| trafffe.ru/123?utm_term=usu+campus+map+pdf | 172.67.170.51 | 403 Forbidden | 5.7 kB |
URL User Request GET HTTP/1.1trafffe.ru/123?utm_term=usu+campus+map+pdf IP172.67.170.51:80
File typeHTML document, ASCII text, with very long lines (14101), with no line terminators Hash5692185630ad627071ceaea13ac53ad1 1ef5393177bced3a2069c37ac8f16d6c6640b76c 8acb1ceb29be84bf90de38988ba4624a4e85e2964fc07e7a2d83a6e560290d22
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /123?utm_term=usu+campus+map+pdf HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:06:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: yHy9+cuFybzQM80uSojlBIX4jcS553qe7s9U5jy3/oAp+xermg32TCt5iQiiO8E+1OnlWVW/TUE+vh4Kj+vMXtchNvtq+MOzawOapYmvw5o=$8jmJnDG1j3+8QJStD+uM2w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=euglq3nQd6tlJATJy06ab910HnnidAtuiDqevm%2F%2BM8Tz0rbzf5N7in%2BSIkngA1tuKDN4%2FyB1O2KWqRGOHHE14Nh604Cig46n9FvwvkJxy8GACGm8j6%2BlONIWJEdw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81a7af0d56a4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81a7af0d56a4 | 172.67.170.51 | | 110 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81a7af0d56a4 IP172.67.170.51:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size110 kB (110336 bytes) Hasha767ee5da6971a596acf6ade49f65e75 32fb7e35ed06373fcf31ee30bb695d99cc9cf2a5 59632884cdcc1af6f821b0a75399221c46bbc1e0da5b892d502aeaf5358c81a9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81a7af0d56a4 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf&__cf_chl_rt_tk=dDDBU0LaLJ7emhgV1eaUxMXJ5Pmq57DRqKS3GXzPsFk-1715234817-0.0.1.1-1258
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:06:57 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SUreFKaW1HMfOZ0VOOyW37Qm9V8aTmTGykxAjqRegFFHFkiECD911LHiEANfAawLlCvBicJzAjCi8XGrZCbUijrPrfs%2F4ppYQM2iFJT4E12MUFpriRS9HtcCFlAl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f81a9ad0f5687-OSL
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 172.67.170.51 | 403 Forbidden | 5.7 kB |
IP172.67.170.51:80
Requested byhttp://trafffe.ru/123?utm_term=usu+campus+map+pdf
File typeHTML document, ASCII text, with very long lines (14056), with no line terminators Hash690488f3123552e11aad7c894f2e4346 8098e24efc4b717d4da401583d39de617dfcafd9 b97030d4d6d78e5a943694109d5e2f2d433ade4d7f6002195b96b4072aecc3b9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf&__cf_chl_rt_tk=dDDBU0LaLJ7emhgV1eaUxMXJ5Pmq57DRqKS3GXzPsFk-1715234817-0.0.1.1-1258
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:06:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 2EOeuzvD7eSOBoDrScPWOc+8dAn6IM4To7GJ5T94OQ/4rJl55cdlPm6hOK0rNl015Nw34Q3Ir1SJe5jjb7VXfbrBGUk5pD+VhQNW76owKow=$+cYvXT4RHKng/CsvnA8Bng==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rVqgl%2F5U6s7lg1HhBziSKTWoYcN6Ml9O703EbOylLzMdC8VaeOYuFCKmjtkGIoHa1WhFyD%2BCajq12DC22kNY8T%2BmNGtCXZqpRd%2B7R%2F5UuPMuooGxzxXED0YjOQ6p"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81a9fd295687-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 172.67.170.51 | 403 Forbidden | 5.6 kB |
IP172.67.170.51:80
Requested byhttp://trafffe.ru/123?utm_term=usu+campus+map+pdf
File typeHTML document, ASCII text, with very long lines (13971), with no line terminators Hash5c102d73eb2666d8ac30989f3bb665e3 d8f490699f37e4a19a5e097e16186c91f78ab36c 046619ba22636cd7a61e7e7094878766d91731f19d4e478604feb2a11d59a7c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:06:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: WOSXYG4d0YJCId1bjVdDzaofSII4Eli6OBB2l47v+fqGE/xPl7KBC7/LZw7L3wOyBH9D8ure9jodrVozQflthr6wje+MCQ506JKb54vUGzw=$By5XbWcDiLgKwavhlTG6vw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2r08HkoT3ZuWJmJ0S0JAV9TdOY67GtJZwGiClBZ80OJggMltFKVpk5l44zXoD1zYmKR6YU%2FGEZYjOjYciZh2KOXuTaQgo6YMfwGUfltzTGuBV6us4u7FrBb4Er%2BD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81aafad25693-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9 | 172.67.170.51 | | 12 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9 IP172.67.170.51:0
File typeASCII text, with very long lines (16216), with no line terminators Hashc4d6981483a564db29fac4235b6aa74c 67ffef67b497e2d819076f871efb0d75a95a55ba b2cfc22ba04ce346cfb279a0d99c1c4ca6bcf1f53b8488027f7e76913f133570
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
Content-type: application/x-www-form-urlencoded
CF-Challenge: f6d34ce3915b3f9
Content-Length: 1756
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:06:57 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: YenH13LSN8Vfjo2sx9m9N1xshMSeCGlWN2+7Hu7jToyi2sQwdFLldMhrD82TnMaC$jXljSkeF+7PWjYFb07Q9gQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OCwrpeHB1KSHRs360djFoTwRV7MBrpUQxFgm7FWUcbb%2FLCl%2FL%2FODsoQs%2BSeJSU3WgFgaD7RMFANwbsZFtDlluzUvOd5tdDAeDcBXeVDLgiTrBT2040gv%2BxxF0XWT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f81abada856cc-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:58 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880f81ad9ca70b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880f81acec040b65 | 104.17.2.184 | | 177 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880f81acec040b65 IP104.17.2.184:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size177 kB (176822 bytes) Hashdde84e198bc155fad4e8ae962c3e00fb 176363e7e69c3c4e79724e8b57194406a22666d0 1cb21691ae7ea180acad74dfaa62da31b437b5bf7bd434080351ee452ca16e2a
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880f81acec040b65 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 880f81ad9ca80b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880f81acec040b65/1715234818544/Q33YPX2YbEzCJig | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880f81acec040b65/1715234818544/Q33YPX2YbEzCJig IP104.17.2.184:0
File typePNG image data, 72 x 55, 8-bit/color RGB, non-interlaced Hash00a9dc804cccee7ebeaab07633b52951 4bfb8e4078eb8283fef9b4650b1fba99ccc87934 71c2943b0f135a56c4f4a8762934b62774d25f7d920b9747cdc62bf0c56e045b
GET /cdn-cgi/challenge-platform/h/b/i/880f81acec040b65/1715234818544/Q33YPX2YbEzCJig HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 06:07:01 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880f81c1e8c80b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9 | 172.67.170.51 | | 1.8 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9 IP172.67.170.51:0
File typeASCII text, with very long lines (2328), with no line terminators Hashb5980b3873181af5fcaf2ad0cbcc273e c7c3e1b7e7e87c907f243152c81c1fa05001f6b8 74c11ffc09c1e9205ff78d47ba9ba090d48fa76c52d60e0d021c6b63b0fb7075
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
Content-type: application/x-www-form-urlencoded
CF-Challenge: f6d34ce3915b3f9
Content-Length: 2390
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:07:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: P7RRhcTKmlCrRAlY0RAbqzAqgJ9r7kXBSEBkKAVujKNKhDMm86HoSMl/M9m88Y593AsHo3hbAI6MNSBnIL4q+Lfl2ExPe54hnwNhxLXS9nI=$uUUlia2bug/xvhFLDToL/Q==
cf-chl-out-s: 5Mp5gGAYNzIiWOxiVtT9zQ==$b8ZhFcKabfxVPgzFA2DQiA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQ6L2zPqBNYocLJMbns0Nchf8lg%2FtfB7ZM41Kp28nDCa91glNqRQVs1KjkYgSF%2B6P9enqOWjwZHLBctS3NbpxQS2Kd3IvrpyQ%2Bolq8UJIO1RbZtPyygKC46bAVYX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f81de88ba56cc-OSL
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/123?utm_term=usu+campus+map+pdf | 172.67.170.51 | 403 Forbidden | 5.7 kB |
URL User Request GET HTTP/1.1trafffe.ru/123?utm_term=usu+campus+map+pdf IP172.67.170.51:80
File typeHTML document, ASCII text, with very long lines (14123), with no line terminators Hash81c02a7c900d9f78be910c1056b5984c 01e8df8bdf6b586d6cf075b2dce356b63686bb74 3a009a1f86be21326c3c90a0ed0e0727cb707f5b1d223742fa88588a07c8d19d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /123?utm_term=usu+campus+map+pdf HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:07:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: UnLfyCT1a/JjzOGHWUbsx7OSAOL710COMGSG5uwHvw3hogeqhFWhMmGTuwZhb0jQHUDRGu8zv1sXLE+9f3v52dhN/khgTCYJtTXDFLmmgPw=$Wj3NzOVuvLlFcdpfHkZJLw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvmCqTu2%2BilmRvHIOXX70bKAFnx3FdjacZkhwRd0IvEKA%2Fv050pZylayin2Bu2WSL79gpSjgp6h%2FHiKXb1Y%2BGkjlXiRh3uFI3W8YbFWH2CjX1uX1P6Gc9ymIUAZv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81eb7b2056cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81eb7b2056cc | 172.67.170.51 | 200 OK | 112 kB |
URL GET HTTP/1.1trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81eb7b2056cc IP172.67.170.51:80
Requested byhttp://trafffe.ru/123?utm_term=usu+campus+map+pdf
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (111664 bytes) Hashebd50cec6e7a6c0099e1053af8ff26e2 c354b0b1c5741228b479ad1781332df4eff2de50 c2edbfffca6c4533157c2382b13b3fbe97a91f20e9b102d56df5bd426c98056f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81eb7b2056cc HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf&__cf_chl_rt_tk=IYt3.v4JqIxQB4mJKuHzoHVJotoF5PXh_YgeCfwAmaQ-1715234828-0.0.1.1-1258
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:07:08 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Nnwjz8B741RpkbcWZzfAA4pzSqV0Gz6O8711t3o0PtEgA5Pik%2FRdC5NLYlNs4Vhvwo%2F%2Bkx7ar%2BBxvtWAsj0yy%2FalFJcc7C9bDRDUAMtmU0mm8eNxtVdYfUO%2FShb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f81ebe93eb500-OSL
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 172.67.170.51 | 403 Forbidden | 5.7 kB |
IP172.67.170.51:80
Requested byhttp://trafffe.ru/123?utm_term=usu+campus+map+pdf
File typeHTML document, ASCII text, with very long lines (14077), with no line terminators Hash8670a22dfa2c97110243077282602584 2cbbddaab11615371e4394fe82bd211cdda8861c 3a5de1fab214050567f0d325b8ee95e1953e22afd0e2878a2a8d1ee85b3ca456
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf&__cf_chl_rt_tk=IYt3.v4JqIxQB4mJKuHzoHVJotoF5PXh_YgeCfwAmaQ-1715234828-0.0.1.1-1258
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:07:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: yQnhrPSnDhiepAodpoyXIAocqJPd24rBZ5ieH9zQxrq4j+Z+sQyLfQABHPaoGQTjfIe2XWw+F6QqNr7XH4bmSzoOwjXex+R1OM+P/HTk88s=$qVj8GAhQYDq6KcwLl9s6kA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNIbYqgu2EEzaHPaoVwak97LBen1P%2B1bWyFgA3nCl9sa242J1SqYP0kRhsuPn0gS7tjQwB3swD0%2BQdJGsW4dDTXXlZXKEKNFS5RyQaG37kSedwiYcs9sdOZo6Cp0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81ec499fb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 172.67.170.51 | 403 Forbidden | 5.7 kB |
IP172.67.170.51:80
Requested byhttp://trafffe.ru/123?utm_term=usu+campus+map+pdf
File typeHTML document, ASCII text, with very long lines (13992), with no line terminators Hash869891775b0486fe40d7c7497dd2c7c3 515d8f56399edb887e509fa2a02d4f1dafd2b51e 86545f011868497ed4e3ee62a4812608eec90dbdc7ab6b449134c9ec50594522
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:07:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: RDpJm3U6z3PFblw4f2QKDvduKly/OtsDKzbSKiFKuN3D79StM9XRkhiE3MR4ZrzNxiIkaS/3dJaHFLS7vDWbHZuoHXV3CNnGASLwZRHp3a0=$k1B5qNrYa1rugEZGjhYw6Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2F%2F4Dx%2FDlAIk4L8urYaRG6bYeCgZQwjU5%2BdEDV8ammiMmiTCc2CyCkDVoqzT1QiPNoK0qTugCGhzGEi5WbPqBBAOwMndQ1baichT5IU%2FEPRyVMyfuvQJZrHLm0mK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81ecda995684-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71 | 172.67.170.51 | 200 OK | 12 kB |
URL POST HTTP/1.1trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71 IP172.67.170.51:80
Requested byhttp://trafffe.ru/123?utm_term=usu+campus+map+pdf
File typeASCII text, with very long lines (16208), with no line terminators Hash041245982b3ed7362aab1bb50393c916 ff5a76be5fd31405c1dbac02d00f7ebcd5e4a2b7 5ee298c94e7224afd0e8480fa3e52ebe90ede33c35d680afdd22cc88afb3db9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
Content-type: application/x-www-form-urlencoded
CF-Challenge: c5d470c97082f71
Content-Length: 1746
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:07:08 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: y1MNN4hVV5eeSUltJH7jXuAxJAiCm5mlofi3axZ0ej8mPuygjJs9rd755+pmwKic$jF9qb9AaxhN7gtaGAOt4PA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BlD3JXCYh4VQ4qQpYpl25g6ub4MsA1kb2j0DF%2Fk4Jq%2BGBiJlZRJTbqGNTOQth%2FzkzDLlbN6nNeu%2BVBJ%2FySlqcQaLJNAEW3ykPHHvEzb6ZjjFrqpEdoL1ED1cD%2FAM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f81ed99a856c4-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/findc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 06:07:08 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880f81ef2b480b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | | 34 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hash5ba49ab2ba3756c08c94f32438510142 ecd95c77302d921df6f8411667228b76b066ad91 ac7866a51f1bc3e1339cdd6566b164f1a43fe4fb96b83cefb3a05098f6ab000b
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:58 GMT
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-embedder-policy: require-corp
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
document-policy: js-profiling
vary: accept-encoding
server: cloudflare
cf-ray: 880f81acec040b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/findc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | 200 OK | 208 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/findc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:443
Requested byhttp://trafffe.ru/123?utm_term=usu+campus+map+pdf CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Size208 kB (208090 bytes) Hash1a07cbbced04d38ff243ba2c3c6cb237 f47ce5e0694daa4655830453ea73247081e43850 3b192a77ced00cb9e3ac2e777b2131febf05fbd8279836b8d6fad2cbe5949fd7
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/findc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 06:07:08 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
cross-origin-embedder-policy: require-corp
origin-agent-cluster: ?1
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 880f81ee9ae70b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880f81ee9ae70b65/1715234829042/xT3iugXk16ehpIr | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880f81ee9ae70b65/1715234829042/xT3iugXk16ehpIr IP104.17.2.184:0
File typePNG image data, 82 x 13, 8-bit/color RGB, non-interlaced Hash64718c79402c4f04f4faf5300abcefe6 59745e56907ef64a9b53b8ebd60ee8c0fbf769af a8ff92ee17401246f32d86493a537053913c7c5efc828b8ed36914f0f63860a5
GET /cdn-cgi/challenge-platform/h/b/i/880f81ee9ae70b65/1715234829042/xT3iugXk16ehpIr HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/findc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 06:07:12 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880f82048f910b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71 | 172.67.170.51 | 200 OK | 1.8 kB |
URL POST HTTP/1.1trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71 IP172.67.170.51:80
Requested byhttp://trafffe.ru/123?utm_term=usu+campus+map+pdf
File typeASCII text, with very long lines (2328), with no line terminators Hashb6e09b530d15b68c8ca5c8d9cc53c1a2 0577e53646de0a050f5f516800a5bd0863a28d7c 56ca97167de31bba0f939d747cf1fb6b603728e0a54f396171f7712eeb2d9071
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
Content-type: application/x-www-form-urlencoded
CF-Challenge: c5d470c97082f71
Content-Length: 2389
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:07:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: aIARN14eLXBO46kQOD078+hO7Vs25rVsp3M2YWdi42GmyI+ANYFapDajMXcli6hEKu6uMujPxtrXDgz61JkD5OclepwbE16wIIEDxsP3vco=$oSIsB1BwytNNDQdKfzfgFw==
cf-chl-out-s: 0yY22DCSdxyHoq4CLfrRtg==$vfv00M3OIwAOk5ryCJp1mw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMRmJRFS9FHJrJ0fGhch2yB5eWKsCzHs9Dz%2BiqKhTU8E2RRix0vK5i0%2Bglxog8sqpSeOaYTPvLd8DoWYnIYnUzFAJbDTsPmh9enNp%2BsGksDHxuPToosprwJ3YM4D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f82231c2056c4-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit | 104.17.2.184 | 200 OK | 43 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP104.17.2.184:443
Requested byhttp://trafffe.ru/123?utm_term=usu+campus+map+pdf CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 06:07:08 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 880f81ecc9f70b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|