money-easilybxe.buzz/
172.67.177.80200 OK 7.5 kB IP 172.67.177.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1229)
Hash 45fe581dfe36fdca47560cfd74b89210
57b4f81ff589475f61a045ec0961f0ededca852f
4a4ebd8eb1f61d26660390f9819a0ba31c4db1f71a5322c5be46f6e26af0df7d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET / HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: loclang=en; expires=Sun, 26-Feb-2023 02:45:08 GMT; Max-Age=259200; path=/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgjoeDdI9Eq8LLNjE29VqwiA6ODFTkc6I3xw9aXiOxIk16Tzjgu8iqy7sHLX86w%2Fvtp%2Bn%2Fr8OmeSpLit%2FBvcjmmz9BGSL1dezaZMzJmdldGSQY1VZ%2BKlFTOOUFrqCkeJME%2FRWnR82g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa66ba8fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6f313739c4c44174fc9a97ac63621b46
319da68d06694330ad9f7901bcde1ca0a6eeac0d
321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5363
Expires: Thu, 23 Feb 2023 04:14:31 GMT
Date: Thu, 23 Feb 2023 02:45:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14275
Expires: Thu, 23 Feb 2023 06:43:03 GMT
Date: Thu, 23 Feb 2023 02:45:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7fb59e5d3cdf08b94e5f41fdeb9aec6c
ff644039db3b9f74d7e2fab10f93581bea10614a
861573a00d75364e15783c5e448c4f8b4da48b38d9beba3ebd33a87f993489a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "861573A00D75364E15783C5E448C4F8B4DA48B38D9BEBA3EBD33A87F993489A5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17678
Expires: Thu, 23 Feb 2023 07:39:46 GMT
Date: Thu, 23 Feb 2023 02:45:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 01:53:53 GMT
content-type: application/json
age: 3075
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +8MrVodGL5ym5dx1TZCPwVXZ8Yhcay2z60ZKVhp45m/YXoQdO/wyhs8xT+liUcVCh8XgK2iVbFA=
x-amz-request-id: E8CCARKJ3JQJH21H
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 01:48:51 GMT
age: 3377
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
money-easilybxe.buzz/assets/lightbox.css?88888888
172.67.177.80200 OK 4.9 kB URL HTTP/1.1 money-easilybxe.buzz/assets/lightbox.css?88888888
IP 172.67.177.80:0
Hash 4138845c6491ac3fb55923958b4d0b29
81c43933cd63fbc8f73e527b65c0b61932f6594e
e48a7338ab4bb2f4e375c03cf2c0f0d7e5e3d58380c214b7c38699b6d742c71c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/lightbox.css?88888888 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-657c"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQFhf68aa3v56WgGHipxbAoFdx8Yen4Hu6E07j8VDRGDw3zUbuk6dIgljHnolpoE21LgPa4nX1jn3UzIZ78i%2F%2FfDJVTKaysnluZZKIZxcQW5VlNXZwpja%2FrnfGfp9UidJWn34IUoRA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa94b160b49-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/slick-theme-s.css?88888888
172.67.177.80200 OK 873 B URL HTTP/1.1 money-easilybxe.buzz/assets/slick-theme-s.css?88888888
IP 172.67.177.80:0
Hash 15d25297ad87dcd9d31b99f050983138
0b4320349b2078f3cd3b5633116451007870a146
789311973612cfb041549c885450da7336fa09136a9d1873dc1619c687a9a5ec
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/slick-theme-s.css?88888888 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-bd8"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eQ3uqjzOLNR04mkwlzw6gTUwAvOCMICsOj1fjs%2B4G74nAGZe1smmLUVZmeTZM7f8cFtp7T7ejClNeGivjtx6ZBp6KUPO%2FSUkbD93dLpG4a9OaXDJOip%2BLeVk9b%2BrfLFh%2FkXcMqR5g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa94a22b500-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/animation.css?88888888
172.67.177.80200 OK 5.7 kB URL HTTP/1.1 money-easilybxe.buzz/assets/animation.css?88888888
IP 172.67.177.80:0
Hash 1cc3b03d0a4ee4e518a895137a81b88c
3fdd3c3c6c015a076f3f019506f7b4aba767b606
0e403703d1a87a9c7ba4145e78eba52110f7383cc88a1c5b5c4830f1dc235061
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/animation.css?88888888 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1159d"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1Y5frjVfRE8n0QOs6u4y4OGxtqkqq8GiiFKeQ1xQv8S0uedZ71JccRdqmpvnxAsXmua14bmu25yA%2BMQl5fQj3V3MhwCSZsQVZtt%2FffGhATsNG23WbcKE3BOPjECZfaIOJ8Kn%2BJ7rA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa94904b511-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/feature-s.css?88888888
172.67.177.80200 OK 2.4 kB URL HTTP/1.1 money-easilybxe.buzz/assets/feature-s.css?88888888
IP 172.67.177.80:0
Hash 1f1176aeeb3d24606f0d421e63380356
1fe454504f971049fb8521ffa7058519090f670b
02069319cb3f5401d6480f12abcfdd2e2c59a5593a40078f131b09414d0e0e22
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/feature-s.css?88888888 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-3891"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0SJgZEuR36jZHv6rgoXn0J70YVsqsFMMF4liPOQKd%2FCGtgx4Vvk0ss%2Fi7kHnpUvLgO4OIkEzPnTEDWl1UWP081AhRv4jQMkWyOcpNCJnr5DPGTKJLgS5mlKxOFTjbzExtYsn2bfgw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa94903b511-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 02:45:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
money-easilybxe.buzz/assets/slick.css?88888888
172.67.177.80200 OK 508 B URL HTTP/1.1 money-easilybxe.buzz/assets/slick.css?88888888
IP 172.67.177.80:0
File type ASCII text, with very long lines (1293), with no line terminators
Hash 36c4181556d368c2297ef54ef3585b06
21a507a2a32aef43220509827cbbd41e50350420
e5055a28e16f534da536a52e634826756a937511c49efb808d3d9117032dd52c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/slick.css?88888888 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-50d"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flIRtJLw3swwUf8Wm9sQmzy5VcbElKP2RHDS2eP4PoihaOx%2FYXFilO3fOMejVpIXo1BgKsKIQPDS9gbecYep0KMmFGJalzdzxsRXE%2FVUqzrKJq0NyeChDLy12IWd9ItXSlDI86VQ2w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa94cdffac0-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/bootstrap.min.css?88888888
172.67.177.80200 OK 32 kB URL HTTP/1.1 money-easilybxe.buzz/assets/bootstrap.min.css?88888888
IP 172.67.177.80:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash ae12e3611d61769d9e3e6c24cf428cc3
551f716d4782b28c6dd92fa204057b5170c18205
c2369dbf06ea375f8fe7afd3a17e900951f62c9628250ccc3b5cec935e565682
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/bootstrap.min.css?88888888 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-3332d"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ezj%2F%2B8wKQGlZQwh3W1Evqa%2BWnFpVQm9cBcYpir5mCopxWeq7aX2wRf6DUKTnXGhNufOHlKgJyq7ip8Y%2BTyzCAU6%2F5Ix1omRy9CiwtkEhtDR0GKd0jtZGHHpB6Nk8%2BGcPiICCt1AFfg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa93cb9fab4-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/sweetalert2.min.css
172.67.177.80200 OK 5.1 kB URL HTTP/1.1 money-easilybxe.buzz/assets/sweetalert2.min.css
IP 172.67.177.80:0
File type ASCII text, with very long lines (27093), with no line terminators
Hash 9f590230d0450fc4bdd6c6293f9618e4
22416254ee00589116ee25ada147128de7eaa753
e4daec0f09a9064152f3fe4656da672be6806b2debe90c5bf9cff73f09582056
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/sweetalert2.min.css HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-69d5"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2lrliK%2FOfKpZT7hG6fhAQFseYiQ7y%2Fs1pQXVFEvObJo%2F1abVoyvbw85e60oejnKrlpHpvlrwP05E86PJYYodoQmsblEH6ytVE2F5BzePtIzYVukPxNgC5mIkx8v3DHaoTcH8ry45A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa9c943b511-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/sweetalert2.min.js
172.67.177.80200 OK 13 kB URL HTTP/1.1 money-easilybxe.buzz/assets/sweetalert2.min.js
IP 172.67.177.80:0
File type Unicode text, UTF-8 text, with very long lines (37599), with no line terminators
Hash 57818ed08c2a7da6d52e46e78f2e2e1c
88c636bfa3a201fec8fc3f18dbc472c9376a6a90
22036697dde58e72d2ade78ae9d18509c90c39f2a5a889adca1d39c39a6dbf6f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/sweetalert2.min.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-92e0"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8b6PITA9zVolw1qkUCLnrFhvrr9IiUdxeb6NFiGJB7lhCuW0HdkRSite4HT0BjTp3eEP86qjsPLrMUnMn04c%2Bo60zkMsbtEqWXMFJpIk81fqj7MQxj7Myhjw2Q8oltZq4XhXmMI7ew%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa9d947b511-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/all-x.min.css?88888888
172.67.177.80200 OK 25 kB URL HTTP/1.1 money-easilybxe.buzz/assets/all-x.min.css?88888888
IP 172.67.177.80:0
File type troff or preprocessor input, ASCII text
Hash e5dbfb6e80fb1348e8c38b3f010b1e80
bb34657cddac13147e2e0cff6acb550dd230e0a5
16b969791f5dcf2b1a9551cc002bf83ddbc5b18b12eed1673e16a785b5d0b69e
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/all-x.min.css?88888888 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1e1f7"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reeMi%2BeEQ2S4IgkRQ%2FhUHPQkPEOr5r1WmmHgUqzPeiaUQVEwDgkFJIlalKfh0nS1%2FqnnMrPWC3gGhay3KqP1xtQJB9VBiswkmyGUU1IKHzd3N7KUOKSu3E09AlUipXxmTn%2BDIhjm%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa9ca4fb500-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/jquery-x.min.js?88888888
172.67.177.80200 OK 34 kB URL HTTP/1.1 money-easilybxe.buzz/assets/jquery-x.min.js?88888888
IP 172.67.177.80:0
File type ASCII text, with very long lines (32065)
Hash 84a0c3e437d1d313d4cd3141d09d3874
2962981e5d98d0a90c304fc33289f6ddab802d77
0a09302dc6531ed82d1927469b4dd14e5137d9c21cb825adf85cf47f7389b2c9
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/jquery-x.min.js?88888888 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-14e49"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgISLyGaS9Z2M%2FvxX%2BTRHo61phLipvR%2F1JTEsOb7WP24olkeKD7nMPy%2BX28jB3YYNpXnM5lFbhQO0DppZJxwSbGCi978k5KoxXc9e2TbcVYC8z7jPMrtkr7IMem3UcyfXN8A9Fti6w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa9dd00fac0-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/bootstrap-s.min.js
172.67.177.80200 OK 19 kB URL HTTP/1.1 money-easilybxe.buzz/assets/bootstrap-s.min.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (59810)
Hash 05cf97146d1c7c37791dd53ecddfdc7f
baddd653344068f918351421c43ed4ee84bb687a
27451008dc3714f442000aa4a89c75b24ecf9339013ef160321571b740b48310
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/bootstrap-s.min.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-ea90"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ax7TdjI%2BshS50ShGgXNsSGbf3h9bGC2Imv1dsOlS3jRS2qMljGlxDAEB43hkNAfZsGgar7xkWMBkwJ2l8zui1rzJ6Zd3HXgYLIN6YYkOuD1mSQeGHrTgzUnORCzfl9eXPApnaR1SA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9faa0d65fab4-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/modernizr.min.js
172.67.177.80200 OK 3.8 kB URL HTTP/1.1 money-easilybxe.buzz/assets/modernizr.min.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (8321)
Hash 9a4e2e88b1efdea3118f90bb5c4b446c
3d2500896e40634fc3eca71833eedb3d5fa422eb
4941c58442c5bf1b79908e4a86d3415fa5412dd34d57c1b3cbc2fce7e8531753
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/modernizr.min.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-21be"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTkaJ0crmYGA2RpOiWOBCGeP4aUpc8iqrtMKejGdJkcWCF84vygxOEEb3BX06cLpDLNNS%2BNcYjd4w9Qp1k1ha12u17rsW9cQouurhLqcnkUp%2BrumnU5Kgxx9f5oklBPGtraDxO7RkA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9faa4981b511-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/popper.min.js
172.67.177.80200 OK 7.2 kB URL HTTP/1.1 money-easilybxe.buzz/assets/popper.min.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (18507)
Hash 6e5b24f414ada52a97a0d15b093a9941
81be552a260da7101d3a09ada7a5b19fcd071af5
044729e61dd1b45d0e7f187c08ca75284734423e1304228ddd0c7adf1c81518c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/popper.min.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-487c"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiht6UgP412xUCejGq1zK5FoEbcs%2FHRb2vU4AA0fV8URsu8NVcxgJZ%2F5USCl2OGdvvAPHE3PZx6UbohGn6U68MHOYMY%2B1KC0NjtzxNItrYLuBRWYEVS%2F4hoBluA9QJ%2B5y0rP2nlHcg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9faa5983b511-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/counterup.min.js
172.67.177.80200 OK 585 B URL HTTP/1.1 money-easilybxe.buzz/assets/counterup.min.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (917)
Hash ea0a601b8f97764239f1a4f75db91b71
a3529bbefec847eae930cc529284f5dcef0caf89
08716acd48572be9d91c0441f6482ac0899bf642ff051c78d0b9ff7587aa1a42
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/counterup.min.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-42b"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3sqFLVO54fXF17uT6502v5OBH2TJSpKKCPzvKrihzShR%2BnYhWlAggKdN1sLY9fLYzwahyrrSXALz5tzv5%2B6F9Z4%2FsRaVpi%2BFjt3M4cHTpcyUnIc6uKN1%2BgrwKFXHIAncgSt0cP07Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9faacd90fab4-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/wow.min.js
172.67.177.80200 OK 3.0 kB URL HTTP/1.1 money-easilybxe.buzz/assets/wow.min.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (8099)
Hash 841cab5cb0e19c936289a69708b4645f
72baac3e47877f1bcb275c26341a1564a875fbdb
d5988ca7709f698712b65bdccbce11ce4fd5b2cc6337dce830a5bd32ee53533d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/wow.min.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1fdb"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49uZHfsYo6QHgaGlY4Czpz5Jk850fE3CwI3SCMkOOh8g9Iq4bmn1AxNWsCSIxaA0vr9%2FaVbVPym6lLrrSZaFNhlCD5vDDE%2Bs%2B1f7w2%2B%2Bg%2FfWXmv0mTDSomazJT%2FsEq2JapCTla63%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9faa9d1afac0-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/waypoint.min.js
172.67.177.80200 OK 2.9 kB URL HTTP/1.1 money-easilybxe.buzz/assets/waypoint.min.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (7808)
Hash ea79ab9178211ffc391e74f46b341d65
d94e16f16f5cae7c2826627f501c21f67b3e1b76
becdd9f5aa9671cb12a8fa844a30b208c67de473614c052bc269632ec7fc93c5
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/waypoint.min.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1fbc"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozVNkRK5gt2Hic7B5ISRXGhkslX4zgb1xfpF%2FdH1XhgbRx3%2FY1mlmCATeyjVtjZO%2Bo2nFcC2Dy2XS%2FqH%2B3HxQxxqQ8X5GdbIv5eQx%2F1rIHJqGRkdgJbav4oqK5kdt8MzOqu%2F%2FZdXoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9faa9a9cb500-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/sal.min.js
172.67.177.80200 OK 1.3 kB URL HTTP/1.1 money-easilybxe.buzz/assets/sal.min.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (3154)
Hash 2166635fcdf17a2c5736232ffff1234e
43ddf34acd9784a83ab71bf0b27c719abd39aa83
2044add5ec4e18486453908bd9565d7bcb27b4bf2f64d145dd8aa9a37fcb9650
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/sal.min.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-c53"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1ll%2FwFLq3AAOlSH%2BBpIuRaDZlBuUxgqcM1MIKR8AuFOpfac8YSgISCIYXTLVPJmqPFp%2BJv2VN2S2uvXdoR%2FaWaW06s6yEz1JIvbzljOSsrcBX0ObmMPTcrZCoBaSWkwzAHkJ5xT1A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9faae9ccb511-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a8530fcefb585de4930c998e366124cc
290ef080fe5bddca89a1a92e505268f9c38a308c
e2369003249fb3ebcc2f3ced2f2cd685376be22d7201cdc52b73751834c5c7fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 02:45:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
money-easilybxe.buzz/assets/masonry.js
172.67.177.80200 OK 12 kB URL HTTP/1.1 money-easilybxe.buzz/assets/masonry.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (32057)
Hash a368ae034ac81b3412e3dc0ba0f28647
7bccf472749035553d6eb7490fd43e17e8b5e258
d814a73b281891edba62399fe026e3560e55fefef6ab3931d3de775200bb1c14
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/masonry.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-9c2a"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FoPjS5m1oR6LqzbvcjO7V48efASa7JYN8WUUDruY%2Fp7zI1GmUComx3FqWVDbtQQSx4n93qAW%2BW04eeVv0ZgXHREhnixLP7dPRN23wllciI%2BEmsl1%2FYOiKN1YJXPIf85ampPyHOUTg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9faae9cdb511-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/imageloaded.js
172.67.177.80200 OK 2.0 kB URL HTTP/1.1 money-easilybxe.buzz/assets/imageloaded.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (5477)
Hash f9edebd800ad4053d4039cc6b7142373
12e96a1ba59bb4ae159d94c2d0cdcb4da29d6193
06b187c469498f65678c398cab9a81ed1bccbdcf205e629cbecfeac0f255ca59
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/imageloaded.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-15da"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etO5b43x%2FzTvRoKcJnZEzmCGIDadYrD7adyE7Z0m3TFA3Elo5OoRQI1hH8CMwybwYAN9LXrgI5XmlI1DnpMxaN5%2BDiJUPFozQVPBHvOvOSqaOEIKlVW73WKPoGU8RQwLspJcMe%2FciQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fab0d9dfab4-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/feather.min.js
172.67.177.80200 OK 24 kB URL HTTP/1.1 money-easilybxe.buzz/assets/feather.min.js
IP 172.67.177.80:0
File type Unicode text, UTF-8 text, with very long lines (61392)
Hash cffc999a0e9383e024d48b8ccae08f57
6e6c4a7fc856de515053573fac5af0ce32c4a8de
0564d222e0f0b854142fd4c4f5423ec461463d4d78ee5f20c22163e30a715f0e
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/feather.min.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-12550"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgJNiYngnxvHA7qAzthwgC08SvxIsaa1vYuVsSf8Y1ni8Dd81%2FYbkiatvgnnGr2Ph4Jb9QAHiIxZSxGO3c8ZCyGGGHQ%2BtMYDQ2XxhUgniwNujN10MboGEybhVijmvtqueZ4YOJPi2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9faaebb40b49-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/lightbox.js
172.67.177.80200 OK 7.7 kB URL HTTP/1.1 money-easilybxe.buzz/assets/lightbox.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (24591)
Hash 71410dd0a2d4a7faeadc620565ae03c5
8cdd718552fb6bf1b33f9007674e5be9633a5549
c19fbaa70a7249d4c3a77c6835d7f4b26daeec4581a30325fa393db48ec2870f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/lightbox.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-6103"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1OVswjn9tVbUHAsQroetbN4TWkmjEyMbJU4fF7p2O9M82Igav6stR5%2BCv1E2EiuanCx3mXu77MEgdHi4Z%2BAdKTK12keCFYbHQBYCS%2BQ8rNnwUCp%2BavzBocwnammsslIH2xPR1wmAg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fab1d42fac0-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/slick.min.js?88888888
172.67.177.80200 OK 13 kB URL HTTP/1.1 money-easilybxe.buzz/assets/slick.min.js?88888888
IP 172.67.177.80:0
File type ASCII text, with very long lines (3201)
Hash d6900ef724d0c46d25e12f20eade1899
5cb31fd820a8f181b7b20f613b3bfacb3c81380e
bd9fe09fb850b18a690e61899014ad18297d165eee517a832aefd1878437090b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/slick.min.js?88888888 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-c31e"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6ZfHIQjdJ3ePC9qehW%2FYzcyOl0Ba3Vb3RiqGbIzJLzNJGI2T2Vn%2Bg%2BepHzAMQupYisNqQAnBhH0ai3WHx8IqOs09GWxs5RFiAyY801Dwp6AEdaejtF0mIYjfmPWG88wYvPeMRhmTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fab2adcb500-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/text-type.js
172.67.177.80200 OK 1.7 kB URL HTTP/1.1 money-easilybxe.buzz/assets/text-type.js
IP 172.67.177.80:0
Hash 7aad140a767a1c07bf8981f8fb7afe74
49dc597904ca8393e6207736cc87b1eb9f03ad71
0c24fa9a2bed2db6a59c09d68607a82ad92fba8a4d00f7bc6c07da1cfe4bbd74
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/text-type.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1b4d"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdckrixsiquCP%2F3yRDXiTVzsi1u47kJ0AppPd6j2PNpzlImEOTaVnSbg2Rvd7wjIaFTVNaJOkXDmCQUjtJ5be%2FK5sxoskjezx9EPZ%2BpTY9oc2104O1ajo8vEYDThrn4muN2fa8a6zg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fab69feb511-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/js.cookie.js
172.67.177.80200 OK 1.5 kB URL HTTP/1.1 money-easilybxe.buzz/assets/js.cookie.js
IP 172.67.177.80:0
Hash b7646d958932db8b5a9c82dede819300
dd168c3ed448248071712594275583d5585853a7
64fc83e301678afb8f0d808a969772d175c070d6448a126d5129f40fcedb6745
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/js.cookie.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-e5c"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qO%2FiMgQaKLb8%2Bo%2BkmINvmzRCzQp8BrMkP8eIU715cPOS89HIdsFV1eXVf0C7nkD4bhWg6Kp3ITzYw5DQlfb5fOua2psI2RHFlU%2FONvAzQwVvUFYPR1OYwGNuu40JU%2BTZYFl2DhsiVA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fab8dcafab4-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/easypie.js
172.67.177.80200 OK 4.8 kB URL HTTP/1.1 money-easilybxe.buzz/assets/easypie.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (3766)
Hash 305c6b09fc511e04949bd5e262414633
b7bdb7b86c44e902995b6c5f7976c0eda39aebbe
f5b1d145b5f592a14a3279da4db9d525c876eb5b91cb80fc99f2f9eca5a9d3eb
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/easypie.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-390b"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=js34TmXSE%2FYKr8b211qKHVh%2BsmYbJ5Ip8%2FqlxqnxUkt1M%2BAwtqtK9X3ST3qKwLDq2I63DzXhFee43gsn43AvzB6J5ll%2BHMInzvtYkZMmgvcxNB0NftcP%2Fc5oEVZP6znryx49pWbg5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fab69fcb511-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a8530fcefb585de4930c998e366124cc
290ef080fe5bddca89a1a92e505268f9c38a308c
e2369003249fb3ebcc2f3ced2f2cd685376be22d7201cdc52b73751834c5c7fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 02:45:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
money-easilybxe.buzz/assets/axios.min.js
172.67.177.80200 OK 6.6 kB URL HTTP/1.1 money-easilybxe.buzz/assets/axios.min.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (17808), with no line terminators
Hash 9734bde640c9a5b4071f83af8bebf299
ebb92c16f406f81e49dca95ca4329a6aeed5bd9e
c78c7141edea5aaf285fc4338015994e1541b8e29c11459ac4daecc31fb25899
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/axios.min.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 14:05:23 GMT
Vary: Accept-Encoding
ETag: W/"6374ee23-4590"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMHgHwgleBu2bt9aECI%2FIGhstBw%2FzZjUwZ%2FFZecLvZOSxQvcVfKAAKA%2Fwrmqd81DSowepxf5dXLoAy4LHKZMeXThSa%2B4BsuYNLN8%2BlJFTzS2%2BwgdpxAKgEqQkLOQC9Xr3Du9xZWBxw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fabca21b511-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/fetch.js?xx
172.67.177.80200 OK 669 B URL HTTP/1.1 money-easilybxe.buzz/assets/fetch.js?xx
IP 172.67.177.80:0
Hash 7b7c25b066c7cba5d8538919f1a006ad
65d38cf2cf17fa8e43a040bb53305d159e7a6b30
fbbaedfd0ff0abecfa91848fc447111928639e55ce69fc6e9eec1ba6f7415bea
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/fetch.js?xx HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 07:59:09 GMT
Vary: Accept-Encoding
ETag: W/"63773b4d-7bd"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNsd5FnF9YXjWnrm45U%2B9bGXVNQ3xb2Q%2F5BsOKHJawUMJm4SFR08ogRHHBcJrFCXWEe%2F6HDLzrHwJR%2BrTQQALNkJQMjgUIWd6lzP%2BHaZhBPPLEXWqF%2BYW%2FNDBaCMH%2FnhGsY65qT%2Brw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fabcdd3fab4-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/jquery-one-page-nav.js
172.67.177.80200 OK 2.0 kB URL HTTP/1.1 money-easilybxe.buzz/assets/jquery-one-page-nav.js
IP 172.67.177.80:0
Hash cfe0bb2fcc6bc84b34b43e445c464372
cf3021d04288125793302c41ff6397d259213750
2b22a7820f39406ad520ee3d00b18eddc6019968c6af2b2dc9b7a04efe9c9e1c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/jquery-one-page-nav.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1417"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C904ZHqtyOOTqFgojUjAl9HJvWzOfpzwTrpacPxVBeiTTwr0EAi5joEKEvfaYKHsfsJbeVRhRHjxzriKxsinpUqrfB2h5LRINa06gOrcxYYtgjoVfniyBtW6Ir4mDP4aPg%2Bhfox0cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fab9bd70b49-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/main.js
172.67.177.80200 OK 2.8 kB URL HTTP/1.1 money-easilybxe.buzz/assets/main.js
IP 172.67.177.80:0
File type ASCII text, with very long lines (385)
Hash 3e580993bc767aa97cebcec15473e47e
fd634d1e42f791acfa368de45e64f1a24d9a15b1
1b42d467db3799267aed5c19e95665e6b8eadfd1a2b701915584067721a4ac29
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/main.js HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-3616"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVtXqiXSKsmSux8Bva3aesZwNiiOh4WZiUErCMzFFvPZhe8WDOYXJjx3gYowgmnCF%2BWOD808ScFvD03mPFqesSSo4efIpN%2BSjmRa1dfVK85yCHNw6aGEmze9Li4px4PPbsLJMwbHaw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fabad57fac0-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/fetch.css?cc
172.67.177.80200 OK 612 B URL HTTP/1.1 money-easilybxe.buzz/assets/fetch.css?cc
IP 172.67.177.80:0
Hash a137de18c3d3d4c3b12d266e69eed750
e3987c47fd92a6ef4fb4f819c511ba71f3504bcc
ae3a7d7f6effeee7c360e623a2a2cecb3940978b568030dba49d97c2a64fe86a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/fetch.css?cc HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 08:29:50 GMT
Vary: Accept-Encoding
ETag: W/"6377427e-5eb"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uqtDEy59RV%2BVKtPpbNKDzMYjyaffBzqZVOYMoEi8aMXkB6ev9Lbn4ibC%2BS%2BcTNA8UmFm%2Byc%2FqSmos9qW%2BrWLgZ9mXYaM93Umre0tx104YPpkdYXpwl33x7Fz1Tj8piCjYaaVDzlZg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fabcb1fb500-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/custom-s.js?88888888
172.67.177.80200 OK 239 B URL HTTP/1.1 money-easilybxe.buzz/assets/custom-s.js?88888888
IP 172.67.177.80:0
Hash 5dca6f83ae611c0d3adceb4efef1c028
b90e63354a526dd398fea75adc50da0363e0bf2c
0288a31f1c72f048f2671958727dcbd834433170febc3f64e08aadb31661d878
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/custom-s.js?88888888 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: W/"632acf41-2e0"
Expires: Thu, 23 Feb 2023 14:45:09 GMT
Cache-Control: max-age=43200
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bf6n2rGKoB%2BPBp9KmacPSgGAeNSbzbWdsurVRj%2BC2F4F7EqrjGH75NDYYOAspKmVZJwcQ2wVy%2FBzV2jN%2Bc%2BhLFsntuo7qliyEOqcaMdOwuzVA3hFWamsHRDZOVl5hlerLkmNBn75Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fabea28b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/trustpilot.svg
172.67.177.80200 OK 1.7 kB URL HTTP/1.1 money-easilybxe.buzz/assets/trustpilot.svg
IP 172.67.177.80:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4177), with no line terminators
Hash 483f3cdd882764c362ef0c26bb3a1d69
d5f98a419cc475be0544a9326c4a24a10d628eb1
a79fc487f090b2a0e956dded9a6be443fabdff5d2c9981da143111e79cb72922
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/trustpilot.svg HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: W/"632acf41-1051"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnGvKMDb0kF4Jp7ox1GaZl6RgRGVMbLsZflO3FeWHjjhwzNwxF1zXYMcfRg81LHTnuBMxNmD7sK66lxM4cWae0QLMLI3O1GCRl81F5wmclMLjEMDnqJyI9a8r8oNUdTa9BfXSI7gIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fac5a78b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/stars-4.5.svg
172.67.177.80200 OK 693 B URL HTTP/1.1 money-easilybxe.buzz/assets/stars-4.5.svg
IP 172.67.177.80:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fafdcb6f5df0e0058545c6f71f9d45b2
103a08f416d83f391d55d324c338b265879ee611
5c70d6c4212e73b73509b06142a6ad29f760e101dfa12c7c0734dfd45ad8b417
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/stars-4.5.svg HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: W/"632acf41-73c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PN2Hmi0JhR%2FaFfMwsw74ah%2BK%2BS%2FkTsyUwvO80ovYSJhJNPO2jMRy8SZ7UJfSc3QX81aCkjHZ4HhdHBYl%2Fv%2BMHGCGfP%2FCVfNhQyBV%2FLzc3X3coo54mrBgCehNALatOVrcdKJrO4WTA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fac5e02fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/logo.svg
172.67.177.80200 OK 20 kB URL HTTP/1.1 money-easilybxe.buzz/assets/logo.svg
IP 172.67.177.80:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text
Hash b702ea6d1e64d02640da350f1be013d3
d56759285f2dc057e45f03ac62e900658345ab8b
4c1fd3f0c4f7acfdcf696c7d1e45645c35341a3d3eab9abdebacbe07735cc5a0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/logo.svg HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: W/"632acf41-673e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjJsrgYxDWeDmqhHnAbgasG6JZ%2FzSFyMYVtHr7mcZZ3bFuJidXU6XLAQNKuQBq%2Be7UZQUvhaFf5BFl2ZYuG0LC8rIFle7QRse%2FyqD44Kz6ruhMg1v%2FZ4S5Z3QcGcRj5VSEx0m0oSYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fac5c0b0b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/icon-01.png
172.67.177.80200 OK 15 kB URL HTTP/1.1 money-easilybxe.buzz/assets/icon-01.png
IP 172.67.177.80:0
File type PNG image data, 250 x 268, 8-bit colormap, non-interlaced\012- data
Hash ca131b67563fa32cda29db2eb1aac047
abdd633761ae4979cb067fb020a535596d495447
6e4656830fee5d5c7def4b0b61f5fb5ce325d220be632adf6e85a80ac80f9b84
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/icon-01.png HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/png
Content-Length: 14714
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-397a"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuR2nEY6pMEgYQp0ilZYF%2B5C8er5ywljh23fwa5Zn8T5a8JOX67gQTrL0uPiqjm%2FjO2db5Tp8BddeRMUQ9OhNq7LttcAiqG4d%2B5pmO2DYLCOYWOOfcrv%2FHJRBfS2kuYGHsW35uM2mg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fac6a88b511-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/logo.png
172.67.177.80200 OK 20 kB URL HTTP/1.1 money-easilybxe.buzz/assets/logo.png
IP 172.67.177.80:0
File type PNG image data, 356 x 287, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d2163e9639434de6d03ae5115f67d62
0e70313507bbd6a18b944d26ab340af0df757222
7db6b714f8a20eab44186b2705cd7a250fb2874281f634965762dd94b7c81d2b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/logo.png HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/png
Content-Length: 19515
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-4c3b"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BQwdl4PqzM2fHf07%2FQ%2Fmy0w7UMVPwOsk7uTjlkqFGygsp4ttpXqretAqJCVl2i9oSYvE5U5gZg9C%2FTDRh61FS9IdYH0kenQG2wRlOOD%2FU2YteyIOPJMGhP3n2JUXEF3kYBfvJ3VIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fac5d71fac0-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/home.png
172.67.177.80200 OK 64 kB URL HTTP/1.1 money-easilybxe.buzz/assets/home.png
IP 172.67.177.80:0
File type PNG image data, 1000 x 563, 8-bit colormap, non-interlaced\012- data
Hash 91a12b6f4fcb82e9f812e6ef706be0f9
183861bd6196c5a442f2b0b8e79d098a4c535411
b6260bdca58deb46027a76c8395b47d864f38b63a84b2ba0e1d5e186c9f015d4
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/home.png HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/png
Content-Length: 64392
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-fb88"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HVByyMiwH0ClC1NQ0xgm06sdiBGBnTctQjAvcFt1MqgySoylmE4QnLMGgQrMAOcQPSoO5J0v5ZH9nG2gmS3fcLSuQgj59ns%2BfCkMbFewSzPE9BaxFhid0es6zB%2FOoS18qqGR%2F2X2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fac5b5cb500-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0ff97444ab9ff002dc0c3a855b6867
6b835c9cfa35b65f809ab3e8c150425048749e02
ed2c6e805d226e16f32c4a08bbe9f7171bf271fabd4d66a67efe197db6fe5407
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 02:45:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
money-easilybxe.buzz/assets/icon-03.png
172.67.177.80200 OK 13 kB URL HTTP/1.1 money-easilybxe.buzz/assets/icon-03.png
IP 172.67.177.80:0
File type PNG image data, 342 x 240, 8-bit colormap, non-interlaced\012- data
Hash 0af0181a412eadd39b9d35db6b534731
c8a7c1c6461ffceb12e17022fdfba1dce1ea5481
684200126fabbd319302af54284909e60261f4d90904b0e972d1cd77c9d7a9c2
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/icon-03.png HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/png
Content-Length: 12558
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-310e"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPjC3a9nA09%2FrNGj4FRjp7sWC2e3vUMouYGhe5NvQ0vuddMDjvOCak4JWhCMLyoyTWCeicIiRrbJMfpW3SqTHRtNScUdYkXGS0OhcPXOZQESd9j2kXvkb36zi4%2FUA1q9J9oAP5TUWA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9facee3cfab4-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/icon-02.png
172.67.177.80200 OK 16 kB URL HTTP/1.1 money-easilybxe.buzz/assets/icon-02.png
IP 172.67.177.80:0
File type PNG image data, 250 x 277, 8-bit colormap, non-interlaced\012- data
Hash 82c445709d7c6a242c04cac492268ba5
eaabcf235aa528d1b5abfe37dd769c6716999da8
cc24ad6710369019dbe636dfb79b403b49b0bca03f3dafc1d7a087ed97380ead
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/icon-02.png HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/png
Content-Length: 16354
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-3fe2"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXk0mnVrEVqNf4tnC4vyV%2BhBjckNkYxiTyD0ued8bKeMOg0wqJbx37z4YhpRSfi%2BnZQLNzMRuNsJb8XngElDd6G6vlwrLtovddgEetcKXbeMyOCBKabqgVRjS%2FqMPeLUlerq3zaFQw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9facdaacb511-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0ff97444ab9ff002dc0c3a855b6867
6b835c9cfa35b65f809ab3e8c150425048749e02
ed2c6e805d226e16f32c4a08bbe9f7171bf271fabd4d66a67efe197db6fe5407
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 02:45:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://money-easilybxe.buzz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 09:38:52 GMT
expires: Sat, 17 Feb 2024 09:38:52 GMT
cache-control: public, max-age=31536000
age: 493577
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, Alert, Content-Length, Backoff, ETag, Cache-Control, Retry-After, Last-Modified, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 02:20:35 GMT
age: 1474
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0ff97444ab9ff002dc0c3a855b6867
6b835c9cfa35b65f809ab3e8c150425048749e02
ed2c6e805d226e16f32c4a08bbe9f7171bf271fabd4d66a67efe197db6fe5407
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 02:45:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
money-easilybxe.buzz/assets/fonts/Feather.ttf?sdxovp
172.67.177.80200 OK 65 kB URL HTTP/1.1 money-easilybxe.buzz/assets/fonts/Feather.ttf?sdxovp
IP 172.67.177.80:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, Feather \012- data
Hash fe1594343a6aed9427c646993d06ea9c
18d0455f25678b44731eac73dc8654df1d2c314e
e103929dd758126ea4a090ff0e33b620f3ceb1b81ffad1345023c95661c84d8c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/fonts/Feather.ttf?sdxovp HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/assets/feature-s.css?88888888
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/octet-stream
Content-Length: 65112
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-fe58"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioxlxBRKOVliS1NxNqFR0PX5hN%2F%2BLTlTYwvQJySsqM9aWGhLeyB9zVwbhrH1UPx0qAcPaeKMiWdCZ%2BA3asD2Qnx1f2WtINNFtYIx4KNh%2Bm6scz%2FMHDZdeNcmHvKDzvnX9Pg0iOygrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fad5ad0b511-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0ff97444ab9ff002dc0c3a855b6867
6b835c9cfa35b65f809ab3e8c150425048749e02
ed2c6e805d226e16f32c4a08bbe9f7171bf271fabd4d66a67efe197db6fe5407
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 02:45:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
money-easilybxe.buzz/assets/SJunkie_Payment_7.jpg
172.67.177.80200 OK 19 kB URL HTTP/1.1 money-easilybxe.buzz/assets/SJunkie_Payment_7.jpg
IP 172.67.177.80:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=555, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=321], progressive, precision 8, 321x555, components 3\012- data
Hash 56331043200e645f5fe1a480ba15955d
c1d1b9d2f9dafd7251cec9d734554662c7932493
009c07de69d08c3a66ff6cf1b4d17ff6227456e4ab66897dc7e70beb2bcd8c1b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/SJunkie_Payment_7.jpg HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/jpeg
Content-Length: 19303
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-4b67"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBU26CAVCBiFKdNL71G5Vp7xmMOo500tQ0XeBtZmJ4FFEt1Fv2TuBqyd69GQxygOmuvAapsW5cA7To0chAFCkOLnTVexG2Rx%2FlZHlXp4Co09lIfz7qHL2m%2B%2Bl72pj876YzLkgrr8Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fad7adcb511-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4280
Expires: Thu, 23 Feb 2023 03:56:29 GMT
Date: Thu, 23 Feb 2023 02:45:09 GMT
Connection: keep-alive
money-easilybxe.buzz/assets/SJunkie_Payment_2.jpg
172.67.177.80200 OK 21 kB URL HTTP/1.1 money-easilybxe.buzz/assets/SJunkie_Payment_2.jpg
IP 172.67.177.80:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=412, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=321], progressive, precision 8, 321x412, components 3\012- data
Hash f026163d6ee7afe1602dc4dcc506c0d1
3e542dff204e7ee564c3d1e2b7aa433a7dcd3f16
6449b3cf2957598551749e07067d22837defaece10ac136b96e44fe93e320cfe
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/SJunkie_Payment_2.jpg HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/jpeg
Content-Length: 21127
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-5287"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYIqMM0cV6cqyvNxd9K0Q0KyuhLchyJerBMPZlRYyLJWrUK6ehNEmB2pvscU9ed9YA0nTjJGFHpDAVJHqNlmeyTOHU3p3nEVFMJS0PDs1oNjAxllEhljUWEQ20HVYblNUnNaDyNSxA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fad5dc2fac0-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/SJunkie_Payment_3.jpg
172.67.177.80200 OK 17 kB URL HTTP/1.1 money-easilybxe.buzz/assets/SJunkie_Payment_3.jpg
IP 172.67.177.80:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=509, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=301], progressive, precision 8, 301x509, components 3\012- data
Hash dc70c0ab87afc96fef3379df310b40c6
3c33560efbf899a2e5adc9fd9c6e4482c3a4f66b
fa9d0eb1ca1f954e47c8b73d531f2f96c86e7e4a657196d159895ca546442b18
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/SJunkie_Payment_3.jpg HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/jpeg
Content-Length: 17118
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-42de"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJtpGpCu65InNEjtzJYUdWtTqoS8oonYj%2BHBdSXEqkax%2Fbvclhw2qRZK0MyoMNmL%2BZ1yG2Ae0wjQTLTiOcK8m2eDWYbJ%2FYwK8zq%2Bd1OU%2BMPwsauJdzP1Sk5DzQWgcpuobxuCIr1hrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fad6bb8b500-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/SJunkie_Payment_4.jpg
172.67.177.80200 OK 28 kB URL HTTP/1.1 money-easilybxe.buzz/assets/SJunkie_Payment_4.jpg
IP 172.67.177.80:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=577, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=321], progressive, precision 8, 321x577, components 3\012- data
Hash 9a62211fbd8551e713fc8c71e5768574
4fc9aa7db708976521fae295330a5931e47464e7
6deee19a5e39d986daff963d3a2462a0cee9dca95b550bcac0979f630031b45b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/SJunkie_Payment_4.jpg HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/jpeg
Content-Length: 28541
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-6f7d"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDxGqMOgDWkk4lXuJkmTfv9HS5ggXn%2FrUW01ZUQDz5SGHdkJoYaDVUQALj%2FbNctZjN%2B3AD4F%2FqTiMbCqDuSAYu9DR2GBfd9hqKDn5QbMDdKJzTw4BbEOMQDGFiBmEJcDvsjet38W6g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fad7ea2fab4-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/fonts/fa-solid-900.woff2
172.67.177.80200 OK 154 kB URL HTTP/1.1 money-easilybxe.buzz/assets/fonts/fa-solid-900.woff2
IP 172.67.177.80:0
File type Web Open Font Format (Version 2), TrueType, length 154228, version 769.768\012- data
Size 154 kB (154228 bytes)
Hash 55b416a8df21f9f987aa352f10d1343b
2717f3f58271f2f2e6120d9937c7227002656d34
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/fonts/fa-solid-900.woff2 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://money-easilybxe.buzz/assets/all-x.min.css?88888888
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: font/woff2
Content-Length: 154228
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-25a74"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceOxyc7zhJ0I9M4fZDGk8I9c8iRy2NQu9SklHetvLbmRhRPyNHmijsyL%2FeqincV%2Bi%2F3LKub4QZQIo8fWRftQGc2dUc5thfe8XHOoqxRrp0W3Y6QwkobOtQ3O9JYe9aTpZ%2B0eZYefeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fad2c440b49-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/fetch.php?act=fetch
172.67.177.80200 OK 354 B URL HTTP/1.1 money-easilybxe.buzz/fetch.php?act=fetch
IP 172.67.177.80:0
File type JSON data\012- , ASCII text, with very long lines (796), with no line terminators
Hash 95e68d3b38be6ddb8ce5ca9e33b02eec
90ed9c3a03b14967e34c152c8b34008ba00eeace
dcf0a1d8573310828f34f77d9dd84dfd72ce50014d8e2393634475d8de6913c1
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /fetch.php?act=fetch HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2Ftu2hjIbQwe9zBlb2AJZF4d0DQq8qeovL6vcutrIWjFK3aEP5UtKQYwFn4SPwdWAWxmnB0%2B7VNm7mi%2FTEtzkdwAr2hTlgps8I1A1I3IleOA7oYJ5JhEF%2B2%2BRvr8bduZ1IpuXZlwgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fadeafdb511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/images/ajax-loader.gif
172.67.177.80404 Not Found 109 B URL HTTP/1.1 money-easilybxe.buzz/images/ajax-loader.gif
IP 172.67.177.80:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/ajax-loader.gif HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/assets/slick-theme-s.css?88888888
Cookie: loclang=en; firstreg=1
HTTP/1.1 404 Not Found
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWOn6pBGJDVHL6zZgoPDdrkcvNvW1mZb62wDDKNTiRAJQHgnK7ITGhMWDiQQ5ptsnG5o0GWSW5GFyBC3pfQy69JEZc9SMKAMVrfUqQpREZuttvKDzQ6Hm9nfp7VBfU1vmDaBIlcsQw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fae7cb00b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/bonus_3.png
172.67.177.80200 OK 57 kB URL HTTP/1.1 money-easilybxe.buzz/assets/bonus_3.png
IP 172.67.177.80:0
File type PNG image data, 900 x 800, 8-bit colormap, non-interlaced\012- data
Hash 468e062edf16043c313e518667fda914
be97a8e929143c7c606183a6f2c8b9eeee88283a
dfef17acd62edbc98b1b0f5977ac7f3e4738a92bc1b7561fe7452b8f9f3293dd
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/bonus_3.png HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/png
Content-Length: 57266
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-dfb2"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FolkgLN3hxBQDyQBPSxXJnFlvoQjd2xPf0UuYJUMiI5EyerC0rpaYdx%2FlARqXx1eKY1AkHwRe27N%2F97kfFT8qB3HQ8KdoGCEljvbYLS8vEtfXSKt6hUDHmZBN7YVNKRCKMqIVXWYw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fae2bf7b500-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/fonts/slick.woff
172.67.177.80200 OK 1.4 kB URL HTTP/1.1 money-easilybxe.buzz/assets/fonts/slick.woff
IP 172.67.177.80:0
File type Web Open Font Format, CFF, length 1380, version 1.0\012- data
Hash b7c9e1e479de3b53f1e4e30ebac2403a
af91c12f0f406a4f801aeb3b398768fe41d8f864
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/fonts/slick.woff HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://money-easilybxe.buzz/assets/slick-theme-s.css?88888888
Cookie: loclang=en; firstreg=1
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: font/woff
Content-Length: 1380
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-564"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ccfp%2BSss8o0DVdIOWhKbyNUiRvO9ziXRV43ioJgwGGsQwvdjvj20KUAzEYolV4xE%2F%2B50voRIUJBuK89OPK9Ng%2B9pcnATElNW1mQ%2Fot7qmo%2FhujL74FU%2FcH3ahYTr6%2FQmzBzd390rIg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fae8b33b511-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/sjunkie_way.png
172.67.177.80200 OK 79 kB URL HTTP/1.1 money-easilybxe.buzz/assets/sjunkie_way.png
IP 172.67.177.80:0
File type PNG image data, 461 x 655, 8-bit/color RGBA, non-interlaced\012- data
Hash bf8a70c4a358d83c51b9ee64d923db2a
7c092ce1b53233000ba92a8138c6ec93166f271a
41f282c48e1b605641ce4a8c042de91c64777c0f3e13501ffc8eefed012f1a43
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/sjunkie_way.png HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/png
Content-Length: 78971
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-1347b"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfqCA9nsME%2F%2FqGDhYZh%2Bzg1A0LRQIeJqKDgMIgHLCkdn2flbgLRUXSOFUmRz8bHKGCFuKmUGLou8oOq68bdtSvYI9MS4sETfJ18PDjmU5SmHkK5qvfFDnnSBv1ykA6iPOwMEbGnt8A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fae1dddfac0-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/bonus.png
172.67.177.80200 OK 298 kB URL HTTP/1.1 money-easilybxe.buzz/assets/bonus.png
IP 172.67.177.80:0
File type PNG image data, 900 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 298 kB (298415 bytes)
Hash 04b3b93e1ceca96c6e4ba3bd59c64174
893a2511b243a6c20ce134e11d62e3599345b210
ad2865044a414918424fe1d26cd2f8f82cc6c7233d823c4de12b4535f8d35b66
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/bonus.png HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/png
Content-Length: 298415
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-48daf"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94EKZ0v8%2BBeMSsubBdL1C%2FdlCgyBR6svZFx80g6uFnhNZnqtXXTPvVgeKycmhnBFNW9M64Ip%2BaM4WOCvdThk2GR%2BmeBqu%2FlXVWihcI3TCLUwA0IM%2FbL2Krj2JOUvvBEHHEjf8%2F8I3A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9faddaf1b511-OSL
alt-svc: h2=":443"; ma=60
money-easilybxe.buzz/assets/bonus_2.png
172.67.177.80200 OK 213 kB URL HTTP/1.1 money-easilybxe.buzz/assets/bonus_2.png
IP 172.67.177.80:0
File type PNG image data, 900 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 213 kB (213263 bytes)
Hash fec591d2c382a0c51227dd979441c991
f9aa92d1f72401d02daa7c0deaf2f2a3d97c8bd8
63fa7664b03e7acd2c77a5f54580757aab4060965264f381c7eb6e54613ac992
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/bonus_2.png HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/png
Content-Length: 213263
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-3410f"
Expires: Sat, 25 Mar 2023 02:45:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajbf9abnvEdIiR2EDEcG77Zp6FpxgRT9ho%2F5qq5SOt00zvLM%2F91cdVHmBaRKFmamRUjswAs3I7VERf731HJ36k5TuiZ4uC59G50l%2FYBNppc6leJBEPWyZtfXzD2z3vnOIMjE2X%2FudA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fae3ee3fab4-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
54.203.75.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.203.75.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WM9HPN7YeqhJWCRqWiALkg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oopWyGjswSM3au73prwhDLJZ9RI=
money-easilybxe.buzz/assets/favicon.ico
172.67.177.80200 OK 2.1 kB URL HTTP/1.1 money-easilybxe.buzz/assets/favicon.ico
IP 172.67.177.80:0
File type MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Hash 94a425202351ffed86ba3ce74b400f3f
6f252a965dc311636496ebfee97deb77559289d8
9499d770110f9762dcab77728714493571be626ac44c27a8899d74604ba99879
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/favicon.ico HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en; firstreg=1
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: W/"632acf41-25be"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwVuZNUjETVi4j%2F0bpNvYpmdCw8LPYhI0nFiubwXk2zu7IAoPqKZtI7U4FP0fbQ%2FTT1KMEaXH4iA9OYN9Bm3hfdbXFejYSrgPHxdL7poCYZENQJ3H7uLrz5oo0SUJi38hVMu6UzJ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fb03bd7b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 2021b993e9c8859bd32bb0348ec3eec3
e0c7859c2a4edb07de6d11e5563fb021474a0c16
92cc26d1622bb8c338887447a9cc5a33ccac30d47bef58a8ef64260594df1a0a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 26 Feb 2023 23:54:41 GMT
ETag: "e0c7859c2a4edb07de6d11e5563fb021474a0c16"
Last-Modified: Wed, 22 Feb 2023 23:54:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 531
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79dc9fb12eeab529-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7585
Expires: Thu, 23 Feb 2023 04:51:36 GMT
Date: Thu, 23 Feb 2023 02:45:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7585
Expires: Thu, 23 Feb 2023 04:51:36 GMT
Date: Thu, 23 Feb 2023 02:45:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7585
Expires: Thu, 23 Feb 2023 04:51:36 GMT
Date: Thu, 23 Feb 2023 02:45:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7585
Expires: Thu, 23 Feb 2023 04:51:36 GMT
Date: Thu, 23 Feb 2023 02:45:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff167ac5c-57c5-4503-9766-310cdc19cc19.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff167ac5c-57c5-4503-9766-310cdc19cc19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 933622d515e6eaf5cf58d7727caa2303
3c92769139ec93bd5536fc1906a205814ff2a057
29d13d652407f6bc8b482645eece5e36c9cdb156d91665b59c9b5608b4cd4e79
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff167ac5c-57c5-4503-9766-310cdc19cc19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12496
x-amzn-requestid: e761dac9-c44f-4bd9-a514-665480f239ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqgrGHQIAMF3aQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68ad0-61c9fe5620f700af33b21c47;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nwIMINPeNum1IC5ETovTOKmRg7baiPoXJZ004rLB90ydLufaQDiKfA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:43:54 GMT
age: 18077
etag: "3c92769139ec93bd5536fc1906a205814ff2a057"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e767c4b566f75c2e5c384d79c874a982
3aa715f0e3a2fbc2a6be06a1284610be50685023
eb40b67d33ffb31a5acb809c4da06e3a82c49990b78f34407d56d22c444cf11c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7286
x-amzn-requestid: 3c5826ab-c99d-41c0-8145-561cab4d1d01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqTQFtaIAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a7a-4e4d07a87e805c5c16837dfe;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: anJcs_dDaqQi_kTT67paSKY90nqjll-QXuFboe1wV_26pr5WK5iNtw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:45:02 GMT
age: 18009
etag: "3aa715f0e3a2fbc2a6be06a1284610be50685023"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdafc403d-ba8c-45cc-ba07-47b9b8673685.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdafc403d-ba8c-45cc-ba07-47b9b8673685.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f89fe2187067877f5d5808f1d50ec7cb
200aa55e7c88cbc90d9e4c62eb5ccbf1c14a0a6b
bb9819d00d58efbe26c0216e39ef78c0f25ad47e8ccbe9c5b169de9a324b0910
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdafc403d-ba8c-45cc-ba07-47b9b8673685.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6046
x-amzn-requestid: 2be82087-190d-4769-a112-34acec2c5d77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AkyHCEc-oAMFRoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f1ca2c-1921dab22ab9d3d762474b9e;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 07:05:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vHIE13LN8sAqSE0R7hYwmRHgWTHKSOGHsFfvwjYDBo3CfhpHnQfhWg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 18:49:36 GMT
age: 28535
etag: "200aa55e7c88cbc90d9e4c62eb5ccbf1c14a0a6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9c643f-2d83-48c4-9450-1b873c5cc877.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9c643f-2d83-48c4-9450-1b873c5cc877.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25edfc4908176ce024f4c8b9622cbe2a
938086638fe62b81018b6ce0d459728bb266b6ec
1151a4d1e341883aa26ec969c65e95685d751074ad2c4f54ed6e21b2fce25bac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9c643f-2d83-48c4-9450-1b873c5cc877.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9857
x-amzn-requestid: bb5b0484-d946-4954-a8ef-6419cc93bfd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqSoFcDoAMF6VQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a76-5f8c7a1f0fb6a01e0213ba46;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RsXvkVXlfNrcr1Hr82G0H11Ai_oyHo_HDME-cYpO0NeDDqy000B-rA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:38:54 GMT
age: 18377
etag: "938086638fe62b81018b6ce0d459728bb266b6ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4fa4908-cf5e-4d75-b1bc-4fb1717b14c3.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4fa4908-cf5e-4d75-b1bc-4fb1717b14c3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16fbc6979d2f191f76ccaef12ddffe8b
a8a84f129c46baadae7dd2fd4d5b92836aa9d9d1
2c045a9e1f72b47e9e24045e992a5da42e43a9aa40d6b51e0c8601cff2d80294
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4fa4908-cf5e-4d75-b1bc-4fb1717b14c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5916
x-amzn-requestid: aaa97738-2662-41b3-9f79-1cebe440c9a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3FtmIAMFqtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-3f37b3ca178c64a148ba1bbf;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5_czMX_dSthDOQs3FfpFrGLFMVvDxpJgIXxZWulJ81gNMOIkQG2sSA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:55:57 GMT
age: 17354
etag: "a8a84f129c46baadae7dd2fd4d5b92836aa9d9d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F058cb296-f883-4b2e-848b-2dc5f2f49041.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F058cb296-f883-4b2e-848b-2dc5f2f49041.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash babe4da90e1cca9297bcc6edf5195566
b2687eafa71395144d096eb0b15c8ec3ffc4b46e
ad46f9818d396725a4ff4e31006bb73611c1ce855f53b0c5a7ba20be4441f8d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F058cb296-f883-4b2e-848b-2dc5f2f49041.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10348
x-amzn-requestid: 289c1c1e-e3d2-4a0f-b517-f860f20c632a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqiEEofoAMFvlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68ad9-02f225f65d1abd7d3cddc7c3;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RV0ZiIyrmiUU7Ekdv561QyboygtCtP6Dl1f9akVmpS5yCmA-AS4eUw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:46:59 GMT
age: 17892
etag: "b2687eafa71395144d096eb0b15c8ec3ffc4b46e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?a711c146eb2a9ed4508f24c2f56c85b5
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a711c146eb2a9ed4508f24c2f56c85b5
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash 1204daa46f24e8b2530c37c604ad84c2
ff0dd49fd3c88351a80038e3641df9c13fbc7071
005fa537db8eb6e7dc785aa13aa20a095ff4b43d477c2154bda1665eb11761ee
GET /hm.js?a711c146eb2a9ed4508f24c2f56c85b5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11263
Content-Type: application/javascript
Date: Thu, 23 Feb 2023 02:45:10 GMT
Etag: 7f17562f6e7f9391d24f6bd452078d8d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5BDB4E6C8C56E1A5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=125895572&si=a711c146eb2a9ed4508f24c2f56c85b5&v=1.3.0&lv=1&sn=14130&r=0&ww=1280&u=http%3A%2F%2Fmoney-easilybxe.buzz%2F&tt=MoneyEasily%20-%20Get%20Paid%20to%20Complete%20Task%20and%20Make%20Money%20Online
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=125895572&si=a711c146eb2a9ed4508f24c2f56c85b5&v=1.3.0&lv=1&sn=14130&r=0&ww=1280&u=http%3A%2F%2Fmoney-easilybxe.buzz%2F&tt=MoneyEasily%20-%20Get%20Paid%20to%20Complete%20Task%20and%20Make%20Money%20Online
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=125895572&si=a711c146eb2a9ed4508f24c2f56c85b5&v=1.3.0&lv=1&sn=14130&r=0&ww=1280&u=http%3A%2F%2Fmoney-easilybxe.buzz%2F&tt=MoneyEasily%20-%20Get%20Paid%20to%20Complete%20Task%20and%20Make%20Money%20Online HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 23 Feb 2023 02:45:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F490BB46D4AA2250; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
money-easilybxe.buzz/assets/style-s.css?88888888
172.67.177.80200 OK 0 B URL HTTP/1.1 money-easilybxe.buzz/assets/style-s.css?88888888
IP 172.67.177.80:0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/style-s.css?88888888 HTTP/1.1
Host: money-easilybxe.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 02:45:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-4e70a"
Expires: Thu, 23 Feb 2023 14:45:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnibjFv%2BHkay%2BYuVV5tW0NDnIECbl%2BlHjp03AWMLO%2Fs1qBE8CzcaRf30bPw21dzkTPHYXDkIwYGTJ4IVRfp5bQd%2BY4o%2Bf9YXU%2B2Jw3U0AFuKQZMw%2BjuW6MUYF%2BA%2FDISaHZKGZDPdQA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc9fa9cb330b49-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800&display=swap
IP 142.250.74.106:0
GET /css2?family=Inter:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://money-easilybxe.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Feb 2023 02:45:09 GMT
date: Thu, 23 Feb 2023 02:45:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2