Report - www.play-eventsmlbb6.zzux.com/

Report Overview

Visited public
2023-11-27 06:32:16
Tags
dyndns
URL
www.play-eventsmlbb6.zzux.com/
Finishing URL
www.play-eventsmlbb6.zzux.com/#/sign_in
IP / ASN
157.245.88.115
#14061 DIGITALOCEAN-ASN
Title
DOCK
Suspicious - DynDNS domain

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.play-eventsmlbb6.zzux.com	unknown	2000-11-15	2021-04-04 12:15:15	2023-11-16 13:53:58	11 kB	532 kB	157.245.88.115

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:01	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:01	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:02	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:03	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:03	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:03	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:03	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	Internal IP	ET INFO Observed DNS Query to DDNS Domain .zzux .com
2023-11-27 06:32:03	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
2023-11-27 06:32:03	medium	Client IP	157.245.88.115	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	From	Size	First Seen	Last Seen
	www.play-eventsmlbb6.zzux.com/assets/user.service-f99efdfa.js	ImportedModule	367 B	2023-11-27	2023-11-27
Pretty URL www.play-eventsmlbb6.zzux.com/assets/user.service-f99efdfa.js IP 157.245.88.115 ASN #14061 DIGITALOCEAN-ASN Introduced by importedModule Embedded in HTML false Observations First Seen2023-11-27 07:32 Last Seen2023-11-27 07:32 Times Seen1 Hash 1e8c0804b721ba1364cf34c9c26bb1ec 045cfc2683f317cc39acb251bba3b4662a1454ad caed7243304d11ebe610c93453749e6f4399e1d3a7a619c37c0594043c9115e3 Loading...

	www.play-eventsmlbb6.zzux.com/assets/Notify.service-c44ee44d.js	ImportedModule	305 B	2023-11-27	2023-11-27
Pretty URL www.play-eventsmlbb6.zzux.com/assets/Notify.service-c44ee44d.js IP 157.245.88.115 ASN #14061 DIGITALOCEAN-ASN Introduced by importedModule Embedded in HTML false Observations First Seen2023-11-27 07:32 Last Seen2023-11-27 07:32 Times Seen1 Hash 6f0a75871d6282ee3bb5a7e367c9f516 26b41d13b224361f28e8b83161827a0928e52cb6 1bddb4fb98d4e238415a86d132d1f4b4be02125655000b05a946b5b67998a425 Loading...

	www.play-eventsmlbb6.zzux.com/assets/role.service-2e5a5b5c.js	ImportedModule	560 B	2023-11-27	2023-11-27
Pretty URL www.play-eventsmlbb6.zzux.com/assets/role.service-2e5a5b5c.js IP 157.245.88.115 ASN #14061 DIGITALOCEAN-ASN Introduced by importedModule Embedded in HTML false Observations First Seen2023-11-27 07:32 Last Seen2023-11-27 07:32 Times Seen1 Hash bb318ba5235f616810561a65ff15735d e5cba0ddfa05811aeded14aed70929e4a86418e1 cfc67e3fe7a5d85f9d2ecef9e9c28983a6df5e53dc85934b8bd2e409e7bb4029 Loading...

	www.play-eventsmlbb6.zzux.com/assets/httpService-4bff3700.js	ImportedModule	14 kB	2023-11-27	2023-11-27
Pretty URL www.play-eventsmlbb6.zzux.com/assets/httpService-4bff3700.js IP 157.245.88.115 ASN #14061 DIGITALOCEAN-ASN Introduced by importedModule Embedded in HTML false Observations First Seen2023-11-27 07:32 Last Seen2023-11-27 07:32 Times Seen1 Hash 427c5a253ef8c65f5301e0af49d5c5a9 594a4bdad0d1851e077dbf51ab0ea509bf76dfe3 bcbf7061d099810575f835695e7c1856a04a1eb574b9b43c8222accf2d7423fd Loading...

	www.play-eventsmlbb6.zzux.com/assets/signIn-94a41ae9.js	ScriptElement	4.1 kB	2023-11-27	2023-11-27
Pretty URL www.play-eventsmlbb6.zzux.com/assets/signIn-94a41ae9.js IP 157.245.88.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 07:32 Last Seen2023-11-27 07:32 Times Seen1 Hash 0b7f1a6318fb37b15417e49084667ef9 1d353c4e867a858c03846c364beb08070a0e4971 71124fefe4ebd2815e56453f8b0ad213c0377df10db8eb289878b969883a4d02 Loading...

	unknown	Function	138 B	2023-04-14	2025-05-07
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 14:41 Last Seen2025-05-07 20:53 Times Seen492 Hash f325222a758aeaf467ffd9902267b129 ebb95b3866ab29d0ee9bb0755384b81ab12e000e cb11ef6823d7949b57e01ab9d6bb5c829be6b14322aa0dd5897a6d2d209d0672 Loading...

	www.play-eventsmlbb6.zzux.com/	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL www.play-eventsmlbb6.zzux.com/ IP 157.245.88.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 12:25 Times Seen4635853 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.play-eventsmlbb6.zzux.com/assets/SwitchLanguage-9575ce56.js	ImportedModule	857 B	2023-11-27	2023-11-27
Pretty URL www.play-eventsmlbb6.zzux.com/assets/SwitchLanguage-9575ce56.js IP 157.245.88.115 ASN #14061 DIGITALOCEAN-ASN Introduced by importedModule Embedded in HTML false Observations First Seen2023-11-27 07:32 Last Seen2023-11-27 07:32 Times Seen1 Hash bccd7cd1d8e14f81f5bb601f2a10ef37 4563e7c97b12590edd475b4b296cf1838faddfd2 95a75e40b5a575214e9ab1b98be16a8e8e77e99138076ed3a5c98c2f7e2109e4 Loading...

	unknown	Function	145 B	2023-05-19	2024-08-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-19 20:48 Last Seen2024-08-21 08:22 Times Seen4 Hash 85de005e6247406e6801568c88335412 419153060697e96d7f2bc6bd7307d52409b3429a 30483ae2d68a55e8bd909dbc3cceadb75e388b8a5c882f878840b49e36a8557c Loading...

	unknown	Function	145 B	2023-05-19	2025-01-03
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-19 20:48 Last Seen2025-01-03 08:16 Times Seen4 Hash 6dc8cb655b165b46e8304c4421fc2696 911d80bb0aad8db86750e29a26c759e68cb9c2ae 785d5b9b30ce9167d345c5a599d4e31854f1fdfb662b96e55ef7c88a4efd3ba0 Loading...

	www.play-eventsmlbb6.zzux.com/assets/index-c87d8d22.js	ScriptElement	1.0 MB	2023-11-27	2023-11-27
Pretty URL www.play-eventsmlbb6.zzux.com/assets/index-c87d8d22.js IP 157.245.88.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 07:32 Last Seen2023-11-27 07:32 Times Seen1 Hash 22293beef24bdc348c07030df7bc0604 3881eaf5007437f061035992c545906abd0956c7 057d95464d6d3b66805f2a3d067b44102ceb959714a3c430a4d6868ca667163e Loading...

	www.play-eventsmlbb6.zzux.com/assets/AppHome-0828806e.js	ScriptElement	13 kB	2023-11-27	2023-11-27
Pretty URL www.play-eventsmlbb6.zzux.com/assets/AppHome-0828806e.js IP 157.245.88.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 07:32 Last Seen2023-11-27 07:32 Times Seen1 Hash 2e41b4504d28bd1f8b97f73db5e3e566 f24d97e812b99c625d37390153c89de4baefe42f 135c865af39b912c1b0fcf72589a0e9fec8806c82826b3ea42effd1bf31d2b40 Loading...

HTTP Transactions (24)

URL IP Response Size

www.play-eventsmlbb6.zzux.com/

157.245.88.115

700 B

URL User Request GET
www.play-eventsmlbb6.zzux.com/
IP
157.245.88.115:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
700 B (700 bytes)
Hash
32d4ee3dea59144cf3eca291821a6a69
192d70975c4f9f36fdb75211ca48563702fa0720
c1c1eb90453d26b7ac8cbf9ab3132c9b8803e3c0c2669878452b799f3f3be477

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET / HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 700
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"2bc-1894003f804"
Set-Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc; Path=/; Expires=Tue, 28 Nov 2023 06:31:58 GMT; HttpOnly

www.play-eventsmlbb6.zzux.com/themes/saga-blue/theme.css

157.245.88.115

200 OK

23 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/themes/saga-blue/theme.css
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
ASCII text
Size
23 kB (22704 bytes)
Hash
aee6dd6a88d7b5ba5151561a8c7be005
9b96506b9570862f6443255f30e1b5ef0acffe20
2f94098a4695ec1a177fbec5b3dfa79e543999cab716eb706f2f165b8240afc3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /themes/saga-blue/theme.css HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:58 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:46 GMT
ETag: W/"24cc8-1894003ed1c"
Content-Encoding: gzip

www.play-eventsmlbb6.zzux.com/assets/index-61e24664.css

157.245.88.115

200 OK

55 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/index-61e24664.css
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
55 kB (54785 bytes)
Hash
f4de2f6451432fe77d827a25ce591977
6d6990eebedfc684243f7bfd16ca7c56c44aaa6c
61e24664d3d6c61e6100f30b7edb22fed4ee8a5d37808a9ef0b75ec9cf0545e5

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/index-61e24664.css HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:58 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"5f6cc-1894003f7f4"
Content-Encoding: gzip

www.play-eventsmlbb6.zzux.com/assets/index-c87d8d22.js

157.245.88.115

200 OK

305 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/index-c87d8d22.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
305 kB (304694 bytes)
Hash
22293beef24bdc348c07030df7bc0604
3881eaf5007437f061035992c545906abd0956c7
057d95464d6d3b66805f2a3d067b44102ceb959714a3c430a4d6868ca667163e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/index-c87d8d22.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:58 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"f9f5c-1894003f804"
Content-Encoding: gzip

www.play-eventsmlbb6.zzux.com/assets/SwitchLanguage-eac5d282.css

157.245.88.115

200 OK

114 B

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/SwitchLanguage-eac5d282.css
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
ASCII text
Size
114 B (114 bytes)
Hash
dca71d0c55ab6ee2c4ae2eb60c544393
3076dc3b0905be7fe98a40df79039879307a22ba
eac5d282905e2656274fd1b48fc721ad371ca184643db500081ee4ea7e194903

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/SwitchLanguage-eac5d282.css HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 114
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"72-1894003f7f4"

www.play-eventsmlbb6.zzux.com/assets/AppHome-9048cba7.css

157.245.88.115

200 OK

1.3 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/AppHome-9048cba7.css
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
ASCII text, with very long lines (3323)
Size
1.3 kB (1274 bytes)
Hash
76b1773e1cf6c49402c10aad479fc0e9
974092239275fcc8390374730c45ace49fb21230
9048cba7d937c8544c90af11c86ca3c0226438d6d26d9b1214396a3d10d52cbe

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/AppHome-9048cba7.css HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"cfc-1894003f7f4"
Content-Encoding: gzip

www.play-eventsmlbb6.zzux.com/assets/AppHome-0828806e.js

157.245.88.115

200 OK

4.8 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/AppHome-0828806e.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
ASCII text, with very long lines (12985)
Size
4.8 kB (4826 bytes)
Hash
2e41b4504d28bd1f8b97f73db5e3e566
f24d97e812b99c625d37390153c89de4baefe42f
135c865af39b912c1b0fcf72589a0e9fec8806c82826b3ea42effd1bf31d2b40

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/AppHome-0828806e.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.play-eventsmlbb6.zzux.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"32ba-1894003f7f8"
Set-Cookie: connect.sid=s%3AQOf_101LRiorpVEwszzzJVSAlsNbbvHQ.qz1YPpGFsctD4mwRkd4hgTDZh5WiLGBbEM3hO0uxQT0; Path=/; Expires=Tue, 28 Nov 2023 06:31:59 GMT; HttpOnly
Content-Encoding: gzip

www.play-eventsmlbb6.zzux.com/assets/Notify.service-c44ee44d.js

157.245.88.115

200 OK

305 B

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/Notify.service-c44ee44d.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
C++ source, ASCII text, with very long lines (304)
Size
305 B (305 bytes)
Hash
6f0a75871d6282ee3bb5a7e367c9f516
26b41d13b224361f28e8b83161827a0928e52cb6
1bddb4fb98d4e238415a86d132d1f4b4be02125655000b05a946b5b67998a425

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/Notify.service-c44ee44d.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.play-eventsmlbb6.zzux.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 305
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"131-1894003f7f8"
Set-Cookie: connect.sid=s%3AlA9v5bbXN_qNHR5PIrxdaCtNegs1Qa1E.Kr7kSeBhi03%2FDD5fuo2bDvcOGuR7L2yGzkwmHRGhoRA; Path=/; Expires=Tue, 28 Nov 2023 06:31:59 GMT; HttpOnly

www.play-eventsmlbb6.zzux.com/assets/httpService-4bff3700.js

157.245.88.115

200 OK

5.9 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/httpService-4bff3700.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
ASCII text, with very long lines (9790)
Size
5.9 kB (5894 bytes)
Hash
427c5a253ef8c65f5301e0af49d5c5a9
594a4bdad0d1851e077dbf51ab0ea509bf76dfe3
bcbf7061d099810575f835695e7c1856a04a1eb574b9b43c8222accf2d7423fd

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/httpService-4bff3700.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.play-eventsmlbb6.zzux.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"38d0-1894003f7f8"
Set-Cookie: connect.sid=s%3ArWyqkJpkOOhelDOw3wk2xWYOUxQnqJIF.WyXZy%2Ba95dvEKt%2Bz347lt9dmXP%2Fh15S5HlVDnnaULlU; Path=/; Expires=Tue, 28 Nov 2023 06:31:59 GMT; HttpOnly
Content-Encoding: gzip

www.play-eventsmlbb6.zzux.com/assets/SwitchLanguage-9575ce56.js

157.245.88.115

200 OK

857 B

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/SwitchLanguage-9575ce56.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
Java source, Unicode text, UTF-8 text, with very long lines (855)
Size
857 B (857 bytes)
Hash
bccd7cd1d8e14f81f5bb601f2a10ef37
4563e7c97b12590edd475b4b296cf1838faddfd2
95a75e40b5a575214e9ab1b98be16a8e8e77e99138076ed3a5c98c2f7e2109e4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/SwitchLanguage-9575ce56.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.play-eventsmlbb6.zzux.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 857
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"359-1894003f7f8"
Set-Cookie: connect.sid=s%3Atw5DOQIRQL_8__0X-ORv8rnNfR06wn5d.SH1gwYuqLx4D0Z0lfmDVJ%2BEz702tg556eM2GMD%2BbatE; Path=/; Expires=Tue, 28 Nov 2023 06:31:59 GMT; HttpOnly

www.play-eventsmlbb6.zzux.com/assets/user.service-f99efdfa.js

157.245.88.115

200 OK

367 B

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/user.service-f99efdfa.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
Java source, ASCII text, with very long lines (366)
Size
367 B (367 bytes)
Hash
1e8c0804b721ba1364cf34c9c26bb1ec
045cfc2683f317cc39acb251bba3b4662a1454ad
caed7243304d11ebe610c93453749e6f4399e1d3a7a619c37c0594043c9115e3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/user.service-f99efdfa.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.play-eventsmlbb6.zzux.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 367
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"16f-1894003f7f8"
Set-Cookie: connect.sid=s%3ADAMar33ygjgSlCp435qoNgBJFGx9QV0c.3%2BXRg3w0R8Nl%2FCPePWEbbSkVHjHlEqRwgAEtL9lOx8s; Path=/; Expires=Tue, 28 Nov 2023 06:31:59 GMT; HttpOnly

www.play-eventsmlbb6.zzux.com/assets/role.service-2e5a5b5c.js

157.245.88.115

200 OK

560 B

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/role.service-2e5a5b5c.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
Java source, ASCII text, with very long lines (559)
Size
560 B (560 bytes)
Hash
bb318ba5235f616810561a65ff15735d
e5cba0ddfa05811aeded14aed70929e4a86418e1
cfc67e3fe7a5d85f9d2ecef9e9c28983a6df5e53dc85934b8bd2e409e7bb4029

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/role.service-2e5a5b5c.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.play-eventsmlbb6.zzux.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 560
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"230-1894003f7f8"
Set-Cookie: connect.sid=s%3AhliuZBI8qjGj20DSh2BBz5BVV0Grbco6.mZXZ459KOIAPrE4quTg9jxItr%2BC8x7TxYaXMLK84Wls; Path=/; Expires=Tue, 28 Nov 2023 06:31:59 GMT; HttpOnly

www.play-eventsmlbb6.zzux.com/assets/AppHome-0828806e.js

157.245.88.115

200 OK

4.8 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/AppHome-0828806e.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
ASCII text, with very long lines (12985)
Size
4.8 kB (4826 bytes)
Hash
2e41b4504d28bd1f8b97f73db5e3e566
f24d97e812b99c625d37390153c89de4baefe42f
135c865af39b912c1b0fcf72589a0e9fec8806c82826b3ea42effd1bf31d2b40

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/AppHome-0828806e.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/assets/index-c87d8d22.js
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"32ba-1894003f7f8"
Content-Encoding: gzip

www.play-eventsmlbb6.zzux.com/images/icon.png

157.245.88.115

200 OK

39 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/images/icon.png
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
PNG image data, 364 x 432, 8-bit/color RGBA, non-interlaced\012- data
Size
39 kB (39448 bytes)
Hash
74631ab9f72119cd66ef20aaf4c4cd9c
313fb770b272e8e94d02450c0f842a1e20962f09
c6ff2744933f625d9526ba9347471d59f1f79504c4bac6adcb49a3bd1e921ba9

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /images/icon.png HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: image/png
Content-Length: 39448
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:46 GMT
ETag: W/"9a18-1894003ed10"

www.play-eventsmlbb6.zzux.com/assets/user.service-f99efdfa.js

157.245.88.115

200 OK

367 B

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/user.service-f99efdfa.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
Java source, ASCII text, with very long lines (366)
Size
367 B (367 bytes)
Hash
1e8c0804b721ba1364cf34c9c26bb1ec
045cfc2683f317cc39acb251bba3b4662a1454ad
caed7243304d11ebe610c93453749e6f4399e1d3a7a619c37c0594043c9115e3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/user.service-f99efdfa.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/assets/AppHome-0828806e.js
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 367
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"16f-1894003f7f8"

www.play-eventsmlbb6.zzux.com/assets/SwitchLanguage-9575ce56.js

157.245.88.115

200 OK

857 B

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/SwitchLanguage-9575ce56.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
Java source, Unicode text, UTF-8 text, with very long lines (855)
Size
857 B (857 bytes)
Hash
bccd7cd1d8e14f81f5bb601f2a10ef37
4563e7c97b12590edd475b4b296cf1838faddfd2
95a75e40b5a575214e9ab1b98be16a8e8e77e99138076ed3a5c98c2f7e2109e4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/SwitchLanguage-9575ce56.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/assets/AppHome-0828806e.js
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 857
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"359-1894003f7f8"

www.play-eventsmlbb6.zzux.com/assets/Notify.service-c44ee44d.js

157.245.88.115

200 OK

305 B

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/Notify.service-c44ee44d.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
C++ source, ASCII text, with very long lines (304)
Size
305 B (305 bytes)
Hash
6f0a75871d6282ee3bb5a7e367c9f516
26b41d13b224361f28e8b83161827a0928e52cb6
1bddb4fb98d4e238415a86d132d1f4b4be02125655000b05a946b5b67998a425

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/Notify.service-c44ee44d.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/assets/AppHome-0828806e.js
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 305
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"131-1894003f7f8"

www.play-eventsmlbb6.zzux.com/assets/role.service-2e5a5b5c.js

157.245.88.115

200 OK

560 B

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/role.service-2e5a5b5c.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
Java source, ASCII text, with very long lines (559)
Size
560 B (560 bytes)
Hash
bb318ba5235f616810561a65ff15735d
e5cba0ddfa05811aeded14aed70929e4a86418e1
cfc67e3fe7a5d85f9d2ecef9e9c28983a6df5e53dc85934b8bd2e409e7bb4029

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/role.service-2e5a5b5c.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/assets/AppHome-0828806e.js
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 560
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"230-1894003f7f8"

www.play-eventsmlbb6.zzux.com/assets/httpService-4bff3700.js

157.245.88.115

200 OK

5.9 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/httpService-4bff3700.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
ASCII text, with very long lines (9790)
Size
5.9 kB (5894 bytes)
Hash
427c5a253ef8c65f5301e0af49d5c5a9
594a4bdad0d1851e077dbf51ab0ea509bf76dfe3
bcbf7061d099810575f835695e7c1856a04a1eb574b9b43c8222accf2d7423fd

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/httpService-4bff3700.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/assets/AppHome-0828806e.js
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"38d0-1894003f7f8"
Content-Encoding: gzip

www.play-eventsmlbb6.zzux.com/images/icon.png

157.245.88.115

200 OK

39 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/images/icon.png
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
PNG image data, 364 x 432, 8-bit/color RGBA, non-interlaced\012- data
Size
39 kB (39448 bytes)
Hash
74631ab9f72119cd66ef20aaf4c4cd9c
313fb770b272e8e94d02450c0f842a1e20962f09
c6ff2744933f625d9526ba9347471d59f1f79504c4bac6adcb49a3bd1e921ba9

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /images/icon.png HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: image/png
Content-Length: 39448
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:46 GMT
ETag: W/"9a18-1894003ed10"

www.play-eventsmlbb6.zzux.com/assets/signIn-3fda218d.css

157.245.88.115

200 OK

882 B

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/signIn-3fda218d.css
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
ASCII text, with very long lines (2471)
Size
882 B (882 bytes)
Hash
ad6b4a7e1a7e36689c100b44869e1ccc
437c8676e3a6df5fd92044d754dcd8e9d64028d1
3fda218d94d6d574e105fa8c2918f92260adfeaf21a3b46d39948291fa93fbe7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/signIn-3fda218d.css HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"9a8-1894003f7f4"
Content-Encoding: gzip

www.play-eventsmlbb6.zzux.com/assets/signIn-94a41ae9.js

157.245.88.115

200 OK

1.8 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/signIn-94a41ae9.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
Java source, ASCII text, with very long lines (4074)
Size
1.8 kB (1830 bytes)
Hash
0b7f1a6318fb37b15417e49084667ef9
1d353c4e867a858c03846c364beb08070a0e4971
71124fefe4ebd2815e56453f8b0ad213c0377df10db8eb289878b969883a4d02

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/signIn-94a41ae9.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.play-eventsmlbb6.zzux.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"feb-1894003f7f8"
Set-Cookie: connect.sid=s%3AAFDcZpmujT_A5114PHgCbG4KK0CmUy4T.qVje8yDNNkqahp1DA2jMK80BpKRz%2BGZ0ne3N7ulb9Lc; Path=/; Expires=Tue, 28 Nov 2023 06:31:59 GMT; HttpOnly
Content-Encoding: gzip

www.play-eventsmlbb6.zzux.com/assets/primeicons-3824be50.woff2

157.245.88.115

200 OK

30 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/primeicons-3824be50.woff2
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
Web Open Font Format (Version 2), TrueType, length 30180, version 1.0\012- data
Size
30 kB (30180 bytes)
Hash
c0929a1e055f2ceb5c889501c24a24e1
55a4b2a5f02e362405d8d874903af0b5f6a6c15d
3824be5040322c884634028b8cdfb1716912128cc4a1d38b4c7a93ffea2a6879

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/primeicons-3824be50.woff2 HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/assets/index-61e24664.css
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: font/woff2
Content-Length: 30180
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"75e4-1894003f7f4"

www.play-eventsmlbb6.zzux.com/assets/signIn-94a41ae9.js

157.245.88.115

200 OK

1.8 kB

URL GET HTTP/1.1
www.play-eventsmlbb6.zzux.com/assets/signIn-94a41ae9.js
IP
157.245.88.115:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://www.play-eventsmlbb6.zzux.com/

File type
Java source, ASCII text, with very long lines (4074)
Size
1.8 kB (1830 bytes)
Hash
0b7f1a6318fb37b15417e49084667ef9
1d353c4e867a858c03846c364beb08070a0e4971
71124fefe4ebd2815e56453f8b0ad213c0377df10db8eb289878b969883a4d02

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.zzux .com Domain

HTTP Headers

GET /assets/signIn-94a41ae9.js HTTP/1.1
Host: www.play-eventsmlbb6.zzux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.play-eventsmlbb6.zzux.com/assets/index-c87d8d22.js
Cookie: connect.sid=s%3Al07OGvr__2gRVuT4nwT9IOZaV0HuEVYz.%2BD0Iarrb0Tgg2n2yhsF0Qt%2FGquDrKGkRQlAl2qfSnMc
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 27 Nov 2023 06:31:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 10 Jul 2023 13:35:49 GMT
ETag: W/"feb-1894003f7f8"
Content-Encoding: gzip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations