| holicisticscrarws.shop/api | 104.21.40.92 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1holicisticscrarws.shop/api IP104.21.40.92:80
File typeHTML document, ASCII text, with very long lines (14361), with no line terminators Hash654e4bc3c2beb4841e0e81e55ae79736 8c16157f9e997092f7cc9a1c73c58f933408a59e 12fc9063a1d465981f58daba44c9dfe22db52ae662ad959a221187c48e472568
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /api HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 15:48:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: hHUTp2yiMs+NlDTBuJEBpNUP9hgYRW9PYYxpwO+vDev1Td6SaP8rwlSJbjG1Vo8nSs/wmkInGhJfSD1P8OUKuBw9pBres6xRFcxW6I2wocBhRTCQ+5415ps5dlIDXxB/qs4rvNpp3dqkMHfZ4+AD6Q==$c12NoIDYOwNpMhMcbR308w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRVoqbfIT7m5gN%2Bq4YPAmNtclo3I7jrrA3bfoNZQIP1Yf%2BfRnZmrui%2Bi7PJwm4wU%2FD3lidEgFEjbWcfB7FIEHWopC%2BJZV6lFgRf9WBncoGJB%2F7qArBgxTlM6DpCniilDoBMro92DPfcq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e9a35a796e0afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e9a35a796e0afe | 104.21.40.92 | | 113 kB |
URL holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e9a35a796e0afe IP104.21.40.92:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size113 kB (113390 bytes) Hash8a1722ae4e7fb015a6d9339d4a7e6d18 8aa2074614cc95d8b4b9876f269a6255ffaa9988 c8894c53d0ff37d341ad9f7154226cb098926be6cdc0474e51aaa5dafea71f40
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e9a35a796e0afe HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/api?__cf_chl_rt_tk=52t4sejo3ZfVN._h7jtVjiEA3ZsUuVFUZxGh8Ywu.kY-1714837738-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 15:48:58 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOI4rMBH0WdsrbBrxvl%2FPjq9OMsZ7qG%2FPJvAXyN8mfLdSHgH%2Bz8X1PWHOs8E7gZ9ui0D1YyJXHSdxyec7JhWa9El24zFFvThWenns9Ik7fX314J00Wozdkq8bQcae0%2FYUxtpHwFvU0jI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e9a35b9d2856ab-OSL
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/favicon.ico | 104.21.40.92 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1holicisticscrarws.shop/favicon.ico IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/api
File typeHTML document, ASCII text, with very long lines (14484), with no line terminators Hashc02adf3ad25ebdfdf75d942840eae3f4 68245c3645bdda5717b046bdaf33df12a583e1ac b45a1a95fd048dbb78ab65cd4b8f2d537d9ef8650a9870004c36de892840ffb3
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/api?__cf_chl_rt_tk=52t4sejo3ZfVN._h7jtVjiEA3ZsUuVFUZxGh8Ywu.kY-1714837738-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 15:48:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: F8L9P6Lu7YpuG6o36RG49b828jVzE71PkTF96EX0n1wQ7xXLL5OTNh7KRtS3coE/XkEACgR+FPhWpYqrq9OZOqkOcR4bfwcHVGX36Eg89pGqmxnquKxhDrpPbFE9qLufkscJ8vxKv+W1qCGJg/yYDw==$DcvhajXTgs8mSC35haKkSA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QK9Etza0O%2BPINMC5RH7%2BjfLe075oVAa8E18PJKFYKu5n3Ke8yluPhdsCu9w2H5ZpHOCJwgHAUFcQN2so%2BZMnnZZVfZjqaCJKkWToiaSiq6%2FFm4roK1Jmp40IUGq9BZuU1Z2k40uUE0Pe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e9a35c1e2856ab-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/favicon.ico | 104.21.40.92 | 403 Forbidden | 5.8 kB |
URL GET HTTP/1.1holicisticscrarws.shop/favicon.ico IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/api
File typeHTML document, ASCII text, with very long lines (14377), with no line terminators Hash856823d8f4d97357af355f5dcd6c1c66 90ed9d900b5b874112ae58b5afdbd496a2acbcaa 52015d51a6ad349142c777fb382b7b46cc8911ff735a884026223da59f4ebc28
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/api
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 15:48:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Ab+Dx6DB9VIRzVLx1HCoA+OHzXNE8JaG34kTbb9h9yOPQ8wL7hawhZWL7EAaZyjyIMih4RYvCbuueY2SnVz9NMOx0vhAHy5+pku8thuGDjeoC4JCLAJS0ZdOGgK1XnHjZTFJyNeoWaxZnqeL9AAmoA==$U5AKgffzNUgEFRWyLDhcvA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkAAxdxEUJBnXoQULRWfKK6j4UyBN0h%2FVp7UmfnY6wjRmdfYtRuHYsfxhncpfs1%2FRhZV8NMv8WL5v2sJXLv%2BosK9gEldFazkKJ%2Bj9G5%2Bg9nU7Ai0bUgiSjM5PqMeooF0LmcBVjfTogpy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e9a35c9f6eb509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1994060004:1714836685:qu2mgvfC0GlH8OXQHfYIG6gKEJJHDqrMXbDOaH5Ww3k/87e9a35a796e0afe/004e2403dc062cf | 104.21.40.92 | | 12 kB |
URL holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1994060004:1714836685:qu2mgvfC0GlH8OXQHfYIG6gKEJJHDqrMXbDOaH5Ww3k/87e9a35a796e0afe/004e2403dc062cf IP104.21.40.92:0
File typeASCII text, with very long lines (16344), with no line terminators Hash3c8f677ec37d6eda54860c4ddea8386d a568f3dc021477f47066044324a83b298974fa32 a746b7b012e86e2629ab85d1317b9423df66d0c98266ce18d58aa515da6a174c
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1994060004:1714836685:qu2mgvfC0GlH8OXQHfYIG6gKEJJHDqrMXbDOaH5Ww3k/87e9a35a796e0afe/004e2403dc062cf HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 004e2403dc062cf
Content-Length: 1872
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 15:48:59 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: ExNijNrPq0ewIA5ktEv0TTFlEE1cA14fiLocDqAyNPnrS9PFLT5xH0SxxMOWqKFB$LqJ1ECRB/G5r1/OdwQBYYw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mzbGzQ3YJo2jKuIONhJWDCCJtw7dYRfDT9gnA2oh%2B7gD0vHY%2F3N9LkzhDWiMLffHH0ouq%2BWr2mqplEsuGSGV%2BwJr0TuGy6%2BNNU0NbU0LMkaeU%2BKFDeOedRjo98l8ehE%2BeKL07Hu9NTU7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e9a35d6db0b51e-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nnglq/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nnglq/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hasha922af79299345cc756e42b69a2c1ce1 f03b56c9fb898ed63130a9732175f045e73c64d1 ecc281ff3018be30970c9f746c0a3c639d2bf2be4d14026e2350d4e87db9b740
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nnglq/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:48:59 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
referrer-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 87e9a35e8deb56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e9a35e8deb56b5 | 104.17.2.184 | | 175 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e9a35e8deb56b5 IP104.17.2.184:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size175 kB (174611 bytes) Hash3203938d441224ebe07058ab7fc6b9f4 9ae3eabf25e7969c79960e5a54518014f5fba736 70b979e0e9a7354453458f117b273577ae8cff9fec5e4a0918f2307ac7b35a32
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e9a35e8deb56b5 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nnglq/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:48:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 87e9a35f1ea956b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e9a35e8deb56b5/1714837739744/sXoW2Ji2_TExkDy | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e9a35e8deb56b5/1714837739744/sXoW2Ji2_TExkDy IP104.17.2.184:0
File typePNG image data, 34 x 17, 8-bit/color RGB, non-interlaced Hash98f400a63bf38195194b7f6fe3bdca33 6ef6b53c04e30eb80800f49daa0679e350c566ae 08c7d4de8ad43a97327f3d9cf3cfb95752ab3b9b9de55353d8b08f519e1b45d6
GET /cdn-cgi/challenge-platform/h/g/i/87e9a35e8deb56b5/1714837739744/sXoW2Ji2_TExkDy HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nnglq/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:49:00 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e9a3683afa56b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1994060004:1714836685:qu2mgvfC0GlH8OXQHfYIG6gKEJJHDqrMXbDOaH5Ww3k/87e9a35a796e0afe/004e2403dc062cf | 104.21.40.92 | | 1.8 kB |
URL holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1994060004:1714836685:qu2mgvfC0GlH8OXQHfYIG6gKEJJHDqrMXbDOaH5Ww3k/87e9a35a796e0afe/004e2403dc062cf IP104.21.40.92:0
File typeASCII text, with very long lines (2328), with no line terminators Hashf5a88b8256cdc395c507c37d71da84c0 ae957893a8b069823990effbe321d02c3a95c27b c4f450b37a038f1ea81c422d6edeb2cdcab1a0ac8ca86181ded7b69d248d5e9b
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1994060004:1714836685:qu2mgvfC0GlH8OXQHfYIG6gKEJJHDqrMXbDOaH5Ww3k/87e9a35a796e0afe/004e2403dc062cf HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 004e2403dc062cf
Content-Length: 2526
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 15:49:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: oi6OBeC3PhOLmZP80hMjHg==$qHUsN4F6CYuTwM1a2dqIAA==
cf-chl-out: qMX+KJ7wTAh11eXu4Bn43sGQHNbYL2J8elT9pxX0aMsJb5VID4f+fikQ2gG5IEKCC3vSwzsXYa+xmHdRg78pqBhkPr9LfBcOLtuyCFrs048=$733NyWMkKI0h5j3o6rxlWw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PlzRMsTkde1uFBh0t3c0vu3AZos%2BuDRylaqW0H1FvYlRD50Sr5Ys%2F4IzTp2rp5NO18KoH%2B4DD83pzNqBIN9snkCK75FNKOWnTwj61QCT%2FlOe0UQ3rCwzVbQjtdmr%2B3ylt6Jg4olbGenv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e9a39a1a1fb51e-OSL
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/api | 104.21.40.92 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1holicisticscrarws.shop/api IP104.21.40.92:80
File typeHTML document, ASCII text, with very long lines (14383), with no line terminators Hash0b7f84a0206873f08b43208b72b41ae9 d98a10bfef5c598149c59eb1ef24263844483c97 c3bd5ff07cb25e0d9ecc364316b4f53a711ac33f2cd1e652f156b6cfee34ef13
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /api HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 15:49:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 8DMxcUto/S4ULmIQvdXQt1zy/ubRwo8PMjXQNDOzvDedfNU+i8c+mZoHg6LNfMfBsdmZ3wd4j9du1sIxFOYstsNmbORezBgxuJObz3t2BOv3TsPWpvKQtuVUrzTbyb9MllAr1ceoWHcbLK7rD03c7g==$+8qlqPqIzP3BiAVtfCgElA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o8CL5rsIkDG%2FMXgcqoH5yRtesS8qpQozL1jd49ZX144XnC4Oe%2BAlb5cCwBxio4Sefvd18k%2B4Vjw8Ki0rJ4cJwwNWQmJ%2F7jhVYDsNe57DXIOMfJ2xO0DqFn5UxgiEY83x3SUKm%2FKHULex"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e9a3a70d1db51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87e9a3a70d1db51e | 104.21.40.92 | 200 OK | 117 kB |
URL GET HTTP/1.1holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87e9a3a70d1db51e IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/api
File typeASCII text, with very long lines (65536), with no line terminators Size117 kB (116839 bytes) Hash902a1ada9d1e65789f9f15eccfb758b3 59c42a6e2da570a4562ef9658e58886226af9871 e5b5bda1c30b3c751d6a29f8126703b004d5a425ef74d4a531d8c9db3faa41c6
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87e9a3a70d1db51e HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/api?__cf_chl_rt_tk=4kpnxpVl40Gf5AoVmLr6KTLC9hrOoWcME92lotgKMcY-1714837750-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 15:49:10 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YGJOsWQRrQ3doL9%2B3bkCN2JGB6MiViFPshshit3%2FZubPJuqA%2Bb4Opxv%2BuW%2FxYLNx%2FM08oV0hDXqlBoGf0ADnQIRumhrsZ6I%2BhZ0Yw%2BVGHDrNH7WovnVlrvNSavurBgq0nLTTLfza2oFN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e9a3a75ec8b4f9-OSL
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/favicon.ico | 104.21.40.92 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1holicisticscrarws.shop/favicon.ico IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/api
File typeHTML document, ASCII text, with very long lines (14505), with no line terminators Hasha4f7e66c7da62169841ee6d530bc0fce d6d7ab667a4806539ba4e35455cea3f08e970aad 30a3731f70e3e7cb78aa6370cf39211a544f3e3e91ccecab21f5b84fa5536501
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/api?__cf_chl_rt_tk=4kpnxpVl40Gf5AoVmLr6KTLC9hrOoWcME92lotgKMcY-1714837750-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 15:49:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: c2uy3l7nZeQR/cacqcAFuAKZjTlrdmVEgIh6rFoLsd9Et/mfvrNe7NZ3laO/QaVJvDiN/lLc8MTcWj+rRzHxIqKSbhbJj/blMjPadJivFPnkwvssotkMRIg4XLvfsohAWRrER5T6hTjZAlaIK7U+EA==$OMIA/AYUV97vI9o9FZXPjg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4CCL%2Bo8ujlnQ8zcLNA%2BbsTjmd%2BJW7SB4LZRCmIz63SGH6yZ4My9aeA3qPkptMQxHlwoacFxuso7XaWPJgaIWCsm3WK2HU6PZ%2BmzObZmqOEdiDWVaQ3OJERNKk3aYJTnQxvQzQxiE0OA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e9a3a7bf38b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/favicon.ico | 104.21.40.92 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1holicisticscrarws.shop/favicon.ico IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/api
File typeHTML document, ASCII text, with very long lines (14420), with no line terminators Hash6d3cdfadb80d2c2b1e1765bb5c4bfa0c 625af7f1d3350d91b35321c236afcb263c88f632 e2a7f63b6d114a8acee3f58fb67fb5928466b160d744e3c623ed86c063199c8b
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/api
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 15:49:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: FE3APcS9TXK+P4ajvXbLsqGTCf99VJ+x3/cI+hI+i6pZTgL7oqIQfVNyXzlqzD99mC+VJedBlMlSFZWyV6Jarl6AqHEqE4HRVNSQk1jfuGw/zjPlZFjb1kdDQe6V/4RTm4F0Yc7WDYrYiqXVXDpNLQ==$yfvTFFuii6u4MnUiCRq8gA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FmDSqLdl6yrnMszrfJqBsZdhs317DfvIPhAzkfugsxzBN0OE95Q3cjcSlBfRHBTSeGahoFbPsJDIwnBb5urRiRl%2FdX0ImbqFSflgbtszqvuMxbqWaz7zfBXve0kM%2BfmBCZ6Q%2FYE6lBdh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e9a3a82f8f56cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/2026743941:1714835346:QXX1oPAgAd80najEBzpkz100Bi-lJqLWLf94ced2QZo/87e9a3a70d1db51e/63603e58ceb67a8 | 104.21.40.92 | 200 OK | 12 kB |
URL POST HTTP/1.1holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/2026743941:1714835346:QXX1oPAgAd80najEBzpkz100Bi-lJqLWLf94ced2QZo/87e9a3a70d1db51e/63603e58ceb67a8 IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/api
File typeASCII text, with very long lines (16368), with no line terminators Hash713488642afbde9abac5486dd54472c8 513b9eb0deac476e7ac74419b16e069d242216af b44da77c5c8a50baba7099e239078aac583efb9d5e3c6ee29406c2106b0555e6
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2026743941:1714835346:QXX1oPAgAd80najEBzpkz100Bi-lJqLWLf94ced2QZo/87e9a3a70d1db51e/63603e58ceb67a8 HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 63603e58ceb67a8
Content-Length: 1847
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 15:49:11 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 7oKoidl9QIu6nk45VqfWNv4vB5njlgh8aONoNb0zvzfZTV/O4rjhEV4PbR766YMJ$qO2UFg4p9JBKMAuSrSSSlw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6y4xk1BUl48VricMiChPZ6Q5%2FZvRUkM2SaasEs6MFsg1Hptky%2FGa9RWlx7yPdobJyKdBy1jxjpg9ucKkxGsmMo2YHZZojl67%2BbybtNtAvi9IV1CnZ3Uh%2Fw8paRwnDwwH1uASNQXD96%2B%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e9a3a8ec1856b5-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/7vm6a/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | 200 OK | 26 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/7vm6a/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:443
Requested byhttp://holicisticscrarws.shop/api CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hashb7f02e087c6ba1a1d21a88d97934cce8 a13426f885e2d2eb8b687bd3633f01c8e0642811 8923f37f9caf345b0e4640d1c8ecb3a48f07e1dcf533ff0f3d2221d7472bc8cf
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/7vm6a/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:49:11 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
cross-origin-embedder-policy: require-corp
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 87e9a3aa0dcb56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit | 104.17.2.184 | 200 OK | 24 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP104.17.2.184:443
Requested byhttp://holicisticscrarws.shop/api CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:49:11 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e9a3a82af556b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87e9a3aa0dcb56b5/1714837751841/xCMt0u71cgBKwKp | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87e9a3aa0dcb56b5/1714837751841/xCMt0u71cgBKwKp IP104.17.2.184:0
File typePNG image data, 73 x 24, 8-bit/color RGB, non-interlaced Hashdc27690dbe7ef4d2d9b30de1aa4ac572 8280af19d7a1a55390fbfd6bcfe776919df88431 c2d835404aa2ff9728dfc5bdc338e02ad263ae77755824e6448ef8bfeffa8634
GET /cdn-cgi/challenge-platform/h/b/i/87e9a3aa0dcb56b5/1714837751841/xCMt0u71cgBKwKp HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/7vm6a/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:49:14 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e9a3bc49c856b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/2026743941:1714835346:QXX1oPAgAd80najEBzpkz100Bi-lJqLWLf94ced2QZo/87e9a3a70d1db51e/63603e58ceb67a8 | 104.21.40.92 | 200 OK | 1.8 kB |
URL POST HTTP/1.1holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/2026743941:1714835346:QXX1oPAgAd80najEBzpkz100Bi-lJqLWLf94ced2QZo/87e9a3a70d1db51e/63603e58ceb67a8 IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/api
File typeASCII text, with very long lines (2328), with no line terminators Hash1faa0164691934d22e844c0d550c3798 abaf7234fd5b7e94ba690539cf8ebf3c3b7ba404 3e01a084f5b3d00f452a600330ffc07327d4defc8cbe5c48c25b493626f184df
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2026743941:1714835346:QXX1oPAgAd80najEBzpkz100Bi-lJqLWLf94ced2QZo/87e9a3a70d1db51e/63603e58ceb67a8 HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 63603e58ceb67a8
Content-Length: 2527
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 15:49:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: vH8P9lFcx4otrc9Z8quO0A==$JBbMojWVjGabN1iD62iHBQ==
cf-chl-out: RijtGICVKgl0NvlrxI8TvtM+N8seXJDGvFMDuhsogDF0QJFcE/AqBAciwS0mw5WJg28uY32D8+fm+SBekZdOauPv6UHcUPqxHvRRueI64ZU=$0WHhKtKyDzyceiNtCyt29w==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=onlb3EXIEwRz704txx8iP2B3mJdRCaHYNqfjqYgwbgeiNCUN6fbx6YR6nRNe266qJdBNQbdBnOXFC4gTYhPfS7NOY1lliQPiWQQGlj5Z6u8wEuZ8YCDNwhPoiDF7j9j0jQxt3%2Bm7EKcs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e9a3df68cc56b5-OSL
alt-svc: h2=":443"; ma=60
|
|