Report - businads.com/cash5/

Report Overview

Submitted URL
businads.com/cash5/
IP
172.67.199.85
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-23 13:04:19
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
businads.com	unknown	unknown	2020-05-10	2023-03-23	7.7 kB	448 kB	104.21.21.156
cdn-adef.akamaized.net	125719	2014-03-18	2018-02-06	2023-05-23	435 B	4.6 kB	23.36.76.194
pentlyconger.com	unknown	2021-08-12	2021-08-13	2023-05-22	479 B	414 B	18.192.249.87
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-05-23	1.0 kB	1.9 kB	139.45.195.8
stoomawy.net	unknown	2022-10-03	2022-10-03	2023-05-22	978 B	43 kB	139.45.197.250
cdn.stfilecamp.com	400667	2021-09-06	2021-09-06	2023-05-22	401 B	32 kB	205.185.216.10
stormtrk.com	289095	2019-05-15	2019-05-17	2023-05-22	478 B	944 B	104.26.5.120

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-23	medium	businads.com/cash5/index_files/prizewheel-amazon_2.png?5
2023-05-23	medium	cdn.stfilecamp.com/fp.min.js
2023-05-23	medium	businads.com/cash5/index_files/stormtrk.js
2023-05-23	medium	businads.com/cash5/index_files/style.css?2
2023-05-23	medium	businads.com/sw-check-permissions-401e6.js
2023-05-23	medium	businads.com/cash5/
2023-05-23	medium	businads.com/cash5/index_files/second_back.js
2023-05-23	medium	businads.com/cash5/index_files/jquery.min.js
2023-05-23	medium	businads.com/cash5/index_files/main.js

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-05-23	medium	pentlyconger.com

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	businads.com/cash5/#	1.6 kB	2023-03-07	2024-05-05
Pretty URL businads.com/cash5/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:40:21 Last Seen2024-05-05 01:03:50 Times Seen475 Hash 88f1478c977eac6c59d28d1c7ddd80df 647aefa687a36f49bb7d25375da25718445dd31f 14c9a3ed05798d5a423b51ccb9b1e568a62e4b268e721a41c129de8b5df51ccd Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=36a35141131f3f09650bebf8eb3e252d9f17c8fe966ca8cd8e070ec5bc8193fc	697 B	2023-03-25	2024-05-05
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=36a35141131f3f09650bebf8eb3e252d9f17c8fe966ca8cd8e070ec5bc8193fc IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:58:26 Last Seen2024-05-05 01:03:50 Times Seen362 Hash 9a99699bf8e6cecd1577aa4cf99a1835 c24d5bfa2cd78c995c1382b162e3a9a19ed0f5c1 90f159967276d804287524d533a70250911cb63d5b2953b6a1d986b6044a0405 Loading...

	stoomawy.net/pfe/current/micro.tag.min.js?z=5734384&sw=/sw-check-permissions-401e6.js	42 kB	2023-05-11	2023-05-29
Pretty URL stoomawy.net/pfe/current/micro.tag.min.js?z=5734384&sw=/sw-check-permissions-401e6.js IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 16:26:45 Last Seen2023-05-29 09:32:34 Times Seen6742 Hash d44fd7b96fceca8f81b472766025d0d2 237541097413baf5cd3e703413f8bc9ea538a4db b6c7c1e7fb1a437f100bdcb253df8b0468f130835fbb82c5687505a099997d16 Loading...

	cdn.stfilecamp.com/fp.min.js	32 kB	2023-04-06	2024-05-04
Pretty URL cdn.stfilecamp.com/fp.min.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 21:01:52 Last Seen2024-05-04 17:44:26 Times Seen837 Hash 198f2f5b0a649f41fe890c59d37319aa f24629687612889bb59f610df3879afcd766fb80 d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912 Loading...

	businads.com/cash5/index_files/main.js	3.1 kB	2023-03-07	2024-05-05
Pretty URL businads.com/cash5/index_files/main.js IP 104.21.21.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:21 Last Seen2024-05-05 01:03:50 Times Seen569 Hash 03d61bebb9362e3571c134d17e88261e c966e468ebbc5ac203bb35ea7b3a5cc586768b37 d25d6be4101c96b081881ae7f929b86cfc535abfadfdd3f62ebd71c17f76afdd Loading...

	businads.com/cash5/index_files/stormtrk.js	6.5 kB	2023-03-07	2024-05-04
Pretty URL businads.com/cash5/index_files/stormtrk.js IP 104.21.21.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-05-04 17:44:26 Times Seen563 Hash 469e121bb4c4fe159bbca2b4f5a88267 f0c66f226de28b324e4f1ecb766597938f984c60 4706b6d6c3e39cf2915a772595f2cc124e96d0919538b56aa817113e6482c416 Loading...

	businads.com/cash5/	489 B	2023-04-07	2024-03-30
Pretty URL businads.com/cash5/ IP 104.21.21.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 17:20:59 Last Seen2024-03-30 15:36:25 Times Seen380 Hash d20e8d57e86019fbf43e12ef1ea13624 7a9dbef6dbf25aa57bcc90fb40fc889536860282 323b9833a7256fef9f7acc60b22f3248013057e3f94e66efbda0530de3637592 Loading...

	businads.com/cash5/index_files/jquery.min.js	88 kB	2023-03-07	2024-05-05
Pretty URL businads.com/cash5/index_files/jquery.min.js IP 104.21.21.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-05 07:27:07 Times Seen97030 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	businads.com/cash5/index_files/second_back.js	2.2 kB	2023-03-07	2024-05-04
Pretty URL businads.com/cash5/index_files/second_back.js IP 104.21.21.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:21 Last Seen2024-05-04 17:44:26 Times Seen540 Hash 8dcc9f5ed8ffe107323085e2952946e3 60a762e6c3f93a4176dba2a336ef4d8c8c8aa9ea aa30848f0b1633b7fbb5d7a3cf3b75a9f897fc310b3bfca1bbe89d98f2a06328 Loading...

HTTP Transactions (25)

URL IP Response Size

businads.com/cash5/index_files/spin-button.png

104.21.21.156

200 OK

5.6 kB

URL GET HTTP/3
businads.com/cash5/index_files/spin-button.png
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
PNG image data, 276 x 301, 8-bit colormap, non-interlaced\012- data
Size
5.6 kB (5586 bytes)
Hash
66271b99acf174bf87d903ffac88c5f5
69e67eb0440ff320c8603071207b43a95e90c2bb
a2f084594e048fe1bf77c215f4c9447bb355584eb749dc8a5841a0c250ca9172

HTTP Headers

GET /cash5/index_files/spin-button.png HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: image/png
content-length: 5586
last-modified: Mon, 18 Apr 2022 03:01:52 GMT
etag: "625cd4a0-15d2"
expires: Thu, 22 Jun 2023 13:04:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARtxhU48WLqfai7J5ISSaDGW5LQHQQ4WzXVmhF476kbfc68S28lDnKNKe7xqa1E162fDqACU2Sz5Yldn78t5jwB%2BEzKntyq1ZqGpLLk71HU4C%2FqVxO31Q%2FUtkGy4zRs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbd80a1bde30b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/index_files/11.png

104.21.21.156

200 OK

20 kB

URL GET HTTP/3
businads.com/cash5/index_files/11.png
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
PNG image data, 531 x 531, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19608 bytes)
Hash
1c7e1037a62b15dc080894acb7955aa7
4400836d965f60e0dc7f093ce50b2c869f0f5ab7
c379ce20c3e8081a24ee7f71d94ad73d88d2d2db94c99b1d33effd4d6849f31a

HTTP Headers

GET /cash5/index_files/11.png HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: image/png
content-length: 19608
last-modified: Mon, 18 Apr 2022 03:01:52 GMT
etag: "625cd4a0-4c98"
expires: Thu, 22 Jun 2023 13:04:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDLE9Vit1vwv4kJ5hyv1Fxji%2Fob%2BwlsrGzXX5hvYbMrvXOBnxghufHL3DzzzOg%2F0GBBJ6DtUPM4rrCBiwbzfT0aF9I1GI8UIEFDGwa2rq2yffdrypWvMKqNtsGfrTHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbd80a1bde00b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/index_files/prizewheel-amazon_2.png?5

104.21.21.156

200 OK

100 kB

URL GET HTTP/3
businads.com/cash5/index_files/prizewheel-amazon_2.png?5
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
PNG image data, 502 x 502, 8-bit/color RGBA, non-interlaced\012- data
Size
100 kB (100395 bytes)
Hash
f3ef4ce86b85b89dd91bf31afb5e4335
72fc56277ec0c0af94adea7d5eb06da2017acd91
87d325be854b06f82dbe5e115689973eac41430985229c249e4b198158ffedeb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cash5/index_files/prizewheel-amazon_2.png?5 HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: image/png
content-length: 100395
last-modified: Fri, 03 Mar 2023 03:00:31 GMT
etag: "640162cf-1882b"
expires: Thu, 22 Jun 2023 13:04:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OD%2FsPdL9z%2FE%2BfUjCcrAlA5rYrhVu4sraexISnLzZtOumF1zKXm07lhxyhJ49qD6eY7DoO4R9dKUq%2F7AbCrOh5yg%2FCxVeSOB8Ko8TiHTk7zKZGJMafDUX8AkaX0%2FBuBk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbd80a1bde10b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/index_files/walmart_1.png?2

104.21.21.156

200 OK

144 kB

URL GET HTTP/3
businads.com/cash5/index_files/walmart_1.png?2
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
PNG image data, 500 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
144 kB (144419 bytes)
Hash
3fdf2601df20ab67b18365a2cae5ce65
232276fc4b7ea1cb6ca0057938b5a464904d85fb
b7741379eec1d561bbb14d9b5a64e93efd6baca06f79fdc2e8aac7a4c6f86417

HTTP Headers

GET /cash5/index_files/walmart_1.png?2 HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: image/png
content-length: 144419
last-modified: Fri, 03 Mar 2023 03:00:29 GMT
etag: "640162cd-23423"
expires: Thu, 22 Jun 2023 13:04:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44OACXrlrkoD05Tx1ugOCEqJ%2Fybb%2FpVU%2BVZRhvFAJ%2BsWG%2BB75OGiRgK8ihAbCeyWT8BW0uOouUALXRMyyRfvZ77JCoIxoyuSpfxrf%2F0XLGAXDJv9kYm7kjcSp9eKoUg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbd80a1bde40b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/index_files/4.jpg

104.21.21.156

200 OK

1.0 kB

URL GET HTTP/3
businads.com/cash5/index_files/4.jpg
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.0 kB (1042 bytes)
Hash
e489d022a40ba80f51fb5acc1addea46
41c334f49c248783037ceaf6fc335acff62f760c
c39b4bfbcc6aa147547ca922c4f80350b48dbfa59cbd5176f44373e3b20f3567

HTTP Headers

GET /cash5/index_files/4.jpg HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/index_files/style.css?2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: image/jpeg
content-length: 1042
last-modified: Wed, 20 Apr 2022 03:10:44 GMT
etag: "625f79b4-412"
expires: Thu, 22 Jun 2023 13:04:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b921WZCH%2B%2Bdx0oa09iHrsY%2BNPj096I4bCXxEG%2F%2B4uTFKk%2F%2B6GC2WyGMBFTHIaB7tMjPj%2BG3qDk3nCSPz08a%2F8SXLdMFK5BS1F9vzqNtpLlkP%2BDOlKDCJI7%2BL39nfWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbd80a4d9090b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/index_files/3.jpg

104.21.21.156

200 OK

1.1 kB

URL GET HTTP/3
businads.com/cash5/index_files/3.jpg
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.1 kB (1063 bytes)
Hash
72ab252d8ff828965ad984b8ab16991f
e45ea3665e80feb2e6309b04e1ec2e8d41bb279b
c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291

HTTP Headers

GET /cash5/index_files/3.jpg HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/index_files/style.css?2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: image/jpeg
content-length: 1063
last-modified: Wed, 20 Apr 2022 03:10:41 GMT
etag: "625f79b1-427"
expires: Thu, 22 Jun 2023 13:04:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bcg%2F7X1WXAwA%2BXms45uCF2qjrDlDSsFAZPU0tZxax%2BubKNRys6GzsDrLGgqUpe1dpIAdQ0h%2FfNznTU0k4dn7r5ZptY8iSyzeP5MoB7DhSIWDidx9WT0qxOBgYSs1SE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbd80a4d9040b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/index_files/1.jpg

104.21.21.156

200 OK

3.9 kB

URL GET HTTP/3
businads.com/cash5/index_files/1.jpg
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x52, components 3\012- data
Size
3.9 kB (3900 bytes)
Hash
72c067fe856886245e7c47c7ff84e041
5210cb05f897db334c61f8971ccec9a7396ea8a7
9a106ad9f340c7bafdd365ea1ad24b9336c304b1e72653eb58e84b5604471030

HTTP Headers

GET /cash5/index_files/1.jpg HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/index_files/style.css?2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: image/jpeg
content-length: 3900
last-modified: Wed, 20 Apr 2022 03:10:40 GMT
etag: "625f79b0-f3c"
expires: Thu, 22 Jun 2023 13:04:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xj%2FDcVMzf94V%2Bdvoje3ri1KZUzoA1tS0%2FxKN4EzRrR0C%2FSjR%2F9M4RVvv2RQjC0u%2B3hKDa78FxH8nfzLNczD0SeBGDGw4vdey1Nnf2h9mP%2FWD7vnlVm7%2BAb4QB2hMgi4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbd80a4d8fe0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/index_files/like.png

104.21.21.156

200 OK

220 B

URL GET HTTP/3
businads.com/cash5/index_files/like.png
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
PNG image data, 13 x 12, 8-bit colormap, non-interlaced\012- data
Size
220 B (220 bytes)
Hash
e4c6e8dcd575bd5f346565ce8dbacfe7
29e5d4862f0470607f803d462bddf5f14cf57969
9e79a749ac5f41341fdff11f64845580207490915f72b09ec320e0db0fea224a

HTTP Headers

GET /cash5/index_files/like.png HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/index_files/style.css?2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: image/png
content-length: 220
last-modified: Wed, 20 Apr 2022 03:14:13 GMT
etag: "625f7a85-dc"
expires: Thu, 22 Jun 2023 13:04:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smAUAkM2nfzz1Kd3vRiYfdfwrrS5dS7ghF9WSi7GQ%2BCOCH3skJ8rCxus82WRAdKIqcIyVSkb%2Bo5PL9HGm3HAws9mdQmrKFWNUk2uF5vCW3H6xO6%2FwtTiP43vY2jh7q8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbd80a4d8fc0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/index_files/5.jpg

104.21.21.156

200 OK

3.3 kB

URL GET HTTP/3
businads.com/cash5/index_files/5.jpg
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data
Size
3.3 kB (3268 bytes)
Hash
92c40a962aa579868b64b8b7f1b6575c
f676f1ce463a7b0b7b2c05587a9b52285e55e679
64e47fb0b1dc439d03463c15a7977d88988a4d3f7d563e3d772cc9ca8d41e414

HTTP Headers

GET /cash5/index_files/5.jpg HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/index_files/style.css?2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: image/jpeg
content-length: 3268
last-modified: Wed, 20 Apr 2022 03:10:39 GMT
etag: "625f79af-cc4"
expires: Thu, 22 Jun 2023 13:04:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anJcCt9u9t01CCH7bDTuoZ1RoHJXuie%2FaSoSAzc915o5R4RZuNQiym17K1xzPWiPoExycQZnPR0NZdngAZviMX%2BaX%2BOYAvMGOD7FVT4bSMyg14tAfn7m0EFCkBzH96M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbd80a4d9080b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/index_files/2.jpg

104.21.21.156

200 OK

3.7 kB

URL GET HTTP/3
businads.com/cash5/index_files/2.jpg
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data
Size
3.7 kB (3694 bytes)
Hash
02eebe83bc6786ef27b852477d4c4998
205314ba911137b6f6be4eefd946a2c62229e591
a0038f9d5f6fe1ce8fe1bf1cc7256f05e16c11d27041739c55918b823744753c

HTTP Headers

GET /cash5/index_files/2.jpg HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/index_files/style.css?2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: image/jpeg
content-length: 3694
last-modified: Wed, 20 Apr 2022 03:10:42 GMT
etag: "625f79b2-e6e"
expires: Thu, 22 Jun 2023 13:04:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mixntAdTgUcmwn9tRhjGIBjrP7%2FBROIKQwKTsxmOkOH6jMe5eU3Z%2F6EnzzB9dPjd04oOYfU0jAsK36u1U2fNm0EhiOkoqtP3vEX5o9QJcRmpTEa4ElZMljKRN1DepWk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbd80a4d9030b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn-adef.akamaized.net/images/favicon.ico

23.36.76.194

200 OK

4.1 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/images/favicon.ico
IP
23.36.76.194:443
ASN
#20940 Akamai International B.V.

Requested by
https://businads.com/cash5/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: mzbDFFn0Yhqdz4XL9s4sX6yByljdNVrKhKiK+UtK4DVRgNzfBI6OtL7EakQiGwqEsC19uC++cQI=
x-amz-request-id: 78F19547EBC3B810
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
Date: Tue, 23 May 2023 13:04:07 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

pentlyconger.com/d/.js?lpref=&lpurl=https%3A%2F%2Fbusinads.com%2Fcash5%2F%23&lpt=CashApp&vtm=1684847043171

18.192.249.87

400 Bad Request

152 B

URL GET HTTP/2
pentlyconger.com/d/.js?lpref=&lpurl=https%3A%2F%2Fbusinads.com%2Fcash5%2F%23&lpt=CashApp&vtm=1684847043171
IP
18.192.249.87:443
ASN
#16509 AMAZON-02

Requested by
https://businads.com/cash5/
Certificate
IssuerLet's Encrypt
Subjectpentlyconger.com
Fingerprint16:8E:29:71:07:6C:FC:81:F6:80:EA:36:93:3A:AA:25:00:70:BC:DA
ValidityFri, 31 Mar 2023 06:49:59 GMT - Thu, 29 Jun 2023 06:49:58 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
152 B (152 bytes)
Hash
d9bacc468aa23334526933389545e120
e26288b4bada404ce340ca72989f9f1193dc649c
0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /d/.js?lpref=&lpurl=https%3A%2F%2Fbusinads.com%2Fcash5%2F%23&lpt=CashApp&vtm=1684847043171 HTTP/1.1
Host: pentlyconger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
server: nginx
date: Tue, 23 May 2023 13:04:07 GMT
content-type: text/html
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2

my.rtmark.net/p.js?f=sync&lr=1&partner=36a35141131f3f09650bebf8eb3e252d9f17c8fe966ca8cd8e070ec5bc8193fc

139.45.195.8

200 OK

697 B

URL GET HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=36a35141131f3f09650bebf8eb3e252d9f17c8fe966ca8cd8e070ec5bc8193fc
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://businads.com/cash5/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT

File type
ASCII text
Size
697 B (697 bytes)
Hash
9a99699bf8e6cecd1577aa4cf99a1835
c24d5bfa2cd78c995c1382b162e3a9a19ed0f5c1
90f159967276d804287524d533a70250911cb63d5b2953b6a1d986b6044a0405

HTTP Headers

GET /p.js?f=sync&lr=1&partner=36a35141131f3f09650bebf8eb3e252d9f17c8fe966ca8cd8e070ec5bc8193fc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 May 2023 13:04:07 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

stoomawy.net/zone?&pub=0&zone_id=5734384&is_mobile=false&domain=businads.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest

139.45.197.250

200 OK

0 B

URL POST HTTP/2
stoomawy.net/zone?&pub=0&zone_id=5734384&is_mobile=false&domain=businads.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://businads.com/cash5/
Certificate
IssuerLet's Encrypt
Subjectstoomawy.net
FingerprintE4:DB:E3:CD:B4:BE:C2:11:57:A6:38:77:62:4F:43:FE:1E:F5:F1:A2
ValiditySun, 12 Mar 2023 05:37:54 GMT - Sat, 10 Jun 2023 05:37:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5734384&is_mobile=false&domain=businads.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: stoomawy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://businads.com
DNT: 1
Connection: keep-alive
Referer: https://businads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 May 2023 13:04:07 GMT
content-length: 0
x-trace-id: 52999cc15843244ed31b4647717b08c4
access-control-allow-origin: https://businads.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.stfilecamp.com/fp.min.js

205.185.216.10

200 OK

32 kB

URL GET HTTP/2
cdn.stfilecamp.com/fp.min.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://businads.com/cash5/
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint8E:29:42:AB:6B:6C:A3:84:A2:28:12:0F:47:43:FB:7A:88:81:70:0A
ValiditySat, 29 Apr 2023 15:08:05 GMT - Fri, 28 Jul 2023 15:08:04 GMT

File type
Unicode text, UTF-8 text, with very long lines (31370)
Size
32 kB (31705 bytes)
Hash
198f2f5b0a649f41fe890c59d37319aa
f24629687612889bb59f610df3879afcd766fb80
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 May 2023 13:04:08 GMT
cache-control: max-age=203
content-length: 31705
content-type: text/javascript
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx00000000000002c8a5f5c-00646cac83-3592f1a1-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1684847048.dop213.sk1.t,1684847048.cds242.sk1.hn,1684847048.cds237.sk1.c
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=36a35141131f3f09650bebf8eb3e252d9f17c8fe966ca8cd8e070ec5bc8193fc&ttl=&rurl=https%3A%2F%2Fbusinads.com%2Fcash5%2F%23

139.45.195.8

200 OK

43 B

URL GET HTTP/2
my.rtmark.net/img.gif?f=sync&partner=36a35141131f3f09650bebf8eb3e252d9f17c8fe966ca8cd8e070ec5bc8193fc&ttl=&rurl=https%3A%2F%2Fbusinads.com%2Fcash5%2F%23
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://businads.com/cash5/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=36a35141131f3f09650bebf8eb3e252d9f17c8fe966ca8cd8e070ec5bc8193fc&ttl=&rurl=https%3A%2F%2Fbusinads.com%2Fcash5%2F%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 May 2023 13:04:08 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=cf89cf90509e44d49462c7359e1204b2; expires=Wed, 22 May 2024 13:04:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

businads.com/cash5/index_files/stormtrk.js

104.21.21.156

200 OK

6.5 kB

URL GET HTTP/3
businads.com/cash5/index_files/stormtrk.js
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
ASCII text, with very long lines (6726), with no line terminators
Size
6.5 kB (6502 bytes)
Hash
c1ae765e0a69e76b62652260fa084405
34a6c5996f85c7466cfaeecf3de27935ffd5385d
ad4368b41a81e243d6589c9ac93f789c53b403e1e9d1a6969b28cbec593d5621

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cash5/index_files/stormtrk.js HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: application/javascript
last-modified: Mon, 18 Apr 2022 03:01:52 GMT
vary: Accept-Encoding
etag: W/"625cd4a0-1966"
expires: Wed, 24 May 2023 01:04:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rI65KG%2FJV4PxYr92Aqo0ehn5lCV5RrvZhpM4fDTfhY3eeu27FSn%2Bwxsk%2FwnB9Yvx4gw4vNwjjNA%2FCpr2l5Dzr7%2FGMfiONGDYS02dtIFjFzFzLGxJfIUP%2F32DmOxBHpU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbd80a1bddf0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/index_files/style.css?2

104.21.21.156

200 OK

39 kB

URL GET HTTP/3
businads.com/cash5/index_files/style.css?2
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
ASCII text
Size
39 kB (38577 bytes)
Hash
cffc01d3f82e5e03e1bddc9a1405fba6
a92cd1941ba14c0c692aaa73c354bb4625833a37
9d3df57abc060dd08f728b371ecdf0269234e282bf04dfacd921be6e48da7dd2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cash5/index_files/style.css?2 HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: text/css
last-modified: Wed, 20 Apr 2022 03:12:57 GMT
vary: Accept-Encoding
etag: W/"625f7a39-96b1"
expires: Wed, 24 May 2023 01:04:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEvaygD3HOtkI9r1YdDHZ9Hq%2BVyGPwc6puz9gkdaxxmQHmMYvE1R%2BqosCMM6WlPMz%2BVXWuBxS9uav5CJOpskq6sP%2FbU6cxKx8XCcfpMBwpMc7xTJuoVMykxqRyR5eKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbd80a1bdd80b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/sw-check-permissions-401e6.js

104.21.21.156

200 OK

566 B

URL GET HTTP/3
businads.com/sw-check-permissions-401e6.js
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
ASCII text, with very long lines (605), with no line terminators
Size
566 B (566 bytes)
Hash
fb1b32f2e203c5bdeca45a605714bd00
0094b460d86c6b331cda4b7ed7fbd74691bb343c
b4fa5e36af791594a9e40c654382ea1675518c7935e94a6852bbe5e45bc4e634

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sw-check-permissions-401e6.js HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:08 GMT
content-type: application/javascript
last-modified: Mon, 20 Feb 2023 03:58:37 GMT
etag: W/"63f2efed-236"
expires: Wed, 24 May 2023 01:04:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRTGDXEpup9pTAvmjCvfz2iBECw4Mcc9yrzhM4ruXyxWqD%2FxH9IKTH7oCrpOjVF12cVRHdmEVoHZnsUq91%2BTTZ6DObJ%2BV1%2Bk%2Br42bH1DjbBxThnUvwpctv5aDFxcsbU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbd80c16a160b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/

104.21.21.156

200 OK

13 kB

URL User Request GET HTTP/2
businads.com/cash5/
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type

Size
13 kB (13068 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cash5/ HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 May 2023 13:04:02 GMT
content-type: text/html
last-modified: Tue, 04 Apr 2023 06:36:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzIEMpyCFHaj6m56am5HBzGxZzco%2FR%2F%2F%2FK0xvvL7XBf7r9hmS0LPPyVBg8Z%2BlmFOX0ndOfMecrQ71ATbJHxcM8EogkNBzOUfx8%2FUWXDQJqMpIZZhuCdgpRLdHl%2FYsNo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbd809c6899b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stoomawy.net/pfe/current/micro.tag.min.js?z=5734384&sw=/sw-check-permissions-401e6.js

139.45.197.250

200 OK

42 kB

URL GET HTTP/2
stoomawy.net/pfe/current/micro.tag.min.js?z=5734384&sw=/sw-check-permissions-401e6.js
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://businads.com/cash5/
Certificate
IssuerLet's Encrypt
Subjectstoomawy.net
FingerprintE4:DB:E3:CD:B4:BE:C2:11:57:A6:38:77:62:4F:43:FE:1E:F5:F1:A2
ValiditySun, 12 Mar 2023 05:37:54 GMT - Sat, 10 Jun 2023 05:37:53 GMT

File type
C source, ASCII text, with very long lines (41979), with no line terminators
Size
42 kB (41979 bytes)
Hash
d44fd7b96fceca8f81b472766025d0d2
237541097413baf5cd3e703413f8bc9ea538a4db
b6c7c1e7fb1a437f100bdcb253df8b0468f130835fbb82c5687505a099997d16

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=5734384&sw=/sw-check-permissions-401e6.js HTTP/1.1
Host: stoomawy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 May 2023 13:04:07 GMT
content-type: application/javascript
last-modified: Thu, 11 May 2023 14:20:13 GMT
etag: W/"645cf99d-a3fb"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

businads.com/cash5/index_files/second_back.js

104.21.21.156

200 OK

2.2 kB

URL GET HTTP/3
businads.com/cash5/index_files/second_back.js
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
ASCII text, with very long lines (2311), with no line terminators
Size
2.2 kB (2231 bytes)
Hash
d8cda4c9b52122a5717b7675e4cc0507
afcdbf8c3511ec604eca7b8283ae1547eb2a4b09
fd3f9a5b037a50b89b415375eb1e46ead471ad9762127db59258b52f22387d00

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cash5/index_files/second_back.js HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: application/javascript
last-modified: Mon, 18 Apr 2022 03:05:56 GMT
vary: Accept-Encoding
etag: W/"625cd594-8b7"
expires: Wed, 24 May 2023 01:04:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roal6wN57tEJ96VeA%2Bn4bcBijBod4ka3%2FZXK9uQR2jmQEG4PM2kwRHuolceoJCuWTvZRpRLx0LJSfsAsv%2F0JiE4dCaid%2FeorNaE9fxGcq1AKnuYcEbbJD25CPqN84U8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbd80a1bddd0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

businads.com/cash5/index_files/jquery.min.js

104.21.21.156

200 OK

88 kB

URL GET HTTP/3
businads.com/cash5/index_files/jquery.min.js
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cash5/index_files/jquery.min.js HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: application/javascript
last-modified: Mon, 18 Apr 2022 03:01:52 GMT
vary: Accept-Encoding
etag: W/"625cd4a0-15851"
expires: Wed, 24 May 2023 01:04:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WrmEo5FqVF%2Fa8ZhwNZUn8Ug%2FUEyhmBRJ18u8kPZ4UjvRgcuHI8DJq5P8QGnuGJnlrNVbOK7T6IJo2SvRhyBQ2PFwlG3JNAgPXFT0ElwcCvXCB90DGvtnGJtOM2Ilec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbd80a1bdda0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Fbusinads.com%2Fcash5%2F

104.26.5.120

200 OK

241 B

URL GET HTTP/2
stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Fbusinads.com%2Fcash5%2F
IP
104.26.5.120:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint12:CF:2B:DC:A1:B5:77:12:91:68:E8:DD:F0:22:9A:1B:06:84:6A:74
ValidityFri, 09 Dec 2022 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
241 B (241 bytes)
Hash
9a39b82ec3d32133ab4b3088a6679908
adb333f0c0f771791c960357c4ec4a48a31d09fd
a57ba22c6b3069c55b5bc175b4832fa6c81104904b24b0a593082668bf169f67

HTTP Headers

GET /api/1.0/ping/pong?location=https%3A%2F%2Fbusinads.com%2Fcash5%2F HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://businads.com
DNT: 1
Connection: keep-alive
Referer: https://businads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 May 2023 13:04:07 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKpA81rcyaWEig7ET8P6pWu5WH5yFfPRsS%2B8Xldtna4LzP0wUgum%2FkNJevX13Y2BRutfjWJ6BNt9MKSpdLgyK5Mf0an0G%2F1ql7XQHyXPd%2FD06b8lI5p8TyOQLyoOTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbd80be9d29b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

businads.com/cash5/index_files/main.js

104.21.21.156

200 OK

3.1 kB

URL GET HTTP/3
businads.com/cash5/index_files/main.js
IP
104.21.21.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://businads.com/cash5/
Certificate
IssuerGoogle Trust Services LLC
Subjectbusinads.com
Fingerprint9F:00:1D:5C:39:DA:AD:04:6F:F2:1B:5E:BB:81:38:85:1B:15:16:C3
ValiditySat, 29 Apr 2023 00:55:47 GMT - Fri, 28 Jul 2023 00:55:46 GMT

File type
ASCII text, with very long lines (3200), with no line terminators
Size
3.1 kB (3065 bytes)
Hash
fdd423b17da31208a5c21fad72b932b9
e91c7519cfec28bb1cbf7090140deb21551e811d
2bc415ece1375eaca76cd91cb34849987af8dddae11391d1972fabc4be0b0f6a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cash5/index_files/main.js HTTP/1.1
Host: businads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://businads.com/cash5/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 13:04:03 GMT
content-type: application/javascript
last-modified: Mon, 18 Apr 2022 03:01:52 GMT
vary: Accept-Encoding
etag: W/"625cd4a0-bf9"
expires: Wed, 24 May 2023 01:04:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZ%2FE%2Fnh2qr%2FKIL2w8O06E1mRxobc7Qg%2B%2Bfa3yGXrrg3wWt%2FRbJhiTK5A%2FeTl6u%2FXcyYFJx75gcmen486PPyiluS3STcZ9ad6tUM9VD%2F%2BTQzUkG9XCd0V%2Ba9y3dv84MU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbd80a1bddb0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML