Fuda1%2FLnOXk8rcl5eJ3T0lFxH3UZCZomIQuulpYXKlPnbFBc9XjdyZf7G1%2FJGADMNvxhVPpUWUE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec3a9d7ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/inc/inc/assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561462.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561462.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:43 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64FzYNRjueZaf90%2BBcZsrMZyQkzsqyr6X883F1ujgYfc5JZLAPBIWSIxORLjCRBxPbQsHIX3Eoz9v4pNu2HzLE8qG1Ci80Ky%2Bo1F7SlT7jY5eDqdz%2FFsrtIhUU4KqmAh10A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec46a9a7b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/assets/images/intel.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 19 Apr 2024 21:17:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVygh7DHSla0beuPSV89YkZtOVBkrffd%2FQcRZTS1cVBPg5I1Zfn0zPCx2N3z7oLRNA97T2lrPzm3AjQ4%2BI2Q5cU0X0m9DJymQdOget7O66ZmXjVMd3maasMwgMiMEsnPxTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec2cf87fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/feedex.png | 104.21.94.106 | 200 OK | 13 kB |
URL GET HTTP/3adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php/inc/inc/inc/inc/inc/assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php/inc/inc/inc/inc/inc/mytongji.html?utm_source=adscashnqx.buzz
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713561459.1.1.1713561461.0.0.0; _ga=GA1.1.883757031.1713561459; _ga_0EWK671GB8=GS1.1.1713561459.1.1.1713561461.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 21:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 19 Apr 2024 21:17:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdqKOtB0uDomtrJ9mDIhut0bxTn7MOnV32A8sqZwh%2BHfDNv1XLmLETh25a3LSCa%2FzlfapHNqH%2Bl7F7xwI5WIpxvuCwmAZxfzXG49sD33C8X7rONpO%2B%2BpsZZ1rMOb0oTT9S8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876fec41fcc1b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|