| | 188.114.97.1 | 200 OK | 13 kB |
URL User Request POST HTTP/1.1IP188.114.97.1:80
File typeHTML document, ASCII text, with very long lines (16228), with no line terminators Hash1b6bbe9178810c4c632109cfcf953d14 ed76915c410d7f35af3764f675e8a2bea7f0c7b3 73d3664ea1868d0e790e1a7e18a2b9ea7573bbd8a4db3696640eb28eb2d2b870
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Wed, 08 May 2024 19:46:46 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: C4ubBdbQzlKcZ7bX1Lay/jppzhX/ijfOMIgUMrTBpOKWLJAQ44kg8YNFBXiMUpdtQmk7tLlQSBHzIb0gbeKxn+EkY1qRIuA1G0haOYCp/TI=$r9WYEPtYijK6K+lAsWLH1w==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQRDAGTaVqJemxsp7e%2Bot6AH8t5BxoYua%2FE4LYIC9bJFZFtvg3G8nNHgCixTzkXTrt8A6Ib7UWdh%2FHI339Zz4WKGeyjGca6a%2FjRcd0WCh1y7REg5X8iCO6%2FNtCLdSZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bf5323d8e568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cowh67amx.cc/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=880bf533afce569d | 188.114.96.1 | | 112 kB |
URL cowh67amx.cc/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=880bf533afce569d IP188.114.96.1:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (112180 bytes) Hash4f3d68fd66d253ee99f6d320c8ec8c9e eeba471a27531aac63c1041c850080d4f7df4b10 f62f11613186a3a91e41b09d79d6af5c71b8aeb4766aa3ca5bba2061740729f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=880bf533afce569d HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/?__cf_chl_rt_tk=6Dj__kvvbWd4p9O7bnqvyUZDvJQxz6ZukU1o.i8Pw0w-1715197606-0.0.1.1-1450
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:46:47 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uCM6R4Bnw9BnlqKkUv1YwUiWAbTtQTEpeIj53CbRWSItQi7TbE%2FnzN7qHmynW%2FAacae6iv8QTIP%2BNWSJsHwnC5%2FSAo8%2BD%2F%2B38h48dog2UAsWPxR1reEzZyFrD637Zoo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880bf534cbbd56cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/favicon.ico | 188.114.96.1 | | 996 B |
IP188.114.96.1:0
File typeHTML document, ASCII text, with very long lines (2706), with no line terminators Hash29727e454bb71111688ed5607ebcb153 884ccfa3a4744b660161682bdb200a637cd5f925 c250880e26a101e43065590450432206d7ab93490f6ae8803c84a93a3099b7c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/?__cf_chl_rt_tk=6Dj__kvvbWd4p9O7bnqvyUZDvJQxz6ZukU1o.i8Pw0w-1715197606-0.0.1.1-1450
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:46:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5053
Last-Modified: Wed, 08 May 2024 18:22:34 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPXagAEh2H%2BOJXOFA0sJsVD%2FJ%2FyqtiC4oHwvDdsJDMmlPMdGZ2JICtV6GkrO6Y84YDUUY5D%2Fl96zOWO9O7yAyIbdk5EaYg8dYV4OdF9UW2p0Z8utJxpXiP%2BCH%2Fq1YFE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880bf5354c8056cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/favicon.ico | 188.114.96.1 | | 996 B |
IP188.114.96.1:0
File typeHTML document, ASCII text, with very long lines (2706), with no line terminators Hash29727e454bb71111688ed5607ebcb153 884ccfa3a4744b660161682bdb200a637cd5f925 c250880e26a101e43065590450432206d7ab93490f6ae8803c84a93a3099b7c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:46:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5053
Last-Modified: Wed, 08 May 2024 18:22:34 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aLSKmSbqja%2B3uJEZgMgAYLP%2BxXOaU07lQcZGxOVpcHtm1cyj93DnAoN9mLLDQwUE6CL9YeFazRq83pL4y6TzKB00T8yW1u0bNaIPDupm2wxjnLh%2BJYronaLITvidM8A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880bf535dd8f56cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/678471046:1715195767:ko89zH0vvVehKK_kCa8ONerW4DXyihs-6Fc5rQTdJrI/880bf533afce569d/8356700b9e99ad6 | 188.114.96.1 | | 12 kB |
URL cowh67amx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/678471046:1715195767:ko89zH0vvVehKK_kCa8ONerW4DXyihs-6Fc5rQTdJrI/880bf533afce569d/8356700b9e99ad6 IP188.114.96.1:0
File typeASCII text, with very long lines (16288), with no line terminators Hash55be461c4dc211225a1f8979b118f4ea 641bd88d64283c25ef4ceb95687866bb31d0dc83 8cf528059117b83898b47f48f9bb2459205654217a0f0e440bce6f8765268403
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/678471046:1715195767:ko89zH0vvVehKK_kCa8ONerW4DXyihs-6Fc5rQTdJrI/880bf533afce569d/8356700b9e99ad6 HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8356700b9e99ad6
Content-Length: 1681
Origin: http://cowh67amx.cc
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:46:47 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 0YQ4+rSSQpQKNjkduPp9/vrJaq4tjouv1lbZ+VX6guWmvtHRRnzD8RwreYHPBXBb$TD09aJxemT5ixmL2+O16SQ==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0hWfAvsm6OUcEuLyW1c9p%2BP15YT7Kylqv8k7Dzj6vIWAG5oNyi9koyYOzuXPMzhQG8kQ4A4ixjQ1A1fW133iqUmMsrOmcw04RAUfiqeSJRO3J2JVNKznpdiHE4q7bY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880bf5368edb56cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cgvb0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:46:47 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880bf5380dac0afa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit | 104.17.3.184 | | 15 kB |
URL challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit IP104.17.3.184:0
File typeJavaScript source, ASCII text, with very long lines (42616) Hash86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4
GET /turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cowh67amx.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:46:47 GMT
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cache-control: max-age=604800, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bf535fc9a7129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1272624094:1715195991:OPgh8CSsI0IDLLQi12RiRyJTCiC5yL56lBsRJfqrsK8/880bf5376cf00afa/bd6eca46e9bbb38 | 104.17.3.184 | | 96 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1272624094:1715195991:OPgh8CSsI0IDLLQi12RiRyJTCiC5yL56lBsRJfqrsK8/880bf5376cf00afa/bd6eca46e9bbb38 IP104.17.3.184:0
File typeASCII text, with very long lines (65536), with no line terminators Hash578fac0c1d4108bf68c6d4ec7b40a4c9 eff0c74d6359c638871568ee68f68b8f3be200d8 211fc5f6d3ae2be70268830b29ed2de13a887ff7595179e1fd06c41b6ed54450
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1272624094:1715195991:OPgh8CSsI0IDLLQi12RiRyJTCiC5yL56lBsRJfqrsK8/880bf5376cf00afa/bd6eca46e9bbb38 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cgvb0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: bd6eca46e9bbb38
Content-Length: 3396
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:46:48 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 5t2VMnEvjPwTKIO+4/rBJTKDv/BMVAKTNhCm3Dh6JmaTqDCTJ8GsmxZJf6u5kE7Yi+Hac7Bqug0WtdHFptwbQkyr5UCjlZRSX9knNX15Me2vvC8YGmAGLY0CDTomJP83MCZ6wq0wxn2+pCzorpagVc5J4Qtwtn4hHDtvMFtrWe6/yS2KQRogmzMkTkXPfmyHyrsxEwxp6DG2GiLV5VKan1qiBP8nXcYmncxk3tUxXM2+a6cq7rlHMLeUQBKJlxyGx1j/dUH+iRELdgYg/2Nkigl9aejZ25We4+D0T2aT9ZCRKKWeHJ4M/sVP2Zb2dcOO/ZDrKEScEbh4+mHrDuWRPRrhaMuX5aHi9dJC6dYrCiKHpkmnbc6jwj6YViQA1Amju1HnnZrl8BVdjUd6hQd4PgbuMMpYB+PlEqyG1ES9ZI1KO6mhKcdGLAapxbEe0Ez8$73EbqUAnp1cXcFSLfBgesA==
server: cloudflare
cf-ray: 880bf5399fbd0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=880bf5376cf00afa | 104.17.3.184 | | 127 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=880bf5376cf00afa IP104.17.3.184:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size127 kB (126558 bytes) Hash8a1babb61ccc2b00a6887422d688505d 94c5ceb1fd1eab25e2d09db316a33046268a7c28 df24c7afabfe1670e897a1cf48a75918c0f9b53420a7b872992d594c6335c4fb
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=880bf5376cf00afa HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cgvb0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:46:47 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 880bf5380daf0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/880bf5376cf00afa/1715197607968/nnZvgjZC2rE4nni | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/880bf5376cf00afa/1715197607968/nnZvgjZC2rE4nni IP104.17.3.184:0
File typePNG image data, 76 x 91, 8-bit/color RGB, non-interlaced Hash91977b28065e8d27105c993c15700fc7 2ae683db0b30941c97bb31ef145a46c107e37357 9bca6bb3c71893622914e37cbdd17c64c88e33d61297cb94debda83d6ff702ad
GET /cdn-cgi/challenge-platform/h/g/i/880bf5376cf00afa/1715197607968/nnZvgjZC2rE4nni HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cgvb0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:46:52 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880bf553381e0afa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1272624094:1715195991:OPgh8CSsI0IDLLQi12RiRyJTCiC5yL56lBsRJfqrsK8/880bf5376cf00afa/bd6eca46e9bbb38 | 104.17.3.184 | | 23 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1272624094:1715195991:OPgh8CSsI0IDLLQi12RiRyJTCiC5yL56lBsRJfqrsK8/880bf5376cf00afa/bd6eca46e9bbb38 IP104.17.3.184:0
File typeASCII text, with very long lines (22380), with no line terminators Hashe2e5de1a6983238aa98488eab17990c5 eb30a159fd92a7e867487239c6ea960f1fe96794 1455f3e1323a1ffa7b69497813da228b445619f916c4529d7683b3d8ada70a27
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1272624094:1715195991:OPgh8CSsI0IDLLQi12RiRyJTCiC5yL56lBsRJfqrsK8/880bf5376cf00afa/bd6eca46e9bbb38 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cgvb0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: bd6eca46e9bbb38
Content-Length: 27851
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:46:52 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: SPQiOzpe7lkY2BxR+/ztMlTM8jl80aNW2pPqo/AC++WzL/8rlSa5iiLwR2epF/Yi$9nC2qOuQmVJ7UnNAtUqqzw==
server: cloudflare
cf-ray: 880bf5576dcb0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cowh67amx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/678471046:1715195767:ko89zH0vvVehKK_kCa8ONerW4DXyihs-6Fc5rQTdJrI/880bf533afce569d/8356700b9e99ad6 | 188.114.96.1 | | 3.3 kB |
URL cowh67amx.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/678471046:1715195767:ko89zH0vvVehKK_kCa8ONerW4DXyihs-6Fc5rQTdJrI/880bf533afce569d/8356700b9e99ad6 IP188.114.96.1:0
File typeASCII text, with very long lines (4296), with no line terminators Hash9da4fbf467fa4f7bce23388991addfef 053bbdef112be124c1334279407bbc943b8121cb cfb00d313657dfdc2b66d10fc4e5f11e96703047c6158dadd8bafac7a33cbb0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/678471046:1715195767:ko89zH0vvVehKK_kCa8ONerW4DXyihs-6Fc5rQTdJrI/880bf533afce569d/8356700b9e99ad6 HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8356700b9e99ad6
Content-Length: 3139
Origin: http://cowh67amx.cc
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:46:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: otBZkExbhsJAKLTofhMamQ==$lhJKjsP3iDuCm8AVviWTKQ==
cf-chl-out: ilL2kT9WGnTHhhSPhWe02NGiytZHL43ViJlKi0RbsdzHyB4+UQZylnvaGenURzyWMzUuThXAZ8Y4sCAHJMYngQ==$F58k+rFob8gq1fAEyQG6Yw==
set-cookie: cf_chl_rc_m=;Expires=Tue, 07 May 2024 19:46:59 GMT;SameSite=Strict
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUa15BIfLumSQ8b6kR2x58p9TXWkJUOQHmuUv8fcikW4BZKnsHpLzNttXaMkfbj1pbkuWME2UTbr2Vn3r1FNQy994sW6A12Vvy7nnH%2FBzxKI8T5m0nrFtJhStTsCjJc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880bf580299e56cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| | 188.114.96.1 | 200 OK | 1.0 kB |
URL User Request POST HTTP/1.1IP188.114.96.1:80
File typeHTML document, ASCII text, with very long lines (2706), with no line terminators Hash29727e454bb71111688ed5607ebcb153 884ccfa3a4744b660161682bdb200a637cd5f925 c250880e26a101e43065590450432206d7ab93490f6ae8803c84a93a3099b7c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST / HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/?__cf_chl_tk=6Dj__kvvbWd4p9O7bnqvyUZDvJQxz6ZukU1o.i8Pw0w-1715197606-0.0.1.1-1450
Content-Type: application/x-www-form-urlencoded
Content-Length: 2747
Origin: http://cowh67amx.cc
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:46:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_clearance=P5Q6_LpTxfAVOMSPAk4YJQJaW_dr53oyBWknZCLcEb8-1715197606-1.0.1.1-Z6pmnzQyJFm2_MZJc6IjW4iByXfQE7qjHgLh1CKQsu3clvocZz9EyU6qnn8F2j3U9_Pq8mk0uTKy2SYXIS7upA; Path=/; Expires=Thu, 08-May-25 19:46:59 GMT; Domain=.cowh67amx.cc; HttpOnly
Last-Modified: Wed, 08 May 2024 14:56:50 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E3ysU136qMJMcp%2B80GXlxutQym57LyNnFGsrFiPgiYg4qhPLwBLzRt9Nwo%2BsmJlZwKfHESTeWZWnullTDn586Mm7h06BJ9x31YHS22UouDFUQ2vbdvWrSyWyDIencfE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880bf5813bb356cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/css/chunk-vendors.c57533e1.css | 188.114.96.1 | 200 OK | 44 kB |
URL GET HTTP/1.1cowh67amx.cc/css/chunk-vendors.c57533e1.css IP188.114.96.1:80
File typeASCII text, with very long lines (65536), with no line terminators Hashebfffebc1f62c3be51082e6595a0a005 e278fbd6fd48150b3f366b50ed388983d934978c f5ce9e73e1f7cea326eedd4f39d9b2d703ba4ccb31a6078cdc1fb16481298a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/chunk-vendors.c57533e1.css HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cowh67amx.cc/
Cookie: cf_clearance=P5Q6_LpTxfAVOMSPAk4YJQJaW_dr53oyBWknZCLcEb8-1715197606-1.0.1.1-Z6pmnzQyJFm2_MZJc6IjW4iByXfQE7qjHgLh1CKQsu3clvocZz9EyU6qnn8F2j3U9_Pq8mk0uTKy2SYXIS7upA
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:46:59 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 14:56:48 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5064
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FYk5FxcPpW7zg7%2BgZTYtkFnU9REMUD05UHoAFuooL3r%2FMk2DgqSX2DPx%2F7bashA7gxeuMd7lYfd9bgAhvC63Vzom43qkAN9kfyG%2BWCS6L%2BxspCBZNdoyhnVx4QBbJs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880bf582ab2a712f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/css/app.90b2c268.css | 188.114.96.1 | 200 OK | 2.5 kB |
URL GET HTTP/1.1cowh67amx.cc/css/app.90b2c268.css IP188.114.96.1:80
File typeASCII text, with very long lines (14103), with no line terminators Hashf77fd2775c8947fdc0df8558f293278a d4fa4737213c6e5ca451403b91f48bd518e379c2 24f9596b2b8acbf069d895c45dc0265fab3fa9f6de1a2ad7f8160175e2a15d25
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/app.90b2c268.css HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cowh67amx.cc/
