Report - ac796.rgscnqnx.com/aff-a6Pms

Report Overview

Submitted URL
ac796.rgscnqnx.com/aff-a6Pms
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 17:19:41
Access
public
Website Title
ac796.rgscnqnx.com/aff-a6Pms
Final URL
ac796.rgscnqnx.com/aff-a6Pms
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
88

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	425 B	103 kB	142.250.74.168
ac796.rgscnqnx.com	unknown	unknown	No data	No data	24 kB	1.1 MB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed
2024-05-10	medium	rgscnqnx.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	ac796.rgscnqnx.com/aff-a6Pms	585 B	2024-05-10	2024-05-10
Pretty URL ac796.rgscnqnx.com/aff-a6Pms IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 19:19:48 Last Seen2024-05-10 19:19:48 Times Seen1 Hash f08085c30e4980b7867448b489f2f599 03db5dc2f108eb646e95eb543a9ee1bc7c273755 4ae11d9ce591ccc690f266dadf97ed50d4d65573852c4190f63e995ff95a96b6 Loading...

	www.googletagmanager.com/gtag/js?id=G-JEXMYE23FD	308 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-JEXMYE23FD IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 19:19:48 Last Seen2024-05-10 19:19:48 Times Seen2 Hash 432e641259068447ce1601e37eb845e2 48aac03fb208176af7cf10d322e6f320ea771317 378128be4a360affb5ed86b333cf540cdc259ec8f59afc6507e59c9e47e82333 Loading...

	ac796.rgscnqnx.com/aff-a6Pms	5.8 kB	2024-05-10	2024-05-10
Pretty URL ac796.rgscnqnx.com/aff-a6Pms IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 19:19:48 Last Seen2024-05-10 19:19:48 Times Seen1 Hash a6815dc2b91763528d866d413b91f0e3 12c2c3acc99fdbe3b7b1c4329d3b2b676ad0079b 0689c5bccb19121a9086f94781d6bba537c95c48f090977e7b126f939402308e Loading...

	ac796.rgscnqnx.com/static/assetsv11/js/jQuery.min.js	87 kB	2023-03-07	2024-05-20
Pretty URL ac796.rgscnqnx.com/static/assetsv11/js/jQuery.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:15 Last Seen2024-05-20 12:13:01 Times Seen189 Hash 48b9c0dda22c0ffe1297fb6556675a2e aa59b92e6fd86ad3f6f978dff836b509a20175fd 91a540f0a5679a1f9a9e5efb7415a3f34e1154b7df6deed35fcb6108f9720c14 Loading...

	ac796.rgscnqnx.com/static/assetsv11/js/qrcode.min.js	20 kB	2023-03-07	2024-05-20
Pretty URL ac796.rgscnqnx.com/static/assetsv11/js/qrcode.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:56 Last Seen2024-05-20 12:13:01 Times Seen4921 Hash 517b55d3688ce9ef1085a3d9632bcb97 2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36 Loading...

	ac796.rgscnqnx.com/aff-a6Pms	153 B	2024-05-03	2024-05-19
Pretty URL ac796.rgscnqnx.com/aff-a6Pms IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-03 17:07:33 Last Seen2024-05-19 20:56:11 Times Seen4 Hash f580cdbb890d69dec009e8a339044860 8d8959667c5e929076ff78cdd41993e3bf9d38ac e1b926abb51b1db61c022ad66beccaed1a2c671975f87c4d53306ae09c2e47d3 Loading...

HTTP Transactions (45)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=G-JEXMYE23FD

142.250.74.168

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-JEXMYE23FD
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (102179 bytes)
Hash
432e641259068447ce1601e37eb845e2
48aac03fb208176af7cf10d322e6f320ea771317
378128be4a360affb5ed86b333cf540cdc259ec8f59afc6507e59c9e47e82333

HTTP Headers

GET /gtag/js?id=G-JEXMYE23FD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 17:19:15 GMT
expires: Fri, 10 May 2024 17:19:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ac796.rgscnqnx.com/static/assetsv11/images/pc/i-1.png

188.114.97.1

200 OK

1.7 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/pc/i-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 202 x 63, 8-bit colormap, non-interlaced
Size
1.7 kB (1703 bytes)
Hash
4334bdce0b3df4a0ac84015319b3f914
4bdf3b35c698dfe1ddcd76be9d2e5a0e75ac11a5
d25780ac26fb9e07e630e83aa7ded5ae3e7dcf0e0d0c4cffbbcdbe7f61f47ecc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/pc/i-1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1703
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-6a7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7%2BfRrLglRw6ROdp%2BEVNE%2BbB3u0L9OtfYF1ZCggzI6nI2HMGyOIwXFE%2Flo2PBrNNBPUBpKlmKejYj1JRymn2APWUu8AOEsA%2FA8tPCUCxME3L1cE%2FFpBZRQUpP%2FlVqJI7p361PRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d6fc08b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/mb/t-1.png

188.114.97.1

200 OK

5.8 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/mb/t-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 404 x 46, 8-bit colormap, non-interlaced
Size
5.8 kB (5773 bytes)
Hash
594bf6863b164fb33964c43f13a6a8f4
412b70a7b5ba9ebfa78272115be7ab16716ca45a
9a38b9797a3e067e2be21c64a4a702c3bd54cf822364a32bd24a25d4e70d9802

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/mb/t-1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5773
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-168d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JWxIFq19zESpjOHVdHCdHWrwjf8XgKKC456TvGERFx7Dwi8UQr610ZIeebBvHi15JrpPWBkjzK89FAeZW1w6wA9F5Hg1fsSi9xvVHuKzzXHcKFnuvWTHn1ZKl1Cyukdt4hNhP5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c25b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/mb/i-1.png

188.114.97.1

200 OK

1.2 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/mb/i-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 82 x 98, 8-bit colormap, non-interlaced
Size
1.2 kB (1240 bytes)
Hash
636ce831e1ad6ccca447a9d0cded9bfd
bf1cf31dcead12ecddff993438564768b70de053
672d33d35d1b11c50e3c4ddc870a9e11ca5176229aee5f8741db4cfbe1bf6022

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/mb/i-1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1240
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-4d8"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BWCbp3v%2FkimkL2yxNbQycIobZZpWke6kxT1hisysDw5mWtf3lDD3a%2Bg5SrkpHXkBQzUUyb3IvwmH1MugX3Qq6GwRJq%2FXtLzdp7QQvhcvbaOqcBSpkN7UIEUAA8yrOwySeICYFQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c1db517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/pc/ioss.png

188.114.97.1

200 OK

4.4 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/pc/ioss.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 369 x 147, 8-bit colormap, non-interlaced
Size
4.4 kB (4428 bytes)
Hash
019c2ee0ca06c3cd4a38e0ab708792e3
5920fac195823f0639147b76479e49161df55c5e
a9a4070125baf76893a6ae528ed77c290845e7085a4b843646f42d77cc94fcfb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/pc/ioss.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 4428
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-114c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tjLUBAFWYtjTrq2OioGCKM5fgGYHzBtMbEZ10%2FIzV%2ByqNdpxvCxC7IMN2QHgca0nqt10S7E%2FwLzC2QIKgV6v7WvebVXICGsRHR0ZFHHOuFBJjLmJ85mSjaYrOeLT%2BpVs5Damyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c13b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/cell6.png

188.114.97.1

200 OK

6.1 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/cell6.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 720 x 150, 8-bit colormap, non-interlaced
Size
6.1 kB (6107 bytes)
Hash
038e5a14ed1f3ca80695cd8b34a86c63
c8c72f1b297cdcdfd3bbe1005c963e307486f528
2f52d813dd8c88780a7c5e671c266b293f3a2dd1fbedcbcfb6966dc6e2a444ee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/cell6.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6107
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-17db"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWiwjlop%2BWL0ozJjQlM3wtvppI2eN1nvhdiyhSXHFgHEzwGfjJ4Mt0%2BKo%2B%2FsMQgysNS1dhppBxkvc6SO52x%2B%2B2XJwFmbUKfC22ZLqquqkrkfcc5rZayF3P1TaGqoYrXd05BMPo8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d72c4bb517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/pc/uc-txt.png

188.114.97.1

200 OK

6.6 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/pc/uc-txt.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 636 x 86, 4-bit colormap, non-interlaced
Size
6.6 kB (6636 bytes)
Hash
2752c78ada42df9633e4a27100d7d48d
60029bc65a187b2081ab5c67b5fd2a217a31b143
adee13ca2b87f3f5894dec3bd8ac9c4814163a86b4a2b3c671082cef56dff39d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/pc/uc-txt.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6636
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-19ec"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3cM3GaPWD6fofQaCUVGNae5qoJVngNZUFlNSiXj9%2BP7u26Y1yF1i%2BYQkII2agjfWeKdhqyHoS0tILj74kaT5fKQp%2Biu9Fe5lWfBzPKW%2B8Y%2FpDmYjef4ZFN6Jq7Zldrl4VXVuZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c18b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/pc/logo.png

188.114.97.1

200 OK

7.0 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/pc/logo.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 373 x 99, 8-bit colormap, non-interlaced
Size
7.0 kB (7017 bytes)
Hash
9de51d7e207b377c3f540ecc72a37cca
c5c0aed86ccc36a2b80c7be34369522811c6029d
3b5759c595fdc08b3da793a2af95f71a5613438d09917234cb694e4f4d9e81e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/pc/logo.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 7017
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-1b69"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=occxbVaJn%2FP3dHafeXtA5FygGqj7ozaxo2cHm0PjXHl0wh5DXbEgNhF61%2BoiYikJSDkmf83W4b8c15BhHQZeuBz19pbHHOw%2F9TG0Vw%2Fo%2FAbXwIWI4txvS7QWUa7iWd5rsll%2BHdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d6fc03b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/pc/txt.png

188.114.97.1

200 OK

89 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/pc/txt.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 915 x 375, 8-bit colormap, non-interlaced
Size
89 kB (88893 bytes)
Hash
7c3ca39069e923aeac64c05d8f982e76
473c72091f12bcacfe96c1768c28aa37456ec992
c0e67374f71c729470b12607cc64d793dd6b4b10b3ae6715758b6a98d5435ac2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/pc/txt.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 88893
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-15b3d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hr1WWM7A7GuBE0l8zGTk%2BFw1S4X6YS%2BIvg%2BMp1xKwODoo4pe4t01TO5ytI3Ez5OCWrqCU7Ktxi2m66Dmg4mTQSvE0RNTp8j%2BVUxMgyECVoX1Glwv6wGlj9NYzYGoyQxTnoANSlc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c12b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/aff-a6Pms

188.114.97.1

200 OK

7.6 kB

URL User Request GET HTTP/2
ac796.rgscnqnx.com/aff-a6Pms
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
7.6 kB (7646 bytes)
Hash
c7fa61e171c99342915e0f1fb74adef8
991149ee0548fe4f8e4b0e74f02dec964d626682
692c0025d2fdd6aa30672ac35db08658b32510a5cb3406f1e9b3aa35efa5456a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /aff-a6Pms HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 17:19:14 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.31
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT,DELETE,OPTIONS,PATCH
access-control-allow-headers: content-type,token
set-cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D; expires=Sat, 10-May-2025 17:19:14 GMT; Max-Age=31536000; path=/; domain=rgscnqnx.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2F52vnWfjJk%2FZ1OS9qhT%2FcrM63W%2BEtEfpT%2F77S2wP95c6nhZGKhybcqh5UJ24T6so1VMQOgJmYZEIDItFVEYNJ%2FZPB9Q7JS5gf6Z%2FLn%2BR%2FsMHJ%2BNf%2F%2FIBKrK6%2BVp8o8AALIsadc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97d26c0ab518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ac796.rgscnqnx.com/static/assetsv11/images/mb/i-2.png

188.114.97.1

200 OK

1.1 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/mb/i-2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 82 x 98, 8-bit colormap, non-interlaced
Size
1.1 kB (1073 bytes)
Hash
1da234baf9eac9e6d474a879603f61b5
b6277d915c91c40304fe6f617813191a65102916
d8f64f2084dca795324686c7ae26f0aa098f25eab2c5d889dbe8b9624e726649

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/mb/i-2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1073
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-431"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fPy13ejkfoLrw20MFH9zs3nZk5yHj9ucNZguILR7C8ZYMFQiKvbfsVUVYrNzzS7TzFogiUNKTLS1oWMwiUyipA4uiCtCI5PaMsjDCLIyZYIchyMPcEYsIY5E5g18E4wEsDDIFBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c20b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/mb/pic.png

188.114.97.1

200 OK

155 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/mb/pic.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 744 x 1226, 8-bit colormap, non-interlaced
Size
155 kB (154975 bytes)
Hash
61fe8c48f935dc347c6e6c0ec88fbede
51627f44c480d7ae4906e391787e764b13f34eec
e5ff3e5e3a2b3da2ca4290fbf1d8a74163f0c13fac75be382d764dab57e90ee8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/mb/pic.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 154975
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-25d5f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gdU1rU00ohSpBKlxQy0YadQfx6AjWToH3aUPOL7Rn0ZxHbFadxxJbOKi1%2BmcYwMGWqoz%2F%2ByxYdAV%2BVK5Zp7Fh7DZ4SqEG%2BiLYZHRgy4sozIEXFOG%2F3p0r0zYj0ZlrWVdzm7DenA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c24b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/mb/t-2.png

188.114.97.1

200 OK

5.6 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/mb/t-2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 442 x 46, 8-bit colormap, non-interlaced
Size
5.6 kB (5645 bytes)
Hash
6f10a9368a476f34b5c138775f65a915
672624afc5c9914b746b8da340b86234151aa31a
d4a00661042fc8819134663fd349a6b80697f89e0f66efc4df763ae3af3c0d1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/mb/t-2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5645
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-160d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TfZVxYxLfLjPw5Q%2F1ccrKSP2qpxvN3YJEn9CUk6WzL%2BT34%2BtwaVn4Apix1X%2FokesSukEmPd7cbuKe22CJAdkcL3K5af4b%2BPZSKDR8A%2FBuygxBub325j%2BD6RxyotGkXY6c5bVags%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c2ab517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/mb/ioss.png

188.114.97.1

200 OK

4.4 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/mb/ioss.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 369 x 147, 8-bit colormap, non-interlaced
Size
4.4 kB (4411 bytes)
Hash
0f59e11b139cd82c605fedcd9aeedf54
a84a233086c6a26a559415d246e47e81040decc5
54f4fabcd2c837f5e5e045b22720269d8e100128d4f5e299f39ae5e3fd817dc3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/mb/ioss.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 4411
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-113b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NxNKDgCI5JYWlCj6GsC4veH69ZR%2B4jqeg8UI7RMob9MhzZve0h70O4HJIJF09FkcQ0KL7Zc6alxfcHX%2BfZCVEIPA3M4JdOit9pqWu2bcuKCdXegPX1J2kYEioM1mkKmy2pRojCk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c33b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/mb/android.png

188.114.97.1

200 OK

4.3 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/mb/android.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 369 x 147, 8-bit colormap, non-interlaced
Size
4.3 kB (4279 bytes)
Hash
6ee904ecd182100e6c0b66931b500a79
1d5b0038505367e9c97d66916df35dd656310370
702bc0e88a559d4dcb4b9e70310f74df6fdcfc3b5857bbeaab4c891df823a766

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/mb/android.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 4279
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-10b7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UaK0PnRPtNvSdNaQ7CqFJ6qbvkojrNS6CaDlxA9EQRo1r%2BnhN3LDYld9a1uOnplSZY%2BruzdIjDbpLr14XDbKcsNkjujlP38n6VDnn81F1DY9QeGnVhNK8%2BbHvQvT9eGHGhrfFEs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c35b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/u-1.png

188.114.97.1

200 OK

2.4 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/u-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 356 x 39, 4-bit colormap, non-interlaced
Size
2.4 kB (2367 bytes)
Hash
57ed3c9d609d9e221f354545b0798fbb
767325bb3bd7a57f3b6f6fd5cde4fac1eeb203db
5433fd78ad6fd8ee739c67b73e7ce9ce7010a880608247554009de1942e5deb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/u-1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 2367
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-93f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktPXft2a4TolR0rIPVpiyUxvk23qOyq1%2FR9tKfvR8C%2FkO02dCiNvdt37u3EsAiAI2entq8agUgA2cDDdkDFFcPkjPhiBRZ02gVQsShIMoUnFhB7OFZ8nKzOtJZ6L4ryYxEPey6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c38b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/cell1.png

188.114.97.1

200 OK

6.2 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/cell1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 720 x 150, 8-bit colormap, non-interlaced
Size
6.2 kB (6177 bytes)
Hash
a9587e9c91500b6040367985eb9d07f5
1cfa85e7bf6a96601ead3c46d2eb72350719b9f7
64b3fda9ae033986ef391c1b2ca752847614adf84192658679c019a5f09c9d83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/cell1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6177
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-1821"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qN1aR0k76JkFTM9ziunMiVcJFqZwIp22OAeMtm3epI7OvE7ersbrjusMJ%2BwFF4BXWDhwlFa%2BdW7RzOnpBU7t5Xn5AcnU5edIswh0w%2BfizYUQpeiuevI6TU5zXGi23XCf%2F6NFUkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c3cb517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/cell5.png

188.114.97.1

200 OK

5.3 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/cell5.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 720 x 150, 8-bit colormap, non-interlaced
Size
5.3 kB (5311 bytes)
Hash
86293b8796f4b416c3e0eb5c0d8e9f35
01adeb3409d3960fe103656fd136298fdc356661
53fdba7fe44ce32e1fbd98ed872c02398374a708365979a94466606463d11465

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/cell5.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5311
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-14bf"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B2g0RWM0tRV%2F7pVHRK9PrUlIhhlizTcNDFr8qWVaPs41M93uvFfvKCfpToPYODYCTyxtpieEq8U1UVRgVnPwQjuXaaN7i%2FEUwVjPEGAEwlfCW2bRL0To3z5RYRXw9%2FXmrJdDwkM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d72c47b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/cell7.png

188.114.97.1

200 OK

6.1 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/cell7.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 720 x 150, 8-bit colormap, non-interlaced
Size
6.1 kB (6116 bytes)
Hash
a4ee93d1c7fd79c516ccf591c1fc6bba
86ef5ec983a26ce047d5018b7cd4c0b70c031a9b
99e585d6e7ae562e27771af50dc840dea44f866804a6cd52fabdf4ad3f53e985

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/cell7.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6116
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-17e4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rCLME8x0UGiTPRLGDRgXmkhzVHqkgZeV8nij3YfaR5l9VxYcZaFyR07tZbOzvVc%2FR%2Bbj6wq3myLKL%2FKVYsnD9x%2FnWmt991qfVACmn9f17ckCYVmUZvqqgUl82XjOw%2FK1VPSuhA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d72c54b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/pc/pic.png

188.114.97.1

200 OK

167 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/pc/pic.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 879 x 1080, 8-bit colormap, non-interlaced
Size
167 kB (166555 bytes)
Hash
6a09519d389c5f729a9443ebf655b97e
3881fceda32279cb43656d399f9ee032e3f25a6d
4f225a9cc184adc6636ac0d1f1c4e98573d2681319ffecefd7c8e8238da2593b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/pc/pic.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 166555
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-28a9b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rgX4s%2Bf4bmpQuBq7G2zH0dU1JL7uDnU2uTEoS8GOdlAPYrjWCQo1JK9s76%2BdlQbeLgQS%2BMgyt6hM4woAAxVevirvhBqJBW0vjBbFAr6sEN7nAdUW2KPNjEoB9Kb72iWC0%2Ftzik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c1ab517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/cell2.png

188.114.97.1

200 OK

5.4 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/cell2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 720 x 150, 8-bit colormap, non-interlaced
Size
5.4 kB (5438 bytes)
Hash
b1377336e9daae5f3c9328158755f5fc
2d818c295831e757b57c655a18b628e8538b6713
91a37811413835084279b88c711ef9485dd23c2c96d92102ebe12eda3377ff1a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/cell2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5438
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-153e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6e%2BvU6fTtq1ex1fz5VtUmfud20nxd27SYVRnEQavw16FW6AzHkGzEI%2FFT%2Bs1weJDG8a7ewtsgoxo31fa8iMsX8BfTsMOa4On8yivSCAl2vl7An3SJBgcyYIuNgK5GWc%2B%2FLqgoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c3db517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/bd/close.png

188.114.97.1

200 OK

1.1 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/bd/close.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 86 x 86, 8-bit colormap, non-interlaced
Size
1.1 kB (1091 bytes)
Hash
fdbd8a06c51b4d7789650e33f648e191
d79ec516a34565a7b21c085401b13f50ab341ee9
62c7f7026b06c6aded2dc2d7ab2e65c44cfafe791b3195ecacbee0a2a833abc4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/bd/close.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1091
last-modified: Sat, 27 Apr 2024 06:53:43 GMT
etag: "662ca0f7-443"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wn%2FuDi8qF8Veeyt7CKK%2FS60CVSLF9XCcyvHILgmYmm4KD5sKPMAuAaYn7lxpqCt4WQeG61%2BJ0FaEx9cSQWKZ%2BbOTDsIusSFbss8IO9gVDQh19NAy6O%2FGGbJRGk27yI3Ibf3BpE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d74c98b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/bd//desc1.png

188.114.97.1

200 OK

47 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/bd//desc1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 680 x 900, 8-bit colormap, non-interlaced
Size
47 kB (46636 bytes)
Hash
8705ee8ec2bfc37a872134b3eec8c6a9
8703fd7ae61cdfe9393143f7119554fc3e7e2de7
d700835f23ea7cdd840352fbfc819be01fbe781b3f64799366844f1ce7d77cb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/bd//desc1.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 46636
last-modified: Thu, 09 May 2024 09:24:10 GMT
etag: "663c963a-b62c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KSGl4pQGzXAbt35naiuFJWg68No8yGxAsJb3cefRXNGGmzAmsEBwRH9B68VWYGJAJpXVHYxK%2B%2FGPH9NuKUEyFRzFmnEqOHRYBFB%2FW8o4pUNAWm5cpLQnCPnS%2ByFHXNOYuvJIQ%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d75ca4b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/bd/btn-2.png

188.114.97.1

200 OK

3.3 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/bd/btn-2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 264 x 62, 8-bit colormap, non-interlaced
Size
3.3 kB (3270 bytes)
Hash
63c3fa8e89567ce5ad4a0882289e3cc3
e49940c41e868224c95f107fb456c3ff866a8526
3da28711040e5e8a452643c7019ed0650234696c6fd143ec362988afd6ebc51e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/bd/btn-2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 3270
last-modified: Sat, 27 Apr 2024 06:53:43 GMT
etag: "662ca0f7-cc6"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoOWC86T7u0WDROz1M2JnKNDnijqQBHgVO6IdabP2ku%2FoEAvox9wUFp8ebOZ4GJrCZ9ZE4mmOpU1UCLbjgQhQJ3nSEqaI%2Btic98GODZMbJKjCcSIU2JizhQEzN6oTjCiIU6zGjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d76cb5b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/cell4.png

188.114.97.1

200 OK

7.0 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/cell4.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 720 x 150, 8-bit colormap, non-interlaced
Size
7.0 kB (7032 bytes)
Hash
d5d3f874cf98d7192ef1847251edd7bf
d7b550103feb3dcdbc397c95687f75a25db1c59e
af06d934e06257aa59fe6d00c3c2de774198fc8ee98f04b2695dbfe46f1ecc50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/cell4.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 7032
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-1b78"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5U9lhIpko7qOoxkMvGiaBFmd%2BBKy86J1%2FAaTjXp78TIh%2FmPBcBda%2BV3%2BCiwRB35lIqqzc2Tl5HGsKV8jsDMMgbIt04ZxT64gs%2F%2FLmPRrfjtu4QuLJ07uaoH3Yg81QDFUGbwJx4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c43b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/pc/i-2.png

188.114.97.1

200 OK

1.3 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/pc/i-2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 202 x 63, 8-bit colormap, non-interlaced
Size
1.3 kB (1326 bytes)
Hash
dc9ba5378033db0debe91db0c81f5cc4
9afbbe51cb49822d5fdd82834fa879eee26e2f08
3a28f557fe672051389c446cb9ffdb9703d59a2260d913d5b08f010e45f78fbe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/pc/i-2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1326
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-52e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LregpdmmsjOkLhgd4UnllOI%2F82xkIT0z2QP%2Biv4%2B1Fd3xtDEl4XANPHcTy4hMirxHqtm1MxZRrehYQgRiYTQWP2YOpzwxFLRI0aohS7kymEyotKYzEYaBNq0SxKHzh7WgQJn8dE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d6fc0fb517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/cell3.png

188.114.97.1

200 OK

8.2 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/cell3.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 720 x 150, 8-bit colormap, non-interlaced
Size
8.2 kB (8233 bytes)
Hash
ae8b563ef0c4e91e573dc9c710819f6b
45e52e2f8441c7e9f2d0f61605d6ccfa74e441c7
ff79e02405807a95ed73838b08286c50a13247396c4e6e618ad76d1c78c3dcd5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/cell3.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 8233
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-2029"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Js0yRP3C35e3MB7iL2ritI9sb3fuTW393qi9lElh18VUWfSEi58mcE3UCTWmg0Nka0Rl8sAOOmE%2B%2BjT4J5g2%2FqC4CsW4VRZnn9EE30aqZ1mMN5whZpRmKSYU%2BlnsFMGAYY1XkTE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c40b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/back-black.png

188.114.97.1

200 OK

284 B

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/back-black.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 40 x 40, 8-bit colormap, non-interlaced
Size
284 B (284 bytes)
Hash
cc355739cc573256612db444b3db4d7f
da3403e8ead9d2504f5a299f8957bce048c9b89c
ddc99e39422750fd089a08e6cb2e424c2cf66081c6963e0c744ea38667b8d6d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/back-black.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 284
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-11c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSSY8zHPEGIFlTvXNEbwxnh82%2FVQ%2Bb%2Btk76UdG653CjlO5KyrfZHwHRxSjI84M%2BK6Hw7Dqjl5cvfo4icD7bQJf%2BuNA%2B03m3MmS6Xrv6F8dovwr8Fz8CpMBIX7p8V91Wkov7aV8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c37b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/mb/txt.png

188.114.97.1

200 OK

61 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/mb/txt.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 694 x 309, 8-bit colormap, non-interlaced
Size
61 kB (60978 bytes)
Hash
539f5aa92d005a1566bd1daf16a16191
1af8b92daae1779e956f7e0bfaeb9a2d3d33a6fb
c3de145274492826ce8b14f4d74a287835e04b1a5f0499ad3ee93318c1cf01a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/mb/txt.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 60978
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-ee32"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xta8ImhjXyWoMVNgaQmD%2FECyYduHM9Y8ROoG5MQpFjW%2FWy83frHS%2FxCX1OSb68NO7o6WyVtQSYVb0G%2Bq%2FsQF46%2FyqW6gJf6TGARePpr9%2BP%2FTAb7XAhrgHHdgvkZXgURfhTIu7rc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c23b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/cell9.png

188.114.97.1

200 OK

5.8 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/cell9.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 720 x 150, 8-bit colormap, non-interlaced
Size
5.8 kB (5764 bytes)
Hash
9a53663c947566b3c0e4d94a29362ea0
29f6515a37d019161e6f932014f57ef1953de29b
3fd395b12ee62e9e7cb099aac708274adb06821d1fbbfd8cfcc17536460f5f2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/cell9.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5764
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-1684"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CS946p8nIkrCH8WNIFxxfF8sEUy57Q0RZhgtaqX8LjyBsC8pWiU3NUbwAGBLiw8Z5sMLobM%2BT4Jb317RN%2Ff6tW4YZUnYtUIKHII0wYY3%2BbUs%2F7khRbept5qtw6IaXMBR2XKe91s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d73c72b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/mb/feedback.png

188.114.97.1

200 OK

2.0 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/mb/feedback.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 80 x 117, 8-bit colormap, non-interlaced
Size
2.0 kB (1962 bytes)
Hash
fe270987dc02ea6ab382cb6cab4aa906
009d7cfec15809a3b1e04d7c125763001ec0548c
c12ce73c69f68cbeb1c1b03065d7b99232e73a1354dfc9c2f52e107c976e8b63

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/mb/feedback.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1962
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-7aa"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RopP6lfSspE4qjtmvTRTtrGj%2Bgs6FCyTdPbKmAPs5I27uUENFCKGwZCcmoVpNUkqjEzpnks3eDq7BDfQY0oEIo9Z%2B6Bg0DT9MgZSx0vAhLIQFCNFIdaxNQBr4bqrHQkaG6i%2FF1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d71c2fb517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/mb/logo.png

188.114.97.1

200 OK

6.3 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/mb/logo.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 315 x 90, 8-bit colormap, non-interlaced
Size
6.3 kB (6270 bytes)
Hash
5d3e287f3a6569c69b667ab37e7d9d65
e363d105c517b2936d4b83cbd7bf0c7d6f84f6c1
619bf0b4d9e0b888d03f46f7eb9dcf1a45a71a5a346c222bad77ca367deadca0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/mb/logo.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6270
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-187e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RChYa3FWR%2FuaK7lcVjmXTJ9f%2F3YAfQekYH135wZ7BgjGZ%2B7kv77YUmeFo2aGiV0kgrX6G4BtBdfjIFiTVed7PitJ8Zd1ULJQHrQ65n8ZXpkuejemQsYq1v9t7ZUB2phDV%2FdDCDw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c1cb517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/pc/i-3.png

188.114.97.1

200 OK

1.3 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/pc/i-3.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 203 x 63, 8-bit colormap, non-interlaced
Size
1.3 kB (1297 bytes)
Hash
2dd0c5a3d20741f3d24f89bececd808b
e3af4fdcaa5afa9b1f0fa8af6c21920db579b9dc
c23c7a3df303d115d1c95e9909b80863129e2257431e8c0abad90d9e19448737

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/pc/i-3.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1297
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-511"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i23I9%2FkptrUOIwbqzQUeAghC3O6lNMj4CGAiZTRnylcs4EjIwadRMGBpPQXuBVzMLNtTY3raxdBN2xtxezN7DewfjYU0OWrU9pd39a5uBK%2BzW57aylPz7O8%2BFLZ%2BNQAx9zUCOlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d6fc11b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/doc-ios-1.jpeg

188.114.97.1

200 OK

101 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/doc-ios-1.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x3359, components 3
Size
101 kB (100841 bytes)
Hash
842553151b8c5a03ad2a700e8d65bf18
0d113bfa91574434e84d573cf47a03bbab4bf918
d380687e1ed8145558d9d82d0d371ac0f509b55c75ca7d1d8c6e8faecb35396f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/doc-ios-1.jpeg HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/jpeg
content-length: 100841
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-189e9"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CMZ9pZcT0XqhMyYQzRtPU5eF1QuZ7t9bNFlaj8P7npelM6oJbUY3Rwx%2FU8HkuEqYvpynslDHTwDxj9U1%2FnL2%2FQy%2FJB70umZSLjGDhA33slNv5NnL1L5R5tCNGo3X9HYIcVUkQNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d74c8cb517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/cell8.png

188.114.97.1

200 OK

5.8 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/cell8.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 720 x 150, 8-bit colormap, non-interlaced
Size
5.8 kB (5847 bytes)
Hash
b09e36867c77e22e510576859396b5b5
9aa78e4a92ccf94674d848ac3f8bbe9df5552fad
25557a05e9713d519f1dfbff8b9e42e58c223a0f8b5b982930a82c0778523e1d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/cell8.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 5847
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-16d7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YVpnNNrEjS0wslxPEgrPhH0%2BSql7PmTgBeswAOAjoU96jS6L2kP0%2BD2uB8KWaeTk3yGd8y2BG3%2FPPHdYjl4Y7O3Nc91U5X9%2BNxJGfZo5Da7ukgljgq2pIft7uDt8QyOMy2XaBvs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d73c63b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/u-2.png

188.114.97.1

200 OK

1.4 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/u-2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 222 x 38, 4-bit colormap, non-interlaced
Size
1.4 kB (1405 bytes)
Hash
98fd3be7af2536927819de33bcd6bd43
3b75dae7c926182bade4d54f8961faf054c27e97
8d0bc37c8412c4051ae08918fdfc45d73653bcfc871e39cb46aed81f51092def

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/u-2.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 1405
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-57d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V91yLppMmnQ0ISDf%2BFdG%2Bi%2Bg6ym2Yg1fbxV2500queqtaqclBjiySUFgrS0cLlnud0cSNXVJ6MSoB4Tm5Jv5uVt6MVWqZMCpk9LNqoqc3q2dau4aB0c6%2FofmdIOCpLuvBfcY5FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d74c7cb517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/pc/qr-bg.png

188.114.97.1

200 OK

6.0 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/pc/qr-bg.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 320 x 367, 8-bit colormap, non-interlaced
Size
6.0 kB (6017 bytes)
Hash
8dd25b26a5570eafd5c2cd9b60effe01
e7e3cd10d3c16b04af90da34d55d57f875905980
46bb954780b446c6d1d4f2817cb85780821d13795f7aec43130611546c97b5c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/pc/qr-bg.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/static/assetsv11/css/index.css
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 6017
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-1781"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95yRvYEyVA7bZW0HXAZRLJorXsu9IY5r9GzsVKwsbpouMXpi93CpBrgVG4Fc58iy4dJHdM3BWNazbNzXZlaa30BsQ%2BO%2FJyQpWepKtDIe%2BCcApkAyG8EBHVtS9gea290s%2F47G4Tg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97db6b2ab517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/pc/bg.jpg

188.114.97.1

200 OK

132 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/pc/bg.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3
Size
132 kB (131767 bytes)
Hash
157f9ec7375b7ff7b7bdb2d6713278db
57fe52ac0b2e97e10a8299438eccd2d2ae1a8ba7
83257a2782df42b670427d7cd8a95f27b74b05c3ac84b5c236b82c4ac220a7f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/pc/bg.jpg HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/static/assetsv11/css/index.css
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:16 GMT
content-type: image/jpeg
content-length: 131767
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-202b7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=al4OHsjlNnKoiKSTCsnwCCnS7XzNkQTdJEs3PHWQKape5yV6p%2FKtTqkFoSDeAAoMYrqb%2BaX0tLoWMmECgaIAdtwzD%2BIxe3bY1tKIdFOuiOiyscGniWmOQg54j5mcGBTFD4hzsVw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97db4afeb517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/css/index.css

188.114.97.1

200 OK

1.4 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/css/index.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
gzip compressed data, from Unix
Size
1.4 kB (1410 bytes)
Hash
77dbc8afde9cb9375b8fba354d99922e
115da14d08f39b36ea75179bd69c805f719b8261
6a4c8f2bdb35fadd8386bc559170a1639986a3c1bdb1b25c327baf1d741d8f96

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/css/index.css HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
vary: Accept-Encoding
etag: W/"6628be48-c91"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ba%2F9tU7Vlx11iY2ka%2BrxGAGRmvrOSOk0fU9%2F9d%2FwI%2FscUVIEpbicT12yHsSuU79Pw9Wll%2FEl%2FNvMPrZEdQv0SmONHT9hoDge01Pb7yoxYeivc%2F7j8NNymLoaaXJ46y8X%2FvrrYqc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97d6fbffb517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/css/mobile2.css?v=1

188.114.97.1

200 OK

1.4 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/css/mobile2.css?v=1
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
gzip compressed data, from Unix
Size
1.4 kB (1446 bytes)
Hash
230f67dee4fcff13450163b4b8a97787
b027aa3481ff7b9b8ee9d87df6a3e0d1fcbdd63b
ebb3de170d95ae6149ca3c6fdc0c93a6334d5021b8aee2dcc39ab76cf8b89288

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/css/mobile2.css?v=1 HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:16 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 06:51:34 GMT
vary: Accept-Encoding
etag: W/"662ca076-d5b"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2F85uHC4YA2ZPPJT9C4m0QrTxz0gtbHohWNOJY9byQfnZy5y5WAaxhu14Ugi5C903IKVt1prEnrLLDxKcyGmid%2B15uOxbr%2Fbsd2y5%2Bl6FMzPnMeXYlUk0TCpgSxddgoPHpMn%2B1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97db4aedb517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/js/qrcode.min.js

188.114.97.1

200 OK

20 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/js/qrcode.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
ASCII text, with very long lines (19927), with no line terminators
Size
20 kB (19927 bytes)
Hash
517b55d3688ce9ef1085a3d9632bcb97
2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/js/qrcode.min.js HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: application/javascript
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
vary: Accept-Encoding
etag: W/"6628be48-4dd7"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BJfit5dST3QIYY8fAk2K3AoTN5r7UySKqVzKSJK%2BW82VEE4ttrjWv552YPiKpxPO6wKs213qp5dw2Sl1xjG18MKTu0%2BY8QAcOneGV%2FXUONvwAqCJahysl0xbzt0wpLzuZ1KqDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97d76cbfb517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/mobile/androidModal.css

188.114.97.1

200 OK

1.3 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/mobile/androidModal.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
ASCII text, with very long lines (1332), with no line terminators
Size
1.3 kB (1256 bytes)
Hash
b20572317c9f79bbba3a652d51206327
b9c76fd350ed8d87a96ba616d619993141a2a7ed
1a384931b0c7797b58b483f7949cb1cc37d3536f5211c0f545cf6800ce6abbef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/mobile/androidModal.css HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
vary: Accept-Encoding
etag: W/"6628be48-4e8"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7zZvf54lox%2B8ePQg0LslF7aJ%2FMHVQlV%2B1iMd3Zxf308wwQOM96GjXafMiLr1SrVvKpqGQLbFycxi5rZeDyUHdV%2Fk3SHecRKasHFgndJYHcBqx3eUR1uiCKM0qEpAQgQ5FrX3i8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97d6fc02b517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/js/jQuery.min.js

188.114.97.1

200 OK

87 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/js/jQuery.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
JavaScript source, ASCII text, with very long lines (32030)
Size
87 kB (86721 bytes)
Hash
48b9c0dda22c0ffe1297fb6556675a2e
aa59b92e6fd86ad3f6f978dff836b509a20175fd
91a540f0a5679a1f9a9e5efb7415a3f34e1154b7df6deed35fcb6108f9720c14

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/js/jQuery.min.js HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: application/javascript
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
vary: Accept-Encoding
etag: W/"6628be48-152c1"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FO7uSALEv%2FAer5luMc1vwCmtkhF9hkkoEs%2F1cOYRR95R5vHNEnwkq56BfxD7RwRL64eH5Iudsky2sMzo0fabcjMfpPMt3aAtKFm6Gwi8uOPYluyDCcENWC0TwrQdgpGW6oYM7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b97d76cbab517-OSL
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/favicon.ico

188.114.97.1

200 OK

49 kB

URL GET HTTP/3
ac796.rgscnqnx.com/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3
Size
49 kB (49103 bytes)
Hash
41c858c282ac120f37c335cb2faddce0
eaef283fe217477e2cef5ca89d43c2eb7353162b
8694efc567fbc32de66a3c8b45852740b5f443d2669abc81390812e4b01123ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D; _ga_JEXMYE23FD=GS1.1.1715361555.1.0.1715361555.0.0.0; _ga=GA1.1.1974327923.1715361556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:16 GMT
content-type: image/x-icon
last-modified: Sat, 20 Apr 2024 03:32:39 GMT
etag: W/"66233757-bfcf"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiiDDPA5BXEIvKXsrNJA%2Bj1NzK%2BWi2ZFX8Wfx4rDdxsQmz%2FnPg8Xbw1POyoXOQSa0Iut7swcMJJTXbHKoiNikyiKi7bI%2BmIrrrH44%2FfS2%2BLfWYuf1s3WVHVAXrVu1J8Yvv%2BG3Jc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97deb81fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ac796.rgscnqnx.com/static/assetsv11/images/pc/android.png

188.114.97.1

200 OK

4.6 kB

URL GET HTTP/3
ac796.rgscnqnx.com/static/assetsv11/images/pc/android.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ac796.rgscnqnx.com/aff-a6Pms
Certificate
IssuerGoogle Trust Services LLC
Subjectrgscnqnx.com
Fingerprint54:29:CD:39:7A:11:D1:BF:FC:98:60:6F:14:EF:7E:1B:75:CD:2E:56
ValidityFri, 19 Apr 2024 09:28:18 GMT - Thu, 18 Jul 2024 09:28:17 GMT

File type
PNG image data, 369 x 147, 8-bit colormap, non-interlaced
Size
4.6 kB (4587 bytes)
Hash
a4fae23da23902262b5c06ac76f701af
363d5df7c5d43e9c77b2b891513a96cf8daca6df
567f42b028a5eef69bfff715722289504ee56515a7b58ea93612a0e6c7114432

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assetsv11/images/pc/android.png HTTP/1.1
Host: ac796.rgscnqnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ac796.rgscnqnx.com/aff-a6Pms
Cookie: channel_info=%7B%22referer%22%3A%22%22%2C%22channel%22%3A%22ug-thisav%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 17:19:15 GMT
content-type: image/png
content-length: 4587
last-modified: Wed, 24 Apr 2024 08:09:44 GMT
etag: "6628be48-11eb"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pa9D5ceKMjMkYY5TQcD%2B0FQ8pzkJXRyAoQOIrAlZRStOcNVapCcr9EqzPotdKVfbl421WXyCYHu7jOFpxMe1%2BG9qEKn7ZaiSQQUx%2FkALIMq83ULcAp5kV7iLboPDgck9lu6CZYg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b97d70c16b517-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (45)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP