| cashcomeclm.buzz/ | 188.114.97.1 | | 4.5 kB |
IP188.114.97.1:0
File typeHTML document, Unicode text, UTF-8 text Hash84983c48073f283a8e0d4952f03b45c5 5c27c35e743548681115516d94ef5763e97905a9 966e8b7912e726c16623f4e7887154affbf53ce6b9472c3962f08fce4b1ff1c9
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET / HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 20 Apr 2024 10:29:31 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: loclang=en; expires=Tue, 23-Apr-2024 10:29:31 GMT; Max-Age=259200; path=/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9PDHk0TTzvSePrgV54M1QXbMwO9%2FvtTd9IEXS6YVh4jg5vX3Nv6F0RYJo%2Bdy1d4xRlHuzUTmqmvBSax9X1kkbiz1%2Ft16VlTi1lDg0UcVqRcNn7C9Lc32rmLc%2Fb60Mf6Cjdix"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 877474267eafb51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | | 0 B |
URL User Request GET cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:29:31 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGKRY5A5gfN%2FIe3Mdf04EqsnQvx4%2FDuPnwlW7yDWtN6uykjfn3v6NfXO94ggb2Hg7JFxHU3Pey%2BSIsh3eYHjSZKmmsdHozdOaU7z1WTO4taH6kj38PxmS7h7dNQ5fQeVrnPc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 877474245f555695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | | 5.5 kB |
URL User Request GET cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hash105ac487b3bf79ebba18737a9fcf8def 595113209559c9bd49d0a4bad53a902de139c1c1 abc25697494ecf50528eecc62eb4f68a279ecb8808389427f5241f2b98f6a325
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:29:30 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QczipyE2kHH68SCzliPbXA4Ispx%2BqbrdO9g%2FvapIxXp6qJPNR4yaUwtQxxNdB8UQg2PVXSK9yGw2mU8dDyBRX25rkHMAWGzeF%2BdTpBmJ6Gc8cAto%2FJMfjdJhRADCVWxt%2Btm3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 877474215c405695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | | 0 B |
URL User Request GET cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:29:35 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EfBhd35Ez5sxLqz0JKA6dDWUSBJVali0yY6wUQ6wQZ7pia%2BikxL5PAkInW6f7L6u58UO2PUsJOnlj6d3h5WK%2ByMItJC2QRCOSuB7aVhMICGk8htKBsiRK8gYcno1cw%2FGGeR%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774743d7d925695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | | 5.0 kB |
URL User Request GET cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hash00cfdf7bd71bd90a5099415d930f9563 aa23c43d4c03d7098b9a73cfbe59b9e6e4c894f8 304dbfe36935ce6b5f73f7daf30d8915c26758a9c7b2c77435dbd0b663588959
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:29:29 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UH3BVJ0W72ErkbhriVa5ToW4V0qKaLXVYbVBUAOAPvnhDSFoQcjQN3k8z3zk8gw0BAL8mEstCAPNmiUX7TWzFRqn2wmTjNfiuUtjtV6fPXDZ1RjKOffs8mpX7EKw1tN8uMky"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774741b5eda5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | | 13 kB |
URL User Request GET cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hashe9927a1ac0b1ddcb3ac489788a0ba192 3d82d16629958d8bd7fafb971001105305ab6d20 5dc157213e4323b480d36860200b059935262d59d4a45ea398c3676780aea531
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:29:31 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rxfo4eprJnXcMZnPPGN%2Fj0sa%2BQgDmNvg%2Bjll4Wd65RRWZBvM%2F%2F78bm%2B%2F9ia3avCCDnrnqoACrXGIs7q1fOCT2%2B4vmVb0pYojIRUn7TyBT4wdEer37%2Fe%2BYANO511C7rBTt9yn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87747425d8d95695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | | 4.7 kB |
URL User Request GET cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hashf90f4a367e1aeb5312cc492e614efc16 7f9f94738d75b063d54a3b524ffef3d61a4e1d7c 8c6bbf6cbd1686fc4d9f466f97f75c7150760704af4588c74901f1192ecf0908
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:29:40 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxzIF1wN2zgJ78tpSX%2F1Kboy7jl%2FNQDjZ%2BIPpg4R9VWMVAHN0L3%2BiTsmV8qLBNPOoY53yvqiQJ%2F%2B7Y3%2BPj4%2BwLRRl5FYweag3WpCTT5fCWXirZDuwLN3hjHJwfw%2FUtI6USAl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774745e69ba5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | | 0 B |
URL User Request GET cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: loclang=en
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:29:37 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YSTKDcI%2FR1sKNaZNHgvFdinfVVdnYV258kIwNINw2xJnr3Wo%2FYcRod6IpXlun9dH6tHySpVOSkBgLvTglFa9aYJjIv7WyMHZL%2Foj4nWTJK3u2klEkCJ6JZ%2Fye8mQ1lwDJDWG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774744b097e5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | | 0 B |
URL User Request GET cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: loclang=en
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:29:32 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gUitK7LJ3AlsMDXh%2F2kVvfyTXQys25oDWtBqiNdFFDBU3aRxpI%2FUhFzzeqH1RkH5GW3o3sGR64umk4j6afd9QvvmbBeHwdzYyV8omM99pfwCNQiTDcTEksziy2Zy0DK8jjJm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774742d1f6d5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | | 0 B |
URL User Request GET cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: loclang=en
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:29:46 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18RDgWP9SDDOPkVPg31V%2BlOdlEv5hVKL1cB23r0qLhT9Ptv5%2FzPVpDG56lLyWe5c2K5jNrDl7PpTaRCWc72Wh%2B9VO4YRmZuRHwM3qbg8jtXfPC6rZX%2BdGjWq%2BkBv73Zz6Rp2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87747486dead5695-OSL
alt-svc: h3=":443"; ma=86400
|
|