| trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker | 172.67.170.51 | 403 Forbidden | 13 kB |
URL User Request GET HTTP/1.1trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker IP172.67.170.51:80
File typeHTML document, ASCII text, with very long lines (16252), with no line terminators Hash95cee20d46e944c54f6579b7bbe02d50 d9d037a4ab69159593d913d49ecdd3a7391f72bf e35183cfbbd60dbb9c6c2a15161ebace6ee17b9a6d8db09922a61dac61c75107
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wb?keyword=like%20a%20boss%20gif%20maker HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 10 May 2024 21:23:29 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: rAnvqV5+V4sWNobkfV6RLTwOVgt9ePRfPpNrEHWe/1DDZIaRXQiY1eW5ZydD8DsxyAyyKm61wqayW5rgq5xANBQ6sIKg+k+OeDPV3hC74kA=$plbAqTHGQCHvojWdzky0RA==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3WZJuNnstw2F%2Flehcvrg8oPECUYjivvU8kF7%2FHcbWLrWg9OQn6Vnxd7%2F0I6P4OZHEqPW4eRdbY%2B0nLY68IA1xFX1wcUh%2F7Q4QrFw23WyM44zIj569msMKVu0PKSp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cfd9cf9f10b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfd9dcd88b4f1 | 172.67.170.51 | | 110 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfd9dcd88b4f1 IP172.67.170.51:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size110 kB (110338 bytes) Hash146c03d4817afbd795568d084f10024a 928356e99cf2e0da06b3f74d941dc19986cb98eb 11240b16ce9854378e0183377b93ff8dfa3f3d4b0b25176637016dff3041283e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfd9dcd88b4f1 HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker&__cf_chl_rt_tk=vqHKsiJ7DbnonvXAQO4UUWQj0tJCVrh_I4C8UFw.Nxs-1715376209-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:29 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ode%2BvoOcQhq0NntthsvuoqBqtFLjl9JV1qLfaUHIM%2F8RTyZkkmOnr8vD%2FuzcGhWDkOXOcN9baAYeCPFeI4qYjQ%2BzMql15KChtzDxxML9JpNdbOEV8lXIEXGI0Jze"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfd9fab9c0b45-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 172.67.170.51 | 403 Forbidden | 5.7 kB |
IP172.67.170.51:80
Requested byhttp://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
File typeHTML document, ASCII text, with very long lines (14077), with no line terminators Hash307adabded520c3002cd946a8e8c6647 fb8e8b136bf67c188bb75f58f9cd56c90b4ee234 aa40af23f9c9ae6004ac0c54f2f83c34c1c3eea6d10b6228735392442773aa67
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker&__cf_chl_rt_tk=vqHKsiJ7DbnonvXAQO4UUWQj0tJCVrh_I4C8UFw.Nxs-1715376209-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:23:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 1vKqL7YIsoM8DNyYirjwLkkKpFe0hiAf47+SYIRlCWpO7aBsdt2X26T/C+c4QIynOcPlwH6Ol1UnWe16I2aDt3iQxlh4MtwJIXXMb+zDWh4=$VO9nYLUQzfIRHC4ZYLv1vA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNxpfoWWPz9yEjUaWTwPfBtWrsSQdM%2BXEJQo5%2BLsv8ZkkEscBFiHCLS90j3f%2BFtThgIFelsnvAryXw3SrOKvC2QuyA9QAtaWE4Y%2FHuoV64Bh1j4pkxRSzFFyb9O4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cfda05c2b0b45-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 172.67.170.51 | 403 Forbidden | 5.6 kB |
IP172.67.170.51:80
Requested byhttp://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
File typeHTML document, ASCII text, with very long lines (13971), with no line terminators Hash42a2a2da4e5301c17fd9c10aca82a73c badc7fdbdda144eb8c08dd2b16b43954953e420f 2a6cc7e3793e0478c076b9387cf951e81b29923dac4c07f3dc3b3f0138a9a0db
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:23:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: oFj4elLV1nsj6BoNeCBVXiNVAAo9zTUsWafrSz9lJS2BHpWwRiJ4jPwIUc9xZEvDJahsOQCsgmyjRU+r1yl3IOt1pxjTBrFvE64SZVwvPsM=$D1KTqUlyarJhG0N4+jiyGA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2BD4jCFs5cn1Xu6tXUu57%2BUdi5vkzyzeL73V7Olh8VNvhTwtYhLfIYn83DBorwbx7W%2FGgJGkSu26Pv3QoPVpINGzIMSTcPnO%2FhiI%2FhJ9VKvf%2BKyOGj6Y8ObEeBiF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cfda0fb6db4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf | 172.67.170.51 | | 12 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf IP172.67.170.51:0
File typeASCII text, with very long lines (16300), with no line terminators Hash25c6d69130b082cf4520f558a00ef17e 939378a776cef0dcd680258ff7949577200f9692 2a31fa830c03644545a7e50dd7e51896c09b82a040865d94900612f4940cc37a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
Content-type: application/x-www-form-urlencoded
CF-Challenge: 54677e2622148bf
Content-Length: 1793
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:30 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: jtC8biaO99xlkLPK6yK6GO0MOizFp9fooNgQFOX/aB13+yEGxS15QQb11gSsyLcH$RrjPQ6TEwbFE0Bly49IjJg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XjjJdHIx2Tqv7BX37wlDryTIQNjj384VBVAhosATw3lKyB8wTq7F0X3ILb7p91ZrjmM0lnhbteqiIBsNlWHFA%2BntuZGRHGNQVkSd2urBURF%2Fwk6eUy6ctsnfGMOM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfda199e456ae-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:30 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 881cfda3297d5696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfda2a9245696 | 104.17.2.184 | | 122 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfda2a9245696 IP104.17.2.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size122 kB (122340 bytes) Hash0fdc20fe559bcb506199440c583b5506 2c0321441eee7fe3a4408e6ff10514736ca49da4 5f4ec41c0de8a45c9e59336e513dc78deaab5ca323ca7d88ad89d006403d72b1
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfda2a9245696 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 881cfda3398c5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit | 104.17.2.184 | 200 OK | 15 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit IP104.17.2.184:443
Requested byhttp://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42616) Hash86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4
GET /turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 21:23:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cfda12dd5712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/347782402:1715371990:oFUZclOj9hWjgwCA3t9g1pvLIlr9brn1sJpWAhYOdcY/881cfda2a9245696/dcee9514da09759 | 104.17.2.184 | | 24 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/347782402:1715371990:oFUZclOj9hWjgwCA3t9g1pvLIlr9brn1sJpWAhYOdcY/881cfda2a9245696/dcee9514da09759 IP104.17.2.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22384), with no line terminators Hashbdb9d8ab5db9af47ddc09cc17572e113 22d8a56125913ed5cf517bbf3b9fe750007d30f4 5ace86827ffdf54fabf5e812ca1757ed55121141eb64d7511157938e610c2f42
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/347782402:1715371990:oFUZclOj9hWjgwCA3t9g1pvLIlr9brn1sJpWAhYOdcY/881cfda2a9245696/dcee9514da09759 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: dcee9514da09759
Content-Length: 28015
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:36 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 38KwCzudrf+bly+yQriUAjAK4UU/GyYemvuKpemayAHfGFspX60EKJVX/yjRkBvG$Xf8lKqoU4Wd/WpY+53LdTw==
server: cloudflare
cf-ray: 881cfdcb4e8a5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | | 24 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (42150) Hash64bc4b0bbd4ad0e33e62c8d3bc4f646c 74ab96b3845d16770e820777ed0f4cee950e9e0d e0e29365cd8a80c6139e098495dde396806714433d13ba6396769738d3693990
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4pvlw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:30 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
document-policy: js-profiling
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 881cfda2a9245696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf | 172.67.170.51 | | 2.4 kB |
URL trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf IP172.67.170.51:0
File typeASCII text, with very long lines (3048), with no line terminators Hash9dd2d2087cc0a84be01e57802f7fbe59 91f23af107d0a60ca30fdeb3cd274d41cad6b865 64d9a37794615565d49935dc6649e64ea680fb2448c46deff7281b24c982a1f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2015121468:1715371849:tFoVUjEXRe3osykXrMSow2N3_8WgdbgJ7X6vXFUVDqo/881cfd9dcd88b4f1/54677e2622148bf HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
Content-type: application/x-www-form-urlencoded
CF-Challenge: 54677e2622148bf
Content-Length: 2482
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: edauNpm8NXUMTSzppTGheA==$3y3oRpL2zofngvSYaPkdbQ==
cf-chl-out: OX9Mt4iMM2fNiI4h0s6nXbwNaN46LOOfKHPGf30E1nrIjB1LT3J5aLw6ujpbDo0FoA0HnNH1xYTieMXT/3Re92DVNnCVbK+Hbx5ozgtYTpk=$C+EJdjrVPmkLAfYD/anYLw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XpXeP6pRR73f7MOlYpOUhryk98YsL7%2BkJwIaEWC6h0GswCPip%2FBu0bjQz2CzOtdaWOz4qCfXGepy988jV96NGAFjx0San3Zza3bbgvHuND2frj5xOOYyg2vEFoNg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfde9dcf256ae-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker | 172.67.170.51 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker IP172.67.170.51:80
File typeHTML document, ASCII text, with very long lines (14183), with no line terminators Hash890a43ce8140d3c5d70188c1252df229 354190fdb0923ae1e898f54d7659102136246278 c252a55301bf0759579fa86da7d13e40fe62b170ef653dc61785e52e4e6093c1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wb?keyword=like%20a%20boss%20gif%20maker HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:23:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: MUTymUkoEL4oOmokjYmDIKu/q1CNmuW+Hh4e3nWs9cJ63e9/X1SbyCqi3bTXrji3q0dS59enIdVIItPKkYVUP3Ea8a8NwJm9jeoTpLKwofs=$LMim/TTHAZ6OZCUAEA0CZg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsd%2BmYesMN5f22BTTuyOHa8OB0%2FkRMx7uT%2BCxdReT0YH1FAX2kalUcmIVlAi3u%2BXEs2Ee%2Fhpgng46GsdCodtTT9VWeKnEgX%2B6xhKfjKeqCJ2X540BsSKLd8zQjMH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cfdf6c94356ae-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfdf6c94356ae | 172.67.170.51 | 200 OK | 111 kB |
URL GET HTTP/1.1trafffe.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfdf6c94356ae IP172.67.170.51:80
Requested byhttp://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size111 kB (111278 bytes) Hashf69581edcc4697339581008e32120986 a774e716d454c29c9400a26946b141c8847ad5d9 36ab176f05f31d80edc8c684b4a50939212a37370f2ca712356ae394d7d3c2d8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cfdf6c94356ae HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker&__cf_chl_rt_tk=j7j3TJJXMUDveSylAI404SN1OxuFkBAGCY9at_4wnJA-1715376223-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:43 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k3fn0xGxaGm%2B9s4IYQmifx4tXrQsEWX2yM3ktxqovmx%2Bvc%2BRL1pV75Yy4hSEuav5pnXsYe3esvh5KJQRXCqbMV0uTP1lDNOzd9iRyQCLPhoX9EUWe%2FcP1KbxuQWD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfdf729190b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 172.67.170.51 | 403 Forbidden | 5.7 kB |
IP172.67.170.51:80
Requested byhttp://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
File typeHTML document, ASCII text, with very long lines (14077), with no line terminators Hash666172f7cd386fa8c7de5d740ef21962 c47bbf073126c492065ec325db3f5e97ddc1b89c b57ce66fb86009bbac116aae040de8345704096881f5cc35bf19ee8783b5fd0c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker&__cf_chl_rt_tk=j7j3TJJXMUDveSylAI404SN1OxuFkBAGCY9at_4wnJA-1715376223-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:23:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: +u62nEXkTZniY0r0zvW7UdkER1jVkCjCtbgy/IMayIKzqUoZ9imbSZARG89Gqx2y41lZ6Lkx6nfCZcxTcSfToWqkPZv5D84ORGLGUWry/ng=$imnS7G86GM3E6pA+73oDPQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZvFXCBvosIBQvCZs8yM8czfehrYs1F1SKDuf%2B8nRtlfDKraiVbhBV%2BpPDltpqxXKEz0UJzrD69V1pBJEEa%2FGte016cBBB00pzgl8T%2Bs4oacn04X4hdH2EpbXrBAd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cfdf7696a0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/favicon.ico | 172.67.170.51 | 403 Forbidden | 5.7 kB |
IP172.67.170.51:80
Requested byhttp://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
File typeHTML document, ASCII text, with very long lines (13991), with no line terminators Hash76f643d2e513a9d6b50213ebd6b03ba1 eab9714fd1983e16ef47b487ccf465f9b753f86c 2f235ea42e951436c828a44f1113878ae2b53aa4cc180ca4b0140fb6075bc735
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:23:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ppvMCjMYIaR+nu3mbdchcfhTkZIKFlspjhgBYYTdkn560TIDCUwU7w+k0XnNvLVOryijkW+Fpw2oKokelpGf2A4/Jo0H/sICFSX0Y3N3QPY=$FQD+xmGQx5/diA2uflPpUQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eleC979wJp00TI4TIwWSvVMLjqWvnDyf%2FrDSt5PH8IoR0oV%2Bue37vIhCWFuYQmy6lCO1nEyYeFgj%2Bwjg9l3cfBy37XQlJX9fCEhQBSXOuciepJTgpqFoJFvurzQt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cfdf7e9f45691-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f | 172.67.170.51 | 200 OK | 12 kB |
URL POST HTTP/1.1trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f IP172.67.170.51:80
Requested byhttp://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
File typeASCII text, with very long lines (16312), with no line terminators Hashb0c539eb77a3d2ae8eafd6bc1252e150 31ec88953444622855bac7d75ed275cbaa766ce8 7970a2b192c01e5786bd9986e95083060080e79b0344cee55540fd3031804395
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
Content-type: application/x-www-form-urlencoded
CF-Challenge: de1a8b348597e3f
Content-Length: 1776
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:44 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: pcIBAsV6XEckGqD8lLVJsxSh7BpMfIOqbsq3Mu17xtc0ZkDK+LMI4yjlfvSe7GA0$H571UlakbksQmT8F1ZJNjA==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10kdNMcUZ5J6D4lZAJ901NRv1ucPRs4Rsl1OGYma7%2BkvN8bp88ARCJbTKodYLEPxS8nNbGhHCOW%2BodIrA6gTDarpGBUQ%2F2jZ61FN7OxQHVA0%2B7qXwoaKgZKwrO3W"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfdf89e175699-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:44 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 881cfdfa3c675696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881cfdf99bd85696/1715376224654/GDaAW52YdIgWMKp | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881cfdf99bd85696/1715376224654/GDaAW52YdIgWMKp IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 53 x 44, 8-bit/color RGB, non-interlaced Hash29fde4940bd25521c5e67c19dc9efb71 527c31e70188194dd00df3a68559b70559b3fa34 9a51544db70bc359a36557f35d83776f40c02e671b1cfff6b428af5498ce2d36
GET /cdn-cgi/challenge-platform/h/g/i/881cfdf99bd85696/1715376224654/GDaAW52YdIgWMKp HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:46 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 881cfe08da425696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f | 172.67.170.51 | 200 OK | 2.4 kB |
URL POST HTTP/1.1trafffe.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f IP172.67.170.51:80
Requested byhttp://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
File typeASCII text, with very long lines (3048), with no line terminators Hash5c8e1b659a17fa45f203f7cd12679e48 a5e07aed3bb6eb80b1127863e56ebd9ad802fc68 d887ee12d2e4d578aba19fe026f491268e1215aa2fbb95d78c7cc18c5cf55c29
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1861006551:1715371748:p1w2tibAtj05RoYhPBdfEO1mK1wsZUNVM443WAzpXxI/881cfdf6c94356ae/de1a8b348597e3f HTTP/1.1
Host: trafffe.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker
Content-type: application/x-www-form-urlencoded
CF-Challenge: de1a8b348597e3f
Content-Length: 2466
Origin: http://trafffe.ru
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:23:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: EpR7/Tq4NNGZPxkS+fpeW1b+LFyg9acMSNGe9jpr8o2Y8A5/DsbFdzXlZvBmIH9UwgtbF88vT3SvpgSAMuQtgeD7gectMfBFZ1SA6OfN6Kg=$4/YjgwO2CZnWjY2D2y7EGA==
cf-chl-out-s: SFYyyKpIvjwd/rQ0Qh02NA==$qZvnPjJnPtlOV6kCylkBrw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4maAco%2FcWU4B2nEN94Jg2qqm9Yjf5PDf9dKdetWKO3C3OGxIdeEaZz9w2C1%2BvxaUHGfOb5SppXZu3dJJOYqEOETuECRf2s5jfgu25I9f5xrq%2BTD442XLL%2FzCIQIN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cfe30e9e25699-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33 | 104.17.2.184 | 200 OK | 120 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size120 kB (119600 bytes) Hash60decb50a5d127cd632e640cacc79077 d072b59331dc8d91bafe62dfee3d21c9608ec6f7 7f3fe8e94f024b44c6ee3c40c7317e59dfb1888d7e02062f0608ee355f7b872a
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: d0d01bbbca2cd33
Content-Length: 3458
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:44 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: YxjR4sADlsa7lshbqKHcIfV1rHzCEr1spxdPnwnOjxcX+2zbNL57leLuIm0YCNski+6McueW7SKHLX+xRvyMqatqyKuVExaHFBohB47iyEVqnJEbYr6xDiYI1GQOqAimjNHNjf01NEHufvcpmUThLmbE6JRpggaJcdDY3MaulZzdAiQwYdHo3/mFPv/Y7zS8SOm/HjQSKc3WBtrIL9r+cc83E3flFpV/cqIMiGXgB70sBb/mvfwHUCSMk8Y4joUrx3KmYFRqjAcRg7Z4jg/Evasxl4W8mu8MG1884AnGtG9rouC20scjC4Xon1Y/MFRRAocXdM99liNajWsB6SdEhH1rWRAo0BULtzTFC12BU7h5BGsFYZZCYmoSgSIk8FW3NqtaGhBsI6nXKboigKAUGig7pAKaLlpSYQPt2tCPU7Ch4iz49/q3U4x+wU9irvICINqxbPjv4XWQVvSlJ7lekpUqTjWNlvvjj/kRVfjttILTnpY6fjzhTUX+kdjE4QfB1vhdjD/WaSIF/2hGM5x5bw==$9Ye52TgS7rr1pieXRdeRsQ==
server: cloudflare
cf-ray: 881cfdfbfe105696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33 | 104.17.2.184 | 200 OK | 22 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22332), with no line terminators Hashc7d48dd963d54bdc3346b8c2acf1503a 331e69ee7fd86a62cf7adc5d7cb2cc799717ce65 9e090103da678fd5d1b4958fd98ee02ac65a6c104d877480e0f466ea6c6edd64
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1721648137:1715371907:AChmsZTr9B9ipBCKUF8--kbBXMDVrv8e0lolI7CwD0Y/881cfdf99bd85696/d0d01bbbca2cd33 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: d0d01bbbca2cd33
Content-Length: 28295
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:48 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: c2SShUQxP2YjHXpXU1ebNOh7/Gv1Eqt0yKnXS3G6lQiZkE+2Ke0bm5Mn897WwfDW$sJF6Ldw48Ss4GlkOz6NZyg==
server: cloudflare
cf-ray: 881cfe12dc355696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | 200 OK | 79 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:443
Requested byhttp://trafffe.ru/wb?keyword=like%20a%20boss%20gif%20maker CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (42150) Hashbf0d502cccaac71d0bcb37548190f600 296b160f262dd4ccead0fe5265ea30c1885e205f c48dea786e285f6816e5c282ebffada1a885066c449164cb1addfeb1a7084d9d
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:44 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server: cloudflare
cf-ray: 881cfdf99bd85696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfdf99bd85696 | 104.17.2.184 | 200 OK | 437 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfdf99bd85696 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size437 kB (437431 bytes) Hashd7677025046f7c624afbe94a6e3c24ad fad80f6a6b5a61effe6c38976f784e1f2c4add77 f1d9be1e5d092b021b590288f153be2e863fc9fe26ab00e3a13814a196ceaadf
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cfdf99bd85696 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/273vm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:23:44 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 881cfdfa3c705696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|