Report - mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/

Report Overview

Submitted URL
mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/
IP
104.21.73.239
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 16:19:47
Access
public
Website Title
Final URL
mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-17	7.6 kB	802 kB	104.17.3.184
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-17	1.8 kB	129 kB	142.250.74.106
mozartbulls.top	unknown	2024-02-10	2024-02-12	2024-04-16	4.7 kB	106 kB	104.21.73.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	mozartbulls.top	Sinkholed
2024-04-17	medium	mozartbulls.top	Sinkholed
2024-04-17	medium	mozartbulls.top	Sinkholed
2024-04-17	medium	mozartbulls.top	Sinkholed
2024-04-17	medium	mozartbulls.top	Sinkholed
2024-04-17	medium	mozartbulls.top	Sinkholed
2024-04-17	medium	mozartbulls.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (36)

	URL	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r6jpm/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal	3.6 kB	2024-04-17	2024-04-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r6jpm/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 18:19:48 Last Seen2024-04-17 18:19:48 Times Seen1 Hash 6917819340c4bfdcc5c006ba39003f95 8867146a86d4b7af4a27bf2831977146de908ecc 497a82eb75dd8a7eccaa9eeec560abe10ff72121f75909c33d604f3af45496fe Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=875dbd0c6e4692ee	428 kB	2024-04-17	2024-04-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=875dbd0c6e4692ee IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 18:19:48 Last Seen2024-04-17 18:19:48 Times Seen1 Hash 76c1805a7db9c158ec01f2219031565e 8231c7428d8062d4a3a7ca57706e5502161a03ea ba53027daa831d86ade672b79f0b250011a41c75fdac79810121d91b044dd2a1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - a6520d155c409fc63674b74a4500439b	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:48 Last Seen2024-04-17 18:19:48 Times Seen1 Hash a6520d155c409fc63674b74a4500439b 0466df7e63ac48fad8cb68fa48242d9fe87f82c6 ce644c8c1a93f9cab198be64a90c5f401aed859c5d3f851cc8479fac15a9cea6 Loading...

	#2 Eval - 2bb0254d8e08ec5ab56aeaef8e2b0d3b	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:48 Last Seen2024-04-17 18:19:48 Times Seen1 Hash 2bb0254d8e08ec5ab56aeaef8e2b0d3b e0b05490bd6006e1afd445b8f0f5a10dd9245bea e1408a3094f615857e651b2721442783db1b8bd0eb84fd684e99852d9ad09ec9 Loading...

	#3 Eval - 16549844058e030392449c307cd3b4a1	142 B	2024-04-17	2024-04-19
Pretty Observations First Seen2024-04-17 16:39:32 Last Seen2024-04-19 12:24:13 Times Seen96 Hash 16549844058e030392449c307cd3b4a1 b095927b508c4960362343d7c00da2b3beea83d9 3a2d31b38b0835d2942cfd57c46d82a3b2e02e84841819a3c01bec45d52de9ca Loading...

	#4 Eval - b729379abab8aeb8bd33c0e57b81c419	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:48 Last Seen2024-04-17 18:19:48 Times Seen1 Hash b729379abab8aeb8bd33c0e57b81c419 d1793dbda3c68dd39ebf2693b2d226762b4b7c40 3135b58e8550316ed9ce07dd693b80f3cbf2822930f7662761925a640c9f8a63 Loading...

	#5 Eval - d7e13207a93760b594de140d4961cff8	161 B	2024-04-17	2024-04-19
Pretty Observations First Seen2024-04-17 14:30:15 Last Seen2024-04-19 09:43:07 Times Seen102 Hash d7e13207a93760b594de140d4961cff8 b62363a5d48a4d8c812c41c546852919ffd608bb 30a8a2ad53b8f62af74a96fbda1a34d23391bdcf90e9060af04d31a1834cf7de Loading...

	#6 Eval - 2f10d159e23a7f2352424113d68d49ba	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:48 Last Seen2024-04-17 18:19:48 Times Seen1 Hash 2f10d159e23a7f2352424113d68d49ba e3a42dc513682283d8f5d61ed7f1d6bdb60388e0 c19e8b205f9349ea93f3e6afa292cdc0eb3f94cd631c668e012b2cb164d02a2b Loading...

	#7 Eval - 1056e67939695b23e03593f7ecc4cda6	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:48 Last Seen2024-04-17 18:19:48 Times Seen1 Hash 1056e67939695b23e03593f7ecc4cda6 26710d2115b4bcb3d2466eacbe9f78df638d4a64 758186643975d20416d628eeff90bfcc235fdb293035ef2e69ddc3e6c08949f1 Loading...

	#8 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-30
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-30 17:22:31 Times Seen350830 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#9 Eval - 2428e1a4d168f2d257b90e1324577afb	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:48 Last Seen2024-04-17 18:19:48 Times Seen1 Hash 2428e1a4d168f2d257b90e1324577afb afdd591f5afb01d08c3a78e10ff49bbd1ecf47ef fbfc83a74876ca52495e0a01252542bdef69c9de9afec863c685985216862d8a Loading...

	#10 Eval - 9fba386b83419a08ff1faa8007dd23a1	60 B	2024-04-17	2024-04-19
Pretty Observations First Seen2024-04-17 14:11:25 Last Seen2024-04-19 12:29:21 Times Seen535 Hash 9fba386b83419a08ff1faa8007dd23a1 c6148c7d249ddcfe37f49e99ac7cb60fe3bd43f2 a197c137af56d7b49dd589ed67e397152047dea7b7a147b0403d07bd1c6d59ee Loading...

	#11 Eval - ab23956296af8a2d5b06961b7a6b5299	664 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash ab23956296af8a2d5b06961b7a6b5299 45619fc50c21ac38a067a6b4d225b9cf20374a7a e4a1ae689a0f043ab1b5a031691ba3ea3519971d376b8f60ba4de5016c631a7a Loading...

	#12 Eval - 18c0f57e94f39be225e0aea3c24344f5	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 18c0f57e94f39be225e0aea3c24344f5 e69fa536ee14050160f7bc19200e05d66e09653c 986d23401a9fcc8673fbbf156a9aca5d5bac290ee179b686f11b498659a0926d Loading...

	#13 Eval - abea643d0adbb67290f7999093b3a116	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash abea643d0adbb67290f7999093b3a116 a7dddc567826bf81f1ec14a30005299362845698 b242bc774a046323208166a01e9a2ad74e8c6cfc87d58f17fa3c42b024a6ab0c Loading...

	#14 Eval - 4e4bc3c5f60cf7ab631c6646922e249f	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 4e4bc3c5f60cf7ab631c6646922e249f 5bab6c317021703bfd6a760b42b8e90654346dfc b2c5f5b5d35b72a51e8d9970a90cce49ba9dd9778836d33f2c8d5d0648f3429c Loading...

	#15 Eval - 149f162da470fec24968e14394336fe2	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 149f162da470fec24968e14394336fe2 f5d6094eaa388d800100128bdbc28ef295985107 41ee6da0d9ba7c68605eae14f214875cea34a0e9c9804c6f1a2710cf8ad25d8b Loading...

	#16 Eval - 028d5216de046256cdb46c1eebf7d10b	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 028d5216de046256cdb46c1eebf7d10b eec8bea57559d9ffb04f83e2f8f868fb66755c85 6baa4a523f106c3f8a39d3180b82a26cfc60f336a30e36af68cbb18c219c5a8d Loading...

	#17 Eval - 20172838ea491024adbbf72fc1c668c3	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 20172838ea491024adbbf72fc1c668c3 c0905d5062b7a92e079eb2a5dee0c28d42f0c82f b634b444c4748a4258f831775b599181b2472579727d229c29a50223f88366dd Loading...

	#18 Eval - b886e8796b7651fd043cf6d7f60e92bf	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash b886e8796b7651fd043cf6d7f60e92bf c9c01f42dd337a1774c60799e8ec8736a2d44cf6 ffe643ff58f5a1e42103e6c2886cf116c4f7d6a18cd3fa7aeff98496a18ff719 Loading...

	#19 Eval - a541c3505afcb03437e71d614fa67c16	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash a541c3505afcb03437e71d614fa67c16 28cdfb1a3fed7abf5d940857e1103677007312c8 625ec67b78674d7e058a752b767d21375abc5dc4808e67cca250ade163dfa89d Loading...

	#20 Eval - 2bc8a800b11e4731cf9282342b875379	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 2bc8a800b11e4731cf9282342b875379 d5eef6cfe35b9e708268b160df960eb4102d9537 284d9552a5d62f66ae72467916e7248f5f829c7b9a304bbdbcfb82da05d98b3c Loading...

	#21 Eval - 2ecf074131ea105923328e6453e2f389	1.0 kB	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 2ecf074131ea105923328e6453e2f389 18ac9d345075c90579f3901c2582ac509dd18a62 8a9c9f4b00cbf2f114abffdb6ac344e332e81d86e4b03e7d4c690c22995fc31a Loading...

	#22 Eval - 824d179eada1c0d1bdd66017285ce452	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 824d179eada1c0d1bdd66017285ce452 6d95815235aeb557e1b455c5eebc30214bc1bd3a 4669964ada10003a670d5c9b4e54354b7a429e1600593bd482faf4633de76270 Loading...

	#23 Eval - 9ad22c4b1e57fcf9b0cb22f3951f688b	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 9ad22c4b1e57fcf9b0cb22f3951f688b b47a24f22a3bdee9a7803d914e222cb3084fb55a 620f5444c21efdd4cc88d206f7be4572c699f8d1a1348ad681baa5803349031d Loading...

	#24 Eval - 116095815fface8efab77dc31565a37d	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 116095815fface8efab77dc31565a37d 2452a836f0477d8489b994fb3d11450d28daccb8 4c76f36a3b403866fb82228b288c5b3d934c0008c785fc4c2b7bdef55a9155df Loading...

	#25 Eval - ba65bed32bdbe900fc7ff6ce38b3eb00	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash ba65bed32bdbe900fc7ff6ce38b3eb00 055b4d0e0c492c3e4a4f534f34189a63ea8ed8a6 e1d619653b8a26c042af1dc4823e1f2b29f239a0e6f56f9ca464d3d101ec0b8c Loading...

	#26 Eval - dc79ed141b5803ea106375ad6bf7b085	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash dc79ed141b5803ea106375ad6bf7b085 0a25ba3c7163f0ac4d2e483396a344dacbb55a14 884f97b5757a6ac62788f6e2345c0e3c33193fd2cbc9725b147ec18bd1cc8dee Loading...

	#27 Eval - c001580cd653b092cd74dff06d5cb0ba	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash c001580cd653b092cd74dff06d5cb0ba 4f9ba37f235ad182aa856e62a18c7779f40cbae3 f8c79a338c485f425450395c5654a68b97e5a8fb9d29df69f8114b368d9e9124 Loading...

	#28 Eval - 10075c8eec841162a5de7557155e61fe	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 10075c8eec841162a5de7557155e61fe f88b41bf0ff78001fb3bf9d6e9bfe930f3f3c8ae a66c95fb77b37ac187065cff74d63bcbf70fe5c3cd0abd53a949eebb46103e77 Loading...

	#29 Eval - b29ffa08129ae141e98c9d6c7e16f930	491 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash b29ffa08129ae141e98c9d6c7e16f930 be172376bd3b877faa287aa7bdfcea7b77ad6a18 262b41d8da77aa4ae99529826d865bd6dd4338e6c1140495a7cba7a0d90876aa Loading...

	#30 Eval - 3cb3e94af1c9862bc8b63b31433e059d	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 3cb3e94af1c9862bc8b63b31433e059d 31599f4aa86cef5dcfd3f1765b24c71ed77c51d5 e1589712ad70960a35fca2ebbc8920f5076308fa430c22ce27c682ccc362fbe9 Loading...

	#31 Eval - 2af874eb6ad292cd4cf490a5e1661841	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 2af874eb6ad292cd4cf490a5e1661841 b912b9fd4ec7e24ce74ebec848568d8f7ff54c01 7626aa19f6630c6004ae2ebc87ea2147cd45ad5204271e296713b84b21867b0f Loading...

	#32 Eval - b89001e90f6f16fdcd08d3853ce0b7ed	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash b89001e90f6f16fdcd08d3853ce0b7ed 901ab4fb0326c8deb67c97c3935a4adb0c8f30f7 4bd7c3b29cd27e413ed0711d901022671ec8ac78ca869af762ef07c26965b4cf Loading...

	#33 Eval - 2b01a4c7294ca7871cb7a4c48966ab61	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash 2b01a4c7294ca7871cb7a4c48966ab61 fa2523f8e36c7ca1b6e9bc66bd652c719f8b9f8d f4125ecc48b41a560e174ce10391700d0e07476dc5b89ca0808da378dbd7bd48 Loading...

	#34 Eval - c013906ba65764aaacaaba7acfdcd6f8	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 18:19:49 Last Seen2024-04-17 18:19:49 Times Seen1 Hash c013906ba65764aaacaaba7acfdcd6f8 93cb1d7c76364a6a8674675747588851c7af46f8 6312e5c6a65d0b631bd10239e23c60a830339a6d5eef43236a76fdaa81ef60a4 Loading...

HTTP Transactions (25)

URL IP Response Size

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 17 Apr 2024 16:19:22 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/54ea73d52131/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbc805fb310b1-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.106

31 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 123909
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js

104.17.3.184

200 OK

15 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
15 kB (14742 bytes)
Hash
374fec8b5e50cd6ab980f3fef21a5aa0
7f474607991a19b6f1b78cc32e0f75b501b60774
8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a

HTTP Headers

GET /turnstile/v0/g/54ea73d52131/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mozartbulls.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:19:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbc80981f10b1-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mozartbulls.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.73.239

0 B

URL
mozartbulls.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.73.239:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 17 Apr 2024 16:19:22 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=37RNtZvXjGuzvSHd6yySGJLrDpEiVG4SZpFuPliWIzV07mUUtYnMgPv1TPYzfZP9v%2BuFD%2FW8vMIma%2Bw8aNykjS00mBNw5OVPRqX3XNpfMPiXlr18UL4%2FhdHmGM4Oi8O2oA8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbc81689e8f5c-CPH
alt-svc: h3=":443"; ma=86400

mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/

104.21.73.239

5.6 kB

URL User Request GET
mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/
IP
104.21.73.239:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectmozartbulls.top
Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3
ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT

File type
HTML document, ASCII text, with very long lines (1863), with no line terminators
Size
5.6 kB (5621 bytes)
Hash
a774459f94f64555a7dc8c201cd86f85
cfc881fe4f6c092ae7b39aed2975081916e8ac1e
ad30e0078d713597f93545a417b9fbb0a57a567dd3937c7dca689c67d3566de6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/ HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:19:22 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fE%2FxmQkRKD1sMmrYJbDmwKwVL4S4P1u%2BCbN7Ex8nNZ4Av1XaK8BDYu7Gzb6rW66fHhDgU8xsTzgucGv%2Bc1m5jmrXncmAodFl8YnO%2BRUhP5e%2B%2B8PdCJo3BGT8W0sKxKs5tbo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbc7d8d4e92e8-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mozartbulls.top/cdn-cgi/challenge-platform/h/g/jsd/r/875dbc7d8d4e92e8

104.21.73.239

6.8 kB

URL
mozartbulls.top/cdn-cgi/challenge-platform/h/g/jsd/r/875dbc7d8d4e92e8
IP
104.21.73.239:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.8 kB (6776 bytes)
Hash
e4886e3bbf683d01a616803d14d79df1
223fd9872451806681b003eb17d429e5227066e0
86b8c1a48e4576b5d95c0ff45fc6af34554b37ddf7a1e76a7cb3aac1c9186509

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/875dbc7d8d4e92e8 HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12261
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:22 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=IXIJp4DuroAcPLSzZRRfIUpiM7zZtrZFCHxDj3MsSX8-1713370762-1.0.1.1-2rZ09xqWT1HUhfegEA1ltVh_vRj95pYPOoh.hmwJipuFBs9aEEbEtC.kFU79RcvYi4OckB4QIsykf93gzA45_w; path=/; expires=Thu, 17-Apr-25 16:19:22 GMT; domain=.mozartbulls.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Va1CxhvZ0TjyW8KzQkcR1HwLYpPjYBfZ%2FSxgy5CvyTqaEL5GoqIoagMd9AbX8q5zi4rPYrNDLlJxkm40%2FENIxc1cEr8yQSm%2Fsf5ZDEYOLUSAU9XWxKSjKH%2B9MOUZEMyBtIY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbc829b278f5c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.106

31 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 123916
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 17 Apr 2024 16:19:29 GMT
content-length: 0
location: /turnstile/v0/g/54ea73d52131/api.js
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbcaacb2392ee-CPH
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=875dbc8189b592ee

104.17.3.184

128 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=875dbc8189b592ee
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
128 kB (127452 bytes)
Hash
571c2e709a22e87756c322802b7a2008
1510cb9fbe741ae365828f322bcd346242dc9ea6
78a96fbed539e1b93b9b999062b2d20da7e1f481ac31488b23898669ef6f81f4

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=875dbc8189b592ee HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fwhu5/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 875dbc9c480492ee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js

104.17.3.184

200 OK

22 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
22 kB (22005 bytes)
Hash
374fec8b5e50cd6ab980f3fef21a5aa0
7f474607991a19b6f1b78cc32e0f75b501b60774
8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a

HTTP Headers

GET /turnstile/v0/g/54ea73d52131/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mozartbulls.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:29 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbcab1b9692ee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.106

31 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 123919
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 17 Apr 2024 16:19:32 GMT
content-length: 0
cache-control: max-age=300, public
location: /turnstile/v0/g/54ea73d52131/api.js
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbcbd4ff092ee-CPH
alt-svc: h3=":443"; ma=86400

mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/

104.21.73.239

7.9 kB

URL User Request GET
mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/
IP
104.21.73.239:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectmozartbulls.top
Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3
ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT

File type
HTML document, ASCII text, with very long lines (745), with no line terminators
Size
7.9 kB (7875 bytes)
Hash
5f2fdced1d67c7bca5bdfdd2417bd2db
e4a25bdcdd21394a31e202e8fd06a2b911c80b69
07499f63f512bafd7b4bb4b9d1e1ee48571bc1e17509d72fabfac218d0b2ceab

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/ HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=0k_0RQKGcJDaFN5S_QfpUr1_6HTl1ZQSWxMBJe5nZa8-1713370768-1.0.1.1-O2sQiTgFJCgWT2TvG8Y7kOQc5e3uEgesugsx1PdAmn6MUNyB1QYJ6jGywGWkL36dWQ4gMR8t93blK1kQvaSFag
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3Dzf%2BpjUJztLTX9M2CwHwlXEbM%2BnGhi%2FmghaXkKZAvzOrx2l68EhJj6QYfNU0vyH%2F6PWZXW%2BviUdUCumSuTBitl0Y%2B0l73WatH61gZkrKvYuZ72QOEaLNbSlUEjWbeZ1wk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbca9da078f5c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

mozartbulls.top/cdn-cgi/challenge-platform/h/g/rc/875dbcab9cd992ee

104.21.73.239

31 kB

URL
mozartbulls.top/cdn-cgi/challenge-platform/h/g/rc/875dbcab9cd992ee
IP
104.21.73.239:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
31 kB (31216 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/875dbcab9cd992ee HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/
Content-Type: application/json
Content-Length: 596
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=0k_0RQKGcJDaFN5S_QfpUr1_6HTl1ZQSWxMBJe5nZa8-1713370768-1.0.1.1-O2sQiTgFJCgWT2TvG8Y7kOQc5e3uEgesugsx1PdAmn6MUNyB1QYJ6jGywGWkL36dWQ4gMR8t93blK1kQvaSFag
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:31 GMT
content-type: application/json
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=pQe6sqpX_WxiO.el7smZ2NSpXhlcPPU.2IsVMjUwRYk-1713370771-1.0.1.1-_hcwA0vqccdYqVv7hw6PZtqcoPgMUdya45zQ7UH.IYvTq4CkGqPIMBjtyeD8GdxwQkJ8Mp_iuLesozndWYDSxg; path=/; expires=Thu, 17-Apr-25 16:19:31 GMT; domain=.mozartbulls.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9n%2Bm0TixPpBanomZysxFKREcfP9igOEY1oHTBoKmE4opotobR9uCLYUsaEvMv2%2FpDShzyv9rhE%2FtMhmo%2BaU2ILl1dHTIVmx4Xibacq1HyiVRvG%2Bw%2Bol8Y6oEudaG2ELSDYU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbcbaed938f5c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

mozartbulls.top/cdn-cgi/challenge-platform/h/g/rc/875dbc8189b592ee

104.21.73.239

25 B

URL
mozartbulls.top/cdn-cgi/challenge-platform/h/g/rc/875dbc8189b592ee
IP
104.21.73.239:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
25 B (25 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/875dbc8189b592ee HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/
Content-Type: application/json
Content-Length: 596
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=IXIJp4DuroAcPLSzZRRfIUpiM7zZtrZFCHxDj3MsSX8-1713370762-1.0.1.1-2rZ09xqWT1HUhfegEA1ltVh_vRj95pYPOoh.hmwJipuFBs9aEEbEtC.kFU79RcvYi4OckB4QIsykf93gzA45_w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:28 GMT
content-type: application/json
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=0k_0RQKGcJDaFN5S_QfpUr1_6HTl1ZQSWxMBJe5nZa8-1713370768-1.0.1.1-O2sQiTgFJCgWT2TvG8Y7kOQc5e3uEgesugsx1PdAmn6MUNyB1QYJ6jGywGWkL36dWQ4gMR8t93blK1kQvaSFag; path=/; expires=Thu, 17-Apr-25 16:19:28 GMT; domain=.mozartbulls.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IUl9JXTzoMGfHtcL%2FpOAe%2FseJyGG8vn9sIsW30BltVyL%2BqPNSQ30iy0ADsTijo%2FM9j4F5qYhbI9BDt6oppnSLo3UGbVByq%2FJBm6VNLWz1UouAasVcaAFfu2ryQlsZ8SS0hc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbca7bdd48f5c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/q1vw5/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal

104.17.3.184

237 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/q1vw5/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (41702)
Size
237 kB (236569 bytes)
Hash
234103bfc28886755fcac4abfaefc358
bc6e329db4a8b92bc028e9bbb225d44e8d5dc9ee
fb4daaf0526aec939d2b5fd1e10a12466c65483ac8196bd7a64f6806af9d9e0d

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/q1vw5/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:32 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 875dbcbe4a1b92ee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y948g/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal

104.17.3.184

170 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y948g/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (41702)
Size
170 kB (170445 bytes)
Hash
d5257abbf5320162d142781d1fbb4a93
da9cd753308c918435bdc64426ec8efd8a4aafce
0b5a4acaef389e2dff5afed2b084e47449c1cd29d261a2adc3222781d4dd3f67

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y948g/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:34 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 875dbcce1c2192ee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 17 Apr 2024 16:19:36 GMT
content-length: 0
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
location: /turnstile/v0/g/54ea73d52131/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbcdb5f3392ee-CPH
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.106

31 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 123926
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 17 Apr 2024 16:19:39 GMT
content-length: 0
cache-control: max-age=300, public
location: /turnstile/v0/g/54ea73d52131/api.js
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbcea8f9392ee-CPH
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/875dbcce1c2192ee/1713370775178/07b2b369729aeae15ecfdddaa195d9cea00da6c7cd8c30eabf95afb213f52797/YdYgA1XEIBUD7Pc

104.17.3.184

67 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/875dbcce1c2192ee/1713370775178/07b2b369729aeae15ecfdddaa195d9cea00da6c7cd8c30eabf95afb213f52797/YdYgA1XEIBUD7Pc
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
67 kB (67414 bytes)
Hash
9022f3026ef3c8a9c84711cd9154f82d
7e14ea2b09521b4d1bbd9ec5de85e9c1392e2e58
d685dcedf7b82455fd909e2106265686664ce713355002c5e4103c348c23cf91

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/875dbcce1c2192ee/1713370775178/07b2b369729aeae15ecfdddaa195d9cea00da6c7cd8c30eabf95afb213f52797/YdYgA1XEIBUD7Pc HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y948g/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Wed, 17 Apr 2024 16:19:36 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gB7KzaXKa6uFez93aoZXZzqANpsfNjDDqv5WvshP1J5cAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIAeys2lymurhXs_d2qGV2c6gDabHzYww6r-Vr7IT9SeXABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 875dbcd71e8092ee-CPH
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/193408507:1713366762:0aTAVxYKqzQVOe24JJjpLAjo3U0h_l0ttdS36KSrcAc/875dbcce1c2192ee/981c3d0f3e043b9

104.17.3.184

71 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/193408507:1713366762:0aTAVxYKqzQVOe24JJjpLAjo3U0h_l0ttdS36KSrcAc/875dbcce1c2192ee/981c3d0f3e043b9
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
71 kB (70667 bytes)
Hash
b3414b15b9b090714ad4b615282cc085
587eca4569c6d8bc28e0a82f88e02cad27d5bc15
d55df7a3cbca01d81eb3b40f342d22b02d4d7c37ae9bb67795499d9a52430309

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/193408507:1713366762:0aTAVxYKqzQVOe24JJjpLAjo3U0h_l0ttdS36KSrcAc/875dbcce1c2192ee/981c3d0f3e043b9 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y948g/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 981c3d0f3e043b9
Content-Length: 2676
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:35 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 2/uPJNZgrfMKe1vwPUYNxiIWi0AyXpW/Bv9c93dp9W8zmcNUMSc7zOQlqwgE4Yg5ZjxvY1zGABii20DzuXScUwAywKzyOwYmh+cG8COcXVw7mzGXZE+t7iJpNKRkY5fUpkSe/P44rv0oSaoWkaJGN7M5YQYmOa73wIhWSRPEtn5xBammaYBI0xsTYFmtfHDqxySybfAOGtmApqt5aOzsEy7a47Tx0d9VNgKrPmVt9TAMP8hAd7+f+7UFXIETpmGUwof6o/fU3Vsh5BCK615OVBUmLvo5h7nBIw2wkKMrNV66JTpZRCGUZDZXNr0tB662zZbCIjAu3JVclaFSwYTa95hSPzJKbg8KP1amEnD4IpSOFnDAnr18k/iFQjF/g8JoVcmkkJ4PTYnxssahHH6rcHoDZEXjbvWDgXj1BHXfgS8=$eAvsgZnVQzovZifYm/GhlQ==
server: cloudflare
cf-ray: 875dbcd0b95392ee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

mozartbulls.top/_mountgrand_meta/functions/validate.php

104.21.73.239

50 kB

URL
mozartbulls.top/_mountgrand_meta/functions/validate.php
IP
104.21.73.239:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
50 kB (49829 bytes)
Hash
53143f50ed306111db1a9f9e320ca5b0
0dfd01fb8566196ed7b10a062be19162923cccfb
e23811eedb16be2ea0681da3eb430f00ed565f2928f47014179ab0ab82f986fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /_mountgrand_meta/functions/validate.php HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/
Cookie: cf_clearance=xoggz3KiVeItKZsXQTZBzPCFa.XSCj2QswXElcoB9Gk-1713370778-1.0.1.1-YMWPNvuOQDUwZLj2vdP_oPdlAAtSHkxGFuPINY3KlYe4zw3nl0J__dxNN2i5VTNckZSoyiRXZ6O8CvyIMWPDcw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:39 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FRwvT0fI3VJ%2BQ5Zy6H0%2F261V45kcBH8gWgppofJ3iePIzxPWzuLvCOEc%2FblPhWYvweKHqeKKpDpA1zLnY%2FTNOeCILehgsPKmXeAPusTmf2FpsMihmlvJl4qMVzDWaYhQS0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbce8c8018f5c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/875dbcab9cd992ee/1713370769610/tUyql4CIDjTk9yF

104.17.3.184

3.8 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/875dbcab9cd992ee/1713370769610/tUyql4CIDjTk9yF
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 61 x 4, 8-bit/color RGB, non-interlaced
Size
3.8 kB (3802 bytes)
Hash
20375fc643a8000f82b66a313291107f
4af7ee6e6ec013a61f30ba0a9bc89c46461fd03c
7236940394a65e2db6f678ed32354f5d43e06a7b0d4a469572c2177e67c9c305

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/875dbcab9cd992ee/1713370769610/tUyql4CIDjTk9yF HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/28uqd/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:30 GMT
content-type: image/png
server: cloudflare
cf-ray: 875dbcb42d8392ee-CPH
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1jilf/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal

104.17.3.184

200 OK

80 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1jilf/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=3mail@b.c/
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
80 kB (80068 bytes)
Hash
d670381cdabef597a8c598381b220a7f
20d36c74cdd6fc4c6eaa670c2ebc5f4f12571f9f
3a3c85d2e4d89b08f81f1502e902eaf830cf0017aadba19a3d34b1235756d9ff

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1jilf/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:19:42 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 875dbcfc1ca692ee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash