Report - diaguard.wtf/downloads/Diamorphine.exe

Report Overview

Submitted URL
diaguard.wtf/downloads/Diamorphine.exe
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-23 04:14:44
Access
public
Website Title
Just a moment...
Final URL
diaguard.wtf/downloads/Diamorphine.exe?__cf_chl_tk=975ZGdLmyI9IqN7VRVIO.ddUU3iV2S_RoPdT6Tcxf80-1713845668-0.0.1.1-1621
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-22	5.4 kB	227 kB	104.17.2.184
diaguard.wtf	unknown	2024-02-17	2024-02-17	2024-04-11	4.6 kB	693 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
diaguard.wtf/downloads/Diamorphine.exe
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET

File type
PE32+ executable (GUI) x86-64, for MS Windows, 6 sections
Size
25 kB (24576 bytes)
Hash
26c6a43ee8f11a554656a87024dd66f3
4bf185de5ed8b61fa1d402a51111bde1df680b20
88517cbd9621043c6470ad17a91270b84708be86454728422554c1e4d2bce004

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 30/71

JavaScript (69)

	URL	Size	First Seen	Last Seen
	challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit	42 kB	2024-04-18	2024-04-29
Pretty URL challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:08:49 Last Seen2024-04-29 16:17:51 Times Seen2594 Hash f94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b Loading...

	diaguard.wtf/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=878b06e18dabb50c	397 kB	2024-04-23	2024-04-23
Pretty URL diaguard.wtf/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=878b06e18dabb50c IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 06:14:45 Last Seen2024-04-23 06:14:48 Times Seen2 Hash 49cc561bfcf451348820e3fd95d39043 e4852e4a09364f9d6b580b2f9468811d84ab83de b09555aff15ea63ba513936b407b8d87afabb8ca99d3b13c4ade409b9f299ea9 Loading...

	diaguard.wtf/downloads/Diamorphine.exe	6.1 kB	2024-04-23	2024-04-23
Pretty URL diaguard.wtf/downloads/Diamorphine.exe IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 06:14:45 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 677596b0ce0062e87add2b37b3d2733d c713424ac07d01f8e5985f54e2bd7c39c4a91bae 12233d865ba1efb14e62932902dc63ed874f32f00ba0c2ae1ec3c6eb53760932 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6ad83496e6336d10db1804184bbeab35	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 6ad83496e6336d10db1804184bbeab35 455f9c00f32cbc570a8b7a095235a4d387e71cb1 d471fee4729e923e113caf100384a1ea8bc66807748882aa98f233e9db1a787d Loading...

	#2 Eval - 465c29c5c28b58e3e2f48f1051fc8339	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 465c29c5c28b58e3e2f48f1051fc8339 8f2a44f10a8b4ceecc686596b3cd618432ee5aed bd55ad1054741c705cdb8b6cb2b87efb48a23a01f8654a387eb1375332f42ee6 Loading...

	#3 Eval - 926e84050eadd0910f547144a13d3fc9	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 926e84050eadd0910f547144a13d3fc9 1981f28b035e4a20d32f6c6ff92689e36fada4a5 b20ff2666790eb328d46ef7901d80a0d6023cc98830ccb7831afa3e10480cd14 Loading...

	#4 Eval - 16a4ae7931314f409df1ab4c83d7631c	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 16a4ae7931314f409df1ab4c83d7631c a64a34c77fede3515cfb813a4b695c3b32a31aaa f389131b9042423175633f93fcf398ae56cf7741304f581f3f71d48320b5ec63 Loading...

	#5 Eval - b39814dac803fd0fe2a001b633af55d0	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash b39814dac803fd0fe2a001b633af55d0 6ef9e6fb9eca48be4b60f1510a4a5a705de33072 10e28e936104df51605896f7c62373acd75cf7b23647e6d49dcf6b2515a1698d Loading...

	#6 Eval - c8654cda8cd3c78e08e8003f8c4fb984	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash c8654cda8cd3c78e08e8003f8c4fb984 2a868126ec9e2be325f2a6175f3151451f8e6018 c777affe1f0ef11f7bd5be195720ab9fc86ea5c1a0450fcdd4ce7b1e630b92b1 Loading...

	#7 Eval - 783f22f02a8bc0268f52f906b5769301	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 783f22f02a8bc0268f52f906b5769301 2ec3f801e066e8807191f648051f5816fd42a729 deb90175d924ca5c0e3b921683d75e9c6d7989f2791cb0916b6b55114e6b515b Loading...

	#8 Eval - ce346a679c7f930cb31892a72b88717e	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash ce346a679c7f930cb31892a72b88717e 131745706a4b7418265efc799c2697f3580148d4 24fee0ee7f4e4c1d132e63dad7550c44c5652a4ed913716b2ee40a70b30532bc Loading...

	#9 Eval - 15650d2284f9cce34d1453c33c09a8e4	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 15650d2284f9cce34d1453c33c09a8e4 151f5ea6cd8112c07e45272325b6ea743a6c5b15 79ad0d157cefb51cd367ffe3a62e3a1ce9e90a8ed34555f7f23bca7cfd96eab7 Loading...

	#10 Eval - c5df12c8f6fa256c79f639cd5a950768	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash c5df12c8f6fa256c79f639cd5a950768 fb8bf93fee36ae6c0957685a8df2fdb43e14cf98 e1f9c55121f918621587a48df1c577cba25b27d6d42548850bd6493bd4dc03d8 Loading...

	#11 Eval - c7b337a4bf1a3aff14f6ec187c4fc7c7	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash c7b337a4bf1a3aff14f6ec187c4fc7c7 0e0e849adb31cf2315a6f58dc61405635a958fa0 7d973e1c4726d54fac33db66393870b027b59947395390282f3458954442777d Loading...

	#12 Eval - db6bd7ad87ab318109c65dd0df7b58fa	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash db6bd7ad87ab318109c65dd0df7b58fa e1d5c172cded09cf01979e776c94d9166e7cd95a 393512ce9baf3e9b2e647941f8a6b754bf29d2f3aba4c18abe6cd36fca2f639b Loading...

	#13 Eval - 8e5e2bf0d5ac628705b0d5eb88875974	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 8e5e2bf0d5ac628705b0d5eb88875974 fa0d3cfc0e81fbfcbb32efa6b78af271da99550e aa9e1777a7160bef4bcb64423c9ec440495b0c34b37b23ac4894a3f55bac6a82 Loading...

	#14 Eval - 06c5545834551c1f568d1bdfb7eab693	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 06c5545834551c1f568d1bdfb7eab693 319b4020785cf6f5cd3102a6ccdc87b31a3199c9 dbd1e61f317290600d1e5cae954300cd113682912f285ad61fa646e8e52bcb9f Loading...

	#15 Eval - 39a6cc1831a55b5e30ce7dedf34f1c78	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 39a6cc1831a55b5e30ce7dedf34f1c78 a1c3481c129071b3a6ac33340e731f407ae8ff66 8016e09820d9efc5e8cbb1989258e3c799a6b08d5ef40ee52a0e1306e4b08512 Loading...

	#16 Eval - b0f62add419370daf4afd164ed3a9f12	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash b0f62add419370daf4afd164ed3a9f12 3e4b3c3ee8c9d79078593fd8d4c445f5c43a60bd 53a8d2daa531611c4746f3b79c73b7e744109cbd577ea9647f464bc136e78f96 Loading...

	#17 Eval - 9698052dbb901617e8c89995bb9127a0	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 9698052dbb901617e8c89995bb9127a0 8d955ee477200f941e5ca1bac15481038e1df796 b06c819156604d8d1ecdfddc2be083bfc47c619319ed1759fe8883ed23e3802d Loading...

	#18 Eval - 3afb56ce9cd7b85555036dc1edcf2a99	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 3afb56ce9cd7b85555036dc1edcf2a99 e7ef0c36a7d0b74ced65c24ec6785ffbcf380566 45865ce9f2019f67e9d267348bb90171e9da3caace3c994885756e05fde336d7 Loading...

	#19 Eval - 58141c14eabfecbe8d87011e17550759	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 58141c14eabfecbe8d87011e17550759 8f98d83a579417fec5ea2b43028d3f9a133caef9 83f44fd2ee2b12fe4eb73607e8882cb751069774562eb05850700742968355d4 Loading...

	#20 Eval - ede6ebd8e25bc66026b13d000a619b27	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash ede6ebd8e25bc66026b13d000a619b27 d47691a0cc5eace2eaffca19b8c80bc21178f8e9 a0dc33830bbc72943224b330b3abf46828c3afa637c76b9f6d55dd7dd8c42ff8 Loading...

	#21 Eval - 7ce7bd000d6b87b3f1bd3d588e618201	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 7ce7bd000d6b87b3f1bd3d588e618201 90f313b490499c84d9980a32604be925f89e9519 3a669b16b4f2eb6881f641c1f0ba55e365fd3eaa811f3bf19299bb195561ea3a Loading...

	#22 Eval - 76a7f21b5f3b3cb09b0f9896172f02ed	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 76a7f21b5f3b3cb09b0f9896172f02ed 0abc6052acee0502ec7c99b3dd4526e3ad8f50a1 30201e506508325d49a3fc2c96246d2735b5d151a72ef916557003a30159609f Loading...

	#23 Eval - 25b1c179a70f8f1d0e5bbc03a3852712	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 25b1c179a70f8f1d0e5bbc03a3852712 4658494736daed2e59aaef882dd09b0e089ab516 fa5d19e93b23061b0ebd5c8e72c4655a0fc7ca5c54494966fbab4cffa3c2b5e3 Loading...

	#24 Eval - fd768ef1cb7d6d5e374945e11ac0fcbd	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash fd768ef1cb7d6d5e374945e11ac0fcbd 19ebf28b1b60b5f64c021980bf60e55187178491 f9cd35d2fe372d78aeabf9d82c9c9e965bc88905bc3177cd80ea6d513edc57b6 Loading...

	#25 Eval - 2a450fb406848e6c6ec5ee14f613f736	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 2a450fb406848e6c6ec5ee14f613f736 3fa184be7d6de5fd20b7189586abe8d397fa68bd 7880711497ac50800e3e25e0e48249fc7552a4772e68979353c0fd17ed11c662 Loading...

	#26 Eval - 34949d3aa90e10ee26cdae7a3f1d5eac	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 34949d3aa90e10ee26cdae7a3f1d5eac e0e475bad3b433d845df036b156694048f224241 64f8733c98583fd21bdf74e64f86c477201bcfe072b5afcf3639a75467116351 Loading...

	#27 Eval - 3ae22286ebb6b0df39f49c44db4e8334	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 3ae22286ebb6b0df39f49c44db4e8334 9c2a8d156cd1c74c34dfe36480694070d0515d38 4e32ad78a06c8534fb3c50733e0b8a05563716d25e2cfe62c933a24a4a8b36a1 Loading...

	#28 Eval - f2a9b09c9899f8113ca84740aab545e5	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash f2a9b09c9899f8113ca84740aab545e5 8245e80e84d52a3dddcf8336759c23923fada6a0 4efd2bf686fbe2bd53c300577689013b09e2f2041025847b133affb736576566 Loading...

	#29 Eval - b4e80391e5afc8052a493240f7f0c21c	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash b4e80391e5afc8052a493240f7f0c21c 2cced962d8c1d733675cfb35e5b666d6b4edbb26 d204e3d99648f867d4ab44e380cae3610da409901e58280cd1c665c1201f8848 Loading...

	#30 Eval - d66f53f22ff150ec62b0f93fb1c5b929	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash d66f53f22ff150ec62b0f93fb1c5b929 c2c2b32bca9bb96feb020a4fd944a2b39bc99122 f8f60c023ac0ec8e8218f26fe55f739edad273bfe57486b67f1791ebeedfe52b Loading...

	#31 Eval - 029654414d9051de83c3dcde7dffdb70	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 029654414d9051de83c3dcde7dffdb70 03d8a98356f36c6e03e2a89d6a8ae46a15977a90 b60827c269365b39957ea85ec5c6e2e6395f2ee668eaa4ea8fb29d89226f3c0e Loading...

	#32 Eval - 7ca1408560e8920e39fdcd452374468d	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 7ca1408560e8920e39fdcd452374468d e4015c3335a4fc094d80d049064cc11d1350e811 c479b9a9bb0fbff322c4c67bf8b6abc55028e6e0dd5af7a79b34d263d827901b Loading...

	#33 Eval - e34f794ff19041c0daf755602b41211e	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash e34f794ff19041c0daf755602b41211e 141dde2ae7ca71ea3dc110af21b3da518ac2925d a4caa1c2ae15c99e9cef09469f3295af520329b1791422fb5ede0702bb943e34 Loading...

	#34 Eval - 1a2b2ea5a43ae644e2c775e351a96875	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 1a2b2ea5a43ae644e2c775e351a96875 6ae22bfe0ade0c949a1c207bdbd12c7ce8adbfe2 90b5a7bcd968a34cb08144d31446aba812c3e13f81a0299eda4b82ffc6f8bdee Loading...

	#35 Eval - 9db4a31d9c91efe62091a8c287d6a286	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:46 Last Seen2024-04-23 06:14:46 Times Seen1 Hash 9db4a31d9c91efe62091a8c287d6a286 06910d16786a338a8393654fc2a6bbfccd6ca922 5d793f0e2cbc3966c7f2f64488d06bd6400ca837f5b57cff25e24ed74f19bfcf Loading...

	#36 Eval - fb44b1403fce87ba30898a2003f06553	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash fb44b1403fce87ba30898a2003f06553 6c3ee5fc34ed59c19b53b90510051c5ce5a3a543 1d67d6e96dd052ac0f24c51ef08005e7a65f62890bfc99e9301b5b70567a6766 Loading...

	#37 Eval - 4e693d985039b60de3198f43447fd9ca	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 4e693d985039b60de3198f43447fd9ca 5f5f4f6f65393461b6e53734f1c196d73d9fac19 fb5a3c2d2b63e838f72649eb27341d403ad06a7bb2f7b56a0046f57bc988cdc7 Loading...

	#38 Eval - 2c7fcf494060481648259aca0140f680	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 2c7fcf494060481648259aca0140f680 ef777d0f86faee13e1b2b1c2fd390c97a9c975ba f8ad9fa061ec2bc551d96308ccea67c25979c95bddca9e283c787f973671e3ad Loading...

	#39 Eval - 90248de85e66932e10a3c819655eb5a5	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 90248de85e66932e10a3c819655eb5a5 258fd37b73c2db3340cb670993ae4f225809e6c2 b7e69431d16faa918797cde9a01b7662a449b88fd7418ad04be3f61d8ea6fd09 Loading...

	#40 Eval - 20edd5dcf86e1c9a7448a78eeacb42e5	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 20edd5dcf86e1c9a7448a78eeacb42e5 547ebd4492caaa9a9016cee79f37c23911cf8e16 590c7755a94f238bca557c81c3830559459711d9556e4f1a08322c1a43400769 Loading...

	#41 Eval - 99f8e5ba5de662a9ad68d572b86aa171	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 99f8e5ba5de662a9ad68d572b86aa171 2109529b166c8ece72f3e40c7204ee66fbe90198 4a6699f37ce3729c10ca84cc44bf8ed784b68d21fc61210df7bfd3b12941cd7c Loading...

	#42 Eval - 80df7c7b76f13fd5d8745916df3d8920	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 80df7c7b76f13fd5d8745916df3d8920 5422145785febbb36ba3a49cf00c954f1d6b712d 54b6f98a2ef81204e56052dd60aa5c5f2633adb3778da62c0359c86cbfd01a20 Loading...

	#43 Eval - 43c81e43a6e7d9140033055ff3e04983	62 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 21:08:51 Last Seen2024-04-29 16:17:50 Times Seen2736 Hash 43c81e43a6e7d9140033055ff3e04983 b0eca03913678cb38c488c7c79cc4f9d2755ea17 3f7ef931c657c4333a401c40e8b0b8d1ff3b164542af45e14242314c0ec39f34 Loading...

	#44 Eval - 924193e90941c28d1c4441b23e6fdafb	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 924193e90941c28d1c4441b23e6fdafb 7629c22b57a664fe0265965a02a6ec2f76d12ae9 19f05a5bb399a7d5f0a0253e7fcbafd64cec723efe0c2974b9c20d6777fae630 Loading...

	#45 Eval - 7173171c8c46a5d1ca47396462b3eabe	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 7173171c8c46a5d1ca47396462b3eabe 39d03beb8e895ead62df1117810c696d319c8baf da3a65ea769b3c5738ff4344ce2581063539bd0c3663e03460d30f71f138db3c Loading...

	#46 Eval - bbfd6b4caea02ce87cc79d96dabce543	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash bbfd6b4caea02ce87cc79d96dabce543 8dd5d2ce14d470e8a4a78b2771e65485d6a50819 35afa7ebf390208da785bfb9e61c85fe3d738fbada607022afa21617e8276488 Loading...

	#47 Eval - c159defce581e00647696b09cf0fcdbd	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash c159defce581e00647696b09cf0fcdbd f209bc4cda9ec54004cba50d59db17b5086fc4cd 013bb983e373b4cacda4d45fa90dc6d31b3cdceb742f78bad1f857dc2f5f885e Loading...

	#48 Eval - 23759ee7daac66d57832ca741c65687b	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 23759ee7daac66d57832ca741c65687b a7f5c4abda73598390850a041ac5102e80f8bbca 8ec1504cb8de88a8d83e27816cd354b6f14f20a2891fc6a360dcf4c7d834970a Loading...

	#49 Eval - b0d7d610890a63fb23f8310cd76c217d	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash b0d7d610890a63fb23f8310cd76c217d ff2df4031335656b05c79d5a0a9916fb874b5f94 136f702c1c4a70a5637253052e86b60f325d975c68bf62c25486046582e43428 Loading...

	#50 Eval - e3bac9dae8f159b9764b272bef830a38	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash e3bac9dae8f159b9764b272bef830a38 7ae13740d74be90438061f77c85b962b3bf88556 a526e086fe63ba4ca25401335e1a6015952ed2433430acb7c98006809c1778c0 Loading...

	#51 Eval - 1e268c1999aef1dcddba059152ba9770	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 1e268c1999aef1dcddba059152ba9770 0aa22aec1e9121f6d26ef61080e0032aa4a32e62 4433b74264f6a762032177f94aad681c412e94eba1407ca0dd5f5a8de1ad44c4 Loading...

	#52 Eval - 9fefab14be660d427f91b6a85ec19fd7	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 9fefab14be660d427f91b6a85ec19fd7 959d79e2bca72764c1fa420ba83efc5554fa7876 8204804e1780ae0a687f6c4606231ff7ec8b5c9d2cd01d42ba57fb524a669b27 Loading...

	#53 Eval - 2310ab56ca4897cec6e228d58184c5f5	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 2310ab56ca4897cec6e228d58184c5f5 658b4ef899a186e4b31de47f018e0182400016c1 18e660dbd5b9226f4025fe11a464eea70ab59c19b60599545b081ae1d8843089 Loading...

	#54 Eval - 21f758fb1bdf5119e0298ff9927de2b4	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 21f758fb1bdf5119e0298ff9927de2b4 e34552198c7013dffa0bc8b014d7627944fef2ee e3f113c337038e6f8b603dbdc63948d443d0bc379f75c60a77340c0fefe1b567 Loading...

	#55 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-03
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-03 21:07:30 Times Seen351441 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#56 Eval - 9670ac2b245fc6fa6305281ff93d2454	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 9670ac2b245fc6fa6305281ff93d2454 71d776e37d044547b3483987c38f1b21414bc0e7 bc441748659c7c129722221d5b3c863056e595367616fab5ffe965a636fa0690 Loading...

	#57 Eval - d994ce7a6d39b0a57a79d5a85fe4dc1f	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash d994ce7a6d39b0a57a79d5a85fe4dc1f 8956cd1998de0e8a842e1e7907a2a96dbe7a616e 1fc74fe115f36cb3a4649662cc17f91edb3e4d4125d9923c88cc502ff0933dd9 Loading...

	#58 Eval - 64f04c1bf4b2a113afaecde4cc9e081a	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 64f04c1bf4b2a113afaecde4cc9e081a 01c1171cce2f345d41dd3f301f38fbac2097eba2 2304157a20a4f68d66aa37c29d2899ec6207c41a74b51c69de51dd3a9956a7ce Loading...

	#59 Eval - 1afe225eb6f88ef8d3e269efdd869c21	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 1afe225eb6f88ef8d3e269efdd869c21 608700871f50a4d108cfb8731ac0da8c658bbbbd 0e07ff635f72b31aae7567a04b6dc54c94f93b419d0a2efaf2898a719144f2c9 Loading...

	#60 Eval - 2cdbc7197b1822baf825774309699c04	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 2cdbc7197b1822baf825774309699c04 cf6eb15f1aeb4994c1791bed0c749b1eafe4aa74 c9ecce6d6bea34f621a42d5451a1e86c6c5b16bf656e7b191df10d46f2393cd1 Loading...

	#61 Eval - 529a0a1ee45ef51d0b749c9384b57c88	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 529a0a1ee45ef51d0b749c9384b57c88 8f551aa34e3c77f600b47c6773fa9b839cb6158c 234f43094a3fd27984cd93b799823c08b091cddd706d9437400f231532dc472f Loading...

	#62 Eval - e02962b2b1aa147bc2be83d0d6381c04	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash e02962b2b1aa147bc2be83d0d6381c04 ec4f4c875576d320510c76cefdea48e5f471ada5 b6d45b63032e93637177bfd604a87c77ca80971f1db517b5d7171dfc25fecbca Loading...

	#63 Eval - eccc30fca81ad366f2e597e18190b0eb	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash eccc30fca81ad366f2e597e18190b0eb d031f7c4321c73bebf8373b5e1c9f61402e4eab7 c43e787bff2f0d973975d78dc3a00cd4a4009cb82ad5657084203a3fa6342252 Loading...

	#64 Eval - 948930c848553ee7844821a192d1054c	549 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 948930c848553ee7844821a192d1054c d87543b2ec06a6fe11511ea812e6688d37ca0234 eced29d10e9cdc0006845166349575bd97349a64c07462729082ddcaa3f9b78d Loading...

	#65 Eval - 82d95470470ea7906f167a621f5c54ae	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 82d95470470ea7906f167a621f5c54ae 2cc5bfa390e1c84f674c5384c416b912f051ff1b 57e70249260a353ab9c564bc6e408d332597b9455cb93366632cc84e3dd4b5e4 Loading...

	#66 Eval - 47c1c37e79b60afc4ae9d28a6f132b1a	28 B	2024-04-23	2024-04-23
Pretty Observations First Seen2024-04-23 06:14:47 Last Seen2024-04-23 06:14:47 Times Seen1 Hash 47c1c37e79b60afc4ae9d28a6f132b1a d103a2401efb50fb17b16c51f3399e25c795535c d2c4603b0065dab8cec75817112f0710b2c56b161695cd0f90319e282a8ad4c8 Loading...

HTTP Transactions (15)

URL IP Response Size

diaguard.wtf/downloads/Diamorphine.exe

188.114.96.1

200 OK

167 B

URL User Request POST HTTP/3
diaguard.wtf/downloads/Diamorphine.exe
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectdiaguard.wtf
FingerprintD8:23:D9:42:86:F7:50:2D:C9:30:4C:D4:DD:AF:DD:3A:D4:7C:58:4E
ValidityTue, 16 Apr 2024 04:34:52 GMT - Mon, 15 Jul 2024 04:34:51 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /downloads/Diamorphine.exe HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 23 Apr 2024 04:14:18 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 23 Apr 2024 05:14:18 GMT
Location: https://diaguard.wtf/downloads/Diamorphine.exe
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JMWx6vfDM9Mq0AoB3Se2OzC%2BgpgSJNZFb6EG64LFBUz7jpb%2BISirfv0QrKmbs14%2BGqU6A6or5peJeglKNPAkV5lqaAxejKRBVH1u3mH9XzvT2v1BY%2FUD9jHWLESaSdc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 878b06a49beeb517-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ikii/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 04:14:18 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 878b06a81ac90b45-OSL
alt-svc: h3=":443"; ma=86400

diaguard.wtf/cdn-cgi/challenge-platform/h/b/flow/ov1/1159301831:1713841962:fFM4k_gOfmnWbGW7tcTKjL8CUoaXMlNwIz9Z_AzppNI/878b06a4b80bb50c/d6b26545bc38fdc

188.114.96.1

15 kB

URL
diaguard.wtf/cdn-cgi/challenge-platform/h/b/flow/ov1/1159301831:1713841962:fFM4k_gOfmnWbGW7tcTKjL8CUoaXMlNwIz9Z_AzppNI/878b06a4b80bb50c/d6b26545bc38fdc
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectdiaguard.wtf
FingerprintD8:23:D9:42:86:F7:50:2D:C9:30:4C:D4:DD:AF:DD:3A:D4:7C:58:4E
ValidityTue, 16 Apr 2024 04:34:52 GMT - Mon, 15 Jul 2024 04:34:51 GMT

File type
ASCII text, with very long lines (15928), with no line terminators
Size
15 kB (15222 bytes)
Hash
ac7860e5af17b17c9836ada14ce19f00
3cc2f2f786fa94192ab213c35457d23e2089c5dd
1e90655cab84459b0e51adbbe1fbd89c173520eb6b59f1a3b910268abde7e9b6

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1159301831:1713841962:fFM4k_gOfmnWbGW7tcTKjL8CUoaXMlNwIz9Z_AzppNI/878b06a4b80bb50c/d6b26545bc38fdc HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe
Content-type: application/x-www-form-urlencoded
CF-Challenge: d6b26545bc38fdc
Content-Length: 1907
Origin: https://diaguard.wtf
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=d6b26545bc38fdc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 04:14:18 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: k1TjBrCPbCenlTo4Njuh9icHufKrmCD3xD6XqEkZW7O+82bITHBLHMHwJ/nYCCaY$vSo2xwfkHa2YQOak0rLXTg==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AlQeLIljoz%2F%2BMTVCbblPKqsB65zRQQgwzdwOV41E3aogKE6cIjgtM7FbbjpV0w8ftKDKUS3guRu7uElDUIgqPnB%2BaOmIqohy%2FbvUNBaRtzarFAIyUicp0Jr4YxFTf18%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 878b06a6f90eb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit

104.17.2.184

200 OK

15 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://diaguard.wtf/downloads/Diamorphine.exe
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
15 kB (14771 bytes)
Hash
f94a2211ce789a95a7c67e8c660d63e8
f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f
926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b

HTTP Headers

GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://diaguard.wtf
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 04:14:18 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 878b06a64d640b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/921477966:1713842055:Zb2jMQm4BgV3Sy1TO9cTMg94ZDClt1_nVol5tsqGy40/878b06a7baa50b45/65846ea1b9e4df1

104.17.2.184

96 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/921477966:1713842055:Zb2jMQm4BgV3Sy1TO9cTMg94ZDClt1_nVol5tsqGy40/878b06a7baa50b45/65846ea1b9e4df1
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
96 kB (96088 bytes)
Hash
6d18008f61f6f59dd1e35647e9e8a31d
7fc7fdc46ef8fef372143d365ac1d77140f312aa
6ee896841c59fee419c2e8bbda84da9dd535f42a4ace91b6479c745ca2d42365

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/921477966:1713842055:Zb2jMQm4BgV3Sy1TO9cTMg94ZDClt1_nVol5tsqGy40/878b06a7baa50b45/65846ea1b9e4df1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ikii/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 65846ea1b9e4df1
Content-Length: 3384
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 04:14:19 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: pWVBjvyOn8JHs44ObGYNJK7cq/VVxqrgqELNJ5ZLYdDV/mB02AuSj4reCIeJUzWZjv2fNvjvkg8/3ZT85ZTQPfqlKPygjqHvjKDcdzA4vA0nIUwzn73+sgmeOYaBHGMRa+gZWpLqX2d0unPcZGLeETzJCXIJKpUoEKYEPbiZWgG39EBcHySqH36WuicpUAGAiRJ6MoV0LY41HW/IDkuMLspsYVrN2HWyee0XV8u9XR3fXTu4eURBvFxD+JCujEFLdPsgrt8Ujk0KMFhLtpQmwPJWDpTD+ir1qN+ApzTTa0Noc6RO1hpysptzjFlawhyzm8mDhy7aViEWSjkGkHjEgjDQO2mnv3X6k9i3bZl5aPowZaS/MBMmrPaUZNqACDvM$sJcGzImW0XmlAbZjUQbLtw==
vary: accept-encoding
server: cloudflare
cf-ray: 878b06aa0b1e0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/878b06a7baa50b45/1713845659222/oCzKpX8q5QKg42v

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/878b06a7baa50b45/1713845659222/oCzKpX8q5QKg42v
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 85 x 52, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
f14737b6eef3032313a47c0e88411f50
a2f16bce4fa5294736a97c3a36ed0f68465ebd22
091e6b114c4caece81b9d2ebe1e6b6bd4bb7db994bd26ddf998d0fa6b744db16

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/878b06a7baa50b45/1713845659222/oCzKpX8q5QKg42v HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ikii/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 04:14:20 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 878b06b0ecd50b45-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/921477966:1713842055:Zb2jMQm4BgV3Sy1TO9cTMg94ZDClt1_nVol5tsqGy40/878b06a7baa50b45/65846ea1b9e4df1

104.17.2.184

8.9 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/921477966:1713842055:Zb2jMQm4BgV3Sy1TO9cTMg94ZDClt1_nVol5tsqGy40/878b06a7baa50b45/65846ea1b9e4df1
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (968), with no line terminators
Size
8.9 kB (8899 bytes)
Hash
708a7f5da08754df91f0962b3857d320
b2092d3f72371e8846aea1f3b7d5bab83f056f34
47c04618da9d06d4db1b5631406948ad2caba797742570c4b63fa93938691a9f

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/921477966:1713842055:Zb2jMQm4BgV3Sy1TO9cTMg94ZDClt1_nVol5tsqGy40/878b06a7baa50b45/65846ea1b9e4df1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ikii/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 65846ea1b9e4df1
Content-Length: 38640
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 04:14:25 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: oQr2hN9aYyRoRKU13PGnwUb/QtiamOBUuPAQ2h0WDY1Cm5wHRCoSx7QUjxxUvwINHO/x/o2uA8uVzpikYZbQScA/oxaEEl12tcHv3yrWjlY=$UyjpnTElZyrgMJ2HlIn1Cg==
cf-chl-out-s: LIdB41l675ez/j8VHT8laXdCbmrTHxaB5mtjDM3bw1PiZ4x0HjfYtNnW9vrNe0KIn/pVBM57TQcUyIh6219iP6SQR2GbiYpmo6PqAASlc3m6aHErbfi5Xcq3p5FQMMiSdA5rxq9Ys6UF1xfTBDAdvw==$9VglKkaI8K21UW8sdp1btw==
vary: accept-encoding
server: cloudflare
cf-ray: 878b06d44eea0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/921477966:1713842055:Zb2jMQm4BgV3Sy1TO9cTMg94ZDClt1_nVol5tsqGy40/878b06a7baa50b45/65846ea1b9e4df1

104.17.2.184

22 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/921477966:1713842055:Zb2jMQm4BgV3Sy1TO9cTMg94ZDClt1_nVol5tsqGy40/878b06a7baa50b45/65846ea1b9e4df1
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (22540), with no line terminators
Size
22 kB (21584 bytes)
Hash
c2fdb2ab102307cdbe3848a2d7ad718a
5638f396ed4bf0ae190f97a29cfce05ec2b3f6e9
ded8595b86e698b44ec4c8a95f665863d0c8c7ea7d926501a594265100a426fa

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/921477966:1713842055:Zb2jMQm4BgV3Sy1TO9cTMg94ZDClt1_nVol5tsqGy40/878b06a7baa50b45/65846ea1b9e4df1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ikii/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 65846ea1b9e4df1
Content-Length: 26058
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 04:14:20 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: HVexqqb0bnkKHdvKJ4KPaboA4GbekrM5dE+fiA18YlI81QHqmUFAboxp/KjdTXHN$9FCqEJANtcjfyD/i4lSIJw==
vary: accept-encoding
server: cloudflare
cf-ray: 878b06b20d550b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

diaguard.wtf/favicon.ico

188.114.96.1

216 kB

URL
diaguard.wtf/favicon.ico
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectdiaguard.wtf
FingerprintD8:23:D9:42:86:F7:50:2D:C9:30:4C:D4:DD:AF:DD:3A:D4:7C:58:4E
ValidityTue, 16 Apr 2024 04:34:52 GMT - Mon, 15 Jul 2024 04:34:51 GMT

File type
HTML document, ASCII text, with very long lines (15887), with no line terminators
Size
216 kB (215732 bytes)
Hash
b8c0649d61301873030cf9cd4dd3861c
bbec267d355064bba8c3b90adfb92dc0ba978254
b3817237c98e72bd8dfb7eb1c5d51ed47d8b98a0f2a3c2074316594d1b1a0f94

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe?__cf_chl_rt_tk=975ZGdLmyI9IqN7VRVIO.ddUU3iV2S_RoPdT6Tcxf80-1713845668-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=d6b26545bc38fdc; cf_chl_rc_m=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
date: Tue, 23 Apr 2024 04:14:28 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: J3/vMdNWLZiHLU3Z1CFTQZLnHQwd9pqpj4im1WVyk4uWNMnRR2dy8Miq+/9Ec7MMsagjsi0+pmLzyhxDpKOlgEcGDhkJnWu6mzzEy4OJXvul3iGPHpaDTmt5XSfPNpO83KmbUSxJXhnLyVo4snOang==$t6EUtcKcfb5Fwl/Sv4Ps3A==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9w18mVu92yVMGMvdGcEVIvg9lkQj2xJbJg%2Fi1fON7Qf%2BXoU%2BCvGDJsNqjqvYPd%2FldRkeJRR9KvKMZmA4y9YIbGjeet41eVAxt6S%2FCJyERDjn4C%2FY4VvJz12sEXyqxT8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 878b06e23df6b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

diaguard.wtf/cdn-cgi/challenge-platform/h/b/flow/ov1/1159301831:1713841962:fFM4k_gOfmnWbGW7tcTKjL8CUoaXMlNwIz9Z_AzppNI/878b06a4b80bb50c/d6b26545bc38fdc

188.114.96.1

8.0 kB

URL
diaguard.wtf/cdn-cgi/challenge-platform/h/b/flow/ov1/1159301831:1713841962:fFM4k_gOfmnWbGW7tcTKjL8CUoaXMlNwIz9Z_AzppNI/878b06a4b80bb50c/d6b26545bc38fdc
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectdiaguard.wtf
FingerprintD8:23:D9:42:86:F7:50:2D:C9:30:4C:D4:DD:AF:DD:3A:D4:7C:58:4E
ValidityTue, 16 Apr 2024 04:34:52 GMT - Mon, 15 Jul 2024 04:34:51 GMT

File type
ASCII text, with very long lines (2332), with no line terminators
Size
8.0 kB (7956 bytes)
Hash
5b933bfb46b457ba9cc21bb78a9ae9ac
02394633294e735e0f3a5a1ccbd0bf82290f54f6
5a7e9058097878d692ee9b251b40bffc48dcf7dd5e84f205172fc27244eaedde

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1159301831:1713841962:fFM4k_gOfmnWbGW7tcTKjL8CUoaXMlNwIz9Z_AzppNI/878b06a4b80bb50c/d6b26545bc38fdc HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe
Content-type: application/x-www-form-urlencoded
CF-Challenge: d6b26545bc38fdc
Content-Length: 2545
Origin: https://diaguard.wtf
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=d6b26545bc38fdc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 04:14:26 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: wx9jtoJoGX6dMMCyAmMYhl/sBvDCm49NV2pZGowvleYLxKGcoVEAm6MX2fLqXnUJVy/wGukzod+4c9GXhwPeQTMeMLDVTFOFR3xmRTYqHJE=$hek6c4PwL6hycdD6MSLTWQ==
cf-chl-out-s: t/IwOYoWvBpNLmRurRo80R2WzWRm3a58L9CZMzBBXa/MUhyyTJ2UeqHVo1YA0WiEA4WBf+9XLpC0NOPe2GGHcEUK2g6fSSL7AgUCECPXB/c=$PdhuduWmJu7CO0L6K0MhDg==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdYRqu8U2NzmXaGQ%2FVXxaGMOq6JWg90rfFUNuDJDnv84lA7AYuEwVkLt0P0DV1UjzdAYfSu4IYP69e9LZ8z2gsATIvXyQFjS0X4EkD7lKQPxkIntdKXPWso9EeLqDv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 878b06d4bf13b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/878b06e40aee0b45/1713845668853/9cd853baaf7d977755711b2808e8cf399824bbb32a2bbc1cb6217a1dc0e4b392/5uS44jPDIcNGSeH

104.17.2.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/878b06e40aee0b45/1713845668853/9cd853baaf7d977755711b2808e8cf399824bbb32a2bbc1cb6217a1dc0e4b392/5uS44jPDIcNGSeH
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/878b06e40aee0b45/1713845668853/9cd853baaf7d977755711b2808e8cf399824bbb32a2bbc1cb6217a1dc0e4b392/5uS44jPDIcNGSeH HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t2wi0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Tue, 23 Apr 2024 04:14:30 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gnNhTuq99l3dVcRsoCOjPOZgku7MqK7wctiF6HcDks5IAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIJzYU7qvfZd3VXEbKAjozzmYJLuzKiu8HLYheh3A5LOSABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 878b06eeae950b45-OSL
alt-svc: h3=":443"; ma=86400

diaguard.wtf/cdn-cgi/challenge-platform/h/b/flow/ov1/2074095404:1713841957:BJFT49Z18cZSAFbYX4m73Tdq8eLOyA2bmupdDdXA9FA/878b06e18dabb50c/962059c9a65491e

188.114.96.1

200 OK

26 kB

URL POST HTTP/3
diaguard.wtf/cdn-cgi/challenge-platform/h/b/flow/ov1/2074095404:1713841957:BJFT49Z18cZSAFbYX4m73Tdq8eLOyA2bmupdDdXA9FA/878b06e18dabb50c/962059c9a65491e
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://diaguard.wtf/downloads/Diamorphine.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectdiaguard.wtf
FingerprintD8:23:D9:42:86:F7:50:2D:C9:30:4C:D4:DD:AF:DD:3A:D4:7C:58:4E
ValidityTue, 16 Apr 2024 04:34:52 GMT - Mon, 15 Jul 2024 04:34:51 GMT

File type
ASCII text, with very long lines (15936), with no line terminators
Size
26 kB (25804 bytes)
Hash
58a1f564dee3022267df1512c6228ff7
73ddf526ed34c5b18ab656e8f32e50896e06883a
513328b4072dce5e4cfb985de24604185dac77bc45a157736084a1e51644f70f

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2074095404:1713841957:BJFT49Z18cZSAFbYX4m73Tdq8eLOyA2bmupdDdXA9FA/878b06e18dabb50c/962059c9a65491e HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe
Content-type: application/x-www-form-urlencoded
CF-Challenge: 962059c9a65491e
Content-Length: 1889
Origin: https://diaguard.wtf
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=962059c9a65491e; cf_chl_rc_m=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 04:14:28 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: zGeQX8E/wpkiCM3cPYCuMYFvWbL6Oem/Uax4hEeZxORt3wV//GngViIvawPDJAte$F36n4RLna/naExRXLD9k7g==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1qX1UqE5Rwd6Pt0uSyWg0bKZ2k%2BINq6cfu3LCNpA0JMr9EBoVh%2FDlAtg1Sv8kEOUgyYAAuZRibld5VzEL%2F%2BgznIz%2FgUWLXEEC2BAZaRlXoF9p6LVFPQoL5HHLiBnESQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 878b06e34e43b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

diaguard.wtf/downloads/Diamorphine.exe

188.114.96.1

200 OK

25 kB

URL User Request POST HTTP/3
diaguard.wtf/downloads/Diamorphine.exe
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectdiaguard.wtf
FingerprintD8:23:D9:42:86:F7:50:2D:C9:30:4C:D4:DD:AF:DD:3A:D4:7C:58:4E
ValidityTue, 16 Apr 2024 04:34:52 GMT - Mon, 15 Jul 2024 04:34:51 GMT

File type
PE32+ executable (GUI) x86-64, for MS Windows, 6 sections
Size
25 kB (24576 bytes)
Hash
26c6a43ee8f11a554656a87024dd66f3
4bf185de5ed8b61fa1d402a51111bde1df680b20
88517cbd9621043c6470ad17a91270b84708be86454728422554c1e4d2bce004

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 30/71

HTTP Headers

POST /downloads/Diamorphine.exe HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe?__cf_chl_tk=975ZGdLmyI9IqN7VRVIO.ddUU3iV2S_RoPdT6Tcxf80-1713845668-0.0.1.1-1621
Content-Type: application/x-www-form-urlencoded
Content-Length: 4092
Origin: https://diaguard.wtf
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=962059c9a65491e; cf_chl_rc_m=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 04:14:34 GMT
content-type: application/x-msdos-program
content-length: 24576
set-cookie: cf_chl_3=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.diaguard.wtf; Secure
cf_chl_rc_m=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.diaguard.wtf; Secure
cf_clearance=F_QAFCqM9oY1P3mo5ehcsa.V8zl7sXZla.MgpEoXss4-1713845668-1.0.1.1-mZRIgT4x2AaBewSjMZgqG9LQzU.mb634n4WHOfR3C.tFXsKhedil1NQX4u4BJGAl0vV3CS1ostOpaaqwFLM3Zg; path=/; expires=Wed, 23-Apr-25 04:14:33 GMT; domain=.diaguard.wtf; HttpOnly; Secure; SameSite=None
last-modified: Fri, 15 Mar 2024 11:26:22 GMT
etag: "6000-613b14712f8f2"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WxoAwtDXYnpI1CdbTEIzY%2F0pXio%2BqSujBg0S1dMlDVpp64HmH5GRHSner89bfElD2D4Gq0jcsxIChKLhXk9SWLhyoUl6Zyi8TjTGtd6Dz3Clkke%2BqPlI%2FZEFFTj9hhs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 878b07060d5db50c-OSL
alt-svc: h3=":443"; ma=86400

diaguard.wtf/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=878b06e18dabb50c

188.114.96.1

200 OK

397 kB

URL GET HTTP/3
diaguard.wtf/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=878b06e18dabb50c
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://diaguard.wtf/downloads/Diamorphine.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectdiaguard.wtf
FingerprintD8:23:D9:42:86:F7:50:2D:C9:30:4C:D4:DD:AF:DD:3A:D4:7C:58:4E
ValidityTue, 16 Apr 2024 04:34:52 GMT - Mon, 15 Jul 2024 04:34:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
397 kB (397323 bytes)
Hash
49cc561bfcf451348820e3fd95d39043
e4852e4a09364f9d6b580b2f9468811d84ab83de
b09555aff15ea63ba513936b407b8d87afabb8ca99d3b13c4ade409b9f299ea9

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=878b06e18dabb50c HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe?__cf_chl_rt_tk=975ZGdLmyI9IqN7VRVIO.ddUU3iV2S_RoPdT6Tcxf80-1713845668-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=d6b26545bc38fdc; cf_chl_rc_m=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 Apr 2024 04:14:28 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqQEyy3fVRvn9OhlCJ%2BVjcxyd20dwmkBt8qs5%2Btl0Qt%2B8LUtoRerLi33xrf3aUuPfF%2FyLneQsyhw2pmZ7tCphmGpWO4UQjiWeEAhh1B3173HDJKvtBDn63u2dTMfZPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 878b06e1ddc8b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t2wi0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

104.17.2.184

200 OK

80 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t2wi0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://diaguard.wtf/downloads/Diamorphine.exe
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
80 kB (79951 bytes)
Hash
1316b70d49a1b96e622c51065b9117a5
b04cc286c3cfe650f25c3402c234c658c8e5fc87
1432978606c2eda283e9300bfe2414654572ebf427d5869987efae69a1f9dfd6

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t2wi0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 Apr 2024 04:14:28 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-resource-policy: cross-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
document-policy: js-profiling
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
referrer-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 878b06e40aee0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (69)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash