| zippyfinickysofwps.shop/lK | 172.67.148.231 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1zippyfinickysofwps.shop/lK IP172.67.148.231:80
File typeHTML document, ASCII text, with very long lines (14360), with no line terminators Hash91441a44a93b7f8909fde5443c71c14d 000254febe8a5959e787c79d6ed80c455a7082ec c413b2d044df34dd5c6db7ace8d3c9a63fa57ca9444399eca2feb4af5667a71e
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /lK HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 08:41:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: uZ4cmcnultmbfw7zIWT8Vp4zDi/+GmJuGUXayfZPDafOCzLEIjhYIHkod2CA7KyA7sJenTY6HaBtMo81wqrjSF/20xclvIXBbfC10/QEjLNdS2nqssLjJoglcZZzL98j98KEV8Jq6XaPZ2yUDyGt1Q==$o20U6A55Xjd43/9dN3XDJA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DoNPtw4FVfFQfUD5LdqgUBZvoHvnlYosW9jYIl6O3AnbPMHWdqA1HB8XgxSpZvN3DFhx8%2BnBqf8aHQ9Cmz2BtQgyEW4vVysExsnN3jrOePk%2FCpbMQxpuqCOtnonmOqaxgf6U5my7WnDdoA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e73173396e0b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e73173396e0b4d | 172.67.148.231 | | 112 kB |
URL zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e73173396e0b4d IP172.67.148.231:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (112188 bytes) Hashd574749104a2d55a1d951ecc9c4747da 2d9a899ba6140bb4473dcf917db9a7e9b03c457c 7a929f23ee6da90d15f922ff39ad4a80e567ce3523d22c29dd8d2973d2a99bbe
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e73173396e0b4d HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/lK?__cf_chl_rt_tk=bad3iVhbsYijY2uzumY9Z9Ol34iLi87BRMx5hoqHvxU-1714812101-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:41:41 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UIZHiZnBXVyCqyHaC4JvqX2xTKM51ntcgMnWwRmWce7wGoXantZnWlpIxzH1Bx7NchErBsuDYqKuR81qAoulnA9mlDGavdRyZYs5sUspg897zv5sO%2BEy%2F%2F9%2Fmdg77gHyRaxa5TbNSRpoHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e731751d9db51b-OSL
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/favicon.ico | 172.67.148.231 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1zippyfinickysofwps.shop/favicon.ico IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/lK
File typeHTML document, ASCII text, with very long lines (14399), with no line terminators Hash5086670ccea6cc8dc26218378599fe29 24dc387acaec137827da8249696ea5ceb87d9acf f16e0453436adc83f7de3ffbd228408fd27b819eb410d172f46bf77f90c20253
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/lK
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 08:41:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: h6281YPDsiEabfen22/MD29dAPhPhhGTY9o3ngGe1NxdoopSCUGifJQ2uq/apMM0kRr7knkRbGHPmNpCsjnvIKglgB7Px5PsVJlAeMzDu1We2Ann8I+FQFEtyok1r5vl8v3k72MD38+BgfZ7Kfp7xA==$e26iD3qq/KDemSR9s8TIsQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ly%2BxLPzFDEIjUIRGufO0N%2BNJcBbctsAeM0nmCKfbKF%2FqkWxzeSTjW%2BRoLRtKkdMPQ5UttZlHwJiXVQjD%2BwjkobqLXv2xC1fYsuzSlyBEgEPZBLeKt%2B253keIQI6j7366cyu5wDCEeQ8JjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e731760fe7b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit | 104.17.2.184 | 200 OK | 27 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit IP104.17.2.184:443
Requested byhttp://zippyfinickysofwps.shop/lK CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hash65b0a652c40c95d12c4ddb3b4567c1ea c654efa19d01d6553ed4e0f500d350011e023ad1 c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7
GET /turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://zippyfinickysofwps.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:41:42 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e731766913b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/w6toy/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:42 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e73178d85e56c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e731780f8556c0/1714812102878/iLEC1VoJnAa-PtO | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e731780f8556c0/1714812102878/iLEC1VoJnAa-PtO IP104.17.2.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 33 x 80, 8-bit/color RGB, non-interlaced Hash3f9fd1efa53be521000f9c993b069241 198191931625f67ba035e0934d2610c45265ec98 4b1db54798eea66c0e731a10a9e61b86cb6d67e216b696173d25c5b3daf938f2
GET /cdn-cgi/challenge-platform/h/g/i/87e731780f8556c0/1714812102878/iLEC1VoJnAa-PtO HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/w6toy/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:45 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e7318b1b4756c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/877799080:1714807717:4wc5PbFizVi5w9ogcB52_tC2jiw7ncCLLMRtXe6wQfo/87e73173396e0b4d/3131d9d242358c8 | 172.67.148.231 | | 1.8 kB |
URL zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/877799080:1714807717:4wc5PbFizVi5w9ogcB52_tC2jiw7ncCLLMRtXe6wQfo/87e73173396e0b4d/3131d9d242358c8 IP172.67.148.231:0
File typeASCII text, with very long lines (2328), with no line terminators Hash6d5eabcbae0f73834ee20b095bc60f1e c56ac8469d4ca26b95a4209e321aa7ee49b21f6b 0b0eed57eb4a4563f90a124a21769e8c08addcee440e6e3b26e85dbfab23fc19
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/877799080:1714807717:4wc5PbFizVi5w9ogcB52_tC2jiw7ncCLLMRtXe6wQfo/87e73173396e0b4d/3131d9d242358c8 HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/lK
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3131d9d242358c8
Content-Length: 2515
Origin: http://zippyfinickysofwps.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:41:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: QGE4LacoMuwx2acYD3dH9WFpEmr7j3IqxJnhaTFS8PRLgVrne7U1D54/ZrAkDnovpeO/173H9tQkKTeAURE0YCOkIiHxxx3UsKbbsJAOjxg=$Xr1xNY8k41pKY1KRiNPafg==
cf-chl-out-s: ucMBdqfwnoZCJIL9ZBWB4A==$CRk3Xs+Uhc6rWSCihaw5TQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hk1OWr%2FwzMbYe9nMpBW2VzIaqR4LPPupzNh%2Bl5kzvxWIz%2BgWtcwnvspmedLJJDFrZF6I%2BjWQX43S5RchJNRmhSOgXbqkHzoksWVH4AWmGqKRMAF6xuWszEKj1MQMVpWxeRPC7gjt%2Bwo0VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e731a23d8856c9-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/485370393:1714811548:UdJ4nLxc7sLRP4Oe9AgmPYbLe87feKd548crICJt46w/87e731780f8556c0/0b1531f0e9c41bf | 104.17.2.184 | | 6.8 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/485370393:1714811548:UdJ4nLxc7sLRP4Oe9AgmPYbLe87feKd548crICJt46w/87e731780f8556c0/0b1531f0e9c41bf IP104.17.2.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (960), with no line terminators Hash887baa41338a90d82e3bd2c22985a554 2c3343a571042f94cfb931169e94e7f25c215be6 41a1db06dc97f106cfa958429b7a83d99ad97290541ebd623b817efc14382daf
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/485370393:1714811548:UdJ4nLxc7sLRP4Oe9AgmPYbLe87feKd548crICJt46w/87e731780f8556c0/0b1531f0e9c41bf HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/w6toy/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0b1531f0e9c41bf
Content-Length: 40261
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:49 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: nSb5ERoY4EIu+VgnaX9FL2vGUbTo3NuRCJa9uSXHDpRqQCmNxj4bya57Fhvzj5rlbhuldCcbz65LgllrK34vmz7yPjDPoXmvixKumUmlCLo=$pj7HEwKbcPJhSFt4j4OPNQ==
cf-chl-out-s: KZ85p+/2zonMl6fkej4qjw==$14ERk3Z1omDkSzIJUQLEnw==
vary: accept-encoding
server: cloudflare
cf-ray: 87e731a1bc3856c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e731af0aa356c9 | 172.67.148.231 | 200 OK | 112 kB |
URL GET HTTP/1.1zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e731af0aa356c9 IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/lK
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (111975 bytes) Hashdc0b82ef58108f29f20669d2781257fe 7f9c546bd57828cd55b0563b467048f752758798 52db1e66012dc42264a16ab17e70a854140fd83d6d3e6a0f4a8b7ce280763eb6
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e731af0aa356c9 HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/lK?__cf_chl_rt_tk=goXkRKwVD8Uee0xioxX._cBIWu0hcFDaDP8a09.DbuQ-1714812111-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:41:51 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2UD77t%2FUm80INnCLVzh3lIfV%2FcRggOACijxt1vNiJZ7efbXoePf3%2FFJyVIRBdbbppAytozbhMJPxXVUr7YKDOW80GBeDYM%2FXgK1IU7bNab8ucGtggvoEurD7NnPzmzlTRyRhle0fJjUOw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e731af58195696-OSL
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/favicon.ico | 172.67.148.231 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1zippyfinickysofwps.shop/favicon.ico IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/lK
File typeHTML document, ASCII text, with very long lines (14420), with no line terminators Hasha39fcd2efcf82087561b8494db242fad bb71af96a94b3a458eeb3fec3b63f4194f7c3c6a 7d02dfbbf09238bd4829c7bda12adee529e7af36ba5deac193e6cfd2882442e6
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/lK
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 08:41:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: O5yBPsPc9SRQOnS3RYLw9aoMOjE7h6dahaObXtVJ5a93Gipx5wW9BbWPrXVAu7NiGBisnEbUMmFnyQyK7x5o2tYS8ONBlc4ZMOBZ1clw2nZBj9P7aY/NIczbd+KCKvmoGUcQF823WqwXjUUbLrhYUA==$YmE2VarBhtFDn/xk1OGcIA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0EB%2BiLTo094LAmkXDq3CkrbkHgZ6eGrjwe5ykd6fyzRNhVjlJu5qLMqXHuF6ZrOGJfxXjJ2Ev3nncSliXHBcKsnID14DSiXofgJ%2FFr7G8GqKJejzvkFNKi4pf9PXY08VH7fHVD2BLS125w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e731b07e6d0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/favicon.ico | 172.67.148.231 | 403 Forbidden | 3.4 kB |
URL GET HTTP/1.1zippyfinickysofwps.shop/favicon.ico IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/lK
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hash3760de954296b4127be241e50251e17c 732a60fa3e6960f5d5216d59661a38a734599940 18732ff4313ebebeb0435b8decefe20c35559fe980ba710d3405136c8ef87b8b
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/lK?__cf_chl_rt_tk=goXkRKwVD8Uee0xioxX._cBIWu0hcFDaDP8a09.DbuQ-1714812111-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 08:41:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: bjZNYmv16RonC0JkBa49k74IQ6F/fP1KNBGAcocupKqMS3BKgxAfIUboGMblQr94lhWcwGCzc/Fb88E8msZjgBFfD+JENVnaOnJjBsNN9GGvbUz8AX2mVRhtTH6MuNbnXV04CHRCy55HoTy8PYjt7g==$q+ODjSNah4EXz1yyHZpZkw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mmjcjh2yzlXTKg3NZwInXxZW8qJ6hvo3uoXDdmLkTnaj%2BBKnaroNrPPX4Gsxd0qC2j2qwYC9eGBrXE9Xi3Xq1ANxlWaRgoxUo9OLGlkByFbx1gNg93tTYVMqx7twtDIyYigbdXEy4dB0hg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e731afc89e5696-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1813689137:1714807816:pPO80yHRQ9ArzU4op752B03JkRwdvgbdNIAjE5m8pdc/87e731af0aa356c9/12e24a7df6409d8 | 172.67.148.231 | 200 OK | 12 kB |
URL POST HTTP/1.1zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1813689137:1714807816:pPO80yHRQ9ArzU4op752B03JkRwdvgbdNIAjE5m8pdc/87e731af0aa356c9/12e24a7df6409d8 IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/lK
File typeASCII text, with very long lines (16412), with no line terminators Hashf48020c5fe931f6d391518172c663e01 fc536d4ee19cdf5cfcbb26ee66be8bd7e53d0cb9 fbaf5765485f57372821f548f6c0d12d64502fe5218fe92f11857c89a7d058eb
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1813689137:1714807816:pPO80yHRQ9ArzU4op752B03JkRwdvgbdNIAjE5m8pdc/87e731af0aa356c9/12e24a7df6409d8 HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/lK
Content-type: application/x-www-form-urlencoded
CF-Challenge: 12e24a7df6409d8
Content-Length: 1862
Origin: http://zippyfinickysofwps.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:41:51 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: T/mRRp1n0/7mUIZ2Ti0YpX1h6zrYSPShVQF6C3Rq+mQpiWNioVFOHUCqj6yKi3p2$YAqd54rbgKGpAWSJIn4sFA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FraQXTx0uzDtivrgvUWexoga9E165nWu6g%2F8g2pPLU%2Bsi3jYLmsceqhXYgLikq9On19XNIUMKxXhwd2crScM0zIxzQI0M5hQG1jqXXW%2BkO0F0EabroTyxh%2BlvaiCgVTl%2FYaMAz5Jgv%2FsOg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e731b12fad5684-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/w0c4x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:51 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e731b32ee356c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/w0c4x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | 200 OK | 36 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/w0c4x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:443
Requested byhttp://zippyfinickysofwps.shop/lK CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hash5a41366bc688fc2778cc61c332d72a77 44a35562115ff5b00f06de0facd8af1ac6fd3348 87a1bf599596aa5220d683c23a49d2e070a21eefd5a1f836f63afd168159e0f8
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/w0c4x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:51 GMT
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
cross-origin-resource-policy: cross-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 87e731b21dc156c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e731b21dc156c0/1714812112193/sGhBXRX-0pdaIy3 | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e731b21dc156c0/1714812112193/sGhBXRX-0pdaIy3 IP104.17.2.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 99 x 70, 8-bit/color RGB, non-interlaced Hash8a8492b7935cb6661543d4a814758202 60b4aa5b2bb62a60385c370df80fc78240e872a7 5dc449fc8ed51693bb748d388d704112311b209eb5ee78aff3ff069da8f02042
GET /cdn-cgi/challenge-platform/h/g/i/87e731b21dc156c0/1714812112193/sGhBXRX-0pdaIy3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/w0c4x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:52 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e731b89cd056c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1813689137:1714807816:pPO80yHRQ9ArzU4op752B03JkRwdvgbdNIAjE5m8pdc/87e731af0aa356c9/12e24a7df6409d8 | 172.67.148.231 | 200 OK | 1.8 kB |
URL POST HTTP/1.1zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1813689137:1714807816:pPO80yHRQ9ArzU4op752B03JkRwdvgbdNIAjE5m8pdc/87e731af0aa356c9/12e24a7df6409d8 IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/lK
File typeASCII text, with very long lines (2328), with no line terminators Hash87344934ab4fcb8fb5fb679793b34192 6b9a8df03cef1c234de6629b93b5032c58f835bf 3b6e4a000a2cb6d012e4d107b126793d1a19c74aa85c23356e14e0c56f6b9c5f
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1813689137:1714807816:pPO80yHRQ9ArzU4op752B03JkRwdvgbdNIAjE5m8pdc/87e731af0aa356c9/12e24a7df6409d8 HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/lK
Content-type: application/x-www-form-urlencoded
CF-Challenge: 12e24a7df6409d8
Content-Length: 2552
Origin: http://zippyfinickysofwps.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:42:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: aNIug2vLOy4pgkBeykoq5w==$2z1aw6EBl72by0fUXh5LlQ==
cf-chl-out: Fag2BXe1m8HGSnYJ90w2ckgL1FJK/vQd0FUjSggEgJx1stLPtHWvdyKzZ9AroblDnlv3azblGfgMjP8BVtM6wfji8nXLA1q2/FGQT6NbDyI=$fFOxfKRyHd6DQkt/DyZH7Q==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHpKO6DS%2BgBMoyJN2OWUcW0CxkFUJ%2FbdIzcliOcAwNHasxL%2Bhx2FmNus7bOMxvEtuBOWQ6PSr5YdbQa8MSIV6DfGxEmyXtOvcytptyAkBhPueiiS%2BCPqvbLlhmSpBA8f0ZhJL%2ForOwwtSA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e731e84e7a5684-OSL
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/lK | 172.67.148.231 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1zippyfinickysofwps.shop/lK IP172.67.148.231:80
File typeHTML document, ASCII text, with very long lines (14380), with no line terminators Hash4f372b8f8a33af8a62799b0aeaab5c5a b6392b0a2e6fb0fa8097aa76abd7729fc3760031 81fe76ff1c034986c81a09ad42f123828ae57eed6a9b27e149a3239934b3dba9
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /lK HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 08:42:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 82apM3+GWNGKylcwrAB6bVGTPWX6SfWvWLIgIfMPV+kCnbL674MJinuAwePjecug69ZpkHnZ3kARY9j8iR3ftTNLRkv7ZqM5u+EnyXTmN/hE9/OuxQDANyOBNBCqCEDlav05vc+OAyCSOhoSzSXoPQ==$ievuNGlWBpFDmdqFwZFiLw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBwD3AbIABNnk%2F13dpxz0iOjMUqhHaPmthk0Lq88WJGFPtIb3M%2FliVylG%2FUYFSa%2Fu2vxeNKd3rvB5YQ5ddzbClekTrA9PulFTwuWr8Jf4J1M4%2Fkiwz5ffp7EZtnCNR30mur%2B2Ci0zlJqsw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e73201aa385684-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e73201aa385684 | 172.67.148.231 | | 112 kB |
URL zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e73201aa385684 IP172.67.148.231:0
File typeASCII text, with very long lines (65536), with no line terminators Size112 kB (111936 bytes) Hashaf6109d5853121dd33827b2e65ed0bea ad257b3935b4955c307dd33ee4a5eb59443f1d8a d9213fcd89c4b66ba1223417e657cef11288922f8d50e3cdaff5f6a75d37128f
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e73201aa385684 HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/lK?__cf_chl_rt_tk=kK9fLo0A_Hk.U57Cn5E6trHDheCZlSpqk3bJ6B9aW0o-1714812124-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:42:04 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FXNK6C%2F6hbTeKJT20bKGf6MCBK6OtS%2B%2BiHEvmQszDnUzNgoZtrfqhAeHknzrJ348QfHosr79EPvHx5S9Q4pEKde5ubk8j2bkSfGZkkrELLrReAvXHWR%2BVKHboIV3Nq75Hud0mu6BqhBbA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e732020dc456b5-OSL
alt-svc: h2=":443"; ma=60
|
|