| agdevc0.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2040316823:1714001180:dptEz3znipAF9D_KvNWp_bIG-3ahnVxG1r5HLENscsY/879a17884a8e1bfe/9876b4a43f1d5c1 | 172.67.179.210 | | 41 kB |
URL agdevc0.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2040316823:1714001180:dptEz3znipAF9D_KvNWp_bIG-3ahnVxG1r5HLENscsY/879a17884a8e1bfe/9876b4a43f1d5c1 IP172.67.179.210:0
File typeASCII text, with very long lines (15900), with no line terminators Hash7e30ff618feebc834ea066f2b4dccdeb f1126ce2aa40a93d7994cf17b9c6f48a14af3f75 9534831eaeb4f7f1918f7938a40bb8cea1a26d7d647d4f016c8b2195ba025095
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2040316823:1714001180:dptEz3znipAF9D_KvNWp_bIG-3ahnVxG1r5HLENscsY/879a17884a8e1bfe/9876b4a43f1d5c1 HTTP/1.1
Host: agdevc0.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agdevc0.com/Mbcullen@valleyfine.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9876b4a43f1d5c1
Content-Length: 1914
Origin: https://agdevc0.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:17 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: uw4UESpLHGBs+kHnUQ4mwz9trfu9XclLHQRqh6u7Dq0BL1erHSIsqcGFGihsHAyC$t3GVKidQKpBuPnvOthK03A==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PA4y0llo2DnQhEKDxhNGYywkRLECuU7L%2Flo5ZXbON2nriJH5vtSlligLXNwk5Wlld%2B%2ByJe8cdyWt5rfSBNFROt0E3EwKt3n7rE6pAR6EDcSQXZ4V2EpgXsJTin%2Fkpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879a178b9f135699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1551195907:1714001346:zd4AvVTwdxwEngfz8LMGUSdxuiOdEHI_0hVXlZ4vJso/879a178c5878b529/2ec0ba67ad4e5e8 | 104.17.2.184 | | 93 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1551195907:1714001346:zd4AvVTwdxwEngfz8LMGUSdxuiOdEHI_0hVXlZ4vJso/879a178c5878b529/2ec0ba67ad4e5e8 IP104.17.2.184:0
File typeASCII text, with very long lines (65536), with no line terminators Hash7a3562c2792d8cf7f12abc615bd2bdaf 57d58ca4a643a14d3e0230f219afce5961e21728 895f7b30d68788278c4d51da8b052b4abf67ba081e04f35e7819723aae5e5554
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1551195907:1714001346:zd4AvVTwdxwEngfz8LMGUSdxuiOdEHI_0hVXlZ4vJso/879a178c5878b529/2ec0ba67ad4e5e8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s0cmk/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2ec0ba67ad4e5e8
Content-Length: 3354
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:17 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: NHfB7k96ib3KEw1RNAce/HdqblH1XlzQHEvG3fvb47YYYnKFDyF0XPOK8XFYCkLvNxOk8rVnqqUG3/BJYLzQ1PVBi7K5FyKkz4h77oFzGXNAdOHutCMB0CDlynz2qHMxuubXgZ+2248684VctOPPNWaLR+soUM9iN4FGh3xGRCOm9qAeccDnO2CzRftjT8ohOnPo1OP5jC2c5SZmSljHPbOj6Bl8cGVVJVuD3Otr8TgBpWrj5ImEZvt8hwJZtGDqHLZfS7l1iyBCJ4jAPkM9uFDrbTCnfslJ+ZbzO/Buh9sKVd2vneMmLpSc6ohCRfYmgQ/x/oZJgEhE5ci2dbiO7xcS0xYGqY1UwHVcNSztCuqXts+BKcFPI5BGnGRCalq/$Wo5lf5PMdYE/wGJN8ZjTvg==
vary: accept-encoding
server: cloudflare
cf-ray: 879a178e8991b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879a178c5878b529/1714003637534/_euS9wl7zUbo4qK | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879a178c5878b529/1714003637534/_euS9wl7zUbo4qK IP104.17.2.184:0
File typePNG image data, 60 x 51, 8-bit/color RGB, non-interlaced Hash6d3653b1f37e9648689a819ffc27ac40 0bf5ef695ebb73d89efdb26e2903be86f97062e2 b00b4ac3b49c64fb5f8de9e3a0cb353a1f66dbcd0939c7fe1dfade9d2998ed8d
GET /cdn-cgi/challenge-platform/h/b/i/879a178c5878b529/1714003637534/_euS9wl7zUbo4qK HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s0cmk/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:18 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879a17936b80b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879a178c5878b529/1714003637535/baf2c7c297746b99c99255edd185d07b5810285af7e0d33756137faba50d417d/_3-io5JwLQi_zeR | 104.17.2.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879a178c5878b529/1714003637535/baf2c7c297746b99c99255edd185d07b5810285af7e0d33756137faba50d417d/_3-io5JwLQi_zeR IP104.17.2.184:0
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/879a178c5878b529/1714003637535/baf2c7c297746b99c99255edd185d07b5810285af7e0d33756137faba50d417d/_3-io5JwLQi_zeR HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s0cmk/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Thu, 25 Apr 2024 00:07:18 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20guvLHwpd0a5nJklXt0YXQe1gQKFr34NM3VhN_q6UNQX0AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tILryx8KXdGuZyZJV7dGF0HtYECha9-DTN1YTf6ulDUF9ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 879a1793bbc7b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| agdevc0.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2132437045:1714001201:fgWTtl3ok3U7K0uN8S11wqXWb8gmuITaxJgUuW4tYZ0/879a17c1cd9a5699/b6dbc2ca58f12a9 | 172.67.179.210 | | 24 kB |
URL agdevc0.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2132437045:1714001201:fgWTtl3ok3U7K0uN8S11wqXWb8gmuITaxJgUuW4tYZ0/879a17c1cd9a5699/b6dbc2ca58f12a9 IP172.67.179.210:0
File typeASCII text, with very long lines (15952), with no line terminators Hash115c0846c5134df2f48e1c61503565fc 90d920450f2bb16a4a031688209256390dfddc1f 4886011ff9341ca6d3534fde43791397a09005d88b32a6dd764038a63dde1efa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2132437045:1714001201:fgWTtl3ok3U7K0uN8S11wqXWb8gmuITaxJgUuW4tYZ0/879a17c1cd9a5699/b6dbc2ca58f12a9 HTTP/1.1
Host: agdevc0.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agdevc0.com/Mbcullen@valleyfine.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: b6dbc2ca58f12a9
Content-Length: 1917
Origin: https://agdevc0.com
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:26 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: tsbvbvmzp85qer64WhNEG8vYNZ7SFDFVtF4NJTFxAWcGWAjWwtgVuWrzDFw49U21$I7xj9TMqhuIyJT/m+2MpBg==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xGNpbYbV5vLRX87Klpd1w9U2UJdVhst5%2FrvVx7cGUwYlDBWEOKx0Ss4Sm7qm5Sw%2FzCYZrc3yVkLzzFjR8lPiXIZSYbBb8taFZLuISBm83J9RlKVTeKMD06CiynyAWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879a17c3ce6b5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z0jma/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:26 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 879a17c53b63b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| agdevc0.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2040316823:1714001180:dptEz3znipAF9D_KvNWp_bIG-3ahnVxG1r5HLENscsY/879a17884a8e1bfe/9876b4a43f1d5c1 | 172.67.179.210 | | 289 kB |
URL agdevc0.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2040316823:1714001180:dptEz3znipAF9D_KvNWp_bIG-3ahnVxG1r5HLENscsY/879a17884a8e1bfe/9876b4a43f1d5c1 IP172.67.179.210:0
File typeASCII text, with very long lines (2332), with no line terminators Size289 kB (288999 bytes) Hash2171e5505bd36f20aa10027932d2127d c01d2fad82b835abee4328b50f284ff80520e051 2c53a616ed72d031893d42a0cb8c2030c8473ae5a8964743c256d849a28f8329
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2040316823:1714001180:dptEz3znipAF9D_KvNWp_bIG-3ahnVxG1r5HLENscsY/879a17884a8e1bfe/9876b4a43f1d5c1 HTTP/1.1
Host: agdevc0.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agdevc0.com/Mbcullen@valleyfine.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9876b4a43f1d5c1
Content-Length: 2541
Origin: https://agdevc0.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:23 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: mLEIYV8lXgsEz+YgT8sPVXhQSOdpyaEUvdtjOG5HRNWTBv9IiN9aywGevTraXu08/JAJsomyQz0uRguzP1kQPV+FHwRsPcv3X4Sza1k5weY=$FTPo3kV4tqYRvldd5Ugcgw==
cf-chl-out-s: q5girYH2Fq8jRAiScSjUqOipcAGqE5c8/B4L0djn8y3DJHQcMfpyJtYtlXxU2lmbo7biICao5lvSGWs9K8BZ/gHoXfULVHaGKotd8PKrm90=$40kpvxPWb9kjawutdKG6Wg==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6bPHF3UoLeShEYCUXbnL99EmOMbn7od5NXY6kyotPQF%2B%2BVHowAwIoZwJyxuwa%2FyucEGNEtGVpoxp1kL5I6kPMd73%2FenRvNd4rArjulMpXRREiPpWzZGo7BJW98HbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879a17b4efd25699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879a17c4bb0fb529/1714003646591/5ebe6aa4ea22edd382fa951e399ea7f6da68bea104825471ca18525bb0338d09/IOpUSYnE14hGF6m | 104.17.2.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879a17c4bb0fb529/1714003646591/5ebe6aa4ea22edd382fa951e399ea7f6da68bea104825471ca18525bb0338d09/IOpUSYnE14hGF6m IP104.17.2.184:0
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/879a17c4bb0fb529/1714003646591/5ebe6aa4ea22edd382fa951e399ea7f6da68bea104825471ca18525bb0338d09/IOpUSYnE14hGF6m HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z0jma/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Thu, 25 Apr 2024 00:07:27 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gXr5qpOoi7dOC-pUeOZ6n9tpovqEEglRxyhhSW7AzjQkAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIF6-aqTqIu3TgvqVHjmep_baaL6hBIJUccoYUluwM40JABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 879a17ce2f86b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879a17c4bb0fb529/1714003646592/mZniNoPl0bh0poH | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879a17c4bb0fb529/1714003646592/mZniNoPl0bh0poH IP104.17.2.184:0
File typePNG image data, 91 x 6, 8-bit/color RGB, non-interlaced Hashb8995e69f2a17892172d6a7eeced2560 8750013f5762041a55664d8083be26a5c4e15b6e 600eba9d44a0ea611739a488d0006fd812063a2a47840483919ebd1c35d762ec
GET /cdn-cgi/challenge-platform/h/b/i/879a17c4bb0fb529/1714003646592/mZniNoPl0bh0poH HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z0jma/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:27 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879a17ce8fd2b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1551195907:1714001346:zd4AvVTwdxwEngfz8LMGUSdxuiOdEHI_0hVXlZ4vJso/879a178c5878b529/2ec0ba67ad4e5e8 | 104.17.2.184 | | 12 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1551195907:1714001346:zd4AvVTwdxwEngfz8LMGUSdxuiOdEHI_0hVXlZ4vJso/879a178c5878b529/2ec0ba67ad4e5e8 IP104.17.2.184:0
File typeASCII text, with very long lines (968), with no line terminators Hashe86c41260411ff4e48facf69f965f74e c7e124c2d4c62a53c2eb53ae5f38212e112f237c 72ca6d258f9404813b179f78b31b7b923ccba377c8a7cc43b63cab12f1d65337
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1551195907:1714001346:zd4AvVTwdxwEngfz8LMGUSdxuiOdEHI_0hVXlZ4vJso/879a178c5878b529/2ec0ba67ad4e5e8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s0cmk/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2ec0ba67ad4e5e8
Content-Length: 38153
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:23 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: +bdpfHU68zDebSA5Ni677HDMfkAdNGZ4s08vz3g2/4UmYR9GRvjWz3PJFUC5ECTCzGjyaxxmgOLwlT9oNm3/S5KuYeGTdXgvfo3cD8PNxe/Ds4qejBdRwcBlOjLQ6zP3maIJL+RvCPwnrUHLcVO++w==$Cc1Rp22m0GJrfda5sQVSaQ==
cf-chl-out: PsBLnSVKwiaw6QDR3/gX8GQsYGoR/xyQcAi6fuGfUfw9+oXxAacxbKKUvpkLw2oFS2lPmz/nfWWAuR7eU/5PyXN3XMSRSC4SoXi+EOWIQ1M=$/xifVOdGpXEjm90qxLbDPA==
vary: accept-encoding
server: cloudflare
cf-ray: 879a17b46b92b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| agdevc0.com/Mbcullen@valleyfine.com | 172.67.179.210 | 403 Forbidden | 12 kB |
URL User Request GET HTTP/3agdevc0.com/Mbcullen@valleyfine.com IP172.67.179.210:443
CertificateIssuerLet's Encrypt Subjectagdevc0.com FingerprintEE:F8:BF:51:AD:A6:32:7C:B2:74:82:F0:C5:DF:59:33:F9:BB:94:C1 ValidityFri, 29 Mar 2024 09:44:31 GMT - Thu, 27 Jun 2024 09:44:30 GMT
File typeHTML document, ASCII text, with very long lines (15874), with no line terminators Hashb9a427ec717feae60df885da147ad37f 9dcb7ce4b41f9edbce48b0f6b8aa621b8d864333 0ad2f356fd0c45ea4883be060924998f68a13ed0265561aa3d4153a6e2bc45c9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Mbcullen@valleyfine.com HTTP/1.1
Host: agdevc0.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Thu, 25 Apr 2024 00:07:25 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: G/c6M4qlJsMx6Rwv0ke7jW9XS/XOYoDzJIqs3jAWO5fBlpYRNVhFB1b15dNB+/ZTegFY41UtbO0Uc/O26uuD1wX46w81mEl5bBDXfFSEheLisPQJyMdNicRqVR/ODPTrH4YKSS9lWK03isDDXlFp2A==$3qOs6TMRqx5ofNaB/N/trA==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlmNsT6KDEcHLbccHaW5azBt6zKNxGt51h1oVUTfR1SemMoapiZrrQerdRx48beMrTPRIN4Z35hXe2YxxB4vHVDexsnIhUy93gX9b8j6q3v50E9i5k%2FArfbCd0SehA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879a17c1cd9a5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1036534595:1714001293:_wS3OwBRz2cCjLYtljO5EwImNk_azjBepl8OwuKppJM/879a17c4bb0fb529/108e303d2a529c6 | 104.17.2.184 | | 47 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1036534595:1714001293:_wS3OwBRz2cCjLYtljO5EwImNk_azjBepl8OwuKppJM/879a17c4bb0fb529/108e303d2a529c6 IP104.17.2.184:0
File typeASCII text, with very long lines (22572), with no line terminators Hash9d683b205afa689f78713f0bcd8591af 835cd2232ac06820f63e1f3aac36a79aaadd5712 fb5663b4fead8d32145d8feb5ed4a4192fa07151e456e5cd2f898e7ba48b5e1c
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1036534595:1714001293:_wS3OwBRz2cCjLYtljO5EwImNk_azjBepl8OwuKppJM/879a17c4bb0fb529/108e303d2a529c6 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z0jma/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 108e303d2a529c6
Content-Length: 26699
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:27 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: r2XDETgQFK3ZjVYAx6+BMxs6aLMumxZGQSr0VfCkqGXwd2vUL+kHe3rSXaZclysu$XXwCwVQK6n6Do2GgCHaKJQ==
vary: accept-encoding
server: cloudflare
cf-ray: 879a17cf883fb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit | 104.17.2.184 | 200 OK | 14 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP104.17.2.184:443
Requested byhttps://agdevc0.com/Mbcullen@valleyfine.com CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42414) Hashf94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b
GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://agdevc0.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:35 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 879a17ff38a5b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879a1800e987b529/1714003656232/70dTmSieDSGZAJa | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879a1800e987b529/1714003656232/70dTmSieDSGZAJa IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 41 x 8, 8-bit/color RGB, non-interlaced Hashd6d56ea24861bda59db6f3396eb92a4a 0ece0b28e68165e1837416dc88e2ee8799b40ac0 2f6499db940b66a0e148d581de02a7e49b15f6d29ab97819c3faa2b79b995328
GET /cdn-cgi/challenge-platform/h/b/i/879a1800e987b529/1714003656232/70dTmSieDSGZAJa HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:37 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879a18096d66b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.2.184 | 200 OK | 80 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.2.184:443
Requested byhttps://agdevc0.com/Mbcullen@valleyfine.com CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hashb096fe437e557283ea6713be5df63953 883344e823285d2eece09f51005f31a8ddf79307 b87f0db26eb6278103c63d8029aeda933bd26462cdd1f347956d879791171051
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:35 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-embedder-policy: require-corp
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
referrer-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 879a1800e987b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| agdevc0.com/favicon.ico | 172.67.179.210 | 403 Forbidden | 16 kB |
IP172.67.179.210:443
Requested byhttps://agdevc0.com/Mbcullen@valleyfine.com CertificateIssuerLet's Encrypt Subjectagdevc0.com FingerprintEE:F8:BF:51:AD:A6:32:7C:B2:74:82:F0:C5:DF:59:33:F9:BB:94:C1 ValidityFri, 29 Mar 2024 09:44:31 GMT - Thu, 27 Jun 2024 09:44:30 GMT
File typeHTML document, ASCII text, with very long lines (15758), with no line terminators Hashcf5728e84c8b1bc925d69f105e9b7692 50175745ec1e7d9e830b977f991c2f8b0e8591ad 2cb0f8a5af7df65afd17e543e16daf5db10b5a35941f52370eed5a7518f2653b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: agdevc0.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agdevc0.com/Mbcullen@valleyfine.com
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Thu, 25 Apr 2024 00:07:35 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: PEyXiq/hixWNl9n/W1C8HL6IGyslinGdaRgUvMnQ7k8d/c4ZeAm0rM0MZK4dCrq3kEqRaTzDRh+MjcXMs4CbGFe0T9Yv+SYxT2pyZZri5pVL1/KxDv3VStfeK9Bv0MtZedmNUwCki8HCEsYRezz0RA==$8PiH9YNnDOt71xdfMUu/+A==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2BOYDsjEwgx%2BN%2FTOV7tVhTasCw2yF4OCrIV3g%2BOsouqVXp1VQdW%2BYHIctsZXbNuM83zw9Bg1JSH%2FziGFUQGDUR5LbxIyQMQTljfxqKFW5i8RWeX7hxKv60FpZJ4RDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879a17ff2fda5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879a1800e987b529 | 104.17.2.184 | 200 OK | 426 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879a1800e987b529 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size426 kB (426401 bytes) Hash56e9150bf33d49b3c82bbe0695d066dd 788cb78c97fd9e6a63d7449991a85d94c9d3d77b 6ade78f3fd10300a89c026842f0f92300d63e739a4b319a543630105c9a9235d
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879a1800e987b529 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:35 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 879a180179cab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| agdevc0.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879a17fe0f625699 | 172.67.179.210 | 200 OK | 395 kB |
URL GET HTTP/3agdevc0.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879a17fe0f625699 IP172.67.179.210:443
Requested byhttps://agdevc0.com/Mbcullen@valleyfine.com CertificateIssuerLet's Encrypt Subjectagdevc0.com FingerprintEE:F8:BF:51:AD:A6:32:7C:B2:74:82:F0:C5:DF:59:33:F9:BB:94:C1 ValidityFri, 29 Mar 2024 09:44:31 GMT - Thu, 27 Jun 2024 09:44:30 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size395 kB (394709 bytes) Hashf9a34ee3a5bbff19b7cf364c1edbe5a5 200117f201bdaadb1c673cc935e59940561f15c3 2dded8b56c7af506d2d9a49174f2fef2d5e7c7ba2ee4f1fb2a69b1c78d2ba040
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879a17fe0f625699 HTTP/1.1
Host: agdevc0.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agdevc0.com/Mbcullen