Report - trafffe.ru/123?utm_term=usu+campus+map+pdf

Report Overview

Submitted URL
trafffe.ru/123?utm_term=usu+campus+map+pdf
IP
104.21.28.26
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-09 06:07:22
Access
public
Website Title
Just a moment...
Final URL
trafffe.ru/123?utm_term=usu+campus+map+pdf
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
trafffe.ru	unknown	2020-11-05	2020-11-05	2024-01-22	5.9 kB	299 kB	172.67.170.51
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-08	4.8 kB	467 kB	104.17.2.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	trafffe.ru	Sinkholed
2024-05-09	medium	trafffe.ru	Sinkholed
2024-05-09	medium	trafffe.ru	Sinkholed
2024-05-09	medium	trafffe.ru	Sinkholed
2024-05-09	medium	trafffe.ru	Sinkholed
2024-05-09	medium	trafffe.ru	Sinkholed
2024-05-09	medium	trafffe.ru	Sinkholed
2024-05-09	medium	trafffe.ru	Sinkholed
2024-05-09	medium	trafffe.ru	Sinkholed
2024-05-09	medium	trafffe.ru	Sinkholed
2024-05-09	medium	trafffe.ru	Sinkholed
2024-05-09	medium	trafffe.ru	Sinkholed

ThreatFox

No alerts detected

JavaScript (66)

	URL	Size	First Seen	Last Seen
	challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit	43 kB	2024-05-03	2024-05-09
Pretty URL challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 14:37:28 Last Seen2024-05-09 16:04:48 Times Seen753 Hash a5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5 Loading...

	trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81eb7b2056cc	392 kB	2024-05-09	2024-05-09
Pretty URL trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81eb7b2056cc IP 172.67.170.51 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 08:07:23 Last Seen2024-05-09 08:07:26 Times Seen2 Hash ebd50cec6e7a6c0099e1053af8ff26e2 c354b0b1c5741228b479ad1781332df4eff2de50 c2edbfffca6c4533157c2382b13b3fbe97a91f20e9b102d56df5bd426c98056f Loading...

	trafffe.ru/123?utm_term=usu+campus+map+pdf	4.5 kB	2024-05-09	2024-05-09
Pretty URL trafffe.ru/123?utm_term=usu+campus+map+pdf IP 172.67.170.51 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-09 08:07:23 Last Seen2024-05-09 08:07:23 Times Seen1 Hash 0891a58e2a156dcdf5f05ccd518e9823 d2577ab80b50581e2e5b2f45c4d51fa523c0240e 25ffbaa55ceb3340ebf4c154e809d3e63cf11959c5a3d5133337cfbfa97af6ab Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9815247a65a3a7db830d6ab8e5dec45d	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:23 Last Seen2024-05-09 08:07:23 Times Seen1 Hash 9815247a65a3a7db830d6ab8e5dec45d edefbc4f30c3bb7f28555fad4c4105fd64190f6a c4fb962f53ad7ecb0f37516fa5305ccd7bdfcf738778219a51a0f2eae6ca96cf Loading...

	#2 Eval - dae9690ecf9875a2232e6b218baa6b13	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:23 Last Seen2024-05-09 08:07:23 Times Seen1 Hash dae9690ecf9875a2232e6b218baa6b13 93ecaf06781ed04fc68376e1a12593c3c88b70f2 03b9f1b052ae4330289c7601761fb2d518ec486ac3be81f16ed9dc04a86979ed Loading...

	#3 Eval - 3f101058e476ee02f2e4063b81da3154	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:23 Last Seen2024-05-09 08:07:23 Times Seen1 Hash 3f101058e476ee02f2e4063b81da3154 2502774d5e3d1fba0da2cda40b133c7e6da64944 2b435cb5b729b4471f8f4749107043e94a6056f773b63fbc4a6294a707f50754 Loading...

	#4 Eval - f272bbc482bb1f1fd387a65dd863b6ea	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:23 Last Seen2024-05-09 08:07:23 Times Seen1 Hash f272bbc482bb1f1fd387a65dd863b6ea b5f9569493ac804882dbe6669e4ba4f3618ff68a 7867d2d47d9c4756f4612ec3cc2dbb781f31af30cf43d5f56e55f7b08eabf91d Loading...

	#5 Eval - 008573a319d191a8b8c910c243904cf3	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:23 Last Seen2024-05-09 08:07:23 Times Seen1 Hash 008573a319d191a8b8c910c243904cf3 6b341052fbc9a13d3ad81b4c8cc94bcab6b87658 9f8b2a7e34a37a8a69c44c2ad287ad1a36e47d4d0dc79da49bc51bef60cd4f83 Loading...

	#6 Eval - 46d9c4855d7b9565da70dda3a8165ec2	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:23 Last Seen2024-05-09 08:07:23 Times Seen1 Hash 46d9c4855d7b9565da70dda3a8165ec2 e36c11ad5be01ad95a0f8c1732ddb1add82ec882 2f4aedbe5c40fa61d44608df62c6e028b2c1d2b7318fe1b1cc5f3e1222febcef Loading...

	#7 Eval - 4ff950adb9c72a19676718f0d8ea9b6f	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:23 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 4ff950adb9c72a19676718f0d8ea9b6f e1fa7e6c9206236f8414036f9f00cb256b6cfa42 f2a8dd3a8db194c736e3e5e13ed439b25613f4a29dcd08ac01ca0ad43e9ed649 Loading...

	#8 Eval - d78f7e2c76ac5c3b2576c50dd3ebe77f	2.8 kB	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash d78f7e2c76ac5c3b2576c50dd3ebe77f 2bbc6d8cbf474ab99ec7cc22a65d6438834fc82b b885a005bda6b5d6e5db4c1339dc206f533cfc9f57bc1b96f30884741ade7897 Loading...

	#9 Eval - e48ea122659a8ae57be31662ce810b10	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash e48ea122659a8ae57be31662ce810b10 ae4978a01f59cdebd6bd79daf5e3737977151e99 04d78c77cbd44d27ae70ce430383e470373151b868f30b0fdfa8f1eb4990cfe0 Loading...

	#10 Eval - a04af0ad78f4fc8c679fbb225c45ab35	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash a04af0ad78f4fc8c679fbb225c45ab35 d406c67d3fac9ebd8550a8b811dc2b286cd9018f 0aad312f1d34545756b2589a919941c59fbc4f6210f35fffe4cebe9db6984a8f Loading...

	#11 Eval - fc8dbac96c5febaeff3f68fb870bd975	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash fc8dbac96c5febaeff3f68fb870bd975 1a02eb7584d785d64ead42d924cca8937dcd0c86 209a373ff07eec75f5317d79d748f840cc7071240a0c551b00592f2162bd44a6 Loading...

	#12 Eval - 14f10b2d952334fab23e93ab38400cfb	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 14f10b2d952334fab23e93ab38400cfb aef733e83d1abad0ed6c40cb5d6ce60bdc943a96 4681f14da4ed64d0604d6941e3363a14bad59c3209f52c1aea0761e8f1c5947a Loading...

	#13 Eval - d738aa666527ad74ffa34aa7b071c5b8	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash d738aa666527ad74ffa34aa7b071c5b8 410a37f324b3d9115bc9487eb97aae2729df1a77 d49f6d22927ce67b3386474af7e3ac6390b19c9ca794114f1a87f2ac9532d6d8 Loading...

	#14 Eval - 44ce9c2b5dbdc0f28d7037c070550b74	62 B	2024-05-03	2024-05-09
Pretty Observations First Seen2024-05-03 14:37:29 Last Seen2024-05-09 15:26:38 Times Seen386 Hash 44ce9c2b5dbdc0f28d7037c070550b74 a9d8ff605c113bef81e606ea0bb2d8b0d65bd13e b87899b17160a1ab0138f3ff2eacc0c7c9107f22f6ab3ad6e9d9973b98deb26d Loading...

	#15 Eval - 8bae89d70e3457b42ac05cd3b5229992	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 8bae89d70e3457b42ac05cd3b5229992 0272e99e8475244e085b9cb99ce4cec521f7c58f 56efb9fe149d6efec56a13ea8289f40d4877ea2df04aefcca04cbbe269fb605c Loading...

	#16 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-20 05:56:22 Times Seen353153 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#17 Eval - c1b4e4146247ecc0aca7e9d26f530a4c	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash c1b4e4146247ecc0aca7e9d26f530a4c 3e8c60174a9fa55d75e49ef55f3c805bb8cb0cfe b37860763531ecbd2f0fc4d2803e3dc4be6d96213b3acdd01f8438c43564d8aa Loading...

	#18 Eval - eef885d6e49308f3514ff36e4429f2d1	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash eef885d6e49308f3514ff36e4429f2d1 892f7c909b4f65dd3d1e7a2aea6bceb3055897fe 45bdbd1b4dc9ae442f0f1073f96a57ccb95a4b57fad461885e4ae32e45025795 Loading...

	#19 Eval - 8328d2b5dcc5cd86a740a6954450bde7	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 8328d2b5dcc5cd86a740a6954450bde7 46bf3b39939c42a04873fc6772755abdaba8128a c01159069714bad37cb45ee1982bccef8b8711141fdd10164596f3559b7910d7 Loading...

	#20 Eval - 3b11e21b59a80d7f4cc1c764830aaa22	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 3b11e21b59a80d7f4cc1c764830aaa22 9ab230c830092d30daaea16e92362fc3665d1043 5abb443cabb6d35d1624248655067260b157cca189241ccca31f715d11d396cb Loading...

	#21 Eval - 20483a90b72f62e7ac227a0893f3dbff	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 20483a90b72f62e7ac227a0893f3dbff b9ad1cce24237b0c6310e8a8815aefa840e5065a 8a8e736f8a712f7915db32868654d59ffedd5d1b160edda895a0bc32edbf8d4e Loading...

	#22 Eval - 54478ad603ea23417ec834d08494046e	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 54478ad603ea23417ec834d08494046e a714179c6f3f92c055c11c5054831b71922ed97e b532fc858029132c0bba7ac7c1d7d89d3f60072a2685c175ef620a3ad7e2c60c Loading...

	#23 Eval - 87d9ddc283b56d5a85b2f63210685cae	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 87d9ddc283b56d5a85b2f63210685cae fe9873970627c57b56396bee050885a29ebfe4ed 1b048aa4a19f9cee2bbbc33c8e88adda6ecbb14f6bbf18898b4da62d4a1d8006 Loading...

	#24 Eval - d81878193c578c97ec29db5f95886c91	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash d81878193c578c97ec29db5f95886c91 6a1001cac403b6e86df5eaafb05b35be82ab30be e8a14c5d1d4abd64706fec75ef6a6f5ba6150e6cf9eb35e099673546101cf997 Loading...

	#25 Eval - bac9544aa89234af54034125c091af81	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash bac9544aa89234af54034125c091af81 c2e59362f944a54f122ee1a0ed10d81900ec37fb acbbe85ab9905ed90438a7ea945144b35bbf75e512241337de349b2cc467f65f Loading...

	#26 Eval - 602af07812e7f14da3ca2ef843816c42	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 602af07812e7f14da3ca2ef843816c42 e66866da5aab5269f01292ffef6e5aa7af7ce3b0 f4d77304014f99d7811b0c5411628dede6bbb7c2bd4f06e5ea977bd51198166c Loading...

	#27 Eval - 594deb342e9e0e225e0ac304f4348ed6	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 594deb342e9e0e225e0ac304f4348ed6 a5d5c4dd84752b508bb4550128e52fc5ab6a64e0 7847162dc21d253fa064f73e632f5d90dee869805d303aeb60c640c2aede6edb Loading...

	#28 Eval - f59d9c6c19edb3e3446b198f7ff01a89	2.8 kB	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash f59d9c6c19edb3e3446b198f7ff01a89 27ae5259c579824fbff397a9690c19e7d114ba2f e3da5bd3c0688a8b9f6f0289fe49d2728466235130b6a20d4492e2a289c8f31a Loading...

	#29 Eval - 7fcdc13c5c4a2d386173fb0dc40f9ce9	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 7fcdc13c5c4a2d386173fb0dc40f9ce9 8dc94407c5a836ec0089fa3f7020c48ecb8d39aa b1069d140b4dc52f8256eaf311ac30119309ac3ab012e0d1401c2ab394c97744 Loading...

	#30 Eval - a56d7f9e58810636bcb5693d6e6ce57e	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash a56d7f9e58810636bcb5693d6e6ce57e 371c224e8744fcfc5707796247ae784adea407b4 bdcb7ff220c5d027a14e325c8af4a96f760b343e3b9655f1c5c01a603264ddc9 Loading...

	#31 Eval - 22450440f419f4a3d3caa8a402efdaf1	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 22450440f419f4a3d3caa8a402efdaf1 beedcc760f65a201f60a8c25e026be70ac6563a7 16ca22ea37c974e50c2f14cddf32436326c3aaaf8c429c21fb7bee9bc584d3cf Loading...

	#32 Eval - 08fabba511dde38c4ef45cfbc8d32fff	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 08fabba511dde38c4ef45cfbc8d32fff 7aa2cd67b797093e4f7a4894069904b1eb2e9852 00242e77e01d02dbd637f0ccfe3b10be0b73223d14afad0366b27953169c813b Loading...

	#33 Eval - 856359635248f7082b4da2f8ca73e341	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 856359635248f7082b4da2f8ca73e341 c06188a1a2eb632e8d8f377d2e2a390841582fc4 29a3c9fad371101092c7040733574e930961986558203e8cb8c0be400b5d5eb1 Loading...

	#34 Eval - c817ebca055a9fa409f21c547bb19c34	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash c817ebca055a9fa409f21c547bb19c34 1395750814e7b254f0c1d976532c8d4e56c8485f d4a2efd279e1a242421457a1dc2007470dc6ca7839e1251d0794b2df64243994 Loading...

	#35 Eval - e21160d1ce5d9de4dafa9faf26813850	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash e21160d1ce5d9de4dafa9faf26813850 2d3950ca29ca779cb1ff276fcf7e1dce564494a5 14960a41d35defe1192286062bad527f7601ff6f5240856bf8e190f4a56bfac9 Loading...

	#36 Eval - ef05c39a351197f3c1789ecefb48e17f	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash ef05c39a351197f3c1789ecefb48e17f 4caf4ea48260a7c7af51403beb51a195554b6539 0a931ccac64c37ae5c564c35ed4691435e4bbf62bf16b43d1deef24f727e2fc6 Loading...

	#37 Eval - 559ebd38c0b09d21cc691dc5bac57236	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 559ebd38c0b09d21cc691dc5bac57236 4dd417ce699f4e7ec78664d16d5739c191aa09ed b31cb8cce3f537941ebf4ce9e9357e35cca86cf4ab599ca16eadd3ce3bbc7bed Loading...

	#38 Eval - 276d54a1f0e762a806f0972519a9b360	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:24 Times Seen1 Hash 276d54a1f0e762a806f0972519a9b360 9cd652329deb0640f39a7433eecf225d1461d1dd 15bfd46f73901c1fa426fac58f6ba9addb1c1bcb80c5dff922008494de5b0ed6 Loading...

	#39 Eval - 00fd6eb4d21a16c16e3bd8481d87070f	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:24 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 00fd6eb4d21a16c16e3bd8481d87070f 0c26586716e58bf6ab64cdd59f6e3550db1f2a92 5732327e1281450058bcd66edc513b38ef290124fa1c54e23d759469569eb7ae Loading...

	#40 Eval - 5b5d2bee471a87f601a105ac88433d8f	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 5b5d2bee471a87f601a105ac88433d8f 31c49a44a5b224903a990d3d2211909a90c6072e 2f086571807c72dc2b5aa0cdf7e724193bbe976767ce8856145be483eda063c2 Loading...

	#41 Eval - d3f7c1ba10284968f2c3b6f4be11be03	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash d3f7c1ba10284968f2c3b6f4be11be03 10a9f321614498d013a2242963a5521d13ddab1f 7889b955ef2f3cdccf89ecd265a3a35d43d35b0da8694512330afc121d08d1d2 Loading...

	#42 Eval - 3d43edc78ea72562f6999475efceb0b1	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 3d43edc78ea72562f6999475efceb0b1 2b78b8253463f8df36ae98a2cebcb5be82d2cc31 55f93a520b716c9f8a253834680906698f2da5a28d4a710422c3b6b05913b7c4 Loading...

	#43 Eval - 842a7f327db1390190d78cedda9a6d90	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 842a7f327db1390190d78cedda9a6d90 fb9067fdadef3ad5105ce7b8ef4508cfc8730537 9975a8b1ec791bae9701ee0bc6aa664fa72c50756a75b84db3e57cd761971916 Loading...

	#44 Eval - 29595f1700c4a3acbf1ed9b15535b3af	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 29595f1700c4a3acbf1ed9b15535b3af d1191a78e4c48c19ca3ee5be74a2a712daa4bc17 e4792753e834d1e945386f452e2b9daae58d91c77c15e461ac73e7412be6475d Loading...

	#45 Eval - 69a618d06e3ce68f91162009a7e9fa5e	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 69a618d06e3ce68f91162009a7e9fa5e c3b45284a2649f1d1f7fecbb1e3d2e09c1bfc833 af5c674a6069187e9a72b4aea815f50b768cc2a5bb80590725347e11d27278e2 Loading...

	#46 Eval - 2c38fb8c9a7367e7a0c17a05190fe993	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 2c38fb8c9a7367e7a0c17a05190fe993 2203df3d3e6493252e7fb7ef7c2d45b73f4865b3 9df86eb7cb57f29908bbcdfe6b6445ac9fff436bcf4c4a4f05147d25714a4611 Loading...

	#47 Eval - 12cde7e892f2a2cac5aac0c0c5f4bd76	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 12cde7e892f2a2cac5aac0c0c5f4bd76 44e8bc594cebe9d0072d6f6cbd26c893961e9b18 8ff6bff78fafa9bdfe48cba4dacfa6e9c62e970aecc4a15f737a9334f6381a79 Loading...

	#48 Eval - 44610376b76e04770706ab55ed8f83c3	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 44610376b76e04770706ab55ed8f83c3 09874b16f01b3780ae0e01204f2121a08f03f761 7de4f8f904394195340db5df60c8fca40d249dca095d4cbbe9653cd7534aa81c Loading...

	#49 Eval - 57b7c0557a5cc8cf531653d7af00289a	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 57b7c0557a5cc8cf531653d7af00289a 0e786de633f213d61ccd63cbbefd38ae2411fd2f 3504f55c9e8102fccb8bd8ee2da45a22addb1f8a429b68b84dd74384b1e8e1fd Loading...

	#50 Eval - 13b66bc8f0e94c7355676f00b27f0b60	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 13b66bc8f0e94c7355676f00b27f0b60 84af2e8a4ca8ca52e7347810e355d61ed9b2a627 f91fcd672a11b0a133378ac6bf0f0a3bc95eb8961f9d951e517aa6208120a5c4 Loading...

	#51 Eval - 105e5fcfda7ad4236ce7b9f6850c7b92	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 105e5fcfda7ad4236ce7b9f6850c7b92 b1c1e3ca8bacf25b24aeeea940d659fc4f53a569 4af9e67bae2cc32bf18ead33e676baec82bb6e03b1110e13befb41f6b8f76dd0 Loading...

	#52 Eval - ba8bee1c4f68df1c534d904c9213e803	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash ba8bee1c4f68df1c534d904c9213e803 81d47ccb21e17b5e150e4060f96f072162ba557c 11df465774d933760cceb950135a3d297f6e9464825cf03f9aebedf83ddfce3a Loading...

	#53 Eval - aac2ccf449a2b3592643e60eed4d98b2	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash aac2ccf449a2b3592643e60eed4d98b2 d33347af97e968703ac59314d6e3d98bd6c08d18 da9a6ba899fca049ca8185b651646b255605f82252ed4eb8227cc48aef149f50 Loading...

	#54 Eval - 74bf5a50376d00755a9a0aad930c73c0	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 74bf5a50376d00755a9a0aad930c73c0 d5afa2874083097bdc7ec1babccb94a298b31dd9 3bea6d89e33309a980671243cc30abb350142bb30577ea8c2c47c5649de5feb0 Loading...

	#55 Eval - 1f53fa70dd7b0a4bd7533507c3f51661	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 1f53fa70dd7b0a4bd7533507c3f51661 66cf18588946d9e103a79f2ca128249208ad4bf8 44a58503b03dd62306cf1a38ff47c7682c61385f4762dce81d36cb74a802b5a0 Loading...

	#56 Eval - 3c445953b974e6d1a464ab0513eecccf	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 3c445953b974e6d1a464ab0513eecccf 32eb5e02a2c9b03285d1a4e3377fbc1a2d4bad8f f57954343360127a95b6bd24def7101f879550bed25d507439180d8006b2f789 Loading...

	#57 Eval - 6c58a8a11f18d2261f724d5913f10829	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 6c58a8a11f18d2261f724d5913f10829 5ad4b7a7105e0447893d893720bd3f098870b545 94e19a4ce5f9ec19c7fe9ab9b2bd370455ae0442209534e0f6e3662ac8760519 Loading...

	#58 Eval - dfa2830a56d929fd8f9dc48194e5e4cd	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash dfa2830a56d929fd8f9dc48194e5e4cd 4aaafb6f72ea950e600cdae97eeea1c3dfe468fa be57047976b19b6c109562d9c3de8c59f30f1270303984b08401a79acf41b3db Loading...

	#59 Eval - a3f91f5b89b1c32ef10e3b5f480d8411	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash a3f91f5b89b1c32ef10e3b5f480d8411 d0e2cc37b7bfea053b2093e6e26cb72ca64122d4 90780ab2a9c87559407953bc0a394bdd27748552cbae676d1e73b4e813fa5f35 Loading...

	#60 Eval - 13403ad6a1701175606ea40be6832a03	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 13403ad6a1701175606ea40be6832a03 53ea5a780531dae764e7d21e87011189e3eed40e e4d41d7130dbd99459056afdb8c1eff7640e195b7dd46e31a38ebd9cbe728c33 Loading...

	#61 Eval - f5c075243b69865a66c96b9f0fe2b60b	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash f5c075243b69865a66c96b9f0fe2b60b 82063894d2a9732f3d6532aee4171990347b8ee3 6398c76a4797f756f440905ed515de8001c3b571b2d83dae5a4d10e74aca6032 Loading...

	#62 Eval - a9ad4cb6a8892b2162c38e12e42dc10b	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash a9ad4cb6a8892b2162c38e12e42dc10b 3afcce9dc2a022154e294ab2aca693be49c9bb2d e466dbaa363d39bc6f04a540f114e4f1bd6eb3802703c8829381f3c19789d963 Loading...

	#63 Eval - 66c67df2995531d66bec3ca97f23839c	28 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 08:07:25 Last Seen2024-05-09 08:07:25 Times Seen1 Hash 66c67df2995531d66bec3ca97f23839c 50bae63d45cf8c3cab04862fae3c992829b08f68 880d1144653ead5c7cc1625049ef05e2823645c0b2795b560e2cf81bf627c763 Loading...

HTTP Transactions (20)

URL IP Response Size

trafffe.ru/123?utm_term=usu+campus+map+pdf

172.67.170.51

403 Forbidden

5.7 kB

URL User Request GET HTTP/1.1
trafffe.ru/123?utm_term=usu+campus+map+pdf
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14101), with no line terminators
Size
5.7 kB (5719 bytes)
Hash
5692185630ad627071ceaea13ac53ad1
1ef5393177bced3a2069c37ac8f16d6c6640b76c
8acb1ceb29be84bf90de38988ba4624a4e85e2964fc07e7a2d83a6e560290d22

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /123?utm_term=usu+campus+map+pdf HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:06:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: yHy9+cuFybzQM80uSojlBIX4jcS553qe7s9U5jy3/oAp+xermg32TCt5iQiiO8E+1OnlWVW/TUE+vh4Kj+vMXtchNvtq+MOzawOapYmvw5o=$8jmJnDG1j3+8QJStD+uM2w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=euglq3nQd6tlJATJy06ab910HnnidAtuiDqevm%2F%2BM8Tz0rbzf5N7in%2BSIkngA1tuKDN4%2FyB1O2KWqRGOHHE14Nh604Cig46n9FvwvkJxy8GACGm8j6%2BlONIWJEdw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81a7af0d56a4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81a7af0d56a4

172.67.170.51

110 kB

URL
trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81a7af0d56a4
IP
172.67.170.51:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
110 kB (110336 bytes)
Hash
a767ee5da6971a596acf6ade49f65e75
32fb7e35ed06373fcf31ee30bb695d99cc9cf2a5
59632884cdcc1af6f821b0a75399221c46bbc1e0da5b892d502aeaf5358c81a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81a7af0d56a4 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf&__cf_chl_rt_tk=dDDBU0LaLJ7emhgV1eaUxMXJ5Pmq57DRqKS3GXzPsFk-1715234817-0.0.1.1-1258
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:06:57 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SUreFKaW1HMfOZ0VOOyW37Qm9V8aTmTGykxAjqRegFFHFkiECD911LHiEANfAawLlCvBicJzAjCi8XGrZCbUijrPrfs%2F4ppYQM2iFJT4E12MUFpriRS9HtcCFlAl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f81a9ad0f5687-OSL
alt-svc: h2=":443"; ma=60

trafffe.ru/favicon.ico

172.67.170.51

403 Forbidden

5.7 kB

URL GET HTTP/1.1
trafffe.ru/favicon.ico
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/123?utm_term=usu+campus+map+pdf

File type
HTML document, ASCII text, with very long lines (14056), with no line terminators
Size
5.7 kB (5707 bytes)
Hash
690488f3123552e11aad7c894f2e4346
8098e24efc4b717d4da401583d39de617dfcafd9
b97030d4d6d78e5a943694109d5e2f2d433ade4d7f6002195b96b4072aecc3b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf&__cf_chl_rt_tk=dDDBU0LaLJ7emhgV1eaUxMXJ5Pmq57DRqKS3GXzPsFk-1715234817-0.0.1.1-1258
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:06:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 2EOeuzvD7eSOBoDrScPWOc+8dAn6IM4To7GJ5T94OQ/4rJl55cdlPm6hOK0rNl015Nw34Q3Ir1SJe5jjb7VXfbrBGUk5pD+VhQNW76owKow=$+cYvXT4RHKng/CsvnA8Bng==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rVqgl%2F5U6s7lg1HhBziSKTWoYcN6Ml9O703EbOylLzMdC8VaeOYuFCKmjtkGIoHa1WhFyD%2BCajq12DC22kNY8T%2BmNGtCXZqpRd%2B7R%2F5UuPMuooGxzxXED0YjOQ6p"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81a9fd295687-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/favicon.ico

172.67.170.51

403 Forbidden

5.6 kB

URL GET HTTP/1.1
trafffe.ru/favicon.ico
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/123?utm_term=usu+campus+map+pdf

File type
HTML document, ASCII text, with very long lines (13971), with no line terminators
Size
5.6 kB (5628 bytes)
Hash
5c102d73eb2666d8ac30989f3bb665e3
d8f490699f37e4a19a5e097e16186c91f78ab36c
046619ba22636cd7a61e7e7094878766d91731f19d4e478604feb2a11d59a7c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:06:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: WOSXYG4d0YJCId1bjVdDzaofSII4Eli6OBB2l47v+fqGE/xPl7KBC7/LZw7L3wOyBH9D8ure9jodrVozQflthr6wje+MCQ506JKb54vUGzw=$By5XbWcDiLgKwavhlTG6vw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2r08HkoT3ZuWJmJ0S0JAV9TdOY67GtJZwGiClBZ80OJggMltFKVpk5l44zXoD1zYmKR6YU%2FGEZYjOjYciZh2KOXuTaQgo6YMfwGUfltzTGuBV6us4u7FrBb4Er%2BD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81aafad25693-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9

172.67.170.51

12 kB

URL
trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9
IP
172.67.170.51:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (16216), with no line terminators
Size
12 kB (12340 bytes)
Hash
c4d6981483a564db29fac4235b6aa74c
67ffef67b497e2d819076f871efb0d75a95a55ba
b2cfc22ba04ce346cfb279a0d99c1c4ca6bcf1f53b8488027f7e76913f133570

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
Content-type: application/x-www-form-urlencoded
CF-Challenge: f6d34ce3915b3f9
Content-Length: 1756
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:06:57 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: YenH13LSN8Vfjo2sx9m9N1xshMSeCGlWN2+7Hu7jToyi2sQwdFLldMhrD82TnMaC$jXljSkeF+7PWjYFb07Q9gQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OCwrpeHB1KSHRs360djFoTwRV7MBrpUQxFgm7FWUcbb%2FLCl%2FL%2FODsoQs%2BSeJSU3WgFgaD7RMFANwbsZFtDlluzUvOd5tdDAeDcBXeVDLgiTrBT2040gv%2BxxF0XWT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f81abada856cc-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:58 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880f81ad9ca70b65-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880f81acec040b65

104.17.2.184

177 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880f81acec040b65
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
177 kB (176822 bytes)
Hash
dde84e198bc155fad4e8ae962c3e00fb
176363e7e69c3c4e79724e8b57194406a22666d0
1cb21691ae7ea180acad74dfaa62da31b437b5bf7bd434080351ee452ca16e2a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880f81acec040b65 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 880f81ad9ca80b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880f81acec040b65/1715234818544/Q33YPX2YbEzCJig

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880f81acec040b65/1715234818544/Q33YPX2YbEzCJig
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 72 x 55, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
00a9dc804cccee7ebeaab07633b52951
4bfb8e4078eb8283fef9b4650b1fba99ccc87934
71c2943b0f135a56c4f4a8762934b62774d25f7d920b9747cdc62bf0c56e045b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/880f81acec040b65/1715234818544/Q33YPX2YbEzCJig HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:07:01 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880f81c1e8c80b65-OSL
alt-svc: h3=":443"; ma=86400

trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9

172.67.170.51

1.8 kB

URL
trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9
IP
172.67.170.51:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2328), with no line terminators
Size
1.8 kB (1798 bytes)
Hash
b5980b3873181af5fcaf2ad0cbcc273e
c7c3e1b7e7e87c907f243152c81c1fa05001f6b8
74c11ffc09c1e9205ff78d47ba9ba090d48fa76c52d60e0d021c6b63b0fb7075

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/192463029:1715232613:qCCcz2FwCrDJ53D8y4tLC6ARTuqjOK2bc-dhDTeKfEM/880f81a7af0d56a4/f6d34ce3915b3f9 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
Content-type: application/x-www-form-urlencoded
CF-Challenge: f6d34ce3915b3f9
Content-Length: 2390
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:07:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: P7RRhcTKmlCrRAlY0RAbqzAqgJ9r7kXBSEBkKAVujKNKhDMm86HoSMl/M9m88Y593AsHo3hbAI6MNSBnIL4q+Lfl2ExPe54hnwNhxLXS9nI=$uUUlia2bug/xvhFLDToL/Q==
cf-chl-out-s: 5Mp5gGAYNzIiWOxiVtT9zQ==$b8ZhFcKabfxVPgzFA2DQiA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQ6L2zPqBNYocLJMbns0Nchf8lg%2FtfB7ZM41Kp28nDCa91glNqRQVs1KjkYgSF%2B6P9enqOWjwZHLBctS3NbpxQS2Kd3IvrpyQ%2Bolq8UJIO1RbZtPyygKC46bAVYX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f81de88ba56cc-OSL
alt-svc: h2=":443"; ma=60

trafffe.ru/123?utm_term=usu+campus+map+pdf

172.67.170.51

403 Forbidden

5.7 kB

URL User Request GET HTTP/1.1
trafffe.ru/123?utm_term=usu+campus+map+pdf
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14123), with no line terminators
Size
5.7 kB (5727 bytes)
Hash
81c02a7c900d9f78be910c1056b5984c
01e8df8bdf6b586d6cf075b2dce356b63686bb74
3a009a1f86be21326c3c90a0ed0e0727cb707f5b1d223742fa88588a07c8d19d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /123?utm_term=usu+campus+map+pdf HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:07:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: UnLfyCT1a/JjzOGHWUbsx7OSAOL710COMGSG5uwHvw3hogeqhFWhMmGTuwZhb0jQHUDRGu8zv1sXLE+9f3v52dhN/khgTCYJtTXDFLmmgPw=$Wj3NzOVuvLlFcdpfHkZJLw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvmCqTu2%2BilmRvHIOXX70bKAFnx3FdjacZkhwRd0IvEKA%2Fv050pZylayin2Bu2WSL79gpSjgp6h%2FHiKXb1Y%2BGkjlXiRh3uFI3W8YbFWH2CjX1uX1P6Gc9ymIUAZv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81eb7b2056cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81eb7b2056cc

172.67.170.51

200 OK

112 kB

URL GET HTTP/1.1
trafffe.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81eb7b2056cc
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/123?utm_term=usu+campus+map+pdf

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
112 kB (111664 bytes)
Hash
ebd50cec6e7a6c0099e1053af8ff26e2
c354b0b1c5741228b479ad1781332df4eff2de50
c2edbfffca6c4533157c2382b13b3fbe97a91f20e9b102d56df5bd426c98056f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880f81eb7b2056cc HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf&__cf_chl_rt_tk=IYt3.v4JqIxQB4mJKuHzoHVJotoF5PXh_YgeCfwAmaQ-1715234828-0.0.1.1-1258
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:07:08 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Nnwjz8B741RpkbcWZzfAA4pzSqV0Gz6O8711t3o0PtEgA5Pik%2FRdC5NLYlNs4Vhvwo%2F%2Bkx7ar%2BBxvtWAsj0yy%2FalFJcc7C9bDRDUAMtmU0mm8eNxtVdYfUO%2FShb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f81ebe93eb500-OSL
alt-svc: h2=":443"; ma=60

trafffe.ru/favicon.ico

172.67.170.51

403 Forbidden

5.7 kB

URL GET HTTP/1.1
trafffe.ru/favicon.ico
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/123?utm_term=usu+campus+map+pdf

File type
HTML document, ASCII text, with very long lines (14077), with no line terminators
Size
5.7 kB (5715 bytes)
Hash
8670a22dfa2c97110243077282602584
2cbbddaab11615371e4394fe82bd211cdda8861c
3a5de1fab214050567f0d325b8ee95e1953e22afd0e2878a2a8d1ee85b3ca456

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf&__cf_chl_rt_tk=IYt3.v4JqIxQB4mJKuHzoHVJotoF5PXh_YgeCfwAmaQ-1715234828-0.0.1.1-1258
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:07:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: yQnhrPSnDhiepAodpoyXIAocqJPd24rBZ5ieH9zQxrq4j+Z+sQyLfQABHPaoGQTjfIe2XWw+F6QqNr7XH4bmSzoOwjXex+R1OM+P/HTk88s=$qVj8GAhQYDq6KcwLl9s6kA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNIbYqgu2EEzaHPaoVwak97LBen1P%2B1bWyFgA3nCl9sa242J1SqYP0kRhsuPn0gS7tjQwB3swD0%2BQdJGsW4dDTXXlZXKEKNFS5RyQaG37kSedwiYcs9sdOZo6Cp0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81ec499fb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/favicon.ico

172.67.170.51

403 Forbidden

5.7 kB

URL GET HTTP/1.1
trafffe.ru/favicon.ico
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/123?utm_term=usu+campus+map+pdf

File type
HTML document, ASCII text, with very long lines (13992), with no line terminators
Size
5.7 kB (5652 bytes)
Hash
869891775b0486fe40d7c7497dd2c7c3
515d8f56399edb887e509fa2a02d4f1dafd2b51e
86545f011868497ed4e3ee62a4812608eec90dbdc7ab6b449134c9ec50594522

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 06:07:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: RDpJm3U6z3PFblw4f2QKDvduKly/OtsDKzbSKiFKuN3D79StM9XRkhiE3MR4ZrzNxiIkaS/3dJaHFLS7vDWbHZuoHXV3CNnGASLwZRHp3a0=$k1B5qNrYa1rugEZGjhYw6Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2F%2F4Dx%2FDlAIk4L8urYaRG6bYeCgZQwjU5%2BdEDV8ammiMmiTCc2CyCkDVoqzT1QiPNoK0qTugCGhzGEi5WbPqBBAOwMndQ1baichT5IU%2FEPRyVMyfuvQJZrHLm0mK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880f81ecda995684-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71

172.67.170.51

200 OK

12 kB

URL POST HTTP/1.1
trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/123?utm_term=usu+campus+map+pdf

File type
ASCII text, with very long lines (16208), with no line terminators
Size
12 kB (12329 bytes)
Hash
041245982b3ed7362aab1bb50393c916
ff5a76be5fd31405c1dbac02d00f7ebcd5e4a2b7
5ee298c94e7224afd0e8480fa3e52ebe90ede33c35d680afdd22cc88afb3db9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
Content-type: application/x-www-form-urlencoded
CF-Challenge: c5d470c97082f71
Content-Length: 1746
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:07:08 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: y1MNN4hVV5eeSUltJH7jXuAxJAiCm5mlofi3axZ0ej8mPuygjJs9rd755+pmwKic$jF9qb9AaxhN7gtaGAOt4PA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BlD3JXCYh4VQ4qQpYpl25g6ub4MsA1kb2j0DF%2Fk4Jq%2BGBiJlZRJTbqGNTOQth%2FzkzDLlbN6nNeu%2BVBJ%2FySlqcQaLJNAEW3ykPHHvEzb6ZjjFrqpEdoL1ED1cD%2FAM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f81ed99a856c4-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/findc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:07:08 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880f81ef2b480b65-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.2.184

34 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (41702)
Size
34 kB (34483 bytes)
Hash
5ba49ab2ba3756c08c94f32438510142
ecd95c77302d921df6f8411667228b76b066ad91
ac7866a51f1bc3e1339cdd6566b164f1a43fe4fb96b83cefb3a05098f6ab000b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ep2cu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:58 GMT
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-embedder-policy: require-corp
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
document-policy: js-profiling
vary: accept-encoding
server: cloudflare
cf-ray: 880f81acec040b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/findc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.2.184

200 OK

208 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/findc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/123?utm_term=usu+campus+map+pdf
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
208 kB (208090 bytes)
Hash
1a07cbbced04d38ff243ba2c3c6cb237
f47ce5e0694daa4655830453ea73247081e43850
3b192a77ced00cb9e3ac2e777b2131febf05fbd8279836b8d6fad2cbe5949fd7

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/findc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:07:08 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
cross-origin-embedder-policy: require-corp
origin-agent-cluster: ?1
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 880f81ee9ae70b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880f81ee9ae70b65/1715234829042/xT3iugXk16ehpIr

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880f81ee9ae70b65/1715234829042/xT3iugXk16ehpIr
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 82 x 13, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
64718c79402c4f04f4faf5300abcefe6
59745e56907ef64a9b53b8ebd60ee8c0fbf769af
a8ff92ee17401246f32d86493a537053913c7c5efc828b8ed36914f0f63860a5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/880f81ee9ae70b65/1715234829042/xT3iugXk16ehpIr HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/findc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:07:12 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880f82048f910b65-OSL
alt-svc: h3=":443"; ma=86400

trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71

172.67.170.51

200 OK

1.8 kB

URL POST HTTP/1.1
trafffe.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/123?utm_term=usu+campus+map+pdf

File type
ASCII text, with very long lines (2328), with no line terminators
Size
1.8 kB (1802 bytes)
Hash
b6e09b530d15b68c8ca5c8d9cc53c1a2
0577e53646de0a050f5f516800a5bd0863a28d7c
56ca97167de31bba0f939d747cf1fb6b603728e0a54f396171f7712eeb2d9071

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1446417333:1715232620:4lfWo9iYDJW_u2NPBirIfjoqHO6MPv5eI92tjWmUWts/880f81eb7b2056cc/c5d470c97082f71 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=usu+campus+map+pdf
Content-type: application/x-www-form-urlencoded
CF-Challenge: c5d470c97082f71
Content-Length: 2389
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 May 2024 06:07:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: aIARN14eLXBO46kQOD078+hO7Vs25rVsp3M2YWdi42GmyI+ANYFapDajMXcli6hEKu6uMujPxtrXDgz61JkD5OclepwbE16wIIEDxsP3vco=$oSIsB1BwytNNDQdKfzfgFw==
cf-chl-out-s: 0yY22DCSdxyHoq4CLfrRtg==$vfv00M3OIwAOk5ryCJp1mw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMRmJRFS9FHJrJ0fGhch2yB5eWKsCzHs9Dz%2BiqKhTU8E2RRix0vK5i0%2Bglxog8sqpSeOaYTPvLd8DoWYnIYnUzFAJbDTsPmh9enNp%2BsGksDHxuPToosprwJ3YM4D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880f82231c2056c4-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit

104.17.2.184

200 OK

43 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/123?utm_term=usu+campus+map+pdf
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42565)
Size
43 kB (42566 bytes)
Hash
a5b92920e25651d2058f4982a108347b
caeeadd68d38fdb681c52006c68880abc2e8a1a6
49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5

HTTP Headers

GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 06:07:08 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 880f81ecc9f70b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (66)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations