| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | 302 Found | 9.1 kB |
URL User Request GET HTTP/3cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hash2b0fe540aecd40e3de352fd0a387bda0 8197fcb1579ecb2d5791a57ad903fa79483dd912 76286fa28c1b9b2167547ca08c5c7eb734d64c3c1455ebc97f02d89d0747da91
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Sat, 20 Apr 2024 10:30:48 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sx3pfIk3NUcb0gpO9YKZiUYqw0iQlXERLWxvJPXfJPmvaDFHX%2BKiZiWiO%2ByCDDvZj2EMp0PNmPljyR7X8VFxr%2BS4sB13QJRAcbXwOr9AtI43SAreeMtyCrBrxiNJ9CtnpUeq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774760aceaab511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | 302 Found | 4.5 kB |
URL User Request GET HTTP/3cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
File typegzip compressed data, from Unix Hash71d1778a4a909cb419c06db39876d0ac 630e8a15c3bcf7f5a82a6538f7a4a8e44c58ce0b c6cd7e7d5ae914482a56da2c3cd5bfe3ec82627d394e4c6adfc375515ca0d4b1
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:30:49 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pb%2BIvKddSavmsToPRXkiyq4qfFqKh0zDpB1izlPHRld7dq6xmNTlod4v03MXYCJ06c%2FbZyRCNcpNXOyeU9HflMOcQj%2BCaQHeZgZ9TFRdwJjpoJXvv4RoDWx4VEN57ORonUyQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774760c4efd5699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.97.1 | 302 Found | 0 B |
URL User Request GET HTTP/3cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 20 Apr 2024 10:30:52 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: ./login.php
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PSzx4yUpyFlHsgqVK4BLECpOJwiyTAqARs5fQ33B0RtJB81AwBZ6RQUjFBCJvoSd35ALJSy%2BcU%2BFvHgRHud9OIubSyZCfGfWBjWB21rEPHIBhcO64E1HyAt9PTQWohokcli6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8774761fb8925687-OSL
alt-svc: h2=":443"; ma=60
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | 302 Found | 0 B |
URL User Request GET HTTP/3cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:30:56 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2%2B3roXHS9usE1u7UN0MitFs6sd80jypxeHd5HCANaJMuQHmCGAfqXA0Vo1hbT%2BZD9iLup2BCYUrzc564%2FiYJDlst6sNF7kcRy%2F5G4KtLZNICah6ryeqRfwOgTejWeJPFUqW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774763c0b905699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | 302 Found | 6.8 kB |
URL User Request GET HTTP/3cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hashdc5eac733c8c72e4d5d3b97ac7b7f71d 1d7f02ba8d5ef5ce0293c1317f63247ec475e565 24bb1afee24b7082c480743e742578c4584e3b1d2f4693e1e25dd9ef4a30b49a
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:30:53 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2FABwdm3y7YO0b8n%2B7MpwUYOo5iWsBZ%2FscMHcJbjQKc%2FI726LmbbQ1gmWsPYRgblG%2BfuNReiGxft4sdzDUtG2DpbZTtkbQj1gCWXEU%2BWmpIBBEHiMykNyOKJzrPDExeSdQw%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87747628a82f5699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | 302 Found | 13 kB |
URL User Request GET HTTP/3cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hashe9927a1ac0b1ddcb3ac489788a0ba192 3d82d16629958d8bd7fafb971001105305ab6d20 5dc157213e4323b480d36860200b059935262d59d4a45ea398c3676780aea531
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:30:58 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FqmguR9ogeo2rjtApIOwGM1P4TLNj0xh0Mi%2BQzLAM50RBY4xSBuLYVkGCe538hLtKXFSJnvXOWkKdDaxbwsuF5PHlwxh9AmaSSr99XN%2Fps78rPrcw4cF1sh5Nt5mObOWZVY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 877476452b6b5699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | 302 Found | 6.6 kB |
URL User Request GET HTTP/3cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hashca79315f896ed1dc85563dd7b157d8e9 c80c89d6d3df2e9ccdae76a50e3896dae36f8302 ff88ac2e464c5a33b73f151871aa5f367ea33e0536a6083a76a577d25038c121
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:30:59 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWlPrAKc27fp36Q3PoUT8QqEsNdz0tpans5GdXjQN94ZVFbY6kMjCMgIkYMF72HR%2Bd6xbWA31lyGepMUGW3tt2xYrcpzKggMtW9n2JposwLQmpLQd8tScwC2xR1FPFZr9Nb6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774764e2c515699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | 302 Found | 4.7 kB |
URL User Request GET HTTP/3cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hashf90f4a367e1aeb5312cc492e614efc16 7f9f94738d75b063d54a3b524ffef3d61a4e1d7c 8c6bbf6cbd1686fc4d9f466f97f75c7150760704af4588c74901f1192ecf0908
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:30:49 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AIdQvlZK%2F5CUJiEbt%2FDbmNlYKmd%2BqrC6LWT6vDPemNAtmhp2GCpXAH1%2Fc0SdqaYNy%2FEoxoG28Lh2GwZCcFqpsTfuRVOs6282rV8EADdNQoW0o9%2FunzBt0mZvmX03RfN5%2Bzgy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774760dc8a25699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | 302 Found | 0 B |
URL User Request GET HTTP/3cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:30:58 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8QL3fB3TuV08vlPCdu82el53WgthptWgMS2RhQrRuKoQBV8D8EgxoiMbItZz0BMZ1iCFYpy8Z7e4WO0Yno%2B1UHOw3aJaueU5XACNAY6OA8phTr6YmEHeqqYP7rio60%2BZmZYB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 877476481e345699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | 302 Found | 0 B |
URL User Request GET HTTP/3cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:31:03 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AElnpxE1t4HF%2Fp26HZ7dw4EaHmgEl9oanBSdSCjT9Se8eyAeRsrRdo9r6FOBEeVhSpY3%2Fkgi5jWcS%2FAeyL68%2B4db1ZOObGR8RI3uniIA6ehXs3ChuCar7ErB2WrQhcDdV6%2Fr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 877476632f4d5699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php | 188.114.96.1 | 302 Found | 0 B |
URL User Request GET HTTP/3cashcomeclm.buzz/dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcashcomeclm.buzz Fingerprint14:4A:D0:DA:E1:05:3B:50:88:3B:F6:E9:B9:24:64:7B:FF:22:42:AD ValidityThu, 21 Mar 2024 05:52:14 GMT - Wed, 19 Jun 2024 05:52:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /dashboard.php/login.php./login.php./login.php./login.php./login.php./login.php./login.php HTTP/1.1
Host: cashcomeclm.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 10:31:11 GMT
content-type: text/html;charset=utf-8
location: ./login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYpvj1xvu0QB4Y24z1RplsBZ5dOBXb0p%2FOcw8a%2F5pQnFB4DziQ3sYOSv3dLC7zkXKGpb1IbA5jrz4SQ4kmSA%2F7Ppccp%2FXszy5NICZlumCia9wvZPc7LG2Vt%2BM1OG8kxTixSu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 877476947b465699-OSL
alt-svc: h3=":443"; ma=86400
|
|