URL User Request GET HTTP/2IP68.178.173.246:443 ASN#398791 GO-DADDY-COM-LLC
CertificateIssuerZeroSSL Subjectnewautofzco.com FingerprintFE:1F:37:43:7D:45:AF:E1:5C:01:C1:29:00:8F:01:5F:9A:56:B0:73 ValidityFri, 15 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4817), with no line terminators Hash754446fe99b0645df6f9e2925a9d7cac 5ec1a177c071e1d1bd36ed3f4d157bd157c7df1e 1621ab0d0c561d41dff8a2b5603bb7c9f1350ec5e4b243984b4203606a4c0fde
GET / HTTP/1.1
Host: www.newautofzco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-length: 1804
content-type: text/html; charset=UTF-8
date: Thu, 28 Mar 2024 09:52:14 GMT
server: Apache
X-Firefox-Spdy: h2
|
| api.bestresulttostart.com/86HD7Q?q=www.newautofzco.com | 172.67.159.224 | 200 OK | 1 B |
URL GET HTTP/3api.bestresulttostart.com/86HD7Q?q=www.newautofzco.com IP172.67.159.224:443
Requested byhttps://www.newautofzco.com/ CertificateIssuerGoogle Trust Services LLC Subjectbestresulttostart.com Fingerprint0E:21:75:A4:0D:C7:24:9C:EC:E0:E6:4F:9C:30:31:85:62:1F:84:57 ValidityMon, 04 Mar 2024 14:50:02 GMT - Sun, 02 Jun 2024 14:50:01 GMT
File typevery short file (no magic) Hash68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /86HD7Q?q=www.newautofzco.com HTTP/1.1
Host: api.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newautofzco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 09:52:15 GMT
content-type: application/javascript
content-length: 1
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 28 Mar 2024 09:52:15 GMT
set-cookie: _subid=376l60j6677ms; expires=Sun, 28 Apr 2024 09:52:15 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjNcIjoxNzExNjE5NTM1fSxcImNhbXBhaWduc1wiOntcIjJcIjoxNzExNjE5NTM1fSxcInRpbWVcIjoxNzExNjE5NTM1fSJ9.pR4sOZe8iYbxKl-RMLzxqwycl4Un5mI3gwJ9ecD8gvE; expires=Fri, 24 Jun 2078 19:44:30 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FEDRvCKnW06d%2FAqb8tDGVmsGKPImNyP18nU3NXMrE3RWhj2IWOZPitFH2EdWECZ2Y%2BYFxaRTx8wu%2F9CXKHE0G2Durn1NjR4pt62s2O2tvkf7Bvx6xpQDTD%2BT08H3gFiJmCg1Llwgq05HSLon"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b6b9f03f3d56a4-OSL
alt-svc: h3=":443"; ma=86400
|
| www.newautofzco.com/favicon.ico | 68.178.173.246 | 200 OK | 1.8 kB |
URL GET HTTP/2www.newautofzco.com/favicon.ico IP68.178.173.246:443 ASN#398791 GO-DADDY-COM-LLC
Requested byhttps://www.newautofzco.com/ CertificateIssuerZeroSSL Subjectnewautofzco.com FingerprintFE:1F:37:43:7D:45:AF:E1:5C:01:C1:29:00:8F:01:5F:9A:56:B0:73 ValidityFri, 15 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4817), with no line terminators Hash754446fe99b0645df6f9e2925a9d7cac 5ec1a177c071e1d1bd36ed3f4d157bd157c7df1e 1621ab0d0c561d41dff8a2b5603bb7c9f1350ec5e4b243984b4203606a4c0fde
GET /favicon.ico HTTP/1.1
Host: www.newautofzco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newautofzco.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-length: 1804
content-type: text/html; charset=UTF-8
date: Thu, 28 Mar 2024 09:52:15 GMT
server: Apache
X-Firefox-Spdy: h2
|
| bind.bestresulttostart.com/m67LBk | 172.67.159.224 | 200 OK | 16 kB |
URL GET HTTP/2bind.bestresulttostart.com/m67LBk IP172.67.159.224:443
Requested byhttps://www.newautofzco.com/ CertificateIssuerGoogle Trust Services LLC Subjectbestresulttostart.com Fingerprint0E:21:75:A4:0D:C7:24:9C:EC:E0:E6:4F:9C:30:31:85:62:1F:84:57 ValidityMon, 04 Mar 2024 14:50:02 GMT - Sun, 02 Jun 2024 14:50:01 GMT
File typeJavaScript source, ASCII text, with very long lines (15576), with no line terminators Hash6892585bd0712939a67e6733c45a4add 2f37e0a4ceff715ccb7b3ee0f4ea7a2f9448c629 c35d2bf361381b7749686144bd010c89027a25aa529218d93963920a4ab30bc1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /m67LBk HTTP/1.1
Host: bind.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newautofzco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 09:52:15 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 28 Mar 2024 09:52:15 GMT
set-cookie: _subid=376l60j6677ln; expires=Sun, 28 Apr 2024 09:52:15 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM4XCI6MTcxMTYxOTUzNSxcIjJcIjoxNzExNjE5NTM1fSxcImNhbXBhaWduc1wiOntcIjEyXCI6MTcxMTYxOTUzNSxcIjFcIjoxNzExNjE5NTM1fSxcInRpbWVcIjoxNzExNjE5NTM1fSJ9.a_KlrZrokHqR-8U7EltxMLjAFfqy5CP3PmDFE_Y8MP8; expires=Fri, 24 Jun 2078 19:44:30 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QH3CnTM6kCeT%2FXfq6xl1A%2FcQ3IF%2FEVgqqzwTzMPPbm%2FlZjQW3LFt4YKcSyaQ%2FF%2FqI%2BwH32jRZw5gDMFbObm9l9ueXKN0Y2axJpR2UT1hHBuKm4X3AXdXB54JNc6EvknBfih0aqw%2BuzFbeT8q%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b6b9ee2cc9b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|