| miniaturefinerninewjs.shop/apihttp:/W/ |  104.21.30.191 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1miniaturefinerninewjs.shop/apihttp:/W/ IP104.21.30.191:80
File typeHTML document, ASCII text, with very long lines (14455), with no line terminators Hashd6ec7c4c9d21803a88671df330aee874 aa416e428e1ba7606bfbd3e23d324f7c625e6681 6ed988e44b6d1e9ebc2f5af2aace6872e1dafc5a48058f795c1a5ce059d4d0cf
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /apihttp:/W/ HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 15:18:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Hx7ZIeOlp8tKo8zvDn+JbUj+2SB8QHTkhBfJK6tCBKLHtoSnTYpL8tdab8ofTMfNYO7sG8cpVOYc5ERwPHqX5QyzTCMkocLaI59PkdhaodBNSSNQWujXY0IrcLohC0/0ND1ShUwej/kxEBF7uIvC6g==$oR75AgqcUpP0yrrYjsDYWw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dGmvPRwb%2F1udfTMrri%2F4XdhNutyfK%2BtIrO1f5EF8WfFuzmnyPGkfsUB4GLCqXwfQJgthnaGny97x3LFkwmUTQBFdfmlKZ3k5RGZn8JIn%2FTYakWEHsNC33hz6tlFWrTjc7%2BJKbbWWmcIC5evDCw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88022e8e6ee156cb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88022e8e6ee156cb |  172.67.173.139 | | 115 kB |
URL miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88022e8e6ee156cb IP172.67.173.139:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size115 kB (114867 bytes) Hash933cf01d2021b1b11c4f872c572010ee 943a2d939ef05d8e8b0338308ccf81709641b75d 9714e854798261acd5c4b3afca60776d28f71f16e94ee9b7ad3de84b0aeaf657
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88022e8e6ee156cb HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://miniaturefinerninewjs.shop/apihttp:/W/?__cf_chl_rt_tk=CTmuWFCav03PE7LQV8uUwmN7hZM5wn6eDG2H10ANpRo-1715095098-0.0.1.1-1322
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 15:18:19 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FduxfzZoJw%2FGkyaRpllxlZv%2BSSrSwQVbzr5P4DN8maVEekLp0L6bVB9CctZea5fT3wyoxzUxwY4iEBE0DakoWWMT2MTQDhvZa1E72arS8kEmqGBY3LlT9A%2BX1opqhG3qIgzPN9OBM4QsioK69g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88022e909b8556a4-OSL
alt-svc: h2=":443"; ma=60
|
|
| miniaturefinerninewjs.shop/favicon.ico | 172.67.173.139 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1miniaturefinerninewjs.shop/favicon.ico IP172.67.173.139:80
Requested byhttp://miniaturefinerninewjs.shop/apihttp:/W/
File typeHTML document, ASCII text, with very long lines (14513), with no line terminators Hashe6eabc18330f6bbaa1051fd207965e96 3c0c7d6ff2af7f01cc4daa77ff313304f2efedcf a39d733a5fb80ab8071f8fa76aa4083d5e9d4d147bb150dca51066a504686d72
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://miniaturefinerninewjs.shop/apihttp:/W/?__cf_chl_rt_tk=CTmuWFCav03PE7LQV8uUwmN7hZM5wn6eDG2H10ANpRo-1715095098-0.0.1.1-1322
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 15:18:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: O8g1Q6I6uLmwdpd1UB3NDgLuK/gg/QuTGBlNI1eManvVCaqqbzJNuGXZ/Wv1X3H9mcdzb2rfN80ZpS/9cvQ/US1xfLEGESDHXEh8jhCo30wHqDeKBpFx/K0TNI471TPgaoAKYchnT+1cocjilM8+6w==$zTfmB/6DIytzbckpkUhReA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjDqql9XZblSKjctKaiwkxnPzZ3jum5hdQd28mnF%2FUQhrXvXpMtyGOLnzlYMVnMeA%2FQBCuaOAXnt8B7YTgq5Rk%2FH2GDZXKsOtlAc3gjZsJFRdR3m67xgeHsELri%2B0%2F%2BgXj27ZpLG%2FEjIwDVXZw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88022e910c4556a4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| miniaturefinerninewjs.shop/favicon.ico | 172.67.173.139 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1miniaturefinerninewjs.shop/favicon.ico IP172.67.173.139:80
Requested byhttp://miniaturefinerninewjs.shop/apihttp:/W/
File typeHTML document, ASCII text, with very long lines (14244), with no line terminators Hash6eaa8ab17552f075e4a88c5681f28fd7 52bde85f94855b08c58b54077a03e7c6819341e1 ffc0fe0c48aa1b68f2cc8118c7f4c97a9fbe661f14acd42b252fe7a977cdf22e
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://miniaturefinerninewjs.shop/apihttp:/W/
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=ed3ff5c20638157
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 15:18:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Q7/a9wSVBbJkPQy29gcEiW/lCxcJq+TUxRyH62b0pbASZn/M8tvBd07SPoZOP6/ILfd6KZ1OSR+zvdAEtIUPdfQCg2kzMvubr4zUbP2eu4LpzjRcz6e9HzSLJwNM7zbCqc8jlRBBAx/SKA7Hpybhkw==$TYA6axQIKorC+AsiGHvYMA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F44UnclGmtx6dttjG6NC0FCojkwAlQCC7jyqFeiaPy0IzQVC0UCNe%2F3kEcCHsOS%2FHWdk%2FQo9wEB99QX5ECwTKAWApq5lzsu6STSt9wOv0l0qAgSovkdm3DrrWuxJwdRXGSJ79hNDoADcXd7zHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88022e91991cb4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1541060938:1715091167:ST9elzFbsIPVpf_shHAtBvhmfjg9jhMWhn5QaOuunn4/88022e8e6ee156cb/ed3ff5c20638157 | 172.67.173.139 | | 12 kB |
URL miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1541060938:1715091167:ST9elzFbsIPVpf_shHAtBvhmfjg9jhMWhn5QaOuunn4/88022e8e6ee156cb/ed3ff5c20638157 IP172.67.173.139:0
File typeASCII text, with very long lines (16320), with no line terminators Hash05408198dd0e62e77bb7db2e1e7af0f6 a9a52ee153a466d136289d8061d3bc68cb9226fc d47d4b30c37550d3dc4e357d0ba841cb91c51fcf30c819663b4095b1fcf2b8c3
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1541060938:1715091167:ST9elzFbsIPVpf_shHAtBvhmfjg9jhMWhn5QaOuunn4/88022e8e6ee156cb/ed3ff5c20638157 HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://miniaturefinerninewjs.shop/apihttp:/W/
Content-type: application/x-www-form-urlencoded
CF-Challenge: ed3ff5c20638157
Content-Length: 1890
Origin: http://miniaturefinerninewjs.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=ed3ff5c20638157
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 15:18:19 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: g5wio0ZAFXsfFa/ak3gB29iujDQzKcJe5JjQhMLE98a/YJXGgWXaIy6MJGihSuj2$fxilXZgdHKBQ1VuVDSTGZg==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6nEPhDcEygXgfZCMi7yn0xY7jn5t2WfPr%2F%2BlPQhDLkNTz8MJsKC%2FxPOwpO7isq6kC9yZWq9UbTBuVTVig7YUXpYsf3tt1armJNqxs7RZ6N1lWGZTS3jP%2FdZ10iW7VJf3G3s3HkVNhrqKwgdJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88022e925c93569f-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3kl3t/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.3.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3kl3t/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.3.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hash3d14d92c114cd28d11414e3c498a32de db33920ea51743d06d621185a713cff0e20e87b8 88ac01d0a3a21e150cf4b110c93cfb5ef864cbed893fca073e08a92489abef2b
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3kl3t/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 15:18:19 GMT
content-type: text/html; charset=UTF-8
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-embedder-policy: require-corp
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
origin-agent-cluster: ?1
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
vary: accept-encoding
server: cloudflare
cf-ray: 88022e935c23b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/88022e935c23b4f7/1715095099849/Zni0KwrkWkDxCp_ | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/88022e935c23b4f7/1715095099849/Zni0KwrkWkDxCp_ IP104.17.3.184:0
File typePNG image data, 4 x 79, 8-bit/color RGB, non-interlaced Hash70157330861bcbf6203d24e5d9fb83ab 80a47e216de96d958079521fbde760b297c3eedb 23d09df384b6eca97782840728354365d23e0a8b9b8949cb25a23bbc47c18390
GET /cdn-cgi/challenge-platform/h/b/i/88022e935c23b4f7/1715095099849/Zni0KwrkWkDxCp_ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3kl3t/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 15:18:20 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 88022e9bec5cb4f7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1541060938:1715091167:ST9elzFbsIPVpf_shHAtBvhmfjg9jhMWhn5QaOuunn4/88022e8e6ee156cb/ed3ff5c20638157 | 172.67.173.139 | | 1.8 kB |
URL miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1541060938:1715091167:ST9elzFbsIPVpf_shHAtBvhmfjg9jhMWhn5QaOuunn4/88022e8e6ee156cb/ed3ff5c20638157 IP172.67.173.139:0
File typeASCII text, with very long lines (2328), with no line terminators Hashf32ee0d6782967df9136e49c9b902864 72e5918935a51d8ba9f546f6f9de54102c989d05 daacab6da67fbb735c1186b77fe9f909e1a66633dc268b4d2030c3ee1f18d07f
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1541060938:1715091167:ST9elzFbsIPVpf_shHAtBvhmfjg9jhMWhn5QaOuunn4/88022e8e6ee156cb/ed3ff5c20638157 HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://miniaturefinerninewjs.shop/apihttp:/W/
Content-type: application/x-www-form-urlencoded
CF-Challenge: ed3ff5c20638157
Content-Length: 2561
Origin: http://miniaturefinerninewjs.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=ed3ff5c20638157
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 15:18:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: 5TZCvAR1lkrTyOcV/1VeeIYWtT0Z2FgrMv/r1Us9jJft9DgbV0pKzZsOVVeam4mVlYQBgk9PgyiIYdYrbwbTQeZOv6CBHrT3rRv85eqRS+c=$zSo39nP/Df8BjFvvWBEsZw==
cf-chl-out-s: AWWZI24ON8x/yhNTVH6htw==$IpGI9DTrkDVIrY1BZySaUA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kyT96WF6lJcYjDqvmV6GxdhPEpmkaw4Mtmc1KJxTiX8um24hFCJWTJtI2Vc9TKVJEE%2BjFdgomcmVnXFBCBvbn48hOKjKDx42v2miGP4gNCxeO6JkrEkNctOE%2Be2l1AIsjPj1XssbFOMqyNUIkw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88022ec15d74569f-OSL
alt-svc: h2=":443"; ma=60
|
|
| miniaturefinerninewjs.shop/apihttp:/W/ | 172.67.173.139 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1miniaturefinerninewjs.shop/apihttp:/W/ IP172.67.173.139:80
File typeHTML document, ASCII text, with very long lines (14497), with no line terminators Hash50e04f32fef965a8d16d318302bb739b 0a2c472d11cbd5f5ecca96dd67206d79fc08caf9 3c55ef56ef0f10c7382b4097d264b881949dbabe55010d4b7fbfc2b63328f8ee
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /apihttp:/W/ HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=ed3ff5c20638157; cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 15:18:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: MQFIPp+EUMO6QnX+5MrLbgQnFYCnKGKMMJ56zvFscGM9jLA463HXO1xm8oLVHBGe116jbw60r/7t/6emkEh2vHNQqsrhUoZ/ohBjQfXvomCmCcz+Gq/KkX1iCuR0koEN2J1xST8sy0UYNZfg+M1InQ==$UY/hnjMufAWHGgRqCRrSIg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=llJKYzfFoaq4aZGmklCu02P4vSgdVgG%2Bcl4CTssCSnwA5vSPnU5Sfq25J%2FnVEZcFGL2BPSHnhpuNt4v%2F7ErHECf2yM4xDVIO0MsHQ61SNgT%2FBwkUgtGrYdVyYrjcGZPJ7zFvN5tARc46xZ2bNw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88022ece5e88569f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88022ece5e88569f | 172.67.173.139 | | 112 kB |
URL miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88022ece5e88569f IP172.67.173.139:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (111968 bytes) Hash23e0a4515332b483de27611e20d922b9 922191409435598dc9c15e8b263d1961c7ff0e0c 101eafd563c0133e91a4d6da6091614863c915ce685f9017cee2618f5b382d2c
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88022ece5e88569f HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://miniaturefinerninewjs.shop/apihttp:/W/?__cf_chl_rt_tk=aRqcQuWyKUFA_mvoFXHrZPV6qZdFEaIlHUd2IhaFLlo-1715095108-0.0.1.1-1322
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=ed3ff5c20638157; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 15:18:28 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TbeLZ8u%2FurAlcMLIdRp1bOYrmaGrirv2fNQ0w0wYNWzkHwl8rCj6KRBdcbN0FzH4mHqXAD7gHkL3wuGvOwARftyqWOuMmdsDCYwUryUo5CucYW9x8DCulO91JhhxDBC1W0G3%2BEGC%2BLQipVdQcw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88022eceb9c956a2-OSL
alt-svc: h2=":443"; ma=60
|
|
| miniaturefinerninewjs.shop/favicon.ico | 172.67.173.139 | 403 Forbidden | 6.0 kB |
URL GET HTTP/1.1miniaturefinerninewjs.shop/favicon.ico IP172.67.173.139:80
Requested byhttp://miniaturefinerninewjs.shop/apihttp:/W/
File typeHTML document, ASCII text, with very long lines (14555), with no line terminators Hashdeccf120e5adb78865081dcbfb9c7fb6 38ce24702f145c798a183427fa0ab5bb6f493d71 1b6d807e0249ea62a9484e7c192571551db73c53b0b0cf5a7501bad0e1f32231
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://miniaturefinerninewjs.shop/apihttp:/W/?__cf_chl_rt_tk=aRqcQuWyKUFA_mvoFXHrZPV6qZdFEaIlHUd2IhaFLlo-1715095108-0.0.1.1-1322
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=ed3ff5c20638157; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 15:18:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Fh3OE11MoYuOAcdLfB9MmWTGV66Z6cFnCrj3QbTZuNS1/yGJ6Pu7p3x+VzySgAfiMB9oOXIefTOLkIAGlccsJa7N0jm3EtWJJ6FqYld8l1wx+0FvOXZfzgOU9nwJ9W2Q/UJzn7uGb756yRHEnePRCw==$L6QCnEBDZ9je/OTNvLDPQQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXcQh0y3B0RPw6xwiHJW60%2BoUK5lxs8EHIGM8LnvIgNSY7mfLPVdXa7DzbD1JIVON476bwu6%2Fz9xyFOqsgdyYqR5WLg1zb9k3H6YpP9Pym%2FJ%2Faa%2Fy82Kul3oFaewwTUKTHg8%2BbT%2BUUgpCewXGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88022ecf2a4556a2-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| miniaturefinerninewjs.shop/favicon.ico | 172.67.173.139 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1miniaturefinerninewjs.shop/favicon.ico IP172.67.173.139:80
Requested byhttp://miniaturefinerninewjs.shop/apihttp:/W/
File typeHTML document, ASCII text, with very long lines (14470), with no line terminators Hasha28251c8ad079528a7d35e67600689d8 7191e7459b402a54201410839ebc82a9e1dba9bc 5689a36f13d21759a08ec4831e94a661caff805a2ddf08bdf9ad4335d671336a
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://miniaturefinerninewjs.shop/apihttp:/W/
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=ed3ff5c20638157; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 15:18:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: riGQZC5gWCQYJ/ANjSQUnDxaIxxNhRugy0HK3ypj839msGYvdagiDAKVfHOU1nt6k3SjJm37aAYDPb+EFELH6d3eUnG5smaSD6OOrE7f7H3Gzo4+AI7cgDl/nAy5I4yqla57C5g0tGtyjioqJvXFsw==$/wKXHC69Y6tkpX0VXVeCrw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cIm4%2BpOgXmMqof8GKgPsjo24NVuRpzOcvFD6j24IJRRsMmh%2F6bJowuey0DX5DuZ5PWSn6AKY2x4xq9mP7UCsaMY8gDJcSeKX9XCCnjb15swQV%2F2xOcnclfdI0t%2Bw2MYjFev9YOk6LIyFi4f1SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88022ecf6f665689-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/21351694:1715091090:k8N2dYDGo7Ltqj5tb31tLawXa5ihBC9RL7TNvTJHWS0/88022ece5e88569f/15bfc374c69f555 | 172.67.173.139 | 200 OK | 12 kB |
URL POST HTTP/1.1miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/21351694:1715091090:k8N2dYDGo7Ltqj5tb31tLawXa5ihBC9RL7TNvTJHWS0/88022ece5e88569f/15bfc374c69f555 IP172.67.173.139:80
Requested byhttp://miniaturefinerninewjs.shop/apihttp:/W/
File typeASCII text, with very long lines (16304), with no line terminators Hash6276627ac0c1dc16e8efefd4a65ce710 0e23e0cb65b61cb419c1c97d0d7b4425b4bd06f8 558548108a82bdc43f96519efb888abb4636da6ce7557aba6c41e69492bfee50
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/21351694:1715091090:k8N2dYDGo7Ltqj5tb31tLawXa5ihBC9RL7TNvTJHWS0/88022ece5e88569f/15bfc374c69f555 HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://miniaturefinerninewjs.shop/apihttp:/W/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 15bfc374c69f555
Content-Length: 1877
Origin: http://miniaturefinerninewjs.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=15bfc374c69f555; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 15:18:29 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 1W6Zh30MV89BUi+CiOlZWFqFjdjtyYCFRZKWR76dC5x85sGUYYAzcCLQ3A5gSI1q$vEHqS1K5O2iTxaFwY3+06A==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wNaUDm%2F7Kly7ys8UPod32V6kbxuQfW6bLgqt3JIWtBD%2BxPyka3jin4jTlrMJx%2FXzEbFdMV%2FJtg4kVmTmd5Zq1Xw9HrSepWGehqGLlEKUpOTxBGAJb%2FgYFH5DB2Gx0u7cGHGAzbHmsWHNCgEaFg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88022ed04ccc56bf-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qpc16/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 15:18:29 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 88022ed19dbeb4f7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit | 104.17.3.184 | | 20 kB |
URL challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP104.17.3.184:0
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://miniaturefinerninewjs.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 15:18:29 GMT
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=604800, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 88022ecf7a08b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/88022ed12d0bb4f7/1715095109691/Sla6pElm38RYu9W | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/88022ed12d0bb4f7/1715095109691/Sla6pElm38RYu9W IP104.17.3.184:0
File typePNG image data, 25 x 96, 8-bit/color RGB, non-interlaced Hash03317abe2c0d601c4b41aea092a6ecc4 5b8b1c3b6e52e44ce9afe26e91b66634cf04e2d3 3acda2e0598adafcdc3a20c78bc58e7129ae3ce0548fca1421b9982ce8429e04
GET /cdn-cgi/challenge-platform/h/b/i/88022ed12d0bb4f7/1715095109691/Sla6pElm38RYu9W HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qpc16/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 15:18:31 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 88022edbb92ab4f7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/21351694:1715091090:k8N2dYDGo7Ltqj5tb31tLawXa5ihBC9RL7TNvTJHWS0/88022ece5e88569f/15bfc374c69f555 | 172.67.173.139 | 200 OK | 1.8 kB |
URL POST HTTP/1.1miniaturefinerninewjs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/21351694:1715091090:k8N2dYDGo7Ltqj5tb31tLawXa5ihBC9RL7TNvTJHWS0/88022ece5e88569f/15bfc374c69f555 IP172.67.173.139:80
Requested byhttp://miniaturefinerninewjs.shop/apihttp:/W/
File typeASCII text, with very long lines (2328), with no line terminators Hashc61fbfdd4bff13e10d33457bc30cedcf 5734d8686d0c65c3f57381d4da77319f933845c9 18d7daea297dbefd405c8e6de7fa216316d1f3f7b416fcca6317ec526ee199c3
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/21351694:1715091090:k8N2dYDGo7Ltqj5tb31tLawXa5ihBC9RL7TNvTJHWS0/88022ece5e88569f/15bfc374c69f555 HTTP/1.1
Host: miniaturefinerninewjs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://miniaturefinerninewjs.shop/apihttp:/W/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 15bfc374c69f555
Content-Length: 2549
Origin: http://miniaturefinerninewjs.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=15bfc374c69f555; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 15:18:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: bwdlBhdsWQSuCvTy5z8cqg==$Paap0Jeo65j24FhD84wJZA==
cf-chl-out: Z5rbUaet/R4YSQ8GpaXbb8IjEIaSj6/H7sXSiUF8t3V+c2Qul/qfRq+NygDe8cxXTqMiSKx2SDW7GqGhX/eoOV5XekjroPBqpenMwT8PhmE=$JvgivJw1C2sfALiFF8BaWA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnvTHPVGnOv1yHnEfdwbazBxF22Z%2Fddu798O69UGqym7uXAGVhOYCARVXRZ5XbvE35UZKmKcV%2B00k%2F3XykmGMGA6sButOoNxIiwk8v%2BX6HvhxcO7TYSH0X7XTiPVLZPuk1ciUfd%2FZvdj%2BKUsrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88022f0efc4f56bf-OSL
alt-svc: h2=":443"; ma=60
|
|