| www.googletagmanager.com/gtag/js?id=G-JEXMYE23FD | 142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-JEXMYE23FD IP142.250.74.168:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (102179 bytes) Hash432e641259068447ce1601e37eb845e2 48aac03fb208176af7cf10d322e6f320ea771317 378128be4a360affb5ed86b333cf540cdc259ec8f59afc6507e59c9e47e82333
GET /gtag/js?id=G-JEXMYE23FD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 17:19:15 GMT
expires: Fri, 10 May 2024 17:19:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/pc/i-1.png | 188.114.97.1 | 200 OK | 1.7 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/pc/i-1.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 202 x 63, 8-bit colormap, non-interlaced Hash4334bdce0b3df4a0ac84015319b3f914 4bdf3b35c698dfe1ddcd76be9d2e5a0e75ac11a5 d25780ac26fb9e07e630e83aa7ded5ae3e7dcf0e0d0c4cffbbcdbe7f61f47ecc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/pc/i-1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1703
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-6a7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7%2BfRrLglRw6ROdp%2BEVNE%2BbB3u0L9OtfYF1ZCggzI6nI2HMGyOIwXFE%2Flo2PBrNNBPUBpKlmKejYj1JRymn2APWUu8AOEsA%2FA8tPCUCxME3L1cE%2FFpBZRQUpP%2FlVqJI7p361PRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d6fc08b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/mb/t-1.png | 188.114.97.1 | 200 OK | 5.8 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/mb/t-1.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 404 x 46, 8-bit colormap, non-interlaced Hash594bf6863b164fb33964c43f13a6a8f4 412b70a7b5ba9ebfa78272115be7ab16716ca45a 9a38b9797a3e067e2be21c64a4a702c3bd54cf822364a32bd24a25d4e70d9802
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/mb/t-1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5773
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-168d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JWxIFq19zESpjOHVdHCdHWrwjf8XgKKC456TvGERFx7Dwi8UQr610ZIeebBvHi15JrpPWBkjzK89FAeZW1w6wA9F5Hg1fsSi9xvVHuKzzXHcKFnuvWTHn1ZKl1Cyukdt4hNhP5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c25b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/mb/i-1.png | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/mb/i-1.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 82 x 98, 8-bit colormap, non-interlaced Hash636ce831e1ad6ccca447a9d0cded9bfd bf1cf31dcead12ecddff993438564768b70de053 672d33d35d1b11c50e3c4ddc870a9e11ca5176229aee5f8741db4cfbe1bf6022
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/mb/i-1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1240
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-4d8"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BWCbp3v%2FkimkL2yxNbQycIobZZpWke6kxT1hisysDw5mWtf3lDD3a%2Bg5SrkpHXkBQzUUyb3IvwmH1MugX3Qq6GwRJq%2FXtLzdp7QQvhcvbaOqcBSpkN7UIEUAA8yrOwySeICYFQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c1db517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/pc/ioss.png | 188.114.97.1 | 200 OK | 4.4 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/pc/ioss.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 369 x 147, 8-bit colormap, non-interlaced Hash019c2ee0ca06c3cd4a38e0ab708792e3 5920fac195823f0639147b76479e49161df55c5e a9a4070125baf76893a6ae528ed77c290845e7085a4b843646f42d77cc94fcfb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/pc/ioss.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 4428
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-114c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tjLUBAFWYtjTrq2OioGCKM5fgGYHzBtMbEZ10%2FIzV%2ByqNdpxvCxC7IMN2QHgca0nqt10S7E%2FwLzC2QIKgV6v7WvebVXICGsRHR0ZFHHOuFBJjLmJ85mSjaYrOeLT%2BpVs5Damyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c13b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/cell6.png | 188.114.97.1 | 200 OK | 6.1 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/cell6.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 720 x 150, 8-bit colormap, non-interlaced Hash038e5a14ed1f3ca80695cd8b34a86c63 c8c72f1b297cdcdfd3bbe1005c963e307486f528 2f52d813dd8c88780a7c5e671c266b293f3a2dd1fbedcbcfb6966dc6e2a444ee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/cell6.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6107
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-17db"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWiwjlop%2BWL0ozJjQlM3wtvppI2eN1nvhdiyhSXHFgHEzwGfjJ4Mt0%2BKo%2B%2FsMQgysNS1dhppBxkvc6SO52x%2B%2B2XJwFmbUKfC22ZLqquqkrkfcc5rZayF3P1TaGqoYrXd05BMPo8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d72c4bb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/pc/uc-txt.png | 188.114.97.1 | 200 OK | 6.6 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/pc/uc-txt.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 636 x 86, 4-bit colormap, non-interlaced Hash2752c78ada42df9633e4a27100d7d48d 60029bc65a187b2081ab5c67b5fd2a217a31b143 adee13ca2b87f3f5894dec3bd8ac9c4814163a86b4a2b3c671082cef56dff39d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/pc/uc-txt.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6636
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-19ec"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3cM3GaPWD6fofQaCUVGNae5qoJVngNZUFlNSiXj9%2BP7u26Y1yF1i%2BYQkII2agjfWeKdhqyHoS0tILj74kaT5fKQp%2Biu9Fe5lWfBzPKW%2B8Y%2FpDmYjef4ZFN6Jq7Zldrl4VXVuZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c18b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/pc/logo.png | 188.114.97.1 | 200 OK | 7.0 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/pc/logo.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 373 x 99, 8-bit colormap, non-interlaced Hash9de51d7e207b377c3f540ecc72a37cca c5c0aed86ccc36a2b80c7be34369522811c6029d 3b5759c595fdc08b3da793a2af95f71a5613438d09917234cb694e4f4d9e81e2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/pc/logo.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 7017
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-1b69"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=occxbVaJn%2FP3dHafeXtA5FygGqj7ozaxo2cHm0PjXHl0wh5DXbEgNhF61%2BoiYikJSDkmf83W4b8c15BhHQZeuBz19pbHHOw%2F9TG0Vw%2Fo%2FAbXwIWI4txvS7QWUa7iWd5rsll%2BHdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d6fc03b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/pc/txt.png | 188.114.97.1 | 200 OK | 89 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/pc/txt.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 915 x 375, 8-bit colormap, non-interlaced Hash7c3ca39069e923aeac64c05d8f982e76 473c72091f12bcacfe96c1768c28aa37456ec992 c0e67374f71c729470b12607cc64d793dd6b4b10b3ae6715758b6a98d5435ac2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/pc/txt.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 88893
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-15b3d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hr1WWM7A7GuBE0l8zGTk%2BFw1S4X6YS%2BIvg%2BMp1xKwODoo4pe4t01TO5ytI3Ez5OCWrqCU7Ktxi2m66Dmg4mTQSvE0RNTp8j%2BVUxMgyECVoX1Glwv6wGlj9NYzYGoyQxTnoANSlc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c12b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/aff-a6Pms | 188.114.97.1 | 200 OK | 7.6 kB |
URL User Request GET HTTP/2ac796.rgscnqnx.com/aff-a6Pms IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typeHTML document, Unicode text, UTF-8 text Hashc7fa61e171c99342915e0f1fb74adef8 991149ee0548fe4f8e4b0e74f02dec964d626682 692c0025d2fdd6aa30672ac35db08658b32510a5cb3406f1e9b3aa35efa5456a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /aff-a6Pms HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 17:19:14 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.31
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT,DELETE,OPTIONS,PATCH
access-control-allow-headers: content-type,token
set-cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D; expires=Sat, 10-May-2025 17:19:14 GMT; Max-Age=31536000; path=/; domain=rgscnqnx.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2F52vnWfjJk%2FZ1OS9qhT%2FcrM63W%2BEtEfpT%2F77S2wP95c6nhZGKhybcqh5UJ24T6so1VMQOgJmYZEIDItFVEYNJ%2FZPB9Q7JS5gf6Z%2FLn%2BR%2FsMHJ%2BNf%2F%2FIBKrK6%2BVp8o8AALIsadc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97d26c0ab518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/mb/i-2.png | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/mb/i-2.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 82 x 98, 8-bit colormap, non-interlaced Hash1da234baf9eac9e6d474a879603f61b5 b6277d915c91c40304fe6f617813191a65102916 d8f64f2084dca795324686c7ae26f0aa098f25eab2c5d889dbe8b9624e726649
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/mb/i-2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1073
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-431"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fPy13ejkfoLrw20MFH9zs3nZk5yHj9ucNZguILR7C8ZYMFQiKvbfsVUVYrNzzS7TzFogiUNKTLS1oWMwiUyipA4uiCtCI5PaMsjDCLIyZYIchyMPcEYsIY5E5g18E4wEsDDIFBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c20b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/mb/pic.png | 188.114.97.1 | 200 OK | 155 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/mb/pic.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 744 x 1226, 8-bit colormap, non-interlaced Size155 kB (154975 bytes) Hash61fe8c48f935dc347c6e6c0ec88fbede 51627f44c480d7ae4906e391787e764b13f34eec e5ff3e5e3a2b3da2ca4290fbf1d8a74163f0c13fac75be382d764dab57e90ee8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/mb/pic.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 154975
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-25d5f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gdU1rU00ohSpBKlxQy0YadQfx6AjWToH3aUPOL7Rn0ZxHbFadxxJbOKi1%2BmcYwMGWqoz%2F%2ByxYdAV%2BVK5Zp7Fh7DZ4SqEG%2BiLYZHRgy4sozIEXFOG%2F3p0r0zYj0ZlrWVdzm7DenA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c24b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/mb/t-2.png | 188.114.97.1 | 200 OK | 5.6 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/mb/t-2.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 442 x 46, 8-bit colormap, non-interlaced Hash6f10a9368a476f34b5c138775f65a915 672624afc5c9914b746b8da340b86234151aa31a d4a00661042fc8819134663fd349a6b80697f89e0f66efc4df763ae3af3c0d1b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/mb/t-2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5645
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-160d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TfZVxYxLfLjPw5Q%2F1ccrKSP2qpxvN3YJEn9CUk6WzL%2BT34%2BtwaVn4Apix1X%2FokesSukEmPd7cbuKe22CJAdkcL3K5af4b%2BPZSKDR8A%2FBuygxBub325j%2BD6RxyotGkXY6c5bVags%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c2ab517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/mb/ioss.png | 188.114.97.1 | 200 OK | 4.4 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/mb/ioss.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 369 x 147, 8-bit colormap, non-interlaced Hash0f59e11b139cd82c605fedcd9aeedf54 a84a233086c6a26a559415d246e47e81040decc5 54f4fabcd2c837f5e5e045b22720269d8e100128d4f5e299f39ae5e3fd817dc3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/mb/ioss.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 4411
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-113b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NxNKDgCI5JYWlCj6GsC4veH69ZR%2B4jqeg8UI7RMob9MhzZve0h70O4HJIJF09FkcQ0KL7Zc6alxfcHX%2BfZCVEIPA3M4JdOit9pqWu2bcuKCdXegPX1J2kYEioM1mkKmy2pRojCk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c33b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/mb/android.png | 188.114.97.1 | 200 OK | 4.3 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/mb/android.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 369 x 147, 8-bit colormap, non-interlaced Hash6ee904ecd182100e6c0b66931b500a79 1d5b0038505367e9c97d66916df35dd656310370 702bc0e88a559d4dcb4b9e70310f74df6fdcfc3b5857bbeaab4c891df823a766
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/mb/android.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 4279
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-10b7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UaK0PnRPtNvSdNaQ7CqFJ6qbvkojrNS6CaDlxA9EQRo1r%2BnhN3LDYld9a1uOnplSZY%2BruzdIjDbpLr14XDbKcsNkjujlP38n6VDnn81F1DY9QeGnVhNK8%2BbHvQvT9eGHGhrfFEs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c35b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/u-1.png | 188.114.97.1 | 200 OK | 2.4 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/u-1.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 356 x 39, 4-bit colormap, non-interlaced Hash57ed3c9d609d9e221f354545b0798fbb 767325bb3bd7a57f3b6f6fd5cde4fac1eeb203db 5433fd78ad6fd8ee739c67b73e7ce9ce7010a880608247554009de1942e5deb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/u-1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 2367
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-93f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktPXft2a4TolR0rIPVpiyUxvk23qOyq1%2FR9tKfvR8C%2FkO02dCiNvdt37u3EsAiAI2entq8agUgA2cDDdkDFFcPkjPhiBRZ02gVQsShIMoUnFhB7OFZ8nKzOtJZ6L4ryYxEPey6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c38b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/cell1.png | 188.114.97.1 | 200 OK | 6.2 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/cell1.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 720 x 150, 8-bit colormap, non-interlaced Hasha9587e9c91500b6040367985eb9d07f5 1cfa85e7bf6a96601ead3c46d2eb72350719b9f7 64b3fda9ae033986ef391c1b2ca752847614adf84192658679c019a5f09c9d83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/cell1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6177
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-1821"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qN1aR0k76JkFTM9ziunMiVcJFqZwIp22OAeMtm3epI7OvE7ersbrjusMJ%2BwFF4BXWDhwlFa%2BdW7RzOnpBU7t5Xn5AcnU5edIswh0w%2BfizYUQpeiuevI6TU5zXGi23XCf%2F6NFUkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c3cb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/cell5.png | 188.114.97.1 | 200 OK | 5.3 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/cell5.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 720 x 150, 8-bit colormap, non-interlaced Hash86293b8796f4b416c3e0eb5c0d8e9f35 01adeb3409d3960fe103656fd136298fdc356661 53fdba7fe44ce32e1fbd98ed872c02398374a708365979a94466606463d11465
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/cell5.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5311
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-14bf"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B2g0RWM0tRV%2F7pVHRK9PrUlIhhlizTcNDFr8qWVaPs41M93uvFfvKCfpToPYODYCTyxtpieEq8U1UVRgVnPwQjuXaaN7i%2FEUwVjPEGAEwlfCW2bRL0To3z5RYRXw9%2FXmrJdDwkM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d72c47b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/cell7.png | 188.114.97.1 | 200 OK | 6.1 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/cell7.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 720 x 150, 8-bit colormap, non-interlaced Hasha4ee93d1c7fd79c516ccf591c1fc6bba 86ef5ec983a26ce047d5018b7cd4c0b70c031a9b 99e585d6e7ae562e27771af50dc840dea44f866804a6cd52fabdf4ad3f53e985
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/cell7.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6116
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-17e4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rCLME8x0UGiTPRLGDRgXmkhzVHqkgZeV8nij3YfaR5l9VxYcZaFyR07tZbOzvVc%2FR%2Bbj6wq3myLKL%2FKVYsnD9x%2FnWmt991qfVACmn9f17ckCYVmUZvqqgUl82XjOw%2FK1VPSuhA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d72c54b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/pc/pic.png | 188.114.97.1 | 200 OK | 167 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/pc/pic.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 879 x 1080, 8-bit colormap, non-interlaced Size167 kB (166555 bytes) Hash6a09519d389c5f729a9443ebf655b97e 3881fceda32279cb43656d399f9ee032e3f25a6d 4f225a9cc184adc6636ac0d1f1c4e98573d2681319ffecefd7c8e8238da2593b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/pc/pic.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 166555
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-28a9b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rgX4s%2Bf4bmpQuBq7G2zH0dU1JL7uDnU2uTEoS8GOdlAPYrjWCQo1JK9s76%2BdlQbeLgQS%2BMgyt6hM4woAAxVevirvhBqJBW0vjBbFAr6sEN7nAdUW2KPNjEoB9Kb72iWC0%2Ftzik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c1ab517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/cell2.png | 188.114.97.1 | 200 OK | 5.4 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/cell2.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 720 x 150, 8-bit colormap, non-interlaced Hashb1377336e9daae5f3c9328158755f5fc 2d818c295831e757b57c655a18b628e8538b6713 91a37811413835084279b88c711ef9485dd23c2c96d92102ebe12eda3377ff1a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/cell2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5438
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-153e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6e%2BvU6fTtq1ex1fz5VtUmfud20nxd27SYVRnEQavw16FW6AzHkGzEI%2FFT%2Bs1weJDG8a7ewtsgoxo31fa8iMsX8BfTsMOa4On8yivSCAl2vl7An3SJBgcyYIuNgK5GWc%2B%2FLqgoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c3db517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/bd/close.png | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/bd/close.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 86 x 86, 8-bit colormap, non-interlaced Hashfdbd8a06c51b4d7789650e33f648e191 d79ec516a34565a7b21c085401b13f50ab341ee9 62c7f7026b06c6aded2dc2d7ab2e65c44cfafe791b3195ecacbee0a2a833abc4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/bd/close.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1091
last-modified: Sat, 27 Apr 2024 06:53:43 GMT
etag: "662ca0f7-443"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wn%2FuDi8qF8Veeyt7CKK%2FS60CVSLF9XCcyvHILgmYmm4KD5sKPMAuAaYn7lxpqCt4WQeG61%2BJ0FaEx9cSQWKZ%2BbOTDsIusSFbss8IO9gVDQh19NAy6O%2FGGbJRGk27yI3Ibf3BpE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d74c98b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/bd//desc1.png | 188.114.97.1 | 200 OK | 47 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/bd//desc1.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 680 x 900, 8-bit colormap, non-interlaced Hash8705ee8ec2bfc37a872134b3eec8c6a9 8703fd7ae61cdfe9393143f7119554fc3e7e2de7 d700835f23ea7cdd840352fbfc819be01fbe781b3f64799366844f1ce7d77cb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/bd//desc1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 46636
last-modified: Thu, 09 May 2024 09:24:10 GMT
etag: "663c963a-b62c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KSGl4pQGzXAbt35naiuFJWg68No8yGxAsJb3cefRXNGGmzAmsEBwRH9B68VWYGJAJpXVHYxK%2B%2FGPH9NuKUEyFRzFmnEqOHRYBFB%2FW8o4pUNAWm5cpLQnCPnS%2ByFHXNOYuvJIQ%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d75ca4b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/bd/btn-2.png | 188.114.97.1 | 200 OK | 3.3 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/bd/btn-2.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 264 x 62, 8-bit colormap, non-interlaced Hash63c3fa8e89567ce5ad4a0882289e3cc3 e49940c41e868224c95f107fb456c3ff866a8526 3da28711040e5e8a452643c7019ed0650234696c6fd143ec362988afd6ebc51e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/bd/btn-2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 3270
last-modified: Sat, 27 Apr 2024 06:53:43 GMT
etag: "662ca0f7-cc6"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoOWC86T7u0WDROz1M2JnKNDnijqQBHgVO6IdabP2ku%2FoEAvox9wUFp8ebOZ4GJrCZ9ZE4mmOpU1UCLbjgQhQJ3nSEqaI%2Btic98GODZMbJKjCcSIU2JizhQEzN6oTjCiIU6zGjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d76cb5b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/cell4.png | 188.114.97.1 | 200 OK | 7.0 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/cell4.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 720 x 150, 8-bit colormap, non-interlaced Hashd5d3f874cf98d7192ef1847251edd7bf d7b550103feb3dcdbc397c95687f75a25db1c59e af06d934e06257aa59fe6d00c3c2de774198fc8ee98f04b2695dbfe46f1ecc50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/cell4.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 7032
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-1b78"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5U9lhIpko7qOoxkMvGiaBFmd%2BBKy86J1%2FAaTjXp78TIh%2FmPBcBda%2BV3%2BCiwRB35lIqqzc2Tl5HGsKV8jsDMMgbIt04ZxT64gs%2F%2FLmPRrfjtu4QuLJ07uaoH3Yg81QDFUGbwJx4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c43b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/pc/i-2.png | 188.114.97.1 | 200 OK | 1.3 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/pc/i-2.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 202 x 63, 8-bit colormap, non-interlaced Hashdc9ba5378033db0debe91db0c81f5cc4 9afbbe51cb49822d5fdd82834fa879eee26e2f08 3a28f557fe672051389c446cb9ffdb9703d59a2260d913d5b08f010e45f78fbe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/pc/i-2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1326
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-52e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LregpdmmsjOkLhgd4UnllOI%2F82xkIT0z2QP%2Biv4%2B1Fd3xtDEl4XANPHcTy4hMirxHqtm1MxZRrehYQgRiYTQWP2YOpzwxFLRI0aohS7kymEyotKYzEYaBNq0SxKHzh7WgQJn8dE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d6fc0fb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/cell3.png | 188.114.97.1 | 200 OK | 8.2 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/cell3.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 720 x 150, 8-bit colormap, non-interlaced Hashae8b563ef0c4e91e573dc9c710819f6b 45e52e2f8441c7e9f2d0f61605d6ccfa74e441c7 ff79e02405807a95ed73838b08286c50a13247396c4e6e618ad76d1c78c3dcd5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/cell3.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 8233
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-2029"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Js0yRP3C35e3MB7iL2ritI9sb3fuTW393qi9lElh18VUWfSEi58mcE3UCTWmg0Nka0Rl8sAOOmE%2B%2BjT4J5g2%2FqC4CsW4VRZnn9EE30aqZ1mMN5whZpRmKSYU%2BlnsFMGAYY1XkTE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c40b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/back-black.png | 188.114.97.1 | 200 OK | 284 B |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/back-black.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 40 x 40, 8-bit colormap, non-interlaced Hashcc355739cc573256612db444b3db4d7f da3403e8ead9d2504f5a299f8957bce048c9b89c ddc99e39422750fd089a08e6cb2e424c2cf66081c6963e0c744ea38667b8d6d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/back-black.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 284
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-11c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSSY8zHPEGIFlTvXNEbwxnh82%2FVQ%2Bb%2Btk76UdG653CjlO5KyrfZHwHRxSjI84M%2BK6Hw7Dqjl5cvfo4icD7bQJf%2BuNA%2B03m3MmS6Xrv6F8dovwr8Fz8CpMBIX7p8V91Wkov7aV8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c37b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/mb/txt.png | 188.114.97.1 | 200 OK | 61 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/mb/txt.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 694 x 309, 8-bit colormap, non-interlaced Hash539f5aa92d005a1566bd1daf16a16191 1af8b92daae1779e956f7e0bfaeb9a2d3d33a6fb c3de145274492826ce8b14f4d74a287835e04b1a5f0499ad3ee93318c1cf01a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/mb/txt.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 60978
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-ee32"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xta8ImhjXyWoMVNgaQmD%2FECyYduHM9Y8ROoG5MQpFjW%2FWy83frHS%2FxCX1OSb68NO7o6WyVtQSYVb0G%2Bq%2FsQF46%2FyqW6gJf6TGARePpr9%2BP%2FTAb7XAhrgHHdgvkZXgURfhTIu7rc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c23b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/cell9.png | 188.114.97.1 | 200 OK | 5.8 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/cell9.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 720 x 150, 8-bit colormap, non-interlaced Hash9a53663c947566b3c0e4d94a29362ea0 29f6515a37d019161e6f932014f57ef1953de29b 3fd395b12ee62e9e7cb099aac708274adb06821d1fbbfd8cfcc17536460f5f2e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/cell9.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5764
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-1684"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CS946p8nIkrCH8WNIFxxfF8sEUy57Q0RZhgtaqX8LjyBsC8pWiU3NUbwAGBLiw8Z5sMLobM%2BT4Jb317RN%2Ff6tW4YZUnYtUIKHII0wYY3%2BbUs%2F7khRbept5qtw6IaXMBR2XKe91s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d73c72b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/mb/feedback.png | 188.114.97.1 | 200 OK | 2.0 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/mb/feedback.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 80 x 117, 8-bit colormap, non-interlaced Hashfe270987dc02ea6ab382cb6cab4aa906 009d7cfec15809a3b1e04d7c125763001ec0548c c12ce73c69f68cbeb1c1b03065d7b99232e73a1354dfc9c2f52e107c976e8b63
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/mb/feedback.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1962
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-7aa"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RopP6lfSspE4qjtmvTRTtrGj%2Bgs6FCyTdPbKmAPs5I27uUENFCKGwZCcmoVpNUkqjEzpnks3eDq7BDfQY0oEIo9Z%2B6Bg0DT9MgZSx0vAhLIQFCNFIdaxNQBr4bqrHQkaG6i%2FF1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c2fb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/mb/logo.png | 188.114.97.1 | 200 OK | 6.3 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/mb/logo.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 315 x 90, 8-bit colormap, non-interlaced Hash5d3e287f3a6569c69b667ab37e7d9d65 e363d105c517b2936d4b83cbd7bf0c7d6f84f6c1 619bf0b4d9e0b888d03f46f7eb9dcf1a45a71a5a346c222bad77ca367deadca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/mb/logo.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6270
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-187e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RChYa3FWR%2FuaK7lcVjmXTJ9f%2F3YAfQekYH135wZ7BgjGZ%2B7kv77YUmeFo2aGiV0kgrX6G4BtBdfjIFiTVed7PitJ8Zd1ULJQHrQ65n8ZXpkuejemQsYq1v9t7ZUB2phDV%2FdDCDw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c1cb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/pc/i-3.png | 188.114.97.1 | 200 OK | 1.3 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/pc/i-3.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 203 x 63, 8-bit colormap, non-interlaced Hash2dd0c5a3d20741f3d24f89bececd808b e3af4fdcaa5afa9b1f0fa8af6c21920db579b9dc c23c7a3df303d115d1c95e9909b80863129e2257431e8c0abad90d9e19448737
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/pc/i-3.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1297
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-511"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i23I9%2FkptrUOIwbqzQUeAghC3O6lNMj4CGAiZTRnylcs4EjIwadRMGBpPQXuBVzMLNtTY3raxdBN2xtxezN7DewfjYU0OWrU9pd39a5uBK%2BzW57aylPz7O8%2BFLZ%2BNQAx9zUCOlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d6fc11b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/doc-ios-1.jpeg | 188.114.97.1 | 200 OK | 101 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/doc-ios-1.jpeg IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x3359, components 3 Size101 kB (100841 bytes) Hash842553151b8c5a03ad2a700e8d65bf18 0d113bfa91574434e84d573cf47a03bbab4bf918 d380687e1ed8145558d9d82d0d371ac0f509b55c75ca7d1d8c6e8faecb35396f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/doc-ios-1.jpeg HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/jpeg
content-length: 100841
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-189e9"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CMZ9pZcT0XqhMyYQzRtPU5eF1QuZ7t9bNFlaj8P7npelM6oJbUY3Rwx%2FU8HkuEqYvpynslDHTwDxj9U1%2FnL2%2FQy%2FJB70umZSLjGDhA33slNv5NnL1L5R5tCNGo3X9HYIcVUkQNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d74c8cb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/cell8.png | 188.114.97.1 | 200 OK | 5.8 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/cell8.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 720 x 150, 8-bit colormap, non-interlaced Hashb09e36867c77e22e510576859396b5b5 9aa78e4a92ccf94674d848ac3f8bbe9df5552fad 25557a05e9713d519f1dfbff8b9e42e58c223a0f8b5b982930a82c0778523e1d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/cell8.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5847
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-16d7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YVpnNNrEjS0wslxPEgrPhH0%2BSql7PmTgBeswAOAjoU96jS6L2kP0%2BD2uB8KWaeTk3yGd8y2BG3%2FPPHdYjl4Y7O3Nc91U5X9%2BNxJGfZo5Da7ukgljgq2pIft7uDt8QyOMy2XaBvs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d73c63b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/u-2.png | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/u-2.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 222 x 38, 4-bit colormap, non-interlaced Hash98fd3be7af2536927819de33bcd6bd43 3b75dae7c926182bade4d54f8961faf054c27e97 8d0bc37c8412c4051ae08918fdfc45d73653bcfc871e39cb46aed81f51092def
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/u-2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1405
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-57d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V91yLppMmnQ0ISDf%2BFdG%2Bi%2Bg6ym2Yg1fbxV2500queqtaqclBjiySUFgrS0cLlnud0cSNXVJ6MSoB4Tm5Jv5uVt6MVWqZMCpk9LNqoqc3q2dau4aB0c6%2FofmdIOCpLuvBfcY5FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d74c7cb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/pc/qr-bg.png | 188.114.97.1 | 200 OK | 6.0 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/pc/qr-bg.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 320 x 367, 8-bit colormap, non-interlaced Hash8dd25b26a5570eafd5c2cd9b60effe01 e7e3cd10d3c16b04af90da34d55d57f875905980 46bb954780b446c6d1d4f2817cb85780821d13795f7aec43130611546c97b5c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/pc/qr-bg.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/static/assetsv11/css/index.css
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6017
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-1781"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95yRvYEyVA7bZW0HXAZRLJorXsu9IY5r9GzsVKwsbpouMXpi93CpBrgVG4Fc58iy4dJHdM3BWNazbNzXZlaa30BsQ%2BO%2FJyQpWepKtDIe%2BCcApkAyG8EBHVtS9gea290s%2F47G4Tg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97db6b2ab517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/pc/bg.jpg | 188.114.97.1 | 200 OK | 132 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/pc/bg.jpg IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3 Size132 kB (131767 bytes) Hash157f9ec7375b7ff7b7bdb2d6713278db 57fe52ac0b2e97e10a8299438eccd2d2ae1a8ba7 83257a2782df42b670427d7cd8a95f27b74b05c3ac84b5c236b82c4ac220a7f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/pc/bg.jpg HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/static/assetsv11/css/index.css
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:16 GMT
content-type: image/jpeg
content-length: 131767
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-202b7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=al4OHsjlNnKoiKSTCsnwCCnS7XzNkQTdJEs3PHWQKape5yV6p%2FKtTqkFoSDeAAoMYrqb%2BaX0tLoWMmECgaIAdtwzD%2BIxe3bY1tKIdFOuiOiyscGniWmOQg54j5mcGBTFD4hzsVw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97db4afeb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/css/index.css | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/css/index.css IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typegzip compressed data, from Unix Hash77dbc8afde9cb9375b8fba354d99922e 115da14d08f39b36ea75179bd69c805f719b8261 6a4c8f2bdb35fadd8386bc559170a1639986a3c1bdb1b25c327baf1d741d8f96
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/css/index.css HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
vary: Accept-Encoding
etag: W/"6628be48-c91"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ba%2F9tU7Vlx11iY2ka%2BrxGAGRmvrOSOk0fU9%2F9d%2FwI%2FscUVIEpbicT12yHsSuU79Pw9Wll%2FEl%2FNvMPrZEdQv0SmONHT9hoDge01Pb7yoxYeivc%2F7j8NNymLoaaXJ46y8X%2FvrrYqc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97d6fbffb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/css/mobile2.css?v=1 | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/css/mobile2.css?v=1 IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typegzip compressed data, from Unix Hash230f67dee4fcff13450163b4b8a97787 b027aa3481ff7b9b8ee9d87df6a3e0d1fcbdd63b ebb3de170d95ae6149ca3c6fdc0c93a6334d5021b8aee2dcc39ab76cf8b89288
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/css/mobile2.css?v=1 HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:16 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 06:51:34 GMT
vary: Accept-Encoding
etag: W/"662ca076-d5b"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2F85uHC4YA2ZPPJT9C4m0QrTxz0gtbHohWNOJY9byQfnZy5y5WAaxhu14Ugi5C903IKVt1prEnrLLDxKcyGmid%2B15uOxbr%2Fbsd2y5%2Bl6FMzPnMeXYlUk0TCpgSxddgoPHpMn%2B1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97db4aedb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/js/qrcode.min.js | 188.114.97.1 | 200 OK | 20 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/js/qrcode.min.js IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typeASCII text, with very long lines (19927), with no line terminators Hash517b55d3688ce9ef1085a3d9632bcb97 2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/js/qrcode.min.js HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: application/javascript
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
vary: Accept-Encoding
etag: W/"6628be48-4dd7"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BJfit5dST3QIYY8fAk2K3AoTN5r7UySKqVzKSJK%2BW82VEE4ttrjWv552YPiKpxPO6wKs213qp5dw2Sl1xjG18MKTu0%2BY8QAcOneGV%2FXUONvwAqCJahysl0xbzt0wpLzuZ1KqDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97d76cbfb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/mobile/androidModal.css | 188.114.97.1 | 200 OK | 1.3 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/mobile/androidModal.css IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typeASCII text, with very long lines (1332), with no line terminators Hashb20572317c9f79bbba3a652d51206327 b9c76fd350ed8d87a96ba616d619993141a2a7ed 1a384931b0c7797b58b483f7949cb1cc37d3536f5211c0f545cf6800ce6abbef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/mobile/androidModal.css HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
vary: Accept-Encoding
etag: W/"6628be48-4e8"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7zZvf54lox%2B8ePQg0LslF7aJ%2FMHVQlV%2B1iMd3Zxf308wwQOM96GjXafMiLr1SrVvKpqGQLbFycxi5rZeDyUHdV%2Fk3SHecRKasHFgndJYHcBqx3eUR1uiCKM0qEpAQgQ5FrX3i8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97d6fc02b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/js/jQuery.min.js | 188.114.97.1 | 200 OK | 87 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/js/jQuery.min.js IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32030) Hash48b9c0dda22c0ffe1297fb6556675a2e aa59b92e6fd86ad3f6f978dff836b509a20175fd 91a540f0a5679a1f9a9e5efb7415a3f34e1154b7df6deed35fcb6108f9720c14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/js/jQuery.min.js HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: application/javascript
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
vary: Accept-Encoding
etag: W/"6628be48-152c1"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FO7uSALEv%2FAer5luMc1vwCmtkhF9hkkoEs%2F1cOYRR95R5vHNEnwkq56BfxD7RwRL64eH5Iudsky2sMzo0fabcjMfpPMt3aAtKFm6Gwi8uOPYluyDCcENWC0TwrQdgpGW6oYM7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97d76cbab517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/favicon.ico | 188.114.97.1 | 200 OK | 49 kB |
URL GET HTTP/3ac796.rgscnqnx.com/favicon.ico IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3 Hash41c858c282ac120f37c335cb2faddce0 eaef283fe217477e2cef5ca89d43c2eb7353162b 8694efc567fbc32de66a3c8b45852740b5f443d2669abc81390812e4b01123ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D; _ga_JEXMYE23FD=GS1.1.1715361555.1.0.1715361555.0.0.0; _ga=GA1.1.1974327923.1715361556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:16 GMT
content-type: image/x-icon
last-modified: Sat, 20 Apr 2024 03:32:39 GMT
etag: W/"66233757-bfcf"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiiDDPA5BXEIvKXsrNJA%2Bj1NzK%2BWi2ZFX8Wfx4rDdxsQmz%2FnPg8Xbw1POyoXOQSa0Iut7swcMJJTXbHKoiNikyiKi7bI%2BmIrrrH44%2FfS2%2BLfWYuf1s3WVHVAXrVu1J8Yvv%2BG3Jc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97deb81fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ac796.rgscnqnx.com/static/assetsv11/images/pc/android.png | 188.114.97.1 | 200 OK | 4.6 kB |
URL GET HTTP/3ac796.rgscnqnx.com/static/assetsv11/images/pc/android.png IP188.114.97.1:443
Requested byhttps://ac796.rgscnqnx.com/aff-a6Pms CertificateIssuerGoogle Trust Services LLC Subjectrgscnqnx.com Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56 ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT
File typePNG image data, 369 x 147, 8-bit colormap, non-interlaced Hasha4fae23da23902262b5c06ac76f701af 363d5df7c5d43e9c77b2b891513a96cf8daca6df 567f42b028a5eef69bfff715722289504ee56515a7b58ea93612a0e6c7114432
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assetsv11/images/pc/android.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 4587
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-11eb"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pa9D5ceKMjMkYY5TQcD%2B0FQ8pzkJXRyAoQOIrAlZRStOcNVapCcr9EqzPotdKVfbl421WXyCYHu7jOFpxMe1%2BG9qEKn7ZaiSQQUx%2FkALIMq83ULcAp5kV7iLboPDgck9lu6CZYg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c16b517-OSL
alt-svc: h3=":443"; ma=86400
|
|