Report - trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker

Report Overview

Submitted URL
trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
IP
172.67.170.51
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 21:23:56
Access
public
Website Title
Just a moment...
Final URL
trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
trafffe.ru	unknown	2020-11-05	2020-11-05	2024-01-22	6.1 kB	307 kB	172.67.170.51
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-10	7.1 kB	850 kB	104.17.2.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	trafffe.ru	Sinkholed
2024-05-10	medium	trafffe.ru	Sinkholed
2024-05-10	medium	trafffe.ru	Sinkholed
2024-05-10	medium	trafffe.ru	Sinkholed
2024-05-10	medium	trafffe.ru	Sinkholed
2024-05-10	medium	trafffe.ru	Sinkholed
2024-05-10	medium	trafffe.ru	Sinkholed
2024-05-10	medium	trafffe.ru	Sinkholed
2024-05-10	medium	trafffe.ru	Sinkholed
2024-05-10	medium	trafffe.ru	Sinkholed
2024-05-10	medium	trafffe.ru	Sinkholed
2024-05-10	medium	trafffe.ru	Sinkholed

ThreatFox

No alerts detected

JavaScript (75)

	URL	Size	First Seen	Last Seen
	trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker	4.6 kB	2024-05-10	2024-05-10
Pretty URL trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker IP 172.67.170.51 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 23:23:56 Last Seen2024-05-10 23:23:56 Times Seen1 Hash f5fcabc9335c8ff7ec6a6c39265cd7cf 999dae07f3e80c89620662ac2d7cf820d058bbec 28595545d5ac0d5924582ed86a385b10e025c50832647a69c1c431829ce5fc48 Loading...

	challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit	43 kB	2024-05-08	2024-05-17
Pretty URL challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:17:22 Last Seen2024-05-17 15:34:59 Times Seen1392 Hash 86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal	3.6 kB	2024-05-10	2024-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 23:23:56 Last Seen2024-05-10 23:23:56 Times Seen1 Hash c6bb5c24193d547df58e1d9677874dbc 41fc95aa50e4cd9e2597f84fb364dd916ed7a244 1c0b42e3d2bad0f17c523f24234d5b0c65a110c84e466f45de8a73d69093581d Loading...

	trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfdf6c94356ae	399 kB	2024-05-10	2024-05-10
Pretty URL trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfdf6c94356ae IP 172.67.170.51 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:59 Times Seen2 Hash f69581edcc4697339581008e32120986 a774e716d454c29c9400a26946b141c8847ad5d9 36ab176f05f31d80edc8c684b4a50939212a37370f2ca712356ae394d7d3c2d8 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfdf99bd85696	437 kB	2024-05-10	2024-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfdf99bd85696 IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:24:00 Times Seen2 Hash d7677025046f7c624afbe94a6e3c24ad fad80f6a6b5a61effe6c38976f784e1f2c4add77 f1d9be1e5d092b021b590288f153be2e863fc9fe26ab00e3a13814a196ceaadf Loading...

		Size	First Seen	Last Seen
	#1 Eval - eab91ec3968b01d150d325a8ef5c30d3	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash eab91ec3968b01d150d325a8ef5c30d3 53d913b8914727ed9e5dbef0cdb82996c7f9976a 354219082269b15e838010ec2c0925865716e31e84600af344e055d6a5899e2c Loading...

	#2 Eval - 99338c713bfbdba9b4214acc57006ab7	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 99338c713bfbdba9b4214acc57006ab7 6723b331e7df478de908f0d58c7a8d1c6e31976d 53003888204825a0057f3c991866a83f15824fb6ac792633dac66eda4a0775b0 Loading...

	#3 Eval - c2e37719bf60176ffa8ab02025259895	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash c2e37719bf60176ffa8ab02025259895 a877d24d7c53c0b8e39b0d8658dd832f4a695827 657c61a65a2bf4647296bb9b7992d73944b099dbcda15dd494a6587198c53bb0 Loading...

	#4 Eval - 024e5e9e338dfdf31cb715d3352d0060	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 024e5e9e338dfdf31cb715d3352d0060 3542effe52d70bd7f4e5b6383c5bc5a2cdd3b92d 1907a7d97372c53de33939198bc455fe04fad0310f229e6f7a6996dd416e821e Loading...

	#5 Eval - 9297b1f900a1fe6b484a1cfb179e8945	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 9297b1f900a1fe6b484a1cfb179e8945 a1706a144ffdc32f8b1ca68ac03fbc95a81efa13 99c5d9c1db5bcdc7c83bcfed95a2b3990faef8eae69558f2fa51e4a5efa1a982 Loading...

	#6 Eval - 6477b05496fbaeb045f3828169d3628f	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 6477b05496fbaeb045f3828169d3628f c2540f7ddec6d06803692919d780c8f37de5fc0b 28bf13c273b60ea195bd782f553f522fbdc8d116161d3b9f909e165e9f7863cd Loading...

	#7 Eval - 2be0409b8db29bfb2c8643e51271de97	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 2be0409b8db29bfb2c8643e51271de97 c6473526e0dab8233ab9a34ff79a98bd98103b86 a905f1e11f797737544dc89c20dec0c119a9f45adaf33838eecddea2ea93896e Loading...

	#8 Eval - f6fcf08278d5d81bfc25a7784b7e3fd0	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash f6fcf08278d5d81bfc25a7784b7e3fd0 f6aa924a74efc37cb622e04f93d0242fa9fa7fbb 4d1d8479f0e08a29c01a5be123a3c84d031b8ecabee35326ed39e0536bf5bd7e Loading...

	#9 Eval - ae5d352ccaf4fda6d2999f72ba0c9e71	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash ae5d352ccaf4fda6d2999f72ba0c9e71 7056e9cfd92ce898bb04bf542ebd14f93eaf5c33 4eb03ecbd1f580c51536438888a2d33a33dc4b96c1b4bf108efc1e0a5917c397 Loading...

	#10 Eval - 4dfa83c73446a822b74599860a565f71	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 4dfa83c73446a822b74599860a565f71 852cef80b817c4a4432399dcbdb09dd3af15dc58 a9f6493dd4f0a6ad43c984c433cc0bc5822b6016e34a4f69eec5169f5dde78e2 Loading...

	#11 Eval - 11979b9021253a3104506a07a67e90b9	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 11979b9021253a3104506a07a67e90b9 a42a4a54322fba425c0108953672c43b5bb9232b 400701ed6cb4fc4e8be23114bef343ebb59ab74b0d3fddd1fdb6f7628a91abee Loading...

	#12 Eval - 6230a653b866e13e36cbe80070ac19fa	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 6230a653b866e13e36cbe80070ac19fa 9f611dd59793b43719f0e71a10bc1d2169d58931 2ced5ced20391519e394584d41a4515c3246dd0525b0436e750d0362ba697d0b Loading...

	#13 Eval - 9f0d590a27e450adf7621a5130f2ff1d	2.8 kB	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 9f0d590a27e450adf7621a5130f2ff1d 03f97a854a1221ae993e66c662ff30b523bb1055 6b3daf5a1e4c76d66f32710cd18d6a5e8f02ffd5bc7f80e5494e365206cad260 Loading...

	#14 Eval - d756c6f9547990c84c8aea99ce02dd7d	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash d756c6f9547990c84c8aea99ce02dd7d 975a50b33a250a05159fcf5dd138bf249fe8da25 8f19da142cf5c7db6b3c46b9e97549b6fdc5d2ce59525fb1631f39c9b1707b31 Loading...

	#15 Eval - b51fbe823ab03fb26951258562d23e74	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash b51fbe823ab03fb26951258562d23e74 8fe283860b13d974d8f62a211233375d951e281d 877b4d3ce98222549c0f03d2b384d75ce5add109eaeddf27a7069cbcdc59b3da Loading...

	#16 Eval - f9cc906e315fc00f675309ec5090c659	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash f9cc906e315fc00f675309ec5090c659 3ce710901e4b9f967dd012b62985fea69ea25f19 7011ea13dcc60b51587f8d12d38a692ee0797df2395a4761ce03da46d1ac2db5 Loading...

	#17 Eval - e15c128b380fe280f88441da6174e997	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash e15c128b380fe280f88441da6174e997 aca69bb820d8a7f2b8823f83be9892ab347765ec 06b8698c1211c5c13758e2a04fab67e28d738937b8d840a8eb3a8c4f249873eb Loading...

	#18 Eval - 57d78976090f2453ea5a2873e364dbb9	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 57d78976090f2453ea5a2873e364dbb9 5a84b5f1865f92df2ec22aaf18c83aa73ba2e3c8 291d7200740a86649becadd0598f05551fa81bc32de9c408f546dfdbcac5bfe3 Loading...

	#19 Eval - a3e11373cb70a3d09683987df2ae2f40	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash a3e11373cb70a3d09683987df2ae2f40 b4ba510cf979e95d6eceed9bc0304b5b0cd20b1d 505a7562237863dffc1bfc4bc51d63e72a99aff98edc7273bb6b78927b3047b5 Loading...

	#20 Eval - 0786ef92be5b298e58af4b795d38d084	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 0786ef92be5b298e58af4b795d38d084 d86de08002a31e1cd5b36fa97d1f651a2f54ac70 d5438209789bdebfdbf27266eacc798cb75fb60e025c52d4cedb6b0eff9f6ebb Loading...

	#21 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-06-03 23:34:31 Times Seen356822 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#22 Eval - 57a729973743b70c4e0b03b2a5050522	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 57a729973743b70c4e0b03b2a5050522 91bea8a1ecfedceb0cb424d6fcde58cc47975f2e bdd3308243344f294c1a9278ce8572f71430d5db0ba7205770731d81f7077e70 Loading...

	#23 Eval - 94c9b7f8bc0cf77a1d208c290527296c	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash 94c9b7f8bc0cf77a1d208c290527296c a0c6af846bbf1f0f5ac7851ef0850f881e7dba6e 4483a3db95b91354e181b4aba70b82a2f212ab4bdeed26b4bcc3071d4d70c982 Loading...

	#24 Eval - ddf83f64080592b194fe6ee9e94b111c	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:57 Last Seen2024-05-10 23:23:57 Times Seen1 Hash ddf83f64080592b194fe6ee9e94b111c 3c41f541762297afb22879c26ac2c7f1b3e33222 29dda9df84a661a7f02a0624c7ebe532c0ea71ec6cdc711fc8b492781c75af00 Loading...

	#25 Eval - 2104e51b45819fb48be29bd684a7a765	62 B	2024-05-08	2024-05-17
Pretty Observations First Seen2024-05-08 21:17:23 Last Seen2024-05-17 15:34:57 Times Seen967 Hash 2104e51b45819fb48be29bd684a7a765 4c63e1a706403ae3b72fd6bd15bb42ba662b456c 409852cd2d9ad570bc66e5cc8c403b729033ebacfadc90fd9548df7f494a5869 Loading...

	#26 Eval - 59c2a6a05f6a42b3af93027a25528077	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 59c2a6a05f6a42b3af93027a25528077 3e4c13836bafdb613a418f63d93145f3d7a299aa be9883d8a3b7928fbb95e647ffa3ea8d0ca556e14256225c271ece0d2ad82fe5 Loading...

	#27 Eval - 3bbf3a6b185c82c569f69ba6d70a6538	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 3bbf3a6b185c82c569f69ba6d70a6538 20bf055e1dccbc6e983e1af9a63ee81d3f143c97 e6d3c70865469cfdeacf727db8ed873396797f1350a5108df859a7a5f1a1c69b Loading...

	#28 Eval - b1bd18e118dcb7acec8edb7df87abd8c	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash b1bd18e118dcb7acec8edb7df87abd8c 88a93e5963ee5c344e5ca3ab6614553e9b29f4a0 b1503b6f5f8f622ed8db9946e3b14d6acba8d30d28bc4d1b7e00ab9d48946349 Loading...

	#29 Eval - 45784c91b3dd1af9d73109a3062c64b8	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 45784c91b3dd1af9d73109a3062c64b8 388bc68913757c9533c612b41561f380132dc232 4d6dd614be20774fc7cb00f2574cb8aa8cb4af71b2e9304b9bf6ef96ab798bc5 Loading...

	#30 Eval - 9a6f4e953dfcd92f1e817d8fe8f67f88	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 9a6f4e953dfcd92f1e817d8fe8f67f88 d43aee8f3674e16a20d5d92a999e5fa80a9b33b0 62a731c4fa676190cdd3d1ea466ab708a85dc6e95d6b684192899d75a19f0bd7 Loading...

	#31 Eval - cf94845e90c8f2afb9609b8ef686aa4f	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash cf94845e90c8f2afb9609b8ef686aa4f 81cc47c642425faa622d3b6fc22fe984cc9084a9 20a20b7771a86833a96b092f5e5b335f4c444b2a3256da29c6742abfefcb7f87 Loading...

	#32 Eval - b5c77a03ab77b5910d8bc01e4f8cfa7f	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash b5c77a03ab77b5910d8bc01e4f8cfa7f a7eb1e44993ea94da3b82f1286dac64fddd05869 a6fa1e2cf4ce6ad33a3c6af3e120d910502b15cf9d512484c9ff6fb4d3fc76d6 Loading...

	#33 Eval - 753843d2ef4fbd39c01a6ddb1645234c	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 753843d2ef4fbd39c01a6ddb1645234c 6d38ea0e0e9fec2f44a0c58f6c6b426e9463f755 bf4875ddc5a565279291614631d2105a435156d2f81abac986ec18d661c9e5df Loading...

	#34 Eval - e6c4568d128ee85d867a5ff54d5dc2ba	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash e6c4568d128ee85d867a5ff54d5dc2ba 099834411e341b1d3a01471c2167cece969ac9a1 9b93affa51e373323f71946178c9b1146bdc70a86f4042dfbd88d4388ab3d483 Loading...

	#35 Eval - 4f8b7a3a8677ffc523895c5bf4806a8c	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 4f8b7a3a8677ffc523895c5bf4806a8c 7375a26053eca27d798217a17c6d8eb5298dcc7a c2d288b36a5d60bae60d7d63897b9170624b164832ce05a47a5e81c15a4b764c Loading...

	#36 Eval - 1010f3ea423b6a0bb5e0e20f778d645c	164 B	2024-05-09	2024-05-17
Pretty Observations First Seen2024-05-09 21:21:01 Last Seen2024-05-17 14:59:04 Times Seen29 Hash 1010f3ea423b6a0bb5e0e20f778d645c 813902c01ebe3325a8ff0679b3c19d9523b93247 2d376267d69b9e8ee896b17c6d7c6745b65047be31dbbf308efa97619e9b236f Loading...

	#37 Eval - bed193234651a63b31df8c9988a09297	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash bed193234651a63b31df8c9988a09297 6eabb8402e29b9e9c43d4d0366f8432c85a464d8 16011705fbc2d11bfe64831f0ecd5e6b34af1382ab2376fa8a89912a19dd9ea0 Loading...

	#38 Eval - 2a5c8c7e31a8e39ae3098d314e1b09c6	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 2a5c8c7e31a8e39ae3098d314e1b09c6 a499f57a085e0d373230a808491d194f4d581335 e7998473f864099b6a95ca7f9ef62eb1f54c7b73704e9ce9947f7cd5d27390d7 Loading...

	#39 Eval - acef68b8236249c15d95343220da0afd	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash acef68b8236249c15d95343220da0afd 67dc7bd7f28c475ddc45b7fc69c6eda1ceaa020e b417a5095560ca3b36df7b2f06b05101779441efec4ee7808b9b7d56e6d71d1d Loading...

	#40 Eval - 6b033803f6ef71e6fcc5310bfbb4c343	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 6b033803f6ef71e6fcc5310bfbb4c343 8448fb93d6fe0e90995a4887b5eec1d25fbcfc75 933173c4ce696d185a6341d9a395dc123fad609968a3469cbb89f594c429cd6e Loading...

	#41 Eval - 4bba711927affc178dfe503dd0435171	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 4bba711927affc178dfe503dd0435171 d27f2385f92ebfc5921ca23124070d62bcc45cc7 33925daa1874e74a0467afb73b34bf8836e1008af1ee536322e8a176c35e4a3d Loading...

	#42 Eval - 72773c56a3afbd21936f4588f6c70afb	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 72773c56a3afbd21936f4588f6c70afb 4e88bc7a5756fbec2eefdfb416140d71f82f549e 310f49277728e089e957e8319b3945ae414f0f14f8076b7cf8a18acbe92279dd Loading...

	#43 Eval - d2abbad4caff4ace60b3d3c8472b0275	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash d2abbad4caff4ace60b3d3c8472b0275 604c9ea6137ff7647cd4e250ad21c878d85c1ef8 caed3c3d12c16fe8bf01405faa51b418c414cb8837b5e46a82c720399bfe3155 Loading...

	#44 Eval - 9234cf160a24f71f40040b90c86de9d6	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 9234cf160a24f71f40040b90c86de9d6 dfdba84c60a5d35b5b7273aaec2993c2f9ccdd0c 14fe4377760fab3e467986155af048304f73168d4d80287275ae8b22183bde10 Loading...

	#45 Eval - 9b7a1c42863359821ad59208cb83eb0f	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 9b7a1c42863359821ad59208cb83eb0f 8718ebdddcbe8c4872b2dcec7c5a3e7b71bbd608 7f31ce52f0018670ae3c946a4cae5213f0a04fcdd707ff8eb4e213966acfb12d Loading...

	#46 Eval - f00b98120b34a1ae3df317e8e0c31ef5	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash f00b98120b34a1ae3df317e8e0c31ef5 38643299edceb51b2e03822f89e68d2132502342 609bc37561854d0d78bf4c700b8896d0dac264aa9503d2a1adbcbe18bbdd926e Loading...

	#47 Eval - 98cd8d9edd3633180a89f145294e200b	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 98cd8d9edd3633180a89f145294e200b 383a16ec19a0d3df4b9c14d7302567abce1a035d e7f9aadbe163d28f3a1db0d5102e9e4b3845b87d233708db1059db6c959e0d22 Loading...

	#48 Eval - b41f2af2833a5b0d56de09f54ecca5c4	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash b41f2af2833a5b0d56de09f54ecca5c4 24b47835d666b6c1be9b1f3f69d34fa390f39402 722f59f8531d930a8d5dd61b2f219db89bdab53131c8786ce665942b038db591 Loading...

	#49 Eval - 9609fdf78a146aeb2039443bf18f402c	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 9609fdf78a146aeb2039443bf18f402c c0a3f2afc2cd108830a03970a8b79337a49ea7b4 bd94a04d2dad4d34e64f1a15499b17774e24155e915a5064076ed8d45fcb76a3 Loading...

	#50 Eval - 0790f3e1e3235aedd74fec27d23158b1	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 0790f3e1e3235aedd74fec27d23158b1 cf057eadc475c209a348b043589eeccde9fd7c7a 993c5d1d0f8ab6e2d348299cce1e71a97fd8d1caf9bad4abc7ea24a27a849d6a Loading...

	#51 Eval - acbe77ac2547564dadd642f1de4149d2	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash acbe77ac2547564dadd642f1de4149d2 cc02e12ad34c964170d58eb675d7b88fe1d68ea8 1c97f8b8979338bf2aaaaeb7db96e38038863f5c211c3933df496a67350bea0a Loading...

	#52 Eval - 7fa053e2eee486ac0e20db9bfaef8187	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 7fa053e2eee486ac0e20db9bfaef8187 e1d69f3711d866bc0169be83c0ffb733e01a7f23 2e0be4faeaf7a0c21071586b59a72b3d70a235811cee88387e4c0eb4e249741a Loading...

	#53 Eval - be6ee84f6c1f406a4139f24fa7845fe2	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash be6ee84f6c1f406a4139f24fa7845fe2 31c70343d75ea7600023dfac7f9ca449ad714757 d445af1adeee6403168cbf7485dce77eba140d38425c27fccf5c75a52794fabd Loading...

	#54 Eval - 1ff7a60db506a9f21ec64cc7f092f048	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 1ff7a60db506a9f21ec64cc7f092f048 b84df10f0066496a87292bac94cbfea6c3b6362f 3e45b17e352a34c75fcafca1d7d92e2eb1c8458131f921cf848a0fd5d707d12e Loading...

	#55 Eval - b0313e8f97b3b5831e42919457d2232c	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash b0313e8f97b3b5831e42919457d2232c d9776bf80157d38fe72593fe6fccb9724873e760 6007490a6688d1e68d1594b7c4cfaf07f18859faef82bc92f76ec5eb15f42ee9 Loading...

	#56 Eval - 163aed111ef674daa2e50f5bb641c5e2	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 163aed111ef674daa2e50f5bb641c5e2 fb683bedc124ba44059eb1a9f0f7a6cf383ce6df 80bc5e5deb13446cf155edec82067e63da258fa914540d38777a674befe67190 Loading...

	#57 Eval - 58f8fa7e891b776d41ea138eb544bff4	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:58 Last Seen2024-05-10 23:23:58 Times Seen1 Hash 58f8fa7e891b776d41ea138eb544bff4 ac9c9b2d1cd308f28a5bd68d8e1167a2ca2c502f 3aecce31786954a8fb4420198e1537f64003fa6efaf87ab17f5e6c06dbc56ec8 Loading...

	#58 Eval - a1ea56cd7956e8a7eb50b2c3ca8bbe8a	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash a1ea56cd7956e8a7eb50b2c3ca8bbe8a c2932e4a92dfe3512203e1dc858c66654ff877ad 94fc3ab48c161b1bdf95ba6dae783e9e60d48ff5dd11862cb3ec697cc35f194f Loading...

	#59 Eval - 7cc6fc90fac83242c9a5c397d82bfa91	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash 7cc6fc90fac83242c9a5c397d82bfa91 331aa6a6d71849a961eabcec9215c24bc1a67280 8ab48aeb0b7ca620d25476b37896c0b241ea710fcf5a0efba5a74139a1472a5c Loading...

	#60 Eval - 4f67d6df033a0241b6e9f9262b01083a	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash 4f67d6df033a0241b6e9f9262b01083a 26bf65f462aa67fe177bbad085f1770892346d58 cdaade8708df18c618ac48284fe18ad3a50bb83cfc8267f0db8e3c774de73336 Loading...

	#61 Eval - af26842e9d079d6eb1521982ad96e217	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash af26842e9d079d6eb1521982ad96e217 b8ff923e0ac762aba1e16e76dacea70b05048547 a7fd8b5665d9241ab144223d4f8fe1b8e8c8f0e5064eb4786e1e9cb6be7d210b Loading...

	#62 Eval - 9130acf408c42805b13c121bc2a65c35	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash 9130acf408c42805b13c121bc2a65c35 949f64929ee28c7b5c150d7bfb09a7d97be32c5a 8b0d5ea91fe6586a537725f720c4da03d3dea750dc8213e5896e0f7313c31192 Loading...

	#63 Eval - fafab54aec61f883fe93a580607a3267	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash fafab54aec61f883fe93a580607a3267 81e5bd53f42123c9e485c8ce8ec9fc1a95774b8e b334c1c75af5272aa50654ab0c93af8b9a60d7c1cf5eb39ef69df5c864cfae30 Loading...

	#64 Eval - f6eef701700550da7283937d9a05b867	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash f6eef701700550da7283937d9a05b867 1687ecdf2e2090996698fd498a1afd143b4c1ea7 02e5d5bf4d586d6c13b7098acfb4dc1aaa804a15ad27e9b7799e27e48aecd3cc Loading...

	#65 Eval - 827494e9ec5c47035535bb9d34d6e735	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash 827494e9ec5c47035535bb9d34d6e735 04cc553ffd5cde239671e7abbde828525af9ad0a 543780a8fb3d5d56c00bd7d0b6d0ea72cd24e7854433e5d484fb190409cd2f2a Loading...

	#66 Eval - 7647ed2376ca687c31ac54d1b7c0f5eb	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash 7647ed2376ca687c31ac54d1b7c0f5eb 54b4b9aaed9b7b9a255247e1fa853b37284baeb1 3058090fdbc39295ee719e033a4f7026dfdb27138ea31d6c1dd660a72476909a Loading...

	#67 Eval - 80f0276ce58b855026695d97f2ddb094	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash 80f0276ce58b855026695d97f2ddb094 86192ef0322b1a3a2d478bbc9d759c29d1a0ed18 318a4eeff63e042c0ac9287ee0093a75cfa1b2120ff70a49f8577500b6f02003 Loading...

	#68 Eval - 0f88470df638d89bd5d2d2eb340617b6	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash 0f88470df638d89bd5d2d2eb340617b6 9a32c838c2fcbba846f7eea730ea8fc86a5f5200 2e40b015f83c5f7c5d75c58fc9afb4c347b6524e3b7f15c3b58fa4c72c85734f Loading...

	#69 Eval - dee5bb8e1714af31260c3207d7edb2df	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash dee5bb8e1714af31260c3207d7edb2df 336b4e8263f75da71e514355e5adf7beaae56992 62dad944f3b0a9fc06f244d7f9aea9ee9e84eb1074728a1dddd5a73bc631680c Loading...

	#70 Eval - 49eaafc349cb3db2e574fe58284f3722	2.8 kB	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 23:23:59 Last Seen2024-05-10 23:23:59 Times Seen1 Hash 49eaafc349cb3db2e574fe58284f3722 3dfedf0fe7791d08a290ae67cfb0ab063121a8fe bed413d6dbd9bd6978894ec835354ec859efb38b04dfe31cbe494e3d59c3cf93 Loading...

HTTP Transactions (23)

URL IP Response Size

trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker

172.67.170.51

403 Forbidden

13 kB

URL User Request GET HTTP/1.1
trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (16252), with no line terminators
Size
13 kB (12958 bytes)
Hash
95cee20d46e944c54f6579b7bbe02d50
d9d037a4ab69159593d913d49ecdd3a7391f72bf
e35183cfbbd60dbb9c6c2a15161ebace6ee17b9a6d8db09922a61dac61c75107

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wb?keyword=like%20a%20boss%20gif%20maker HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Fri, 10 May 2024 21:23:29 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: rAnvqV5+V4sWNobkfV6RLTwOVgt9ePRfPpNrEHWe/1DDZIaRXQiY1eW5ZydD8DsxyAyyKm61wqayW5rgq5xANBQ6sIKg+k+OeDPV3hC74kA=$plbAqTHGQCHvojWdzky0RA==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3WZJuNnstw2F%2Flehcvrg8oPECUYjivvU8kF7%2FHcbWLrWg9OQn6Vnxd7%2F0I6P4OZHEqPW4eRdbY%2B0nLY68IA1xFX1wcUh%2F7Q4QrFw23WyM44zIj569msMKVu0PKSp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cfd9cf9f10b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfd9dcd88b4f1

172.67.170.51

110 kB

URL
trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfd9dcd88b4f1
IP
172.67.170.51:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
110 kB (110338 bytes)
Hash
146c03d4817afbd795568d084f10024a
928356e99cf2e0da06b3f74d941dc19986cb98eb
11240b16ce9854378e0183377b93ff8dfa3f3d4b0b25176637016dff3041283e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfd9dcd88b4f1 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker&__cf_chl_rt_tk=vqHKsiJ7DbnonvXAQO4UUWQj0tJCVrh_I4C8UFw.Nxs-1715376209-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:29 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ode%2BvoOcQhq0NntthsvuoqBqtFLjl9JV1qLfaUHIM%2F8RTyZkkmOnr8vD%2FuzcGhWDkOXOcN9baAYeCPFeI4qYjQ%2BzMql15KChtzDxxML9JpNdbOEV8lXIEXGI0Jze"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfd9fab9c0b45-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/favicon.ico

172.67.170.51

403 Forbidden

5.7 kB

URL GET HTTP/1.1
trafffe.ru/favicon.ico
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker

File type
HTML document, ASCII text, with very long lines (14077), with no line terminators
Size
5.7 kB (5717 bytes)
Hash
307adabded520c3002cd946a8e8c6647
fb8e8b136bf67c188bb75f58f9cd56c90b4ee234
aa40af23f9c9ae6004ac0c54f2f83c34c1c3eea6d10b6228735392442773aa67

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker&__cf_chl_rt_tk=vqHKsiJ7DbnonvXAQO4UUWQj0tJCVrh_I4C8UFw.Nxs-1715376209-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:23:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 1vKqL7YIsoM8DNyYirjwLkkKpFe0hiAf47+SYIRlCWpO7aBsdt2X26T/C+c4QIynOcPlwH6Ol1UnWe16I2aDt3iQxlh4MtwJIXXMb+zDWh4=$VO9nYLUQzfIRHC4ZYLv1vA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNxpfoWWPz9yEjUaWTwPfBtWrsSQdM%2BXEJQo5%2BLsv8ZkkEscBFiHCLS90j3f%2BFtThgIFelsnvAryXw3SrOKvC2QuyA9QAtaWE4Y%2FHuoV64Bh1j4pkxRSzFFyb9O4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cfda05c2b0b45-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/favicon.ico

172.67.170.51

403 Forbidden

5.6 kB

URL GET HTTP/1.1
trafffe.ru/favicon.ico
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker

File type
HTML document, ASCII text, with very long lines (13971), with no line terminators
Size
5.6 kB (5639 bytes)
Hash
42a2a2da4e5301c17fd9c10aca82a73c
badc7fdbdda144eb8c08dd2b16b43954953e420f
2a6cc7e3793e0478c076b9387cf951e81b29923dac4c07f3dc3b3f0138a9a0db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:23:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: oFj4elLV1nsj6BoNeCBVXiNVAAo9zTUsWafrSz9lJS2BHpWwRiJ4jPwIUc9xZEvDJahsOQCsgmyjRU+r1yl3IOt1pxjTBrFvE64SZVwvPsM=$D1KTqUlyarJhG0N4+jiyGA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2BD4jCFs5cn1Xu6tXUu57%2BUdi5vkzyzeL73V7Olh8VNvhTwtYhLfIYn83DBorwbx7W%2FGgJGkSu26Pv3QoPVpINGzIMSTcPnO%2FhiI%2FhJ9VKvf%2BKyOGj6Y8ObEeBiF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cfda0fb6db4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf

172.67.170.51

12 kB

URL
trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf
IP
172.67.170.51:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (16300), with no line terminators
Size
12 kB (12231 bytes)
Hash
25c6d69130b082cf4520f558a00ef17e
939378a776cef0dcd680258ff7949577200f9692
2a31fa830c03644545a7e50dd7e51896c09b82a040865d94900612f4940cc37a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
Content-type: application/x-www-form-urlencoded
CF-Challenge: 54677e2622148bf
Content-Length: 1793
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:30 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: jtC8biaO99xlkLPK6yK6GO0MOizFp9fooNgQFOX/aB13+yEGxS15QQb11gSsyLcH$RrjPQ6TEwbFE0Bly49IjJg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XjjJdHIx2Tqv7BX37wlDryTIQNjj384VBVAhosATw3lKyB8wTq7F0X3ILb7p91ZrjmM0lnhbteqiIBsNlWHFA%2BntuZGRHGNQVkSd2urBURF%2Fwk6eUy6ctsnfGMOM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfda199e456ae-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:30 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 881cfda3297d5696-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfda2a9245696

104.17.2.184

122 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfda2a9245696
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
122 kB (122340 bytes)
Hash
0fdc20fe559bcb506199440c583b5506
2c0321441eee7fe3a4408e6ff10514736ca49da4
5f4ec41c0de8a45c9e59336e513dc78deaab5ca323ca7d88ad89d006403d72b1

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfda2a9245696 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 881cfda3398c5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit

104.17.2.184

200 OK

15 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42616)
Size
15 kB (14807 bytes)
Hash
86183dd14ee10d1dee92b37b5069d716
9ec32d650ece484bbe624ca734a0a65e22d35dd6
ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4

HTTP Headers

GET /turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 21:23:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cfda12dd5712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/347782402:1715371990:oFUZclOj9hWjgwCA3t9g1pvLIlr9brn1sJpWAhYOdcY/881cfda2a9245696/dcee9514da09759

104.17.2.184

24 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/347782402:1715371990:oFUZclOj9hWjgwCA3t9g1pvLIlr9brn1sJpWAhYOdcY/881cfda2a9245696/dcee9514da09759
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (22384), with no line terminators
Size
24 kB (24083 bytes)
Hash
bdb9d8ab5db9af47ddc09cc17572e113
22d8a56125913ed5cf517bbf3b9fe750007d30f4
5ace86827ffdf54fabf5e812ca1757ed55121141eb64d7511157938e610c2f42

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/347782402:1715371990:oFUZclOj9hWjgwCA3t9g1pvLIlr9brn1sJpWAhYOdcY/881cfda2a9245696/dcee9514da09759 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: dcee9514da09759
Content-Length: 28015
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:36 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 38KwCzudrf+bly+yQriUAjAK4UU/GyYemvuKpemayAHfGFspX60EKJVX/yjRkBvG$Xf8lKqoU4Wd/WpY+53LdTw==
server: cloudflare
cf-ray: 881cfdcb4e8a5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.2.184

24 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (42150)
Size
24 kB (23914 bytes)
Hash
64bc4b0bbd4ad0e33e62c8d3bc4f646c
74ab96b3845d16770e820777ed0f4cee950e9e0d
e0e29365cd8a80c6139e098495dde396806714433d13ba6396769738d3693990

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:30 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
document-policy: js-profiling
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 881cfda2a9245696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf

172.67.170.51

2.4 kB

URL
trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf
IP
172.67.170.51:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3048), with no line terminators
Size
2.4 kB (2367 bytes)
Hash
9dd2d2087cc0a84be01e57802f7fbe59
91f23af107d0a60ca30fdeb3cd274d41cad6b865
64d9a37794615565d49935dc6649e64ea680fb2448c46deff7281b24c982a1f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
Content-type: application/x-www-form-urlencoded
CF-Challenge: 54677e2622148bf
Content-Length: 2482
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: edauNpm8NXUMTSzppTGheA==$3y3oRpL2zofngvSYaPkdbQ==
cf-chl-out: OX9Mt4iMM2fNiI4h0s6nXbwNaN46LOOfKHPGf30E1nrIjB1LT3J5aLw6ujpbDo0FoA0HnNH1xYTieMXT/3Re92DVNnCVbK+Hbx5ozgtYTpk=$C+EJdjrVPmkLAfYD/anYLw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XpXeP6pRR73f7MOlYpOUhryk98YsL7%2BkJwIaEWC6h0GswCPip%2FBu0bjQz2CzOtdaWOz4qCfXGepy988jV96NGAFjx0San3Zza3bbgvHuND2frj5xOOYyg2vEFoNg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfde9dcf256ae-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker

172.67.170.51

403 Forbidden

5.8 kB

URL User Request GET HTTP/1.1
trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14183), with no line terminators
Size
5.8 kB (5762 bytes)
Hash
890a43ce8140d3c5d70188c1252df229
354190fdb0923ae1e898f54d7659102136246278
c252a55301bf0759579fa86da7d13e40fe62b170ef653dc61785e52e4e6093c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wb?keyword=like%20a%20boss%20gif%20maker HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:23:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: MUTymUkoEL4oOmokjYmDIKu/q1CNmuW+Hh4e3nWs9cJ63e9/X1SbyCqi3bTXrji3q0dS59enIdVIItPKkYVUP3Ea8a8NwJm9jeoTpLKwofs=$LMim/TTHAZ6OZCUAEA0CZg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsd%2BmYesMN5f22BTTuyOHa8OB0%2FkRMx7uT%2BCxdReT0YH1FAX2kalUcmIVlAi3u%2BXEs2Ee%2Fhpgng46GsdCodtTT9VWeKnEgX%2B6xhKfjKeqCJ2X540BsSKLd8zQjMH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cfdf6c94356ae-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfdf6c94356ae

172.67.170.51

200 OK

111 kB

URL GET HTTP/1.1
trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfdf6c94356ae
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
111 kB (111278 bytes)
Hash
f69581edcc4697339581008e32120986
a774e716d454c29c9400a26946b141c8847ad5d9
36ab176f05f31d80edc8c684b4a50939212a37370f2ca712356ae394d7d3c2d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfdf6c94356ae HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker&__cf_chl_rt_tk=j7j3TJJXMUDveSylAI404SN1OxuFkBAGCY9at_4wnJA-1715376223-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:43 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k3fn0xGxaGm%2B9s4IYQmifx4tXrQsEWX2yM3ktxqovmx%2Bvc%2BRL1pV75Yy4hSEuav5pnXsYe3esvh5KJQRXCqbMV0uTP1lDNOzd9iRyQCLPhoX9EUWe%2FcP1KbxuQWD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfdf729190b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/favicon.ico

172.67.170.51

403 Forbidden

5.7 kB

URL GET HTTP/1.1
trafffe.ru/favicon.ico
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker

File type
HTML document, ASCII text, with very long lines (14077), with no line terminators
Size
5.7 kB (5724 bytes)
Hash
666172f7cd386fa8c7de5d740ef21962
c47bbf073126c492065ec325db3f5e97ddc1b89c
b57ce66fb86009bbac116aae040de8345704096881f5cc35bf19ee8783b5fd0c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker&__cf_chl_rt_tk=j7j3TJJXMUDveSylAI404SN1OxuFkBAGCY9at_4wnJA-1715376223-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:23:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: +u62nEXkTZniY0r0zvW7UdkER1jVkCjCtbgy/IMayIKzqUoZ9imbSZARG89Gqx2y41lZ6Lkx6nfCZcxTcSfToWqkPZv5D84ORGLGUWry/ng=$imnS7G86GM3E6pA+73oDPQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZvFXCBvosIBQvCZs8yM8czfehrYs1F1SKDuf%2B8nRtlfDKraiVbhBV%2BpPDltpqxXKEz0UJzrD69V1pBJEEa%2FGte016cBBB00pzgl8T%2Bs4oacn04X4hdH2EpbXrBAd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cfdf7696a0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/favicon.ico

172.67.170.51

403 Forbidden

5.7 kB

URL GET HTTP/1.1
trafffe.ru/favicon.ico
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker

File type
HTML document, ASCII text, with very long lines (13991), with no line terminators
Size
5.7 kB (5652 bytes)
Hash
76f643d2e513a9d6b50213ebd6b03ba1
eab9714fd1983e16ef47b487ccf465f9b753f86c
2f235ea42e951436c828a44f1113878ae2b53aa4cc180ca4b0140fb6075bc735

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:23:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ppvMCjMYIaR+nu3mbdchcfhTkZIKFlspjhgBYYTdkn560TIDCUwU7w+k0XnNvLVOryijkW+Fpw2oKokelpGf2A4/Jo0H/sICFSX0Y3N3QPY=$FQD+xmGQx5/diA2uflPpUQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eleC979wJp00TI4TIwWSvVMLjqWvnDyf%2FrDSt5PH8IoR0oV%2Bue37vIhCWFuYQmy6lCO1nEyYeFgj%2Bwjg9l3cfBy37XQlJX9fCEhQBSXOuciepJTgpqFoJFvurzQt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cfdf7e9f45691-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f

172.67.170.51

200 OK

12 kB

URL POST HTTP/1.1
trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker

File type
ASCII text, with very long lines (16312), with no line terminators
Size
12 kB (12314 bytes)
Hash
b0c539eb77a3d2ae8eafd6bc1252e150
31ec88953444622855bac7d75ed275cbaa766ce8
7970a2b192c01e5786bd9986e95083060080e79b0344cee55540fd3031804395

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
Content-type: application/x-www-form-urlencoded
CF-Challenge: de1a8b348597e3f
Content-Length: 1776
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:44 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: pcIBAsV6XEckGqD8lLVJsxSh7BpMfIOqbsq3Mu17xtc0ZkDK+LMI4yjlfvSe7GA0$H571UlakbksQmT8F1ZJNjA==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10kdNMcUZ5J6D4lZAJ901NRv1ucPRs4Rsl1OGYma7%2BkvN8bp88ARCJbTKodYLEPxS8nNbGhHCOW%2BodIrA6gTDarpGBUQ%2F2jZ61FN7OxQHVA0%2B7qXwoaKgZKwrO3W"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfdf89e175699-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:44 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 881cfdfa3c675696-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881cfdf99bd85696/1715376224654/GDaAW52YdIgWMKp

104.17.2.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881cfdf99bd85696/1715376224654/GDaAW52YdIgWMKp
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 53 x 44, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
29fde4940bd25521c5e67c19dc9efb71
527c31e70188194dd00df3a68559b70559b3fa34
9a51544db70bc359a36557f35d83776f40c02e671b1cfff6b428af5498ce2d36

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/881cfdf99bd85696/1715376224654/GDaAW52YdIgWMKp HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:46 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 881cfe08da425696-OSL
alt-svc: h3=":443"; ma=86400

trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f

172.67.170.51

200 OK

2.4 kB

URL POST HTTP/1.1
trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f
IP
172.67.170.51:80
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker

File type
ASCII text, with very long lines (3048), with no line terminators
Size
2.4 kB (2368 bytes)
Hash
5c8e1b659a17fa45f203f7cd12679e48
a5e07aed3bb6eb80b1127863e56ebd9ad802fc68
d887ee12d2e4d578aba19fe026f491268e1215aa2fbb95d78c7cc18c5cf55c29

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
Content-type: application/x-www-form-urlencoded
CF-Challenge: de1a8b348597e3f
Content-Length: 2466
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: EpR7/Tq4NNGZPxkS+fpeW1b+LFyg9acMSNGe9jpr8o2Y8A5/DsbFdzXlZvBmIH9UwgtbF88vT3SvpgSAMuQtgeD7gectMfBFZ1SA6OfN6Kg=$4/YjgwO2CZnWjY2D2y7EGA==
cf-chl-out-s: SFYyyKpIvjwd/rQ0Qh02NA==$qZvnPjJnPtlOV6kCylkBrw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4maAco%2FcWU4B2nEN94Jg2qqm9Yjf5PDf9dKdetWKO3C3OGxIdeEaZz9w2C1%2BvxaUHGfOb5SppXZu3dJJOYqEOETuECRf2s5jfgu25I9f5xrq%2BTD442XLL%2FzCIQIN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfe30e9e25699-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33

104.17.2.184

200 OK

120 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
120 kB (119600 bytes)
Hash
60decb50a5d127cd632e640cacc79077
d072b59331dc8d91bafe62dfee3d21c9608ec6f7
7f3fe8e94f024b44c6ee3c40c7317e59dfb1888d7e02062f0608ee355f7b872a

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: d0d01bbbca2cd33
Content-Length: 3458
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:44 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: YxjR4sADlsa7lshbqKHcIfV1rHzCEr1spxdPnwnOjxcX+2zbNL57leLuIm0YCNski+6McueW7SKHLX+xRvyMqatqyKuVExaHFBohB47iyEVqnJEbYr6xDiYI1GQOqAimjNHNjf01NEHufvcpmUThLmbE6JRpggaJcdDY3MaulZzdAiQwYdHo3/mFPv/Y7zS8SOm/HjQSKc3WBtrIL9r+cc83E3flFpV/cqIMiGXgB70sBb/mvfwHUCSMk8Y4joUrx3KmYFRqjAcRg7Z4jg/Evasxl4W8mu8MG1884AnGtG9rouC20scjC4Xon1Y/MFRRAocXdM99liNajWsB6SdEhH1rWRAo0BULtzTFC12BU7h5BGsFYZZCYmoSgSIk8FW3NqtaGhBsI6nXKboigKAUGig7pAKaLlpSYQPt2tCPU7Ch4iz49/q3U4x+wU9irvICINqxbPjv4XWQVvSlJ7lekpUqTjWNlvvjj/kRVfjttILTnpY6fjzhTUX+kdjE4QfB1vhdjD/WaSIF/2hGM5x5bw==$9Ye52TgS7rr1pieXRdeRsQ==
server: cloudflare
cf-ray: 881cfdfbfe105696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33

104.17.2.184

200 OK

22 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (22332), with no line terminators
Size
22 kB (22332 bytes)
Hash
c7d48dd963d54bdc3346b8c2acf1503a
331e69ee7fd86a62cf7adc5d7cb2cc799717ce65
9e090103da678fd5d1b4958fd98ee02ac65a6c104d877480e0f466ea6c6edd64

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: d0d01bbbca2cd33
Content-Length: 28295
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:48 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: c2SShUQxP2YjHXpXU1ebNOh7/Gv1Eqt0yKnXS3G6lQiZkE+2Ke0bm5Mn897WwfDW$sJF6Ldw48Ss4GlkOz6NZyg==
server: cloudflare
cf-ray: 881cfe12dc355696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.2.184

200 OK

79 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (42150)
Size
79 kB (79326 bytes)
Hash
bf0d502cccaac71d0bcb37548190f600
296b160f262dd4ccead0fe5265ea30c1885e205f
c48dea786e285f6816e5c282ebffada1a885066c449164cb1addfeb1a7084d9d

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:44 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server: cloudflare
cf-ray: 881cfdf99bd85696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfdf99bd85696

104.17.2.184

200 OK

437 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfdf99bd85696
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
437 kB (437431 bytes)
Hash
d7677025046f7c624afbe94a6e3c24ad
fad80f6a6b5a61effe6c38976f784e1f2c4add77
f1d9be1e5d092b021b590288f153be2e863fc9fe26ab00e3a13814a196ceaadf

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfdf99bd85696 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:44 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 881cfdfa3c705696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (75)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations