| | 172.67.137.58 | 301 Moved Permanently | 167 B |
URL User Request GET HTTP/1.1IP172.67.137.58:80
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: csbid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Thu, 25 Apr 2024 06:07:25 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 25 Apr 2024 07:07:25 GMT
Location: https://csbid.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bDbuaLelHHYHy3kPQG23fvaMPzhf%2Bux8HLh5GsJGkGV5KC1iH1fCOxiKZPd6mkMSrwaTLZNdH5w4qx%2FbLGPZimqkmq%2BXxgFpMLYlhkiJaKwGGW5eQ09%2BIxmTAos%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879c2717a8cd56c4-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/lboor/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.2.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/lboor/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hash894479059a92d7b6feead4de6bc63c36 1a79e29fa92ef1c6808a49a30dd7aeb4dc9076b4 a953211f10e683a5bbb53f8119ce42b092c33bf2e1ffb4092435ecf8bc23999f
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/lboor/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:07:26 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
origin-agent-cluster: ?1
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
document-policy: js-profiling
vary: accept-encoding
server: cloudflare
cf-ray: 879c271bbe9b5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879c271bbe9b5695/1714025246449/864f1dbaaada1ca0d533f41472e68f0a8276383b470d22db8cc612aec33f856c/nyDw8BbGoxd3hAE | 104.17.2.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879c271bbe9b5695/1714025246449/864f1dbaaada1ca0d533f41472e68f0a8276383b470d22db8cc612aec33f856c/nyDw8BbGoxd3hAE IP104.17.2.184:0
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/879c271bbe9b5695/1714025246449/864f1dbaaada1ca0d533f41472e68f0a8276383b470d22db8cc612aec33f856c/nyDw8BbGoxd3hAE HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/lboor/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Thu, 25 Apr 2024 06:07:26 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20ghk8duqraHKDVM_QUcuaPCoJ2ODtHDSLbjMYSrsM_hWwAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIIZPHbqq2hyg1TP0FHLmjwqCdjg7Rw0i24zGEq7DP4VsABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 879c27206b165695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879c271bbe9b5695/1714025246449/QwQ45BKJYzPVpup | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879c271bbe9b5695/1714025246449/QwQ45BKJYzPVpup IP104.17.2.184:0
File typePNG image data, 59 x 26, 8-bit/color RGB, non-interlaced Hash2cd4786dece3ffd9e79b61474f693581 334bbd6581f4bd9de07117e81b3b7f726c5cc2ba 3d239c4993b892053eab7539d28dfec8de2459ab90eb1029e69da55e8cedbfd0
GET /cdn-cgi/challenge-platform/h/b/i/879c271bbe9b5695/1714025246449/QwQ45BKJYzPVpup HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/lboor/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:07:26 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879c27209b405695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| csbid.com/favicon.ico | 172.67.137.58 | 404 Not Found | 8.6 kB |
IP172.67.137.58:443
CertificateIssuerGoogle Trust Services LLC Subjectcsbid.com Fingerprint21:EE:9F:E8:0A:A4:DD:7C:DB:D6:DF:32:39:86:5D:2D:43:4D:80:AA ValidityThu, 28 Mar 2024 07:23:42 GMT - Wed, 26 Jun 2024 07:23:41 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash1b7c22a214949975556626d7217e9a39 d01c97e2944166ed23e47e4a62ff471ab8fa031f 340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: csbid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csbid.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 06:07:25 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rgyXUAHxUdq3OZFXH1fncBWJ44eypgvFCigEksPK6KGr6bbthADrfS%2FF%2FbrHbcoywUVEmbA3K0pBiVduGoJcTioDF%2BJdvX6lGNmR%2FdB6dauokfGnzvI2fM5TR%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c2719f849712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit | 104.17.2.184 | | 22 kB |
URL challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP104.17.2.184:0
File typeJavaScript source, ASCII text, with very long lines (42414) Hashf94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b
GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://csbid.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 06:07:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c271a298c56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| auth.cs2bandit.com/static/js/main.4b187f81.js | 172.67.165.74 | 403 Forbidden | 7.9 kB |
URL GET HTTP/3auth.cs2bandit.com/static/js/main.4b187f81.js IP172.67.165.74:443
CertificateIssuerGoogle Trust Services LLC Subjectcs2bandit.com Fingerprint0C:B6:0E:24:9F:AF:30:58:6E:4A:0A:B5:21:6B:90:01:48:44:58:35 ValidityThu, 18 Apr 2024 17:34:58 GMT - Wed, 17 Jul 2024 17:34:57 GMT
File typeHTML document, ASCII text, with very long lines (16630), with no line terminators Hash7d7b09dbff6ea4bead804094856295ac 5c2c20aa0166e1275bb989b12cb92ec97cf397dd 346b520eec636ccf840bb10f7e8def5f79bd167fdb141f4f13224af30aac0bbb
GET /static/js/main.4b187f81.js HTTP/1.1
Host: auth.cs2bandit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csbid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 25 Apr 2024 06:07:31 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: rq3BHm8v7PA0mKsUL196NcvyrUCM7MMnHfOrdAiPcCfNaLahYAo1VxUN/VstGHlUxb0l1lWahy+c6XG5g8V+XJUqDA85Pw47Muesvs3vnqs=$jX1OfBgC/p1Zug6nW6xZlQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2iGb1ZTHYFAc4ZdQPpAlyysbv0B0Uu9w6kQksIk8d4Y56hieH7EhTKzcu2D0gR%2FREOHcdntnGIc4aPixHf8N7py8mk0USR1VE9dJAMiPIWHdO8QbTMz4GnSJgnfAquUpPdBdVZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c273f8aa456b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| csbid.com/cdn-cgi/challenge-platform/h/b/flow/ov1/140875053:1714022720:R4FfE-ILEFyJdcHlTzZ0LYOW_kxJvYEaURiOy4_2y9c/879c2717ce6a712f/21b06dab0583f4b | 172.67.137.58 | | 3.4 kB |
URL csbid.com/cdn-cgi/challenge-platform/h/b/flow/ov1/140875053:1714022720:R4FfE-ILEFyJdcHlTzZ0LYOW_kxJvYEaURiOy4_2y9c/879c2717ce6a712f/21b06dab0583f4b IP172.67.137.58:0
File typeASCII text, with very long lines (3560), with no line terminators Hashfd56ca07681735e52fda29e142457467 2e8e28272f09b496253cbd8717c5de86d9ebd32e f545ce12392b3cb0a690c54744272558a61aba427fccb16a55ebe701431d6403
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/140875053:1714022720:R4FfE-ILEFyJdcHlTzZ0LYOW_kxJvYEaURiOy4_2y9c/879c2717ce6a712f/21b06dab0583f4b HTTP/1.1
Host: csbid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csbid.com/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 21b06dab0583f4b
Content-Length: 3132
Origin: https://csbid.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:07:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_chl_rc_m=;Expires=Wed, 24 Apr 2024 06:07:31 GMT;SameSite=Strict
cf-chl-out: 0I05snxUuo0ruMaepjri+hUnM0+G+fjjzJCPqn3nPkE7LLvB+wN4OjrFjJ0DG9jjwPtJGun56+eLd5jPsyBr9g==$sxO+yvq3JqV2dxhdcDx0Kg==
cf-chl-out-s: ABiO/HC1D+slrAlFGeNjvzXbvghHpxagjOmgRyPBrYDjzprlW5hqcIL93JXQvH9BGAyxbVaMGoY/fq1FfLXtAdHTmgCNNvfLJQlzBZwFflN0ys45CLu1NX/gIVZfk2VltVPDAvfpwrrof5i2Q0YNpjgnw07nrlQZysIkxoPyKu89oL0trDdQGHkcPrCm4tQxbSzXpGNIecF0ov8zWjfZaAaMBVy5GDeW49lau13dEVje0F1/hXaUhtLrwR20wjlA0B5fHzNVEpwQMmcx22UXZDzdp2bteKxJ5827nwnYu9sLM2YYX3QIb2lTfmACIjD4FbWnsXzfbj3PtUmd9Ldh9mPwUrUeRbpNelhZ35V92dPYZ6CWj7gUTM7wP8MOm8Sz0YDeT11dyIGRy1tm3FMJIKXkeY2gogIeTQYsWGxLMVIs2lrdnhFMLYkat4NRYFpRBv+8/e265PqMr1poyHSUZQ==$M3Pncq5igfOagyaFJFzgqw==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9y%2BAwHNZKtXr4aG3j6rZXCZ3LI7ehVdA1TA25mptBPaoqJUfHBimvpkM2Sv86B8qTCb93krvvpdYCUEax8PsPJbX86dW3e7FZcg8nxi3OSlT8oydtTMHEE%2F%2FTH0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c273d8f16712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/mdi/5.2.45/css/materialdesignicons.min.css | 151.101.193.229 | 301 Moved Permanently | 111 B |
URL GET HTTP/2cdn.jsdelivr.net/mdi/5.2.45/css/materialdesignicons.min.css IP151.101.193.229:443
CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with no line terminators Hash87de315c31948d23715f00fff7dd68d5 c0fd324ab404d3475263ea958214be06919de013 fa950bd5845777aa0d25741fffc89a019998065fe0d138780f9f41f39ca95b3f
GET /mdi/5.2.45/css/materialdesignicons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csbid.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://cdn.jsdelivr.net/npm/@mdi/font@5.2.45/css/materialdesignicons.min.css
content-type: text/plain; charset=utf-8
accept-ranges: bytes
age: 695848
date: Thu, 25 Apr 2024 06:07:31 GMT
x-served-by: cache-fra-etou8220034-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding, Accept
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 111
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/@mdi/font@5.2.45/css/materialdesignicons.min.css | 151.101.193.229 | 200 OK | 40 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/@mdi/font@5.2.45/css/materialdesignicons.min.css IP151.101.193.229:443
CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash4f77992d778df5e2325796f194f87588 dec4a314e9f7a2714f9dacb4610ca04a89223328 01d0211a5f52679474c3d4333598116e2ee412c9931a08b283bb7361ab750643
GET /npm/@mdi/font@5.2.45/css/materialdesignicons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csbid.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.45
x-jsd-version-type: version
etag: W/"3a97a-3sSjFOn3onFPnay0YQygSokiMyg"
content-encoding: br
accept-ranges: bytes
age: 1575218
date: Thu, 25 Apr 2024 06:07:31 GMT
x-served-by: cache-fra-etou8220037-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39971
X-Firefox-Spdy: h2
|
|
| csbid.com/logo192.png | 172.67.137.58 | 404 Not Found | 162 B |
IP172.67.137.58:443
CertificateIssuerGoogle Trust Services LLC Subjectcsbid.com Fingerprint21:EE:9F:E8:0A:A4:DD:7C:DB:D6:DF:32:39:86:5D:2D:43:4D:80:AA ValidityThu, 28 Mar 2024 07:23:42 GMT - Wed, 26 Jun 2024 07:23:41 GMT
File typeHTML document, ASCII text, with no line terminators Hash2b838659c6ea3bbc1241837a1b44840b 296c38b80b7304bd14e5b6c934fca1c32d687917 a9ac287e62f49a385bf05052b658eea54ad6811b368db66f58b581a61435c9ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /logo192.png HTTP/1.1
Host: csbid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csbid.com/
Cookie: cf_clearance=TY6GqmQBDg.Ew4yTUuM7nMRxRPlMzlXuZJuTunUjnYg-1714025245-1.0.1.1-1eWDXCt..kOZS6EaHq.eDuc0XEtfhuBrWDtMQmYFA1nyWXQdq9KmsN1ZMSKmqKlHjPSBSbzoeGHispCCgHP2ng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 06:07:32 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PwnG5lTk765Zro18mlBx5toj600B6lxJ2oyQ9THfsEftZVzhAJE2%2FoFf2Ct07kCI7TQxyzfmit0heCyVQVDJ8m4xDd4vbjpT3EkDvibj226F%2Bg9%2FPIoFq7b8CO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c2741ea5f712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.materialdesignicons.com/5.2.45/css/materialdesignicons.min.css | 138.199.37.231 | 301 Moved Permanently | 240 kB |
URL GET HTTP/2cdn.materialdesignicons.com/5.2.45/css/materialdesignicons.min.css IP138.199.37.231:443 ASN#60068 Datacamp Limited
CertificateIssuerLet's Encrypt Subjectcdn.materialdesignicons.com FingerprintE9:02:68:54:8B:F0:97:E7:3C:AF:CC:DA:C8:82:96:F1:A4:DF:DC:CB ValiditySun, 14 Apr 2024 03:13:59 GMT - Sat, 13 Jul 2024 03:13:58 GMT
Size240 kB (239994 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /5.2.45/css/materialdesignicons.min.css HTTP/1.1
Host: cdn.materialdesignicons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csbid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 25 Apr 2024 06:07:31 GMT
content-length: 0
location: https://cdn.jsdelivr.net/mdi/5.2.45/css/materialdesignicons.min.css
server: BunnyCDN-DE1-863
cdn-pullzone: 190968
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
retry-after: 0
cdn-cachedat: 03/29/2024 19:04:06
x-served-by: cache-chi-kigq8000143-CHI
x-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 301
cdn-requestpullsuccess: True
cdn-edgestorageid: 1055
cdn-status: 301
cdn-requestid: eb9439efc279d509f66b93267bc98e8d
cdn-cache: HIT
X-Firefox-Spdy: h2
|
|
| csbid.com/w3jueof1ai0x.js | 172.67.137.58 | 200 OK | 334 kB |
URL GET HTTP/3csbid.com/w3jueof1ai0x.js IP172.67.137.58:443
CertificateIssuerGoogle Trust Services LLC Subjectcsbid.com Fingerprint21:EE:9F:E8:0A:A4:DD:7C:DB:D6:DF:32:39:86:5D:2D:43:4D:80:AA ValidityThu, 28 Mar 2024 07:23:42 GMT - Wed, 26 Jun 2024 07:23:41 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size334 kB (334513 bytes) Hashb7d50ad041b126a96a712fbea30b939b 7821a1f135f181351167205b1de350735cc2902a 0e6bf22d4f364d2c5b8cd5e74a7bca857db0dfe9cb91f2f02a867e7676b2ec01
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /w3jueof1ai0x.js HTTP/1.1
Host: csbid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csbid.com/
Cookie: cf_clearance=TY6GqmQBDg.Ew4yTUuM7nMRxRPlMzlXuZJuTunUjnYg-1714025245-1.0.1.1-1eWDXCt..kOZS6EaHq.eDuc0XEtfhuBrWDtMQmYFA1nyWXQdq9KmsN1ZMSKmqKlHjPSBSbzoeGHispCCgHP2ng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:07:31 GMT
content-type: application/javascript
last-modified: Mon, 19 Feb 2024 18:23:32 GMT
etag: W/"65d39ca4-51ab1"
expires: Fri, 26 Apr 2024 06:07:31 GMT
cache-control: max-age=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCwhkuSwY8UybmhApbq43G4r5c%2BsREPsuSPV0GJk6UT7SMg%2FBJvNtwlLr1j%2FbAoQOujGpHlWbGJqaKKIhh%2B1HP9UuOd1%2FdRsVeYe4zKoV6Euqco9cP4fxiXjf6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c273f6880712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| auth.cs2bandit.com/static/css/main.d0b65c08.css | 172.67.165.74 | 403 Forbidden | 0 B |
URL GET HTTP/2auth.cs2bandit.com/static/css/main.d0b65c08.css IP172.67.165.74:443
CertificateIssuerGoogle Trust Services LLC Subjectcs2bandit.com Fingerprint0C:B6:0E:24:9F:AF:30:58:6E:4A:0A:B5:21:6B:90:01:48:44:58:35 ValidityThu, 18 Apr 2024 17:34:58 GMT - Wed, 17 Jul 2024 17:34:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/css/main.d0b65c08.css HTTP/1.1
Host: auth.cs2bandit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csbid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 25 Apr 2024 06:07:31 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: jEpuDILpEZsHyJAofxEUSDuWfGZfGz3HKzUslGUU/AzRL3aCL1keFppTcUU3/DE1Q8k8j2R+JcUkIgbzqPSgpPtkN2/vSaFW25GmmvrWKps=$J1GcxknRpGlaK3jt8T1/4w==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ct%2FijfELnc0AIYsUcGvHngNZlqhSFYKJRSGuEdfSvT8eCxNk51VUi%2FZsrkBp%2Fi9cPvtldkTIw7Te7Fsjpmuf6R9tRVhM2ufjKwz1ulxRjgxGxi5UsFDJ4I929MEYlApdaSutGrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c273f8aa756b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| auth.cs2bandit.com/static/css/main.d0b65c08.css | 172.67.165.74 | 403 Forbidden | 0 B |
URL GET HTTP/3auth.cs2bandit.com/static/css/main.d0b65c08.css IP172.67.165.74:443
CertificateIssuerGoogle Trust Services LLC Subjectcs2bandit.com Fingerprint0C:B6:0E:24:9F:AF:30:58:6E:4A:0A:B5:21:6B:90:01:48:44:58:35 ValidityThu, 18 Apr 2024 17:34:58 GMT - Wed, 17 Jul 2024 17:34:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/css/main.d0b65c08.css HTTP/1.1
Host: auth.cs2bandit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csbid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Thu, 25 Apr 2024 06:07:32 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: B53FvDjaeVgwFXVGVE29SXBmaOu91SNdl2M28PcjapVsSR1a24gmEzaSPOh1GhRDtt1GrtspEAd8WQo9VL9Fi07NdQK50m83Jgk/ZBnVCnE=$ktt2M766uGV7bdwwQ2irrw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8rNYe89y1Wr%2FrtXpUpjH3eug9gG6FoKjD46jEvuRaK5tVjwJSw%2BN47gKmtiD04lxEa0EBQteeTK3koiw1ZO46HQXxWKFq6aCFgzVrLb8szL25aWNub8rjqlx22UNk2MPmumGmk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c2741af33568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| randomxpanel.com/dupttpbxsosyniorvemxhtlabgkamsbfrcdviefelwkutn | 104.21.63.8 | 200 OK | 48 B |
URL POST HTTP/2randomxpanel.com/dupttpbxsosyniorvemxhtlabgkamsbfrcdviefelwkutn IP104.21.63.8:443
CertificateIssuerLet's Encrypt Subjectrandomxpanel.com Fingerprint9A:4C:1B:65:9F:C1:79:A3:B4:4B:42:8F:FC:24:7F:FE:F4:74:38:26 ValiditySun, 14 Apr 2024 02:55:53 GMT - Sat, 13 Jul 2024 02:55:52 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashae5abb2fd0190a569c6c996e0ff454be 1ceb0e12d25078c4019173287dc522e53664fa8b e32e962686248521bad36e4ffa3f4e3903a90e95effdc4c18b595b60b7cf1da1
POST /dupttpbxsosyniorvemxhtlabgkamsbfrcdviefelwkutn HTTP/1.1
Host: randomxpanel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 11
Origin: https://csbid.com
DNT: 1
Connection: keep-alive
Referer: https://csbid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 06:07:32 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
etag: W/"30-EBwxaHuI5J8eA7uV5npTbSvni2M"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBDnuu4i2jEF6Ri9x7eZ0%2FJO4U0tbHhYZmjtZ6XGHFTHS8UyzJD%2BaD6jGrJuIzs0lHqQM05rSydgp76ksroUcQ3njjpGVgKGubuSDPjbwIgDMMIdoqszVSRbmhJGr7MC7P4V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c274248d00afa-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|