| trafffe.ru/123?utm_term=mac+cosmetics+target+market | 172.67.170.51 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1trafffe.ru/123?utm_term=mac+cosmetics+target+market IP172.67.170.51:80
File typeHTML document, ASCII text, with very long lines (14387), with no line terminators Hashc20bb8d41f27671fece68a4a33e16545 ec0a6a1c680abf90821c2fa4138fed0184c7dc4f 9a9f2ba9453e5116d8f660c0d6030af9943a82db695ddfc81c1f5c199411b617
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /123?utm_term=mac+cosmetics+target+market HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 14:04:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: rsml9kaHNlfwDooJ7WrDg0RIKJQQmZeSDW77dp0vnp30Fftm8x1clx8H6fuS10/TW9Zwt3B9e25sMopAdnO1+ofK/2Vf7I26AOXMhuJIKQc=$AI47XgMmJKSD9ZQ2H6bZ7w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frUUGHtljpOih6vehFqjC3MiPzqKbB%2Fjzs074nUms0655Yaejlnh6tuvwQZdFFhGoS6KykrVV3wCui7BF6s4BYikt%2BucF%2Fp%2BdjBkKfyICa7tERqe8%2Bs0%2Flv8uhhQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8809ff3649e9b4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8809ff3649e9b4ed | 104.21.28.26 | | 114 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8809ff3649e9b4ed IP104.21.28.26:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size114 kB (114307 bytes) Hashbe1fc018b17e1d0a81011bb0a1defbe2 23104954886f979d8d4e17ebd91b048d52c6b4c5 a8f5d20af4daa8e66ee4fd976ead0f1052d1c264f4ac9f6344454bfd3945e9ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8809ff3649e9b4ed HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=mac+cosmetics+target+market&__cf_chl_rt_tk=aavKW.c2w2rWLosqJ.GzvKBBegn8p4CuI0Z1lB7Waio-1715177045-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 14:04:05 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOc48%2BhuXbIwbaxcvp2Uhnv3Wzy7Ca6xMWEG%2BgyzjebZDMypDy17WIiPOE2O3yENBbBw%2FVqrXQSljIdLLp90TgdzakR5wFzGMUyFTnmcWxmcrw0NcBKlqFv7DG%2Bc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8809ff37cc41569f-OSL
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 104.21.28.26 | 403 Forbidden | 5.7 kB |
IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=mac+cosmetics+target+market
File typeHTML document, ASCII text, with very long lines (14056), with no line terminators Hash64773550edb6188ba36988715e0efcd7 ab247ccd4156412dac992175baa6ef71e0d78ba5 b6eb0e2b952befe09b971bd44e141ba561eeef5666f94d5a573121d0c4e8e44b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=mac+cosmetics+target+market&__cf_chl_rt_tk=aavKW.c2w2rWLosqJ.GzvKBBegn8p4CuI0Z1lB7Waio-1715177045-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 14:04:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: cMD+/Q3ZSOzlM+2WeARZ5js0Pq8OmT1dLu4y2FleJnS+/hTQGyfA1Hd3YEiocVidpwgXbeo2DX6XJGQv3QbWceb4iATOEqSrJe71PzB/eP0=$bZfX2IDVgZcf0FdA572mrA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0oK45t%2FMkk%2FNqCUCzUN%2BASQR12GQ5gP29j%2FqNQbBzGEawqf3B9%2B5XRjAeXu9J5P0MV7nFx27oo3%2BMIrHDbxsgKjEfRtCC2MVvaVG2WnvsAC6odpZpdSeaxyGRTx0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8809ff382ca5569f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 104.21.28.26 | 403 Forbidden | 5.6 kB |
IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=mac+cosmetics+target+market
File typeHTML document, ASCII text, with very long lines (13971), with no line terminators Hashe95c22045efbe4bdde85879d810b957b b7c4442066ada39081a3b44a3bec2f45354523e1 1f6d1b33dee4fa013144c6c53dfcb1fdbed89629991003bb0266abd18f9366f8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=mac+cosmetics+target+market
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 14:04:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: HYyGATwi70D8VzJEeuPnMBPeWkrXXIPMhmyKFzh7D7caTEMZBGqXgWPZ4NfJQRgPMpkdB0biAJhZtqk5LtzHfzGa25p0PFpriSzld4wNaJY=$9qZUz789d5EFlhy9ut9iPA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDJa%2FrubKC9DhBJBRxOKy6OuPZyBn8JMXUidnXWoKGaDkEHCSoMJ4CAP2lCWPNE4tkeB5eGW6RYexYZJMPX0B17I4hdW6pq%2Fa7YqjJmerLp1BmbWpUh3h%2BxL%2BfCU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8809ff38ffeb712f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1962277611:1715174995:9zSJCFjf-_Xth5gLHAUwOYl2G2BhryboM7bSsOAHdKQ/8809ff3649e9b4ed/ccab69a8fe3cba5 | 104.21.28.26 | | 12 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1962277611:1715174995:9zSJCFjf-_Xth5gLHAUwOYl2G2BhryboM7bSsOAHdKQ/8809ff3649e9b4ed/ccab69a8fe3cba5 IP104.21.28.26:0
File typeASCII text, with very long lines (16204), with no line terminators Hash5dc6504e542637993c1d992a1c18c0b8 00b8f3c072dc4632d91bbf307c034d37503c4bee ba9b5a9810c015fdf58b53f7829b844b79514503b885eb434481be766609c69c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1962277611:1715174995:9zSJCFjf-_Xth5gLHAUwOYl2G2BhryboM7bSsOAHdKQ/8809ff3649e9b4ed/ccab69a8fe3cba5 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=mac+cosmetics+target+market
Content-type: application/x-www-form-urlencoded
CF-Challenge: ccab69a8fe3cba5
Content-Length: 1771
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 14:04:06 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: RtuiIxcOMuErCx1Je03i5pMGDZjgkH4tGB7o6Vufc93K0nMqNJCOqOGbON/DK/sh$ui3ZnbJhdNIhTnaeUE8Kyg==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jaSSGogZzPxyeFUZ6MeVmfY1dvK3ZohR%2B5Lq8QOkFxuNyYcv1cQnrkWTka8p2QNInRcSPj0BtXEWPniRpR%2FNhNhTeci347VcrkVbP6a4x%2FPYQ0bpymA%2F1ptc69VG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8809ff399aeb0b55-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/99eq2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 14:04:06 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8809ff3b4c8d5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8809ff3abbe25689/1715177046611/7ZFrGWN7E9LboB0 | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8809ff3abbe25689/1715177046611/7ZFrGWN7E9LboB0 IP104.17.2.184:0
File typePNG image data, 57 x 68, 8-bit/color RGB, non-interlaced Hashe012a05806e8df93f4b2603125c9f95e f4b77acd8349117c99b27b4a96aae7d2355b01a8 c7305dc816daf0c984c8292120b3742618531510fcfe097491a4a8705fab82a5
GET /cdn-cgi/challenge-platform/h/b/i/8809ff3abbe25689/1715177046611/7ZFrGWN7E9LboB0 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/99eq2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 14:04:08 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8809ff48ae9a5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1962277611:1715174995:9zSJCFjf-_Xth5gLHAUwOYl2G2BhryboM7bSsOAHdKQ/8809ff3649e9b4ed/ccab69a8fe3cba5 | 104.21.28.26 | | 1.8 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1962277611:1715174995:9zSJCFjf-_Xth5gLHAUwOYl2G2BhryboM7bSsOAHdKQ/8809ff3649e9b4ed/ccab69a8fe3cba5 IP104.21.28.26:0
File typeASCII text, with very long lines (2328), with no line terminators Hash8121381e5fa12300a2d1c5a8c8c7c6bf c0196165466dad2fe0cff9267fb5781f98e1ac2c aa36fa7cff92852ede8a33d2ffc3f36b4ed6288c3e33d613fb4155f9612861c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1962277611:1715174995:9zSJCFjf-_Xth5gLHAUwOYl2G2BhryboM7bSsOAHdKQ/8809ff3649e9b4ed/ccab69a8fe3cba5 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=mac+cosmetics+target+market
Content-type: application/x-www-form-urlencoded
CF-Challenge: ccab69a8fe3cba5
Content-Length: 2445
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 14:04:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: bkvEuEM70dX1/vQjcRbGf6UcZWNgxm2a+K5LwgWgUg9ZP+61JEJoQa2Rli+8HZdxmrU6nJPzjjZvBNMplFpxm4Fq8WOD/BKjuofL1QcBecY=$96jYuVeECXMrMH2Um7Micg==
cf-chl-out-s: 8G1UUXCH7gP3d7cVCtRWrA==$OdBttFOEzC4+aQwKN9Xo/w==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k67q41mz%2B52CDU0r6C8uwG%2BSXzBlV6uHr1LxiUhPb3aUDE8OwSUEIx9vBc1C4cHJjKo3W434y6k5LNpXOe2u9ZaXVwovxnBGeCiwTz1dsavFhv9C3v8UJPF1wHby"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8809ff75b8570b55-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/546271630:1715175019:VjepxUHqITTunEFu68mwGOilGChhzniDF-JrGLtibbY/8809ff3abbe25689/5eed8344e33ce64 | 104.17.2.184 | | 7.0 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/546271630:1715175019:VjepxUHqITTunEFu68mwGOilGChhzniDF-JrGLtibbY/8809ff3abbe25689/5eed8344e33ce64 IP104.17.2.184:0
File typeASCII text, with very long lines (960), with no line terminators Hash6943006d7446746801e255e7f0c6a1c9 3e20810ad24283c1a700b1e443baf791d7ac9688 d6ae1150e0e60a56692f6e25b18dfd09c2a65da404c5d432bcf5c4a2a28282d2
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/546271630:1715175019:VjepxUHqITTunEFu68mwGOilGChhzniDF-JrGLtibbY/8809ff3abbe25689/5eed8344e33ce64 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/99eq2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 5eed8344e33ce64
Content-Length: 40874
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 14:04:15 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: 5ZQa6JPTkaw5cXIzYHjjF/scSGQMUy3UaZ5LITJ36st+h6oCU1ZRRh2Bo82slcZv8Z8W98UrTlAHSAXuo6ID8ValZNEpRqXc6JZdd+KdvwY=$i2l36lq4yNb6S/hLqpSo7A==
cf-chl-out-s: h/6Cungx5b4JDMMOIzwCzA==$d8mlJx04XjvSNSs4lW8TgA==
vary: accept-encoding
server: cloudflare
cf-ray: 8809ff753d155689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trafffe.ru/123?utm_term=mac+cosmetics+target+market | 104.21.28.26 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1trafffe.ru/123?utm_term=mac+cosmetics+target+market IP104.21.28.26:80
File typeHTML document, ASCII text, with very long lines (14183), with no line terminators Hash1e0ab3282f9abd9089a3afe53630c7a8 1080c35e5df56740bb10e0621e1b6c1fd7101a10 ec9d8fd1897810f8e1be1c5b99bfcee86b1e1a14fba50709199f3730c224e390
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /123?utm_term=mac+cosmetics+target+market HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 14:04:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: B9fBqqsWR2X/YHyTWXU8SbQVdG9mY2Tw5BcEVlGRxN7x4yUlHmuPKtJefkYU5rOZ4cdsjmAD66LCsGbpxWxNgAH1KLHOM4AVg4bL2Tbl/4U=$GdMY2OMHk86knKnKgudO7g==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jKWBdBG0PChJNQrq5h%2F4vnZrmLivkYuBZNziAa51nZvV6vaHgG%2F9ZmGeAa5NT9d7VaSDlZppddbhkhzq%2BSxy92QVb3mN3rDhDMqN7RTbbDdWAmWipZSLePA5%2BnyO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8809ff829c9e0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8809ff829c9e0b55 | 104.21.28.26 | 200 OK | 112 kB |
URL GET HTTP/1.1trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8809ff829c9e0b55 IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=mac+cosmetics+target+market
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (111996 bytes) Hash942828eb5f5e377b2ba0b215cc2f00fa 77e1601574bf2dc3cc3ed658ab0f60ba13204c7c 61d23ee2a71a40790696fe270395bc6293c87bd85d54bf13a088fcf1e2f77a2c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8809ff829c9e0b55 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=mac+cosmetics+target+market&__cf_chl_rt_tk=ptRdksAP9uYHIIicCd6UomWAOZ2WdEpi4I5MMkzzQfw-1715177057-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 14:04:17 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DO8QrpF9WUDwJmoM3k2kpYUXCQNqebltsCRMpmEqOolsSN31WcFQFQgLMIz207m4RilH2BHNJT4b%2FEcZ%2FVEqWH82bLLccX6cbyuT9ZynuBluF4dgQzyV4j9ulxw8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8809ff82d9da56bd-OSL
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 104.21.28.26 | 403 Forbidden | 5.8 kB |
IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=mac+cosmetics+target+market
File typeHTML document, ASCII text, with very long lines (14303), with no line terminators Hash26a1981ae15e6a744e1dd4d568fa1ef9 fbbbd97d93b3f79431265a9839804edad27f070b db0a0ce4e1a61eb2a5f67bd732f8e1913a754253b9a22a7e8b9d1f4213e34149
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=mac+cosmetics+target+market&__cf_chl_rt_tk=ptRdksAP9uYHIIicCd6UomWAOZ2WdEpi4I5MMkzzQfw-1715177057-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 14:04:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 7LJIAOGczTkeOHFPRJWwRk0ZWtdSrfLY3U18ph8sCfXmkdAQDU9kopsFpWmYQB4zVvB08w9AFL9nn7LihYLgltf4+G565KRN+b5mowQv0iE=$t5TlFB1ys3cXNrFxFFt5rg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IfgB98mqyFuUh3t1hgZtkz30i8Vg9myLdaWB4057bx0eR%2Fc3UMkPsahgqWhFOrSfjzlF7znbllI%2BeMK3U90jcphx1bp8AToZgaIvQHWkl6A8zCOdtWxlFeNjQ70x"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8809ff832a2c56bd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 104.21.28.26 | 403 Forbidden | 5.7 kB |
IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=mac+cosmetics+target+market
File typeHTML document, ASCII text, with very long lines (14218), with no line terminators Hash3afbaa8c4c3fa04754030500fccf28d6 a06f90f4053b7f01510f454dfc4dfc0c234f9bfb 770d23bd561f646b5845a7648eae6c26425843a46ebda0c9b5b57017629f61c4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=mac+cosmetics+target+market
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 14:04:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 3xIfKk5pgrmKUZbWPnAJe9swxerxguCiaGhQ9a6qGgtz0MP/HebdCFTwZddEgYR4FDKoaVDrFxz1cRqXK/wlExwt7WzqAWo4w7VwnQtwejY=$cq91yOPuncoh2g/JIjT3Zw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JxU1Oq5ZCi5I5g8AtSY1bAZAAe7XM8ejWWDrxFdKtxhHBhMMFR%2FS%2BNktwGm%2F6cMFIcPc0biPBL7F8xojQKvRI43ncCoDF%2Bwbt3WZZPtQ%2FyE5vNDVX4tWZoun5cK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8809ff83ac465685-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1252497598:1715174967:FWqFjdzAj3HbZe3tsRrskHBMEak6-d2nhfhnKEAwgKs/8809ff829c9e0b55/d20f0d9b13e53d5 | 104.21.28.26 | 200 OK | 12 kB |
URL POST HTTP/1.1trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1252497598:1715174967:FWqFjdzAj3HbZe3tsRrskHBMEak6-d2nhfhnKEAwgKs/8809ff829c9e0b55/d20f0d9b13e53d5 IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=mac+cosmetics+target+market
File typeASCII text, with very long lines (16216), with no line terminators Hashbbbefee3c1c9bd056392c2e821e6ba7e 57cd3ee056eccdd037178014dd8ed2926a1ec4f1 89711e6e3ab10f841c33c6f6e8f53d8034fa886a3468781721cf459d90aca236
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1252497598:1715174967:FWqFjdzAj3HbZe3tsRrskHBMEak6-d2nhfhnKEAwgKs/8809ff829c9e0b55/d20f0d9b13e53d5 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=mac+cosmetics+target+market
Content-type: application/x-www-form-urlencoded
CF-Challenge: d20f0d9b13e53d5
Content-Length: 1783
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 14:04:18 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 3OsFM+xlqMPPQTjFil4l1X/qP2MO1TM7nnexENqOsEWAmzJlHRHLCBrg8GPg6II0$A1UGnwG3//6f5gaz1+DMvA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZpvbKZAUoxJQQg4AX%2FsycbB1DudgIt04LjHZ5%2FCUXJ6Bxg4qvbgUkyCxRF0Mdf%2FOUiU31ZF24kkSpgP7g6tRlZMBpWNCDF7a7B9p9XiMzq%2B416J%2BFnv5erKs6dR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8809ff849f875693-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fwzzj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 14:04:18 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8809ff85e9665689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8809ff8558c05689/1715177058541/epf8b3KSAmJZ4E2 | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8809ff8558c05689/1715177058541/epf8b3KSAmJZ4E2 IP104.17.2.184:0
File typePNG image data, 66 x 85, 8-bit/color RGB, non-interlaced Hash37dd6c2d3d42fc665ad2f25a0a46308e 67b9485d73688b9bc76a69eb1db0029380779285 e8a4dca773563732df153d6d41f6b98a7d3b87d4f562797621a3026fdb69f927
GET /cdn-cgi/challenge-platform/h/b/i/8809ff8558c05689/1715177058541/epf8b3KSAmJZ4E2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fwzzj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 14:04:20 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8809ff910e5c5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8809ff3abbe25689 | 104.17.2.184 | | 174 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8809ff3abbe25689 IP104.17.2.184:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size174 kB (173705 bytes) Hashe47a45acbdba708fcb5622210530c95f c4545b4020e836e9d41b508c12740fb4d4c1bb64 f8d9fdfe4b49a91b497ad15cb3c8e306c168f47ddd266d4d44eab42ef0261c6f
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8809ff3abbe25689 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/99eq2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 14:04:06 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8809ff3b4c965689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fwzzj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | 200 OK | 80 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fwzzj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:443
Requested byhttp://trafffe.ru/123?utm_term=mac+cosmetics+target+market CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hashb26c69f24342cb01d7e6e65f47d5d7f8 71b1b74f4208bc5a5fdedc1216c6036ba7e21d37 d46e7e1aaebd4e7910534a2ac342f7b15734644f48874ebf30c1f3c9b50be3e3
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fwzzj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 14:04:18 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
referrer-policy: same-origin
origin-agent-cluster: ?1
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
document-policy: js-profiling
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-embedder-policy: require-corp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8809ff8558c05689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit | 104.17.2.184 | 200 OK | 43 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP104.17.2.184:443
Requested byhttp://trafffe.ru/123?utm_term=mac+cosmetics+target+market CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 14:04:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 8809ff83ae8c5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|