| www.googletagmanager.com/gtag/js?id=G-QSD3M3XHPZ | 142.250.74.136 | 200 OK | 101 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-QSD3M3XHPZ IP142.250.74.136:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size101 kB (101350 bytes) Hashfcf830ed326bc3fa40283ce589d5b83b 46f787ca536e7f90d7d44730e5b1bb9efb9e3cf9 0f476b702fdd6474318289e7841838919ac7bbebc95a326937ae5d29a878f14c
GET /gtag/js?id=G-QSD3M3XHPZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 17:01:27 GMT
expires: Fri, 19 Apr 2024 17:01:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101350
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| adscashnqx.buzz/assets/css/jquery.toast.css?d=3 | 104.21.94.106 | 200 OK | 12 kB |
URL GET HTTP/3adscashnqx.buzz/assets/css/jquery.toast.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeASCII text, with very long lines (4516), with no line terminators Hash4a143b75a44a8248f68fff3102f055b1 9285847f20e7eee2176e54daef89f6b3b375e31b 1b04a9f5b61b916ac5685883d5f9f461d72c647878a0e59f6d28f3c2ca37d370
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/jquery.toast.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: text/css
last-modified: Thu, 23 Mar 2023 09:14:34 GMT
vary: Accept-Encoding
etag: W/"641c187a-11a4"
expires: Sat, 20 Apr 2024 05:01:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJwGLxXncqt6UnsVuDfSUDumjzrvWFkGJlww9Z9PkoiUHb8N9ZwQf36fxMl9pLMrBI001lC1JZTTy767TC2PC4eXIzi0VKaFWkkC51tyZK%2FUbETlfXKHayTyUGIqhA%2BIuGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e69ad1569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/js/popper.min.js | 104.21.94.106 | 200 OK | 15 kB |
URL GET HTTP/3adscashnqx.buzz/assets/js/popper.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeJavaScript source, ASCII text, with very long lines (21060) Hashb9f305114cd500cf450bedb6ddd8baed 9266f013e7e32bab7fe6b1a355056b35be8a0ba7 5ccae8e986c1c858b2f3df79bfdd0d12a1ae4bb6a89c839d3bfc70a43cf58285
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/popper.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
vary: Accept-Encoding
etag: W/"6412ba18-52ca"
expires: Sat, 20 Apr 2024 05:01:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSZK%2BPwDGkt7d%2FeEopdoKekD4uQtFqHHGHcxObyAxlJD6Ch0yu6%2FFdTZFF1DDU%2FiKvvK8Z%2FhMGLUvLpXC7iK8p6gxvNXIKIR86S3bVLE76%2BbucN3lFSWl%2FJUVSdB9IN1fCo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e69ad3569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/js/jquery.toast.js | 104.21.94.106 | 200 OK | 8.3 kB |
URL GET HTTP/3adscashnqx.buzz/assets/js/jquery.toast.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeJavaScript source, ASCII text, with very long lines (2869) Hasha1d705581b3f642712deb0da64214669 8349f41d20b1a1efbc8591e09545e4d7374eacab 3751f2b6f017634dcdbe60e82705d04f0bf9d8edd9bba3940f6793a57ca1fad2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/jquery.toast.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: application/javascript
last-modified: Thu, 23 Mar 2023 09:14:34 GMT
vary: Accept-Encoding
etag: W/"641c187a-1e0b"
expires: Sat, 20 Apr 2024 05:01:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGbZ%2FfyvIgmjHagdHkrwm7wRbfqBtcZ1QTVvt5npoqOLKDcP8d8uvI6eBMT7%2BCwbHs5acD4R9lrlgVjcu0p111EdcUMz0J8U8SOq3tAEMTD3O%2BaHjOd6EQ8pDcXBPD73Ib0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e69ad7569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/js/social-proof.js?x2223 | 104.21.94.106 | 200 OK | 6.5 kB |
URL GET HTTP/3adscashnqx.buzz/assets/js/social-proof.js?x2223 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeJavaScript source, ASCII text Hash66a00bbc178a18dfe35f54e677683c1f b9786881798f3af8835f1b03de60a0fb6cbf58ba 54db90599b7a0ba6f3667c2ac22a7d71e89a7f42b0d21528967f0bb096dad5b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/social-proof.js?x2223 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: application/javascript
last-modified: Wed, 20 Mar 2024 12:37:15 GMT
vary: Accept-Encoding
etag: W/"65fad87b-b76"
expires: Sat, 20 Apr 2024 05:01:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o3w7%2F8MDQVjXUQKVEA%2FXtDUblJPwm31pIN%2Bi6FG6hHEXF4SaBbopeaJttzkK83lOYjuuNgLLYdydBQDhWzKB2QB1NtnXhubrcuy0FiPBbCLh4%2FrhaQZWG3%2FNBOTtjaSEE8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e69ad9569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/js/app.js?e | 104.21.94.106 | 200 OK | 12 kB |
URL GET HTTP/3adscashnqx.buzz/assets/js/app.js?e IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash98c05edfddacbb8e6a9a95b97af3321d 79d4723c9354b7b68f4698308cc3c26226e3f9ab f36695eed94aa2c88c114b44d91dc118bee86e9e5b8feab826b6a96cc8fb3e61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/app.js?e HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: application/javascript
last-modified: Mon, 18 Dec 2023 07:51:03 GMT
vary: Accept-Encoding
etag: W/"657ff9e7-1027"
expires: Sat, 20 Apr 2024 05:01:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jYP%2FBgaRzbkAWftoznXVPwygoNuefgtWDpe2cGHvxdieXpLwvhZG9l3ADUZ8qKeCtvPaXv4d0yrWAauoU6XK17VoI6xbeVTHHc0CY0FhVXbLgbFZE3mWUumhfMIekRMrKgs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e69ad6569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/images/FC_Bayern_M%C3%BCnchen.png | 104.21.94.106 | 200 OK | 32 kB |
URL GET HTTP/3adscashnqx.buzz/assets/images/FC_Bayern_M%C3%BCnchen.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typePNG image data, 220 x 220, 8-bit/color RGBA, non-interlaced Hashd2c2e4ef9750d13c191e520fa504ee2e 8a7bade6776672650dec40337531b29de4c4c63b 1b291a7ae6286e6619caedfb51b9cef57d57f371731817f3c7bf8deed583fb4d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/FC_Bayern_M%C3%BCnchen.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: image/png
content-length: 31857
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
etag: "6412ba18-7c71"
expires: Sun, 19 May 2024 17:01:27 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5RQScskz4o4uGvIzIGaEZL%2BuXeTZ9YMRHRbc1hVLefOQ9iWXJghDCnMHT3aUN1No4VEOkVm8Cdnea7op2tXNUC%2FFpIE3Ny95tS2q9oRhohx9kWei919XbM0NYgT9vBxuOek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876e74e68ac1569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/images/feedex.png | 104.21.94.106 | 200 OK | 33 kB |
URL GET HTTP/3adscashnqx.buzz/assets/images/feedex.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typePNG image data, 3840 x 2160, 8-bit colormap, non-interlaced Hash534a1c6b9de68ba3e076e20d03eb9fcb c72f506b9ac652463f944313087b0bc4d06e1c19 7349283c4653c217a7b2e698fe73d707ce50a3b9f2743f600d9c29fb71fbcb95
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/feedex.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: image/png
content-length: 33017
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
etag: "6412ba18-80f9"
expires: Sun, 19 May 2024 17:01:27 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IMVB7V3o9ht%2BzgAJIJ9X9pYfWaKSdKTkbiLy2YoB4e8X78tLNALnoKV%2BRUlFEiZwxznE1E%2B5E4UsFbp9XXtOgeHrXyudWE5ktKjMo0lTQa2fridLB781zJMfcVw9nATolXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876e74e68ace569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/images/Adidas.png | 104.21.94.106 | 200 OK | 28 kB |
URL GET HTTP/3adscashnqx.buzz/assets/images/Adidas.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typePNG image data, 300 x 256, 8-bit/color RGBA, non-interlaced Hash369a439dbad9651392eb7b7e85e2bb91 88a801762d76a0b66ed4ce75ed227cd78dd8952d 9d15bd4dccc2b65e6042f13fdce5d2512432fae8402ec1b2325682f0b52534da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/Adidas.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: image/png
content-length: 28262
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
etag: "6412ba18-6e66"
expires: Sun, 19 May 2024 17:01:27 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Hro7gD3nJrSM0Le%2FmgMJPL6ajo12rizLg%2B4oKLjbmlcyFdrr%2B44S%2BwEOfQtRnAr4VU3Iyoqcnai8CMmTRhwd5bNgSyXFTVmHa2mjwSXiPMby83jMujAsHtZpUXrgRbf%2Fbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876e74e68abf569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/images/Mitsubishi_Motors.png | 104.21.94.106 | 200 OK | 19 kB |
URL GET HTTP/3adscashnqx.buzz/assets/images/Mitsubishi_Motors.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typePNG image data, 393 x 505, 8-bit/color RGBA, non-interlaced Hash472bce1aa6927b8dad83645d4da0bbce 4deaaf76f0df7e450aeac617109021e2c59679ce 5f9a23e54882a242906187a79ca40b33b538b09fc0e59d6c0386db8619b41843
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/Mitsubishi_Motors.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: image/png
content-length: 18987
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
etag: "6412ba18-4a2b"
expires: Sun, 19 May 2024 17:01:27 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cpX5KVmMuOc6bHmnhxGPeKt24QTDWVaZOmZdF%2BQMhJsYyKCbyrDQwAQ%2BqbHXSskgL0GOxj88JylsiFrhRDPwtjFM%2BkSCJq8D0bsiVH%2FrYxqTbUiXjlvczPUzZwn6L7br148%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876e74e68ac7569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/images/Heiniken.png | 104.21.94.106 | 200 OK | 27 kB |
URL GET HTTP/3adscashnqx.buzz/assets/images/Heiniken.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash60f91d7351a94a189621b73212da9c0e 930c23e4bfadc914a428c64c0b33e2406a1b95eb ccdf022e2f10de4d0662fcd5de97ea3270ee254332e6d85e960d0ca1f9c5de17
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/Heiniken.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: image/png
content-length: 27024
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
etag: "6412ba18-6990"
expires: Sun, 19 May 2024 17:01:27 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nX%2BMoeEsMJHMRuNE70%2FZeaq7CuWZIsS7EPDbmIm0u8Hvg2HobW3yAC5oUCAfeqGc4sAsyFl7XUDQYRypsHGn50zrQAZ0J0N6Zr19eskf42eXDkXzl0Fe6%2Bio5oQe59ZYU2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876e74e68ac6569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/images/intel.png | 104.21.94.106 | 200 OK | 47 kB |
URL GET HTTP/3adscashnqx.buzz/assets/images/intel.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typePNG image data, 1200 x 796, 8-bit/color RGBA, non-interlaced Hashd7e86c581a660fd9a97a1ad59e1cb3a0 8845459c503893b214b9684659d9606bb1640fbe 9dff6b83c74d5972b6897d2693a6f4f3f9853f8f86cf9b377a66b9ccdf501ba6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/intel.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:28 GMT
content-type: image/png
content-length: 46799
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
etag: "6412ba18-b6cf"
expires: Sun, 19 May 2024 17:01:27 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BZ89rZIeyppmUb%2BwTUIoLYwW92KjG46fZ8uFRNsdtSo8jyGGWXQTPdD7V1jUPLAN8fkiLS4d%2BEiaADM38w0PPGg2D%2BezUyu4xHi%2FJgXtGVw3WFSSEunNjuc%2Bedj0CZQK960%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876e74e68acb569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=UA-263154244-3&l=dataLayer&cx=c | 142.250.74.136 | 200 OK | 73 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-263154244-3&l=dataLayer&cx=c IP142.250.74.136:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashaa01960eec9343f6eaa3897ee8bdf527 57145afd0871c9da73dfaf67f32cbd6b7dc6ec41 081de6d09eac0753c85cdf62453589d395ffdadd4e446901d8f1126f6f7e1fde
GET /gtag/js?id=UA-263154244-3&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 17:01:28 GMT
expires: Fri, 19 Apr 2024 17:01:28 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| adscashnqx.buzz/assets/images/sharp.jpg | 104.21.94.106 | 200 OK | 102 kB |
URL GET HTTP/3adscashnqx.buzz/assets/images/sharp.jpg IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, height=816, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=4740], progressive, precision 8, 1440x400, components 3 Size102 kB (101504 bytes) Hash75a74cb0b700ac32189099a128c934a7 e799bdd335dba12de77c1c1a1caa71441f6415ba b5103684722affa9bd43597be7f1e9b66482ebe66692d77254eaf1a4c9d9c3f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/sharp.jpg HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:28 GMT
content-type: image/jpeg
content-length: 101504
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
etag: "6412ba18-18c80"
expires: Sun, 19 May 2024 17:01:27 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YtaxTn0vU%2FBFMGVxmtAJ%2Fmkt8QtHfVEpJIFqeaYZPPfteAlVcR92avQpuB%2FVb5cYMVLX55uBfMB%2F4QQjllpw1Tskl7ex1I1pHYVQyODSI7Tc034xUNKLeBgr4y5Cj69DHq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876e74e68aca569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/images/subway.png | 104.21.94.106 | 200 OK | 116 kB |
URL GET HTTP/3adscashnqx.buzz/assets/images/subway.png IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 920x464, components 3 Size116 kB (115538 bytes) Hashff98d5d50095b4cf5535d71733fb7c33 ed84904bafa92e890c2a7744bab9fb98ac357d10 2ea9f76eee02e21cc94bdc17d77e6c31562a5ea5f593ccb923dc4de74f32583c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/subway.png HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:28 GMT
content-type: image/png
content-length: 115538
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
etag: "6412ba18-1c352"
expires: Sun, 19 May 2024 17:01:27 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UDKISL4WUe9tivX0dk7UFo8IRt3xrM0%2BB0saCNhERM8weKEGLrhPLyZfPf6%2FL%2BrG8Ch%2FncslwaZ6g4BB9HIfWsp%2Fm7JK5%2BZE4jL5bjcM3oiXBVe9et0BGUMqE0AvgEgDpIs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876e74e68acd569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c | 142.250.74.136 | 200 OK | 88 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c IP142.250.74.136:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hashf6c366e23c00e080ec747df0118991a9 35ba7112cea547a321a9744888f4c8a685be1d72 552084905ace967b203d07646fe73f201a6374dfb2ad4c7847273d31654e9522
GET /gtag/js?id=G-0EWK671GB8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 17:01:28 GMT
expires: Fri, 19 Apr 2024 17:01:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88519
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| adscashnqx.buzz/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.21.94.106 | 200 OK | 77 kB |
URL GET HTTP/3adscashnqx.buzz/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/assets/css/styles.css?d=3
Cookie: loclang=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:28 GMT
content-type: font/woff2
content-length: 77160
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
etag: "6412ba18-12d68"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bDqUDcDblqw86CRy9t7AV9zK0NcekJs61V9nUryaudSKtG4oy4nvW6%2BqQKANv7qwqkuceaw87%2BLlYV2DmbAUTWQQWivNKrMGpo2QK%2BPaYrfq%2FRPxkIusP2ua%2FrC7JvuCfTk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876e74ea5e8e569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| log.href.style/js/script.js | 34.87.137.87 | 200 OK | 746 B |
URL GET HTTP/2log.href.style/js/script.js IP34.87.137.87:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://adscashnqx.buzz/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerZeroSSL Subjectlog.href.style FingerprintAD:36:AF:6E:35:8E:2C:B2:98:A4:AB:D6:F6:14:D8:5A:8B:87:A6:9A ValidityTue, 19 Mar 2024 00:00:00 GMT - Mon, 17 Jun 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1346), with no line terminators Hashabd4e2373b2e8c4dac2e80159641c5f1 e273656e58ca934d873204e68dd35670fde657ed 021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
GET /js/script.js HTTP/1.1
Host: log.href.style
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
content-type: application/javascript
cross-origin-resource-policy: cross-origin
date: Fri, 19 Apr 2024 17:01:28 GMT
server: Caddy, Cowboy
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 746
X-Firefox-Spdy: h2
|
|
| adscashnqx.buzz/fetch.php?act=fetch | 104.21.94.106 | 200 OK | 4.5 kB |
URL GET HTTP/3adscashnqx.buzz/fetch.php?act=fetch IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hash406da83c2d13abd392a3e9948dd2a337 09c47dea97c721aa85096af5bd8b20afa5990510 188adf968a40d4fc83a103224b67efe22953cc467250dea25d2caab871b99f85
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fetch.php?act=fetch HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:28 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8uuaAslsV7Lwdyk0VO2L7B66xnC0O7xLAzruji9bJn%2F%2FL0ywJ43IBo9I9x%2F89I5OF6yDfzkir4XEj30JS5kRy4iWUq9uQBKe9xbucfBNBeR4qkVWO%2BMxksw0z7P77dhcF4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74eacef9569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| log.href.style/api/event | 34.87.137.87 | 202 Accepted | 2 B |
IP34.87.137.87:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://adscashnqx.buzz/inc/mytongji.html?utm_source=adscashnqx.buzz CertificateIssuerZeroSSL Subjectlog.href.style FingerprintAD:36:AF:6E:35:8E:2C:B2:98:A4:AB:D6:F6:14:D8:5A:8B:87:A6:9A ValidityTue, 19 Mar 2024 00:00:00 GMT - Mon, 17 Jun 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /api/event HTTP/1.1
Host: log.href.style
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 144
Origin: https://adscashnqx.buzz
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
content-type: text/plain; charset=utf-8
date: Fri, 19 Apr 2024 17:01:29 GMT
server: Caddy, Cowboy
x-request-id: F8e9FupO__WEdBkaB_hD
content-length: 2
X-Firefox-Spdy: h2
|
|
| adscashnqx.buzz/inc/mytongji.html?utm_source=adscashnqx.buzz | 104.21.94.106 | 200 OK | 12 kB |
URL GET HTTP/3adscashnqx.buzz/inc/mytongji.html?utm_source=adscashnqx.buzz IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeJavaScript source, ASCII text Hash17c8d21941ce9953e8ded9e4c0d92246 7763b6678ab070a9406fd36c4748aec8c53e9ab2 367f83ae24c4238923d054a51d928cf343f9e19dbec3cf2b225be21d397ff672
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /inc/mytongji.html?utm_source=adscashnqx.buzz HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:28 GMT
content-type: text/html
last-modified: Thu, 21 Mar 2024 08:43:55 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FM0syePfhSq3pX%2Blp%2FRE%2FNVrVcaO0ODrNV5iGTlFUJkNRLyP0Jt2IXu8hyub72JRMLEfs9qQapPKBuiUfT1pN%2BsIMZxQiJUsjausjrYmsX4N3G8n%2BbzDLX2taTws2G0MJvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74ea2e66569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/login.php | 104.21.94.106 | 200 OK | 13 kB |
URL User Request GET HTTP/2adscashnqx.buzz/login.php IP104.21.94.106:443
CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: loclang=en; expires=Mon, 22-Apr-2024 17:01:27 GMT; Max-Age=259200; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMPSaHtqF2j%2F%2BVVPhIFrEREg3hULyxj9o5V1Kpl0%2FQqzL8S5znjKua0iWKJxzaw%2BiBPKT2qfYPHdK0iL1J4kCc2cdKLgVVz4M6s51EZ29moqPT9W7CExpplCzxnN6vw4S9s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e35a0d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adscashnqx.buzz/captcha.php?v=?9182294 | 104.21.94.106 | 200 OK | 2.7 kB |
URL GET HTTP/3adscashnqx.buzz/captcha.php?v=?9182294 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 130x40, components 3 Hash4bfdda59c5bf0622b061e414f4a560be d9bb1ef67e8af63be0327de81aede7838c267311 95711119f28ecf65772a7dde860ec3159548ded22df72a5e05ad2e2eb78f858b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /captcha.php?v=?9182294 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: image/jpg;charset=utf-8
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ea4tN6U9MYR2CECELYqet9I2kVdDVuk%2FBFu6qmSNEi74KsT5cWrHB6utdQrGS3owmhB6QzwGj2rVlU%2FYapRREx4BE%2FBJA9%2F8WP60aqbMGXDG9kJc44wQ%2FYWmWLFAg4c9NFg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e68abe569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/images/favicon-16x16.png?3 | 104.21.94.106 | 200 OK | 4.1 kB |
URL GET HTTP/3adscashnqx.buzz/assets/images/favicon-16x16.png?3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Hasha55c93827b69a530ee51985ab7aa69fc dffaabf1ce4d9f3d1d08952a99b2f3221d259e56 8fa39aefbdaecaf9e65672155d0e3d4a52bc615959bcf576f9b3b75dab948596
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/favicon-16x16.png?3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en; _ga_QSD3M3XHPZ=GS1.1.1713546088.1.0.1713546088.0.0.0; _ga=GA1.1.867073290.1713546088; _ga_0EWK671GB8=GS1.1.1713546088.1.0.1713546088.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:28 GMT
content-type: image/png
content-length: 4149
last-modified: Wed, 22 Mar 2023 03:30:52 GMT
etag: "641a766c-1035"
expires: Sun, 19 May 2024 17:01:28 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XyBtQN8%2FqpZw05Wlm7p5ne9QBIw9Ng22wd46yowoDgsONsAJAd8xFLipG8GEGnWRPKAySB%2Brr3t9EZDJThPYmcA51x2yTpNJbwMHXLfpDFwQsl1YchPi0ZY%2FRBssTtMAmbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876e74ed9a68569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/css/bootstrap.css | 104.21.94.106 | 200 OK | 198 kB |
URL GET HTTP/3adscashnqx.buzz/assets/css/bootstrap.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeASCII text, with very long lines (629) Size198 kB (198093 bytes) Hash011f21d8950347cbc2a5d47173b57f90 25f56d5d6386fd8333c36b0ef0e356a6c71002e3 e6361ffd86519accc718ce4a1e1d46512e00632a985e41b23a2426865bdea0e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/bootstrap.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: text/css
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
vary: Accept-Encoding
etag: W/"6412ba18-305cd"
expires: Sat, 20 Apr 2024 05:01:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UlyMMFVvdugAW7EwMz4%2FOInWFMWouQgz7hpLcSoDMpzo4zWRqDSxQqjJRuglgTnxT1%2F74hX2ZBwql5BONGy0JVHvgYq4myGss5n1%2FJ0qoRwYC2qvfmua8nXa34FQuKEUzsc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e67aae569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/js/jquery.min.js | 104.21.94.106 | 200 OK | 87 kB |
URL GET HTTP/3adscashnqx.buzz/assets/js/jquery.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/jquery.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
vary: Accept-Encoding
etag: W/"6412ba18-1538f"
expires: Sat, 20 Apr 2024 05:01:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hDumDQPFqX%2BKkIcFzKytuyeUzmdTHdWPQZiTgNk4U9VrTmpGVILByB5yx1XePsoDb7nvDcvyPGyHyBbmXbIze3AIFOg0i1hjdJN%2FKpdhwPPs%2ByGoDzpvjIHlrwPN9pNuh0o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e67ab5569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/css/font.css | 104.21.94.106 | 200 OK | 69 kB |
URL GET HTTP/3adscashnqx.buzz/assets/css/font.css IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeASCII text, with very long lines (388) Hash15fb6d95ca072c47e2ed1d4e94b2c459 f0549800bde80a1c5c486441060a47c2ec302c7d 78575005556fc1b57c54b7a315b7f9ba6d14e77cae364c2d1ed2183efc0b329a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/font.css HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: text/css
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
vary: Accept-Encoding
etag: W/"6412ba18-10ec2"
expires: Sat, 20 Apr 2024 05:01:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egSXX79i4GBPIW4h8ou5WoMc%2FTzXdJkGxVD8McCpAzU9ZfbDiYm%2BwXXEtMLsuaOFvFh1JE%2B9oM8aJ6LzgvqhayPgYo5dZxjPD%2B5TBJMAQM7Bw1Y%2BdCFcUai3%2Bhp%2B82uPOdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e67ab1569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/css/styles.css?d=3 | 104.21.94.106 | 200 OK | 9.3 kB |
URL GET HTTP/3adscashnqx.buzz/assets/css/styles.css?d=3 IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeUnicode text, UTF-8 text, with very long lines (9693), with no line terminators Hashbd80972be4fe01545cc59699dd8cc439 e628839dc9850e9cc87ed01c224d16cbbca66e3d 5fe85a4c4e06e8d0d183176df55bfa5423bbd467c8efa58a3afdfd3077769410
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/styles.css?d=3 HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: text/css
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
vary: Accept-Encoding
etag: W/"6412ba18-2429"
expires: Sat, 20 Apr 2024 05:01:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zz8mSVi2s1LjzLgCT2Xnq6y6UgCF1vFVCViK8aYqTCSrIRAXtkgD8CKi9iPLJdBJaRgZa2ctfnDQ3KTC8lglONpNCPNZzWcVBpBwBEAfLVED1bp6%2FY3RFRKRe0rOLsO%2Bi6U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e67ab4569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adscashnqx.buzz/assets/js/bootstrap.min.js | 104.21.94.106 | 200 OK | 60 kB |
URL GET HTTP/3adscashnqx.buzz/assets/js/bootstrap.min.js IP104.21.94.106:443
Requested byhttps://adscashnqx.buzz/login.php CertificateIssuerGoogle Trust Services LLC Subjectadscashnqx.buzz FingerprintCB:E3:D0:40:B0:D6:BE:0D:31:0B:3C:C1:35:C4:E2:F1:AA:40:2E:FD ValidityWed, 06 Mar 2024 08:16:57 GMT - Tue, 04 Jun 2024 08:16:56 GMT
File typeJavaScript source, ASCII text, with very long lines (59765) Hash77cbad27852866cec1e32648eaafd22d 3ee3e67eddf2a6a59a46ef6644f93ba97efeefd1 2ced6f997d7fce10a38ddc75c2f24c9f8945f44e746128f3dcd61d923ea3fdce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: adscashnqx.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adscashnqx.buzz/login.php
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 17:01:27 GMT
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 06:41:28 GMT
vary: Accept-Encoding
etag: W/"6412ba18-ea63"
expires: Sat, 20 Apr 2024 05:01:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1VeVZq%2FyMTsWtgKBuYKhc%2Big%2B4oolE62QWH1qeo%2BTjWmAYvz8RSCo2G85BSdqv6tqAS4gRGmlj8TK0Wt2kSKewR8h0G%2FopDquXsHl9MEw4e9s3KLCu3SjvR26Q5jTdrO84M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876e74e69ad4569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|