| trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual |  104.21.28.26 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual IP104.21.28.26:80
File typeHTML document, ASCII text, with very long lines (14329), with no line terminators Hash920da6eb48d82acb0d1589568f04eccb 54d06bcd5d28ec3faf54ac5f1a99b2f28f05b050 e6cafeb3b3683d2599308cee00c5b3777515e47b036d645b97736a5ab5ac253f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 19:04:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: qGhVGJfIWXmmAXgH9ZwbJrRFzMvMjt2PkZfV1WOpO4BHBYW2DAZT5ZzF7kV5054AuJ4FTGnAEFK7nwJc550qskd0CiFkZQ972jbODGIlOBU=$+l0zH/3hSyGTp0ONXGIgKw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vaXE3e8Ytuj9%2FjBmIrme0jps7WL0g%2B8IacvFghEqzZoGu%2BCPANJ%2BlCuCvCpam%2BavSE7c%2FYn2oKMRrd7MXqjMkAhEHddfgdrWGa64%2BI6wL3aBZ4cgqaXqiGJ%2FAkcz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8813f45669d65688-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8813f45669d65688 | 104.21.28.26 | | 114 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8813f45669d65688 IP104.21.28.26:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size114 kB (113537 bytes) Hashc881a9849efbf9a68039f427498e54fa d18c133a9d1a41613babc37f002a1ac5ffc97806 989bfb67d6632eda94da425083725daa9a2dafa6c7d55e43f361087c1700f944
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8813f45669d65688 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual&__cf_chl_rt_tk=1_f6stqbpett9nvy_MY_xMUb691QNfdI08wojN3Vm5c-1715281457-0.0.1.1-1343
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 19:04:18 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YbAIa9Dsk%2Fg45BazinUy0v0MOs9tVJR1CKExgKZT%2FfCLobcJT6a9H2WZmX4xYesqS5N7phaUFnzzj2iYRevI3kzUgeHRsfinWUEzynkG650ihAVCG84ez0D%2Bkbl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8813f4585a7fb4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 104.21.28.26 | 403 Forbidden | 5.7 kB |
IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual
File typeHTML document, ASCII text, with very long lines (14077), with no line terminators Hash0fed9c2eb08fd27d211021d2427282ea 6b3dce88891b38df55eed46be984ee35314f0d02 407ad8da879b62e827ea00eeb9fd1f9969696a07137563659cece5bef853f9c2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual&__cf_chl_rt_tk=1_f6stqbpett9nvy_MY_xMUb691QNfdI08wojN3Vm5c-1715281457-0.0.1.1-1343
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 19:04:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: URmVNgPQKG3OcMHwOL1vecQ16x2a4Wdw5OVlo32elPnV5GF/pLLBKzzBI9RQRWrRh6Ou3QThBAcLySm+XPpsoY2IPEt4RiXPrl/bTs/0lTE=$S+aCNW1MRfB0JuO12rnSeA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5ikywVJvTSVcX9IIi8XxzH7HcQ9vo%2FRp5cwCbXUKY8FMmMqO8QtIGRsRkABf655UVDQmTsSLeV%2Fp5MapLT%2FqEEH5su4cv4x9SwvSwlZHCjRGRq%2B3%2FCUgkvwbcEs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8813f458cb4fb4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 104.21.28.26 | 403 Forbidden | 5.6 kB |
IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual
File typeHTML document, ASCII text, with very long lines (13992), with no line terminators Hashd3e74fb14aaa32a08bc08c41173d0467 831ebbcdce2dacdc66008b0eabbdddee4d8a991c 8798de9fda8d87391e3861e13b1700fc7ea0eb9830faedefb77fd64ff4715f26
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 19:04:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: S0299EY5UVIlIi+fdT5MsP1YJBIEIqfVv6YlPQ1T7KOFLzYl9NX9RSVJGAHPPzNw8kkT096X5ip/giRbJ4Epn56EgwD0O5+LYspeP6P5RFI=$aZLXO7yx3/I3EPjzGKFErw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m9lBnXafzBPx85VtfIWd0ChXjQ146mUMjAASmnXZkIEO5xveTXlVmdxScedSfu2noF%2BhNzcJ1kKztiFI11LYIJXDurfB7q69dMjGW%2FMJ5phZE0RYyQJcJT2m34Ad"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8813f4598f8c0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/161500520:1715278393:9Uorqa-nNWp1CRnvpVXXI90nxX94GcpgifvHifotTKQ/8813f45669d65688/9befab1ac4e2e4e | 104.21.28.26 | | 12 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/161500520:1715278393:9Uorqa-nNWp1CRnvpVXXI90nxX94GcpgifvHifotTKQ/8813f45669d65688/9befab1ac4e2e4e IP104.21.28.26:0
File typeASCII text, with very long lines (16264), with no line terminators Hash20651f337e631d350f36aec10007c050 77b925f28a13b82a2078e139aa372453bb6d3501 c55e7f47df1ffb17a771e605f7bcb5844576fa5dec228db67159716401aee1bd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/161500520:1715278393:9Uorqa-nNWp1CRnvpVXXI90nxX94GcpgifvHifotTKQ/8813f45669d65688/9befab1ac4e2e4e HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9befab1ac4e2e4e
Content-Length: 1787
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 19:04:18 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: eh7O/+1OnJJLZpUD8qvas7WCWh/Yk2jT8eIVy1rwCCQm99emYdIsuzAl/Hqj3EPv$rlWmyF6xt/YEKjDl9egrTA==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXjrB3OO6hrHKht%2B9ojgxAPlVUEJAPISz0KBw2DmSshMfo%2BR77LDaDXG86pMomz%2FFdzPzxkiUhkAOUnlBZOzvQS8uTIl%2BFCQXH6mZLgDvTWFAzSBn6aKMVcsPzQ%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8813f45a3d3db4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tr7ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.3.184 | | 18 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tr7ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.3.184:0
File typeHTML document, ASCII text, with very long lines (42150) Hash4c949768ad48381b6fbd2e1de3b565ba cd57ae6d1b3faa22c035d820bb01e599fa1ca80f ddfc9dc1a3be40c86595dfeab20253a7ac5ea60bdee9214f814f30affd73a25a
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tr7ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 19:04:18 GMT
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8813f45b78a556be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/300185651:1715278475:a1dVXO8xPhMe-JuecXm7Gm30a-0oXXgzQS5wvLPEDOE/8813f45b78a556be/b34d204cd2cd61c | 104.17.3.184 | | 97 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/300185651:1715278475:a1dVXO8xPhMe-JuecXm7Gm30a-0oXXgzQS5wvLPEDOE/8813f45b78a556be/b34d204cd2cd61c IP104.17.3.184:0
File typeASCII text, with very long lines (65536), with no line terminators Hashedcc5c9c74395493b2a04cf9d94f6a29 83933c2aa9818eb3e445d20df66ee1f432c904f0 108e22af84e463953251a35f388e547414c658f6e1c9726c6a6e43e40f50edd3
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/300185651:1715278475:a1dVXO8xPhMe-JuecXm7Gm30a-0oXXgzQS5wvLPEDOE/8813f45b78a556be/b34d204cd2cd61c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tr7ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b34d204cd2cd61c
Content-Length: 3494
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 19:04:18 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: DIuXjuFEwztzXyvmkzmwdlp8MiBHGdLpv293onV9oMXfhiYPHVKOMs6o8rQQ+FbEDnxfLpDyfGues5hQufGv3Si4ZxtR09TzzhS+eprwFdjDOdhPEFjV7BcyzNsr6dPbgOY3hAkBwfREZIfHQNVxbgIsxWtHUlrvI1UdRrfCPyY0BQ8H04RGOylMHW+RQjgeB/Af8+oNfLsNkfDGp2suVbmQggDwLun2f8+fk4oMmkuGxA6tE/aqWI6O4VN4uQ1Y6VLXX+Twd7yo5eBbctxmHQaIxl0tNRCcV12rLFPCNxCCyUCAmsPQ9ZSeBxlozzR8+y76LmGTW4FP4J4ijlGbnqeJ7UVjcn5M4PS/HFynWP1Iqj8nMbXPru9G3DQSL31Q2DdOD+zesyTCTKouSZ8FKrTlL1xyq/uvVszpzeviIBzsqcOlPwTSkkpFGLcw489B4VJsUwPcdNK/FX+rOVsMNXb1XQQTcEE6kqo/Lt9QKlc=$SVzC0DxC5PfbcCWznW6JYw==
server: cloudflare
cf-ray: 8813f45dbcbc56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8813f45b78a556be/1715281458876/tHcBRntE8n9J7Fw | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8813f45b78a556be/1715281458876/tHcBRntE8n9J7Fw IP104.17.3.184:0
File typePNG image data, 91 x 46, 8-bit/color RGB, non-interlaced Hasha5fc7cd23f746b9653d73cb302f58869 629839d8b279a94092e6248c2112670e8cbbcd2c 658fb9e6afeee99676edfc7af8890df3cbc0c9fc753a123c3e6f0a2318dfae56
GET /cdn-cgi/challenge-platform/h/g/i/8813f45b78a556be/1715281458876/tHcBRntE8n9J7Fw HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tr7ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 19:04:22 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8813f4741c5556be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/161500520:1715278393:9Uorqa-nNWp1CRnvpVXXI90nxX94GcpgifvHifotTKQ/8813f45669d65688/9befab1ac4e2e4e | 104.21.28.26 | | 2.4 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/161500520:1715278393:9Uorqa-nNWp1CRnvpVXXI90nxX94GcpgifvHifotTKQ/8813f45669d65688/9befab1ac4e2e4e IP104.21.28.26:0
File typeASCII text, with very long lines (3048), with no line terminators Hashc7aff5e1c035b77b05c6bbd78c7e736d 95d8924afa4b6616e8f67e2840b81dd4542872d0 d2e94b3d17abef1b24588e11eab94e13369467f98daac54957160c4ff48375c4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/161500520:1715278393:9Uorqa-nNWp1CRnvpVXXI90nxX94GcpgifvHifotTKQ/8813f45669d65688/9befab1ac4e2e4e HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9befab1ac4e2e4e
Content-Length: 2470
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 19:04:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: SljZTq6xLzqCptE0B1ChJH2KLM+s3OsJHHNQWQoXPRDGS4HyLKFFH2d+6RAWQN9xLMwD68VrceIE0KTU+95abjjBPSaFgYvjxGgpfM/C27E=$iW1IBFuAcLrfXOwaZ+dqUQ==
cf-chl-out-s: VuSOM5LSRy9oT0FArScw5g==$g03VinBU2Z5vPujjQlISbg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=caLtvyYnPsOSSsqB5HcIc1h7FT8lfbWwlQyerWEUkJVMokEPvnLJcsukbfwIxR1nJ39J3rkD%2B6q3QkoiaGuqHkym%2Fo5m5%2BTJxq8gh1TsQVSM0Gc0O99JLXoMNBbL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8813f4b12aacb4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual | 104.21.28.26 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual IP104.21.28.26:80
File typeHTML document, ASCII text, with very long lines (14351), with no line terminators Hash67b409365f8f053b1988b917b90a5757 f5de9ce0ebb17ddfaa54f492d1bccb0fb2ce2c7b 3327697523371e5aed52891b53f619b7f5e0e72f9832cccbdc1aed29dd1eae26
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 19:04:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: I2jmW3Uda9YlF0d+cpFVadXFtcCCw0OIlCa9TbN9WHjqxQlAgTtDYr9cZxiuWfxLv7JfrCjKINzY0cfmugOATdom1XEtjt+14DyA83AfdHc=$k/nI4rGLA2wQQHmeCIkH1w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J4PhiKWUjGtHC4iYQFjr2F0hA%2FKs2vBN7gIJpRuwudJeJFI3nummrtkLAeNsf6hhkrpC1EXKA%2FOj0pxImSPfGm5qhbyXd%2B7nGmupYDUkw4h3FD837hIlW2Qf598X"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8813f4bdf9afb4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8813f4bdf9afb4f4 | 104.21.28.26 | 200 OK | 115 kB |
URL GET HTTP/1.1trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8813f4bdf9afb4f4 IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size115 kB (114787 bytes) Hash2ecc9c302f43f3d393d9515a1e7fbf58 9a430c97ef10391844a42ceb8bed3db4c104f186 18e1667d96e259418cabca347c1ac65f58e378d9cf2e15d6139d7550a305da7c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8813f4bdf9afb4f4 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual&__cf_chl_rt_tk=PGcvgh6Ms0cJr6hQ09tzN45O4JMtUGtDnbz3Uq2TRZU-1715281474-0.0.1.1-1343
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 19:04:34 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T9NMzUpeeYCiRns0XVvdpYBolIOK%2BkbIlg9yVDX7qlTmx9KhKXrI%2BDMYtJ97EBkQ8Bp9ssUiOBpdb%2B0ZRzSIUeNAJNdGye1Qxlj63%2F%2BsX3SiGaYuHFNKD4c5LJ9b"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8813f4be5dc10b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 104.21.28.26 | 403 Forbidden | 5.7 kB |
IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual
File typeHTML document, ASCII text, with very long lines (14099), with no line terminators Hash967cf93a37893a98afcd6f5b450522ba 9090e0a2db5d5f3ce69cd723f63b8bc95286dc06 ab9eda5bad8f33ebba05b9adb76e945103f1854528e602d3afd72d56d5d5d3a9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual&__cf_chl_rt_tk=PGcvgh6Ms0cJr6hQ09tzN45O4JMtUGtDnbz3Uq2TRZU-1715281474-0.0.1.1-1343
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 19:04:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: hp8Y6NAstYCSKb2v/rnagVjF5WgkCOuaUnlkKo3zp6e3LgThf2ukGLm6k+QdfN93GuUl7Jdwh1sVZyBny7yfCdZ7639y7s6v4vPGSI2cCbA=$PgnhpjMN2qlfi1E32uAfYg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y968HXNjETRzsR4v04MvVeUnoXSlUSrvm5sh56TPmxLwhrcVsAy4xzxUqqllp0aYEJI29QpgO9wtxXyAfUutdEgRKl6tCc5%2FIyODn%2F1oh5qzSGaYfrZARfEKJmdS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8813f4beae240b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 104.21.28.26 | 403 Forbidden | 5.7 kB |
IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual
File typeHTML document, ASCII text, with very long lines (14013), with no line terminators Hash894086233e3e17f384a139dacf056070 271712a2bc7ad48f723902564a454fcf3151b39e f04c0359caecda4dc3a98e3a774f6f3fea747fe6841ecd28e78ebf0ace9ebf5f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 19:04:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: xpkY8gTwSjSal/3z3+xB86p6TEYf2nM4DP4bMfCkBTOw9Odk6JHjQH+nZqMkW35Uv1kZ30e/xbZkGvsZClPPSLHCzTb8b4MJVh06dkXsNRw=$HSGDsiw3ZvXVl7bWwoisYg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ejr%2Fv8sJVY%2F8zq%2FzHihe6U%2Br3RRCrSluTHbDxdh%2FmMq9w1JusefjiMp5clXvDpxtfDZnZc6F6L6PBbT%2BUE1djobjB7PkSNR3c5eDtzSpvyikts1n4twMr36%2BIcE9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8813f4bf6a287130-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/109567939:1715278222:7UUzVx0ZuxDWFNBQQo680GzxHyiGoTYlTwMx-NKSy74/8813f4bdf9afb4f4/7770647b6a33612 | 104.21.28.26 | 200 OK | 12 kB |
URL POST HTTP/1.1trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/109567939:1715278222:7UUzVx0ZuxDWFNBQQo680GzxHyiGoTYlTwMx-NKSy74/8813f4bdf9afb4f4/7770647b6a33612 IP104.21.28.26:80
Requested byhttp://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual
File typeASCII text, with very long lines (16296), with no line terminators Hashf9de248a786d1cfe6e477b2fc61cc6e9 33a5225b0438a7d68e891776bdc23a0fed0d1cb0 e88665a2fdad14b82e3fb5bf5463387c7c6aa032c0eb62c316b28f6c93093c8b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/109567939:1715278222:7UUzVx0ZuxDWFNBQQo680GzxHyiGoTYlTwMx-NKSy74/8813f4bdf9afb4f4/7770647b6a33612 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual
Content-type: application/x-www-form-urlencoded
CF-Challenge: 7770647b6a33612
Content-Length: 1787
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 19:04:34 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: jKv1X/gGRG9KIWxibKcVkEIkh86R/IXPygaMJi5eR+1CVkdLQ/9swb3EKnCh36an$8+LTdwt6mengoeftbVXuVw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rgDWel%2BqgygmfZ595SmYyCvOD4kYKXidw3cS2sm079%2B14XC%2BxR%2FPftl9vncXe9q661h30Y2nvuLyG2d7PQf%2FofBUp%2FXlIQcZaZQDJgvItg8ORDDK%2FDAXrB4%2BPPsv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8813f4bfdc7b1c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.3.184 | 200 OK | 18 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.3.184:443
Requested byhttp://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (42150) Hashfb17b364fd9e643fdc18ac4834e4097c bfa11ea0d5e1a27c609406e2c09486954d3101c0 d2831efbb86124305ef71e26103f9d416580b470d4a6a0a21123e31db00984c3
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 19:04:34 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
document-policy: js-profiling
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
server: cloudflare
cf-ray: 8813f4c0d92456be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8813f4c0d92456be/1715281475124/dnjOkV_APrA9z-H | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8813f4c0d92456be/1715281475124/dnjOkV_APrA9z-H IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 94 x 45, 8-bit/color RGB, non-interlaced Hashaac346f06a95824d2c47e28b6c66d09c a639d005c124774c2d588b9ab117cb7fcd88001a e30b94fc4473b123f120ff3178411e490b3e8edabfe14d74ea2d54ad0709fdb7
GET /cdn-cgi/challenge-platform/h/g/i/8813f4c0d92456be/1715281475124/dnjOkV_APrA9z-H HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 19:04:37 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8813f4d0be5b56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit | 104.17.3.184 | 200 OK | 43 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit IP104.17.3.184:443
Requested byhttp://trafffe.ru/123?utm_term=black+and+decker+xpress+steam+cord+reel+iron+manual CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42616) Hash86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4
GET /turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 19:04:34 GMT
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=604800, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813f4bf6de056be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8813f4c0d92456be | 104.17.3.184 | 200 OK | 441 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8813f4c0d92456be IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size441 kB (441249 bytes) Hash2c78abca0e410f3d8727be3485b232c0 b8789eb428eab8d1708efb344ff0157d4a001ff5 14a762a0e6022dcdbd08866c8594b0ef37c35d74f1325f29d9b15d87c7f11d09
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8813f4c0d92456be HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 19:04:34 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8813f4c17a6356be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/986683422:1715278418:hBf9FeQ7-b8vhwMMZTJyrJ4hgU8f5Fs1lUAv99ydxf8/8813f4c0d92456be/4f2a898ce1d2599 | 0.0.0.0 | | 22 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/986683422:1715278418:hBf9FeQ7-b8vhwMMZTJyrJ4hgU8f5Fs1lUAv99ydxf8/8813f4c0d92456be/4f2a898ce1d2599 IP0.0.0.0:0
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22364), with no line terminators Hash92135e61737f1704140bd9092f5e59d8 68aed236c8662f7b9f1dce173907e7cd48f3f270 8c9519dc2f82c34d782a4e3bf475545dc50f14216a49b74bde9f280657507f34
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/986683422:1715278418:hBf9FeQ7-b8vhwMMZTJyrJ4hgU8f5Fs1lUAv99ydxf8/8813f4c0d92456be/4f2a898ce1d2599 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4f2a898ce1d2599
Content-Length: 28108
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 19:04:40 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: JU9Gpsd6hn1Mm5xJbODqK9V8LBi7/hnTH3L2cqOpjOguQ2k3NaKcWat6kkyoe/xq$1AcY3v/egnuh42sJY+IIDA==
server: cloudflare
cf-ray: 8813f4e45e7156be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/986683422:1715278418:hBf9FeQ7-b8vhwMMZTJyrJ4hgU8f5Fs1lUAv99ydxf8/8813f4c0d92456be/4f2a898ce1d2599 | 104.17.3.184 | 200 OK | 115 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/986683422:1715278418:hBf9FeQ7-b8vhwMMZTJyrJ4hgU8f5Fs1lUAv99ydxf8/8813f4c0d92456be/4f2a898ce1d2599 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size115 kB (114616 bytes) Hash44756edda4430d727cc6768c96070a29 e79c195a42074e413b45b30a080af4e8198125ca e7fd2af36da285d83d3eb40bbb825e0c1e1a4dca8c4b890b90c3faac601ba86f
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/986683422:1715278418:hBf9FeQ7-b8vhwMMZTJyrJ4hgU8f5Fs1lUAv99ydxf8/8813f4c0d92456be/4f2a898ce1d2599 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4f2a898ce1d2599
Content-Length: 3460
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 19:04:35 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Tjo4FBCCKwqqcYA7KlPdHKNX9CcvpRG9AiNfThOeFMhY1LCbaEGmI+7wJU1nQKRZilukF3Rq8YNZonh8znRFfcGdyp2kWzv03fHrGdvPztwj9yFF7TTcrWODY3Oktm6YJ37srCMK3V/T72jEO8P+8VSUXXmLcd6SpbvqWDnQKoU7ivSqK9gj6QCWLdKES0q0VIxhbgcpnDv4M3q0e2DGFaxdM6xvaUso0q46cVbXQ6ZIC0zkP+VstdfKSrDVElGrkjD3mbtIFnexIs47VsM3Psp0+r6PuuhC+JO3Cv7m9qnOPlzExQ5HIpr9kUSVGd8NJtnIfFmp3UzKNQ/19GHLUMX0c1NW24GMX+fIBCVCZIcjVlJwKbc9Qe8f56NGv+V0Vn+kkvvpqC6jMm6odcPkfvY6+oPi7zoQDQPkqLPoLf03b+U2YGEZ0NZpUdzBlkNM$VivgoBaL9LMJXF6hF4u8OQ==
server: cloudflare
cf-ray: 8813f4c35d7d56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tgscc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 19:04:34 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8813f4c17a5a56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
172.67.170.51