Cookie: cf_clearance=P5Q6_LpTxfAVOMSPAk4YJQJaW_dr53oyBWknZCLcEb8-1715197606-1.0.1.1-Z6pmnzQyJFm2_MZJc6IjW4iByXfQE7qjHgLh1CKQsu3clvocZz9EyU6qnn8F2j3U9_Pq8mk0uTKy2SYXIS7upA
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:46:59 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 14:56:46 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atlw9Wikh75%2FKw2BUPGX3YdzgI7K9DyqSqo%2BokOjhbi71VkCA9SrPl2OnqSJAbbqy4whA%2FdNAh7onDJqHqeR8LjUnuMBdrlAy0ioTqTpCI1PNRyeTMWZvlK%2FfogP%2FPE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880bf582bdf75690-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/js/app.1db39a9e.js | 188.114.96.1 | 200 OK | 24 kB |
URL GET HTTP/1.1cowh67amx.cc/js/app.1db39a9e.js IP188.114.96.1:80
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashf86ff366e79ef2626babb90ab7a7b65e c66ea96d3d286953d4b9b934f4ee79ecb4c28576 5f141ec3213931f825fec66a55a6b428a6d68846da1631a5ad7dba2e75ee9f9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/app.1db39a9e.js HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cowh67amx.cc/
Cookie: cf_clearance=P5Q6_LpTxfAVOMSPAk4YJQJaW_dr53oyBWknZCLcEb8-1715197606-1.0.1.1-Z6pmnzQyJFm2_MZJc6IjW4iByXfQE7qjHgLh1CKQsu3clvocZz9EyU6qnn8F2j3U9_Pq8mk0uTKy2SYXIS7upA
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:46:59 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 14:57:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRr%2BQYBKqZD21wBSYkOpvtRUh0nhE9YWZIHASz95clcoJqodD2Sv0bzFDZ%2BWe5TGjy%2FdvQLTaK%2BQ1zczq4xiVl2s0BwAkqAd8KLZIs7rMHinijBuVp9sOMY3JS9ADy8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880bf582ab6e7130-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1272624094:1715195991:OPgh8CSsI0IDLLQi12RiRyJTCiC5yL56lBsRJfqrsK8/880bf5376cf00afa/bd6eca46e9bbb38 | 104.17.3.184 | | 275 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1272624094:1715195991:OPgh8CSsI0IDLLQi12RiRyJTCiC5yL56lBsRJfqrsK8/880bf5376cf00afa/bd6eca46e9bbb38 IP104.17.3.184:0
File typeASCII text, with very long lines (3528), with no line terminators Size275 kB (275096 bytes) Hash8f770bb086b7ae012f5bf2e9ef00cb33 cd906e62c4fb9fc2e4c6131d9aab2588f3df5a1b cd2b3139a4cd2ef3930222f2a2d3f58dca67ad58f3bd71a5a82cb9d83984fc57
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1272624094:1715195991:OPgh8CSsI0IDLLQi12RiRyJTCiC5yL56lBsRJfqrsK8/880bf5376cf00afa/bd6eca46e9bbb38 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cgvb0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: bd6eca46e9bbb38
Content-Length: 37378
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:46:59 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: I6VFIvO0W0hCv7FIMNNlFlEg4zvZtGmjNqsN7YfoJoTW3QGW+rHr2Yhg4NYfYNcCza+EblVvkByfX5QNiWWblOhAnGVfz9DpFclQdX/zKWdeE81iBOcw7WkjnKcNlANJ$3Zv2/R9kawnESdPI1vsHKQ==
cf-chl-out-s: anrq7e3AetZtuimWNfdQow==$k10AZXv25IfXJ7ORd3I8sA==
server: cloudflare
cf-ray: 880bf57f3ccf0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.discordapp.com/attachments/1234839169017188365/1234839192706613369/dfvergr8.mp4?ex=6632311d&is=6630df9d&hm=fc2670cf2746269c1b5f212634620f0be957d0cb1307c341474af04343551fb8& | 162.159.130.233 | | 36 B |
URL cdn.discordapp.com/attachments/1234839169017188365/1234839192706613369/dfvergr8.mp4?ex=6632311d&is=6630df9d&hm=fc2670cf2746269c1b5f212634620f0be957d0cb1307c341474af04343551fb8& IP162.159.130.233:0
File typeASCII text, with no line terminators Hasha1ca4bebcd03fafbe2b06a46a694e29a ffc88125007c23ff6711147a12f9bba9c3d197ed c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65
GET /attachments/1234839169017188365/1234839192706613369/dfvergr8.mp4?ex=6632311d&is=6630df9d&hm=fc2670cf2746269c1b5f212634620f0be957d0cb1307c341474af04343551fb8& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://cowh67amx.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 08 May 2024 19:47:00 GMT
content-type: text/plain;charset=UTF-8
content-length: 36
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0gY%2FYsve%2BYtTSVvia%2FIZDUOmZIz%2B60VOJ4Pi2LFJ0j%2FyEj6n8aZgnGAzSXo13LIZ%2B%2FYZbeqIcXuoaIgwcEpUlJMGWmr6Zo9MUIUXf5XUHuow4H5eUP5sJ3JuI%2B%2FgnYwL2h2OOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=TiRGMg26BMxUDcCQdrwAI0Z4qYA_g.QisFjcNi3aPZo-1715197620-1.0.1.1-O2c4wYJLi8AtQEe5OaxvyBff6sSui5ZE_Kc3ZiG.0pqFXlrLy7s20.T8weWpxAvHQXjiJMirVkVW_emuV_h0Kg; path=/; expires=Wed, 08-May-24 20:17:00 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=FOrkEN7Z5buBfzenFn1f5xYlcZpFikjs_dSJY0uOHKI-1715197620487-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 880bf587e85f56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cowh67amx.cc/getlog | 188.114.96.1 | 200 OK | 1.2 kB |
IP188.114.96.1:80
Hashb052172264efa467a12d76d7079ff9b4 384ffd2cbba6accc3a55b0b01d51758bc401a888 d49d8867eb6d9f1cfc331f6f389cd262736e34fd00a45b275e5535dadfff92da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /getlog HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cowh67amx.cc/enter/register
Cookie: cf_clearance=P5Q6_LpTxfAVOMSPAk4YJQJaW_dr53oyBWknZCLcEb8-1715197606-1.0.1.1-Z6pmnzQyJFm2_MZJc6IjW4iByXfQE7qjHgLh1CKQsu3clvocZz9EyU6qnn8F2j3U9_Pq8mk0uTKy2SYXIS7upA; inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:47:00 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6cFhMh5sxVfR101qxFllgbGI5qtm93vxPKFH5gaZPF5NNVmvOiw%2BUtqtrosAMGNdas44OkeJb1ca0%2Ftcwu3jdZLk1LZAnBbYIiPcXyFro%2Bx0UNom79QPz%2BPB7ZaMMk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880bf58798aa56cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowbyra2.cc/socket.io/?EIO=3&transport=websocket | 172.67.191.82 | | 0 B |
URL cowbyra2.cc/socket.io/?EIO=3&transport=websocket IP172.67.191.82:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: cowbyra2.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://cowh67amx.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jDDLetjg2czn58MmbzWGkw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 08 May 2024 19:47:00 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UB8Y/wRPTp2/K2PsE/qwEzOUxYs=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDaj1TPUFjhhtiZAr6G6b5O%2BQQuB6WQ61D%2BZPfDZsvFb6E7LgP%2BSLzDaVrzOTgBPQ1LWElZg8okBy%2FOLcsJUf3vhD507hHMOIx%2FRHDuMSHgXito%2FbS8j9O9U7AhGBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880bf587fc357131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ocsp.sectigochina.com/ | 172.64.149.190 | | 472 B |
IP172.64.149.190:0
Hash12650d96eac59b7ac2f24d7ad085c8ba 89ec765ffac48207f6bf73085cd4d0cd3858bf9e 58054f19bb692f233f1c6c9667262ce6e998627ae3a60b5b0aab327c425a4d1a
POST / HTTP/1.1
Host: ocsp.sectigochina.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:47:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 12:42:44 GMT
Expires: Wed, 15 May 2024 12:42:43 GMT
Etag: "89ec765ffac48207f6bf73085cd4d0cd3858bf9e"
Cache-Control: max-age=578844,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 880bf5991afb0afa-OSL
|
|
| b.yzcdn.cn/vant/icon-demo-1126.png | 154.85.69.56 | 200 OK | 8.9 kB |
URL GET HTTP/2b.yzcdn.cn/vant/icon-demo-1126.png IP154.85.69.56:443 ASN#139057 LEGEND DYNASTY PTE. LTD.
CertificateIssuersslTrus Subject*.yzcdn.cn Fingerprint6A:A8:BA:7C:D4:B4:86:0B:74:EB:E6:19:C8:69:2E:8B:13:6C:1E:1B ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hashf87c46f346a5548224ccbe0b6bd75df5 8e8b8bd4ba3e6b6c8557d94a726061fdd62492fd b6304eb9b754d38d3ad74d0acce42c156536840351368ed3e4895a6b50cd9370
GET /vant/icon-demo-1126.png HTTP/1.1
Host: b.yzcdn.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://cowh67amx.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:47:03 GMT
content-type: image/png
content-length: 8886
server: openresty
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
access-control-max-age: 2592000
cache-control: public, max-age=2592000
content-disposition: inline; filename="icon-demo-1126.png"; filename*=utf-8''icon-demo-1126.png
content-md5: +HxG80alVIIkzL4La9dd9Q==
content-transfer-encoding: binary
etag: "Fo6Li9S6PmtshVfZSnJgYf3WJJL9"
last-modified: Mon, 26 Nov 2018 11:08:05 GMT
x-reqid: YyIAAAASg9geDiAX
x-svr: IO
x-qiniu-zone: 0
x-log: X-Log
x-ser: BC5_dx-lt-yd-zhejiang-huzhou-3-cache-7, BC165_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, BC46_DE-Frankfurt-Frankfurt-11-cache-4
x-cache: HIT from BC46_DE-Frankfurt-Frankfurt-11-cache-4(baishan)
X-Firefox-Spdy: h2
|
|
| cowh67amx.cc/img/icons/favicon.svg | 188.114.96.1 | 200 OK | 996 B |
URL GET HTTP/1.1cowh67amx.cc/img/icons/favicon.svg IP188.114.96.1:80
File typeHTML document, ASCII text, with very long lines (2706), with no line terminators Hash29727e454bb71111688ed5607ebcb153 884ccfa3a4744b660161682bdb200a637cd5f925 c250880e26a101e43065590450432206d7ab93490f6ae8803c84a93a3099b7c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icons/favicon.svg HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cowh67amx.cc/
Cookie: cf_clearance=P5Q6_LpTxfAVOMSPAk4YJQJaW_dr53oyBWknZCLcEb8-1715197606-1.0.1.1-Z6pmnzQyJFm2_MZJc6IjW4iByXfQE7qjHgLh1CKQsu3clvocZz9EyU6qnn8F2j3U9_Pq8mk0uTKy2SYXIS7upA; inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:47:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Last-Modified: Wed, 08 May 2024 16:01:59 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2FWJ3kaZWVsWTmaZ2koMz52GesHfu2lLjDpRWmI3qNTSkUVlm0LX3lYp9ALuQmR9aDWHUzbM92pW6llPcs5odlpnAmQb%2BOYcdEBR4IjW%2Bl9SnGPHt7Ogvds8w%2BdPSgU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880bf5897f84712f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/img/icons/apple-touch-icon-152x152.png | 188.114.96.1 | 200 OK | 4.0 kB |
URL GET HTTP/1.1cowh67amx.cc/img/icons/apple-touch-icon-152x152.png IP188.114.96.1:80
File typePNG image data, 152 x 152, 8-bit/color RGB, non-interlaced Hash1a034e64d80905128113e5272a5ab95e 92328e60f63d690f33cd4961b9934a539dc29b82 4d9685d610c4411caadd8d36ce94d3303cf5b05c8e04d67fc232c16a4469a135
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cowh67amx.cc/
Cookie: cf_clearance=P5Q6_LpTxfAVOMSPAk4YJQJaW_dr53oyBWknZCLcEb8-1715197606-1.0.1.1-Z6pmnzQyJFm2_MZJc6IjW4iByXfQE7qjHgLh1CKQsu3clvocZz9EyU6qnn8F2j3U9_Pq8mk0uTKy2SYXIS7upA; inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:47:05 GMT
Content-Type: image/png
Content-Length: 4046
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 14:56:53 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dk6KRsPsdBxfHC%2BERgIY%2FIt%2BsrPOfVOJmDJ0IangDPLFAlBC5Lp5RXEkqZ5dxzK%2Fj2MnBfIrlpyHd9AHH0d1rxbDk1d3z9DnPqB63t3JbGwDBlJVIgo2%2BVRCHTHlOFY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880bf5897cc056cc-OSL
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/js/chunk-vendors.ea790e22.js | 188.114.96.1 | 200 OK | 949 kB |
URL GET HTTP/1.1cowh67amx.cc/js/chunk-vendors.ea790e22.js IP188.114.96.1:80
Size949 kB (949174 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/chunk-vendors.ea790e22.js HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cowh67amx.cc/
Cookie: cf_clearance=P5Q6_LpTxfAVOMSPAk4YJQJaW_dr53oyBWknZCLcEb8-1715197606-1.0.1.1-Z6pmnzQyJFm2_MZJc6IjW4iByXfQE7qjHgLh1CKQsu3clvocZz9EyU6qnn8F2j3U9_Pq8mk0uTKy2SYXIS7upA
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:46:59 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 14:57:17 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JJ3NuwN6I7B%2BZ%2FDKD6bRhpxXHnavCeXL26TFrLcFOhb7GBnoeZ4Xe4mdjKRth3oL3BczUbMEdWZSoCrI88t6UTgzwhkWO0CV9IbWto4Tv5v45Krc6qoGfcX4mNh%2BYjo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880bf582ae1156cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowbyra2.cc/socket.io/?EIO=3&transport=websocket | 172.67.191.82 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1cowbyra2.cc/socket.io/?EIO=3&transport=websocket IP172.67.191.82:443
CertificateIssuerGoogle Trust Services LLC Subjectcowbyra2.cc Fingerprint15:9F:FC:C6:F5:44:45:D2:D0:72:39:35:6C:C0:7E:A0:DE:ED:09:BA ValidityTue, 07 May 2024 08:00:59 GMT - Mon, 05 Aug 2024 08:00:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: cowbyra2.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://cowh67amx.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jDDLetjg2czn58MmbzWGkw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 08 May 2024 19:47:00 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UB8Y/wRPTp2/K2PsE/qwEzOUxYs=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDaj1TPUFjhhtiZAr6G6b5O%2BQQuB6WQ61D%2BZPfDZsvFb6E7LgP%2BSLzDaVrzOTgBPQ1LWElZg8okBy%2FOLcsJUf3vhD507hHMOIx%2FRHDuMSHgXito%2FbS8j9O9U7AhGBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880bf587fc357131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.discordapp.com/attachments/1234839169017188365/1234839192706613369/dfvergr8.mp4?ex=6632311d&is=6630df9d&hm=fc2670cf2746269c1b5f212634620f0be957d0cb1307c341474af04343551fb8& | 162.159.130.233 | 404 Not Found | 0 B |
URL GET HTTP/2cdn.discordapp.com/attachments/1234839169017188365/1234839192706613369/dfvergr8.mp4?ex=6632311d&is=6630df9d&hm=fc2670cf2746269c1b5f212634620f0be957d0cb1307c341474af04343551fb8& IP162.159.130.233:443
CertificateIssuerCloudflare, Inc. Subjectdiscordapp.com Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39 ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /attachments/1234839169017188365/1234839192706613369/dfvergr8.mp4?ex=6632311d&is=6630df9d&hm=fc2670cf2746269c1b5f212634620f0be957d0cb1307c341474af04343551fb8& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://cowh67amx.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 08 May 2024 19:47:00 GMT
content-type: text/plain;charset=UTF-8
content-length: 36
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0gY%2FYsve%2BYtTSVvia%2FIZDUOmZIz%2B60VOJ4Pi2LFJ0j%2FyEj6n8aZgnGAzSXo13LIZ%2B%2FYZbeqIcXuoaIgwcEpUlJMGWmr6Zo9MUIUXf5XUHuow4H5eUP5sJ3JuI%2B%2FgnYwL2h2OOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=TiRGMg26BMxUDcCQdrwAI0Z4qYA_g.QisFjcNi3aPZo-1715197620-1.0.1.1-O2c4wYJLi8AtQEe5OaxvyBff6sSui5ZE_Kc3ZiG.0pqFXlrLy7s20.T8weWpxAvHQXjiJMirVkVW_emuV_h0Kg; path=/; expires=Wed, 08-May-24 20:17:00 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=FOrkEN7Z5buBfzenFn1f5xYlcZpFikjs_dSJY0uOHKI-1715197620487-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 880bf587e85f56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|