Report - vcxx.activdep.top/

Report Overview

Submitted URL
vcxx.activdep.top/
IP
172.245.112.197
ASN
#36352 AS-COLOCROSSING
Submitted
2024-05-10 13:05:39
Access
public
Website Title
WhatsApp Bot
Final URL
vcxx.activdep.top/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	4.6 kB	303 kB	104.17.24.14
vcxx.activdep.top	unknown	unknown	No data	No data	4.4 kB	140 kB	172.245.112.197
getyourapi.site	unknown	2021-03-05	2021-03-05	2024-02-06	481 B	707 B	3.122.218.248
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	507 B	6.8 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	getyourapi.site	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	activdep.top	Sinkholed
2024-05-10	medium	activdep.top	Sinkholed
2024-05-10	medium	getyourapi.site	Sinkholed
2024-05-10	medium	activdep.top	Sinkholed
2024-05-10	medium	activdep.top	Sinkholed
2024-05-10	medium	activdep.top	Sinkholed
2024-05-10	medium	activdep.top	Sinkholed
2024-05-10	medium	activdep.top	Sinkholed
2024-05-10	medium	activdep.top	Sinkholed
2024-05-10	medium	activdep.top	Sinkholed
2024-05-10	medium	activdep.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/chartjs-adapter-luxon/1.0.0/chartjs-adapter-luxon.min.js	1.8 kB	2023-10-31	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/chartjs-adapter-luxon/1.0.0/chartjs-adapter-luxon.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 07:58:50 Last Seen2024-05-20 06:05:53 Times Seen20 Hash 82f58254d0de06210befdecf76139035 06a204132269527191dced73edd2f5ee584ec883 abcc36320ab7e8ec0014a2cb6dd4a2f9a08701be9626122cc19ecdea4fb1b1fd Loading...

	vcxx.activdep.top/src/js/modalPhoneError.js	1.7 kB	2024-04-29	2024-05-20
Pretty URL vcxx.activdep.top/src/js/modalPhoneError.js IP 172.245.112.197 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 06:06:01 Last Seen2024-05-20 06:05:53 Times Seen6 Hash aaa17cb0318e8c8362c4a6711a5b844c dcd9966d53ffdc21e8e508886b83c96e6fb8ebfe db9a78c8a0e84c190e8d07e47627ebb7bae2ed6db3365d160c3af49444adc361 Loading...

	cdnjs.cloudflare.com/ajax/libs/luxon/1.26.0/luxon.min.js	72 kB	2023-10-31	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/luxon/1.26.0/luxon.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 07:58:50 Last Seen2024-05-20 06:05:53 Times Seen19 Hash 512874b4b4a407dff6359f8582ac2afd d14eb1df4502d80e16c8767fd4a5df67d49d50fb e2c6d3ce60825bd2c6ac88793ac37c5793df75a77517533084b00ec972a7b04d Loading...

	cdnjs.cloudflare.com/ajax/libs/Chart.js/3.7.0/chart.min.js	195 kB	2023-03-08	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/Chart.js/3.7.0/chart.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:49:14 Last Seen2024-05-20 06:05:53 Times Seen74 Hash 4328ece7a486aa04b358fd751d187a7d 417c2592f60e0cb3ad6867cd04d1311773db7601 636e8032f6887eb675110538f697fa1f8433553ace23c9bdc1060a91fb41b78b Loading...

	vcxx.activdep.top/src/js/timer.js	1.7 kB	2024-05-07	2024-05-20
Pretty URL vcxx.activdep.top/src/js/timer.js IP 172.245.112.197 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 21:05:59 Last Seen2024-05-20 06:05:53 Times Seen4 Hash 0fe3da1d0b530cd66c9d45ff451c1710 1d2b94f439217630c6026a3f862d7b6f59d5b001 49c0152db0eb00288baf1c445e7440abbfca7c35fac169d908fea67d86ec76f0 Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js	31 kB	2024-03-04	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-04 04:06:08 Last Seen2024-05-20 14:04:31 Times Seen76 Hash ddc9d20a5dc24ff745358bba80eea1f3 c569c6d9f50923de1753da1f2c090132fa455f55 54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js	88 kB	2023-08-31	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03:19 Last Seen2024-05-20 19:31:37 Times Seen9948 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	vcxx.activdep.top/src/js/chartjs-chart-financial.js	13 kB	2024-05-07	2024-05-20
Pretty URL vcxx.activdep.top/src/js/chartjs-chart-financial.js IP 172.245.112.197 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 21:05:59 Last Seen2024-05-20 06:05:54 Times Seen10 Hash 48fb3d691cf8357ce476467e75d2e6ab 805f49ae1321067a4fe3b178f91c8268fb2b17c1 45556bdd40d572b92327f44e2fe9e8b862a5474d39810347c7181df00cdf0e05 Loading...

	vcxx.activdep.top/	605 B	2024-05-10	2024-05-10
Pretty URL vcxx.activdep.top/ IP 172.245.112.197 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 15:05:46 Last Seen2024-05-10 15:05:46 Times Seen1 Hash 3f5c33ad8fac60c675301a9a07aaa5e1 8f2c8e3dde8960b012b693b0b77d856efc57a0f4 2df47c66a32e999a4efe1b1a48671dac5ace8271aab25e8fab9d0a891d2b76e6 Loading...

	cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js	5.3 kB	2023-03-07	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:24:05 Last Seen2024-05-20 06:05:53 Times Seen357 Hash 288053556a8dbbba281cd771104eb77f fef15ece904a9e8c068183635c86779bc7e58ccb c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4 Loading...

	vcxx.activdep.top/src/js/index.js	4.5 kB	2024-05-10	2024-05-10
Pretty URL vcxx.activdep.top/src/js/index.js IP 172.245.112.197 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 15:05:46 Last Seen2024-05-10 15:05:46 Times Seen1 Hash 51ed3c89aeec76b3c9b9f694aab1210b 10bac072fa1dbb83c4ced4745fd52cc9f063c846 aa8c47249c2d2c6aede305dc3f1d29b40eb25f7918cc13e699293a20e2685d93 Loading...

	vcxx.activdep.top/	25 kB	2024-04-30	2024-05-20
Pretty URL vcxx.activdep.top/ IP 172.245.112.197 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-30 12:06:00 Last Seen2024-05-20 06:05:53 Times Seen5 Hash 87d0966a5ad0d0e4093f3de4c3c74d83 ea13ce2661c6299952ca98bfb5beb82319977450 ef21583296e267c74af17e1ccd68dfe47f86b86872b6e0366635c1753a8a829d Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/utils.min.js	249 kB	2024-03-04	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/utils.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-04 04:06:08 Last Seen2024-05-20 14:04:32 Times Seen69 Hash b34007e0189bdb6d937004b2d35dc0d8 4836255d80bf984e066263a2bffaa1467cfc4cb5 b35c83e4dc3713230edfbda43508fb2fb92d8e07c4189f19d201ba199ef810a2 Loading...

HTTP Transactions (22)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.css

104.17.24.14

200 OK

2.5 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vcxx.activdep.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6454), with no line terminators
Size
2.5 kB (2517 bytes)
Hash
f284028c678041d687c6f1be6968f68a
a668ec5d16eec86372216a8c1b161cdec3eebecf
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0

HTTP Headers

GET /ajax/libs/toastr.js/2.1.4/toastr.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:05:14 GMT
content-type: text/css; charset=utf-8
content-length: 2517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ffe-1936"
last-modified: Mon, 04 May 2020 16:17:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 116309
expires: Wed, 30 Apr 2025 13:05:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nyo1ZBmqXgBZugFK8RZAWoxoli4wW78IHEtCZUT8DicovH9TgW7ToerHJdWFBHwMKDhbvs0E%2BsKt1MiBBBHUrK2TNr2U1XpODZTRaSG1VQXf0zDQzhqB0i%2Baw%2BmalNa%2F7ZZZ%2Fnjz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881a23c35cbeb4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js

104.17.24.14

200 OK

8.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vcxx.activdep.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (27324)
Size
8.8 kB (8765 bytes)
Hash
ddc9d20a5dc24ff745358bba80eea1f3
c569c6d9f50923de1753da1f2c090132fa455f55
54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389

HTTP Headers

GET /ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 13:05:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 8765
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65a3eb4d-223d"
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 847750
expires: Wed, 30 Apr 2025 13:05:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6nZtFpKcRoL1Cg38cj2qcPYf2PrPkpgOhZSbmTXAOZ7HPpVlPKxFpWlvEL5WerydWDenP4ZTRU0R%2FXwHInBDqUiRGe9wgwnotoh9eH%2BydpARHDUR1Jj%2Fbl3Y4Gb5KylTzA8Uswg0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881a23c35cc0b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/luxon/1.26.0/luxon.min.js

104.17.24.14

200 OK

19 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/luxon/1.26.0/luxon.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vcxx.activdep.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65440), with no line terminators
Size
19 kB (18837 bytes)
Hash
512874b4b4a407dff6359f8582ac2afd
d14eb1df4502d80e16c8767fd4a5df67d49d50fb
e2c6d3ce60825bd2c6ac88793ac37c5793df75a77517533084b00ec972a7b04d

HTTP Headers

GET /ajax/libs/luxon/1.26.0/luxon.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:05:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 18837
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60283ee6-119bf"
last-modified: Sat, 13 Feb 2021 21:04:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 846266
expires: Wed, 30 Apr 2025 13:05:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pxZkaqwpG4pKQUIlJLjZohe%2BlqXr7yvG5vmmNXXBsUuSk1AOI7YV1U3U%2B%2F53hePN16OHaSe5xgImfKltsOhf9lsv1tpI67e5YXb51uNLIGONB5Hzw0AzAvcL3ebgjwOkEWnyE0un"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881a23c37ce2b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vcxx.activdep.top/

172.245.112.197

200 OK

36 kB

URL User Request GET HTTP/2
vcxx.activdep.top/
IP
172.245.112.197:443
ASN
#36352 AS-COLOCROSSING

Certificate
IssuerLet's Encrypt
Subjectvcxx.activdep.top
FingerprintE0:BF:FB:81:AB:3C:54:F8:53:EF:68:CE:9A:3C:97:36:E4:74:2F:9E
ValidityFri, 10 May 2024 04:05:23 GMT - Thu, 08 Aug 2024 04:05:22 GMT

File type
gzip compressed data, from Unix
Size
36 kB (35881 bytes)
Hash
a4d4b87a688f4cd5de93905103f105a1
a9d8283587d3d7ceb0a3825dc181ae57b2ad6912
43a8ab5bc589ef0ae63612a5a6df8390f4b5d1a81a9d7fa48b938bf535735c09

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: vcxx.activdep.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 10 May 2024 13:05:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Chart.js/3.7.0/chart.min.js

104.17.24.14

200 OK

58 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Chart.js/3.7.0/chart.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vcxx.activdep.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (62923)
Size
58 kB (57480 bytes)
Hash
4328ece7a486aa04b358fd751d187a7d
417c2592f60e0cb3ad6867cd04d1311773db7601
636e8032f6887eb675110538f697fa1f8433553ace23c9bdc1060a91fb41b78b

HTTP Headers

GET /ajax/libs/Chart.js/3.7.0/chart.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:05:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 57480
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61c4dda5-e088"
last-modified: Thu, 23 Dec 2021 20:35:49 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 851595
expires: Wed, 30 Apr 2025 13:05:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KuXyv4gMQqhozWwk0pU1CINMcYhxDWflCTdg1x41nFXu3ioBjyeri7gDS5O0txTwHQ8V6xrrLjrjW7mjxHlgetG5f8gRdP6uXs73A8XBnmkd%2Fms7V4qTf8rHJMptgXGtNm9bpaR4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881a23c3bd53b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/chartjs-adapter-luxon/1.0.0/chartjs-adapter-luxon.min.js

104.17.24.14

200 OK

767 B

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/chartjs-adapter-luxon/1.0.0/chartjs-adapter-luxon.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vcxx.activdep.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1644)
Size
767 B (767 bytes)
Hash
82f58254d0de06210befdecf76139035
06a204132269527191dced73edd2f5ee584ec883
abcc36320ab7e8ec0014a2cb6dd4a2f9a08701be9626122cc19ecdea4fb1b1fd

HTTP Headers

GET /ajax/libs/chartjs-adapter-luxon/1.0.0/chartjs-adapter-luxon.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:05:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 767
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "619bd53a-2ff"
last-modified: Mon, 22 Nov 2021 17:36:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 835197
expires: Wed, 30 Apr 2025 13:05:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yu%2FKCQAygw9kj5hlQgyR5K9%2FfA%2B%2FqIqCFuF1CmjNoup6XUaWSQ8ohoDT1%2Bp1FrpKFm8f%2F7e9kALdXE%2F%2FOYRbfqT44NEzobjO5H2dCzpmu52Vbrrjd9dsLlBX%2FJynGmUnLO5bVkh2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881a23c3bd56b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css

104.17.24.14

200 OK

2.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vcxx.activdep.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
2.1 kB (2139 bytes)
Hash
582a1f76889553869a19d492c7728242
7d0ac85f92401984088d1c79d2a8d91b00e16a8a
c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca

HTTP Headers

GET /ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:05:14 GMT
content-type: text/css; charset=utf-8
content-length: 2139
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65a3eb4d-85b"
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 150641
expires: Wed, 30 Apr 2025 13:05:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7VoRrtOdkmYxMNFVcecIg8x7ws5I2iknRo4%2BEQ3%2FJ1tLrHcq8W1R6YqM6dK2kKYYDC77JVKPpEXFhIYl3fRfFWmsBEecdXEJ28KfDqqXzKe%2Bywff3GrxNpZn1WFqTR7sxgmuUWs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881a23c3ed9ab4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js

104.17.24.14

200 OK

1.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vcxx.activdep.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5215)
Size
1.8 kB (1763 bytes)
Hash
288053556a8dbbba281cd771104eb77f
fef15ece904a9e8c068183635c86779bc7e58ccb
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4

HTTP Headers

GET /ajax/libs/toastr.js/2.1.4/toastr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vcxx.activdep.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:05:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 1763
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ffe-1483"
last-modified: Mon, 04 May 2020 16:17:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 204518
expires: Wed, 30 Apr 2025 13:05:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWDZAqnMRQ%2BKdI2yTarlpp8%2BOd%2FCOGdSc2jSFIscT9M6w5d0wTCVp0Jn%2F39oNLHSXWQc5owbzbrFJOAGkb6eSA5qwoH8JATpgJqjlmGcFpIH%2BGGe%2FfyEKo5juWCbsaVyTl%2FxuWaX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881a23c3ffe67131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vcxx.activdep.top/src/images/background.jpg

172.245.112.197

404 Not Found

613 B

URL GET HTTP/2
vcxx.activdep.top/src/images/background.jpg
IP
172.245.112.197:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://vcxx.activdep.top/
Certificate
IssuerLet's Encrypt
Subjectvcxx.activdep.top
FingerprintE0:BF:FB:81:AB:3C:54:F8:53:EF:68:CE:9A:3C:97:36:E4:74:2F:9E
ValidityFri, 10 May 2024 04:05:23 GMT - Thu, 08 Aug 2024 04:05:22 GMT

File type
gzip compressed data, from Unix
Size
613 B (613 bytes)
Hash
fd5c051862c364dd490948731dcbedd2
52f7324ce691020119d0ed14f603aafd59ba572b
3a189367fdcfa49f33f3ea271023a641929078684159d0d6f20890d082e98110

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /src/images/background.jpg HTTP/1.1
Host: vcxx.activdep.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/src/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: openresty
date: Fri, 10 May 2024 13:05:15 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

getyourapi.site/api/geolocation

3.122.218.248

200 OK

107 B

URL GET HTTP/2
getyourapi.site/api/geolocation
IP
3.122.218.248:443
ASN
#16509 AMAZON-02

Requested by
https://vcxx.activdep.top/
Certificate
IssuerLet's Encrypt
Subjectgetyourapi.site
Fingerprint9C:58:80:60:FB:F0:20:BA:C4:56:8D:5A:95:CD:5D:1F:5B:5A:BC:09
ValidityWed, 08 May 2024 00:06:39 GMT - Tue, 06 Aug 2024 00:06:38 GMT

File type
JSON text data
Size
107 B (107 bytes)
Hash
196ae9d75b3b48187796b56466008bdb
b76f0883cd023711c45f6f54b8e2eeeb19179718
6f0b827bf18c093069d5b91458b89408c601c22a6c75139e3dc5fcf030ad2163

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/geolocation HTTP/1.1
Host: getyourapi.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vcxx.activdep.top
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 10 May 2024 13:05:16 GMT
content-type: application/json; charset=utf-8
content-length: 107
x-powered-by: Express
access-control-allow-origin: https://vcxx.activdep.top
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
access-control-expose-headers: content-type, authorization, x-request-id
x-request-id: 42d6d2df-2ddf-4436-86f5-592f5f3dc2c2
etag: W/"6b-t28Ig80CNxHEX29UuOLu6xkXlxg"
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/flags.png?1

104.17.24.14

67 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/flags.png?1
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

Requested by
https://vcxx.activdep.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
PNG image data, 5762 x 15, 8-bit/color RGBA, non-interlaced
Size
67 kB (67119 bytes)
Hash
8ec9f8e2915d6bf684abf7629a1b3df0
00e80b4f1321a71de50ade6eaea01eb1713c5ce3
3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b

HTTP Headers

GET /ajax/libs/intl-tel-input/18.5.0/img/flags.png?1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 13:05:16 GMT
content-type: image/png; charset=utf-8
content-length: 67119
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65a3eb4d-1062f"
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 848851
expires: Wed, 30 Apr 2025 13:05:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2TjX8lM3T%2BuGA21hJYbtvxiQjWLkKILi9J2dKhmo8ORC%2BmdRzndbIyuS93uYW4uG5yrPUTOX3mf6qg50etjYCef812kZoffB1LwW5CP4nuPvutTy4HJ%2F8uy3gmlCnq0by19WJ%2B4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881a23cc3c8f0b45-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/utils.min.js

104.17.24.14

200 OK

46 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/utils.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vcxx.activdep.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
46 kB (46045 bytes)
Hash
b34007e0189bdb6d937004b2d35dc0d8
4836255d80bf984e066263a2bffaa1467cfc4cb5
b35c83e4dc3713230edfbda43508fb2fb92d8e07c4189f19d201ba199ef810a2

HTTP Headers

GET /ajax/libs/intl-tel-input/18.5.0/js/utils.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 13:05:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 46045
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65a3eb4d-b3dd"
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 840281
expires: Wed, 30 Apr 2025 13:05:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eoB%2BwdBGToMQybxzHIypp40yNpN7iMjZCydKTGUkDU97n5sqQ8odmGMiOg0095UnQdRt0gNCnktJugHrJkVoumfk%2BFHtaqy9a0FZq6pYqPxSTDh0hnBLjCMZQac6Q2cppkE6%2B9SU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881a23cc4ca00b45-OSL
alt-svc: h3=":443"; ma=86400

vcxx.activdep.top/src/css/main.css

172.245.112.197

200 OK

22 kB

URL GET HTTP/2
vcxx.activdep.top/src/css/main.css
IP
172.245.112.197:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://vcxx.activdep.top/
Certificate
IssuerLet's Encrypt
Subjectvcxx.activdep.top
FingerprintE0:BF:FB:81:AB:3C:54:F8:53:EF:68:CE:9A:3C:97:36:E4:74:2F:9E
ValidityFri, 10 May 2024 04:05:23 GMT - Thu, 08 Aug 2024 04:05:22 GMT

File type
ASCII text
Size
22 kB (22539 bytes)
Hash
9ef3fcedd16751ae759f9e12ead83402
500a56df1e6b813db344a095616c12be08efd0f3
8fe1d873755bb396753f6c6f676c6b6843bd492b5c7a7e8046eba86569defc3c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /src/css/main.css HTTP/1.1
Host: vcxx.activdep.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 10 May 2024 13:05:15 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

vcxx.activdep.top/src/js/chartjs-chart-financial.js

172.245.112.197

200 OK

13 kB

URL GET HTTP/2
vcxx.activdep.top/src/js/chartjs-chart-financial.js
IP
172.245.112.197:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://vcxx.activdep.top/
Certificate
IssuerLet's Encrypt
Subjectvcxx.activdep.top
FingerprintE0:BF:FB:81:AB:3C:54:F8:53:EF:68:CE:9A:3C:97:36:E4:74:2F:9E
ValidityFri, 10 May 2024 04:05:23 GMT - Thu, 08 Aug 2024 04:05:22 GMT

File type
JavaScript source, ASCII text
Size
13 kB (12827 bytes)
Hash
48fb3d691cf8357ce476467e75d2e6ab
805f49ae1321067a4fe3b178f91c8268fb2b17c1
45556bdd40d572b92327f44e2fe9e8b862a5474d39810347c7181df00cdf0e05

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /src/js/chartjs-chart-financial.js HTTP/1.1
Host: vcxx.activdep.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 10 May 2024 13:05:15 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@100..900&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap

142.250.74.106

200 OK

6.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@100..900&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://vcxx.activdep.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (6309), with no line terminators
Size
6.2 kB (6156 bytes)
Hash
73d47832d42f9d01c4b7bcd682e846d1
0cfbd336deb9a0c50bfad7561e5e4f970ec98f1a
a057fdd4525e0dbf72a32e9089a3ccd00d1e0f174f5c64762ce5a7d44ed2dfb8

HTTP Headers

GET /css2?family=Inter:wght@100..900&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 13:05:15 GMT
date: Fri, 10 May 2024 13:05:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

104.17.24.14

200 OK

88 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vcxx.activdep.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87533 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:05:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 27446
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ed75bb-6b36"
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 207587
expires: Wed, 30 Apr 2025 13:05:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bEdsE2yEia2dXfDmXZ2uvJU9L1q%2FDzt93jWFw0MRKxNtjEUEJXQiefOm3sRtj%2BcS%2BLIcgO21VxqiHV9xZoj1JgeLbmvtbaDw4DazKZO6ug8H2pu9srgz1KJ9bOs3%2FGWLXZI9jlcr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881a23c38d01b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vcxx.activdep.top/src/js/timer.js

172.245.112.197

200 OK

1.7 kB

URL GET HTTP/2
vcxx.activdep.top/src/js/timer.js
IP
172.245.112.197:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://vcxx.activdep.top/
Certificate
IssuerLet's Encrypt
Subjectvcxx.activdep.top
FingerprintE0:BF:FB:81:AB:3C:54:F8:53:EF:68:CE:9A:3C:97:36:E4:74:2F:9E
ValidityFri, 10 May 2024 04:05:23 GMT - Thu, 08 Aug 2024 04:05:22 GMT

File type
ASCII text, with very long lines (1931), with no line terminators
Size
1.7 kB (1745 bytes)
Hash
9b6491ac57dcf6e58b485b813a7480d3
53c329493500271e4b0e4cbc09f2803257f14632
cc409490eb10aac2b80e128d6bf8ebcec8462304071da9786fd16e9d499197a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /src/js/timer.js HTTP/1.1
Host: vcxx.activdep.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 10 May 2024 13:05:14 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

vcxx.activdep.top/src/css/form-style.css

172.245.112.197

200 OK

6.0 kB

URL GET HTTP/2
vcxx.activdep.top/src/css/form-style.css
IP
172.245.112.197:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://vcxx.activdep.top/
Certificate
IssuerLet's Encrypt
Subjectvcxx.activdep.top
FingerprintE0:BF:FB:81:AB:3C:54:F8:53:EF:68:CE:9A:3C:97:36:E4:74:2F:9E
ValidityFri, 10 May 2024 04:05:23 GMT - Thu, 08 Aug 2024 04:05:22 GMT

File type
ASCII text, with very long lines (6390), with no line terminators
Size
6.0 kB (6019 bytes)
Hash
457c04b974d1a4363e95d928109c33f4
76a43d31dba7a5938d4ac9095850d0a79589e32b
df92f48a396073102cfc9bd260143a58ccc91918f8a37c90d3ff59df5db685f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /src/css/form-style.css HTTP/1.1
Host: vcxx.activdep.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 10 May 2024 13:05:14 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

vcxx.activdep.top/src/js/index.js

172.245.112.197

200 OK

4.5 kB

URL GET HTTP/2
vcxx.activdep.top/src/js/index.js
IP
172.245.112.197:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://vcxx.activdep.top/
Certificate
IssuerLet's Encrypt
Subjectvcxx.activdep.top
FingerprintE0:BF:FB:81:AB:3C:54:F8:53:EF:68:CE:9A:3C:97:36:E4:74:2F:9E
ValidityFri, 10 May 2024 04:05:23 GMT - Thu, 08 Aug 2024 04:05:22 GMT

File type
Unicode text, UTF-8 text, with very long lines (4955), with no line terminators
Size
4.5 kB (4503 bytes)
Hash
85b15ef198d8b3b946710eb5d4c6b7b7
7b13451134e81407298661c28b7b645e6d570476
9a4d9464976d8b111d62a7d6c1d9d63e7a521026bd4f652c052f2e8a24ebc5a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /src/js/index.js HTTP/1.1
Host: vcxx.activdep.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 10 May 2024 13:05:14 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

vcxx.activdep.top/src/js/modalPhoneError.js

172.245.112.197

200 OK

1.7 kB

URL GET HTTP/2
vcxx.activdep.top/src/js/modalPhoneError.js
IP
172.245.112.197:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://vcxx.activdep.top/
Certificate
IssuerLet's Encrypt
Subjectvcxx.activdep.top
FingerprintE0:BF:FB:81:AB:3C:54:F8:53:EF:68:CE:9A:3C:97:36:E4:74:2F:9E
ValidityFri, 10 May 2024 04:05:23 GMT - Thu, 08 Aug 2024 04:05:22 GMT

File type
Unicode text, UTF-8 text, with very long lines (1843), with no line terminators
Size
1.7 kB (1727 bytes)
Hash
2dbbadc4c93373d461f37271ce711362
4e8513d9116a21ef8217330b876366a2fd3b59d8
078b03e0a90210a35085a86e2d6c5d437b24e6e5f2e79aeecf03c545711d1a0c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /src/js/modalPhoneError.js HTTP/1.1
Host: vcxx.activdep.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 10 May 2024 13:05:15 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

vcxx.activdep.top/favicon.ico

172.245.112.197

200 OK

10 kB

URL GET HTTP/2
vcxx.activdep.top/favicon.ico
IP
172.245.112.197:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://vcxx.activdep.top/
Certificate
IssuerLet's Encrypt
Subjectvcxx.activdep.top
FingerprintE0:BF:FB:81:AB:3C:54:F8:53:EF:68:CE:9A:3C:97:36:E4:74:2F:9E
ValidityFri, 10 May 2024 04:05:23 GMT - Thu, 08 Aug 2024 04:05:22 GMT

File type
MS Windows icon resource - 1 icon, 50x50, 32 bits/pixel
Size
10 kB (10462 bytes)
Hash
44764f1f4598527070c32d1e92f509b8
3c701cc3c3312cde59707793fc5e91d56cb7f8ea
d6281ba9c71e3f9e77703333a9a1316c65a171a0475b098ca55b6ab05c1649ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: vcxx.activdep.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 10 May 2024 13:05:16 GMT
content-type: image/x-icon
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

vcxx.activdep.top/src/images/logo/logo.webp

172.245.112.197

200 OK

42 kB

URL GET HTTP/2
vcxx.activdep.top/src/images/logo/logo.webp
IP
172.245.112.197:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://vcxx.activdep.top/
Certificate
IssuerLet's Encrypt
Subjectvcxx.activdep.top
FingerprintE0:BF:FB:81:AB:3C:54:F8:53:EF:68:CE:9A:3C:97:36:E4:74:2F:9E
ValidityFri, 10 May 2024 04:05:23 GMT - Thu, 08 Aug 2024 04:05:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
42 kB (42044 bytes)
Hash
8ebb55e4c5c214a7617bee188da9c1e6
ad791c54d3e7215a641dc4360430821179ae4a83
01142988d4b6ff9770570740889fa0a1d7e48861ea08eef3196b2d0a80c0c9ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /src/images/logo/logo.webp HTTP/1.1
Host: vcxx.activdep.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vcxx.activdep.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 10 May 2024 13:05:15 GMT
content-type: image/webp
vary: Accept-Encoding
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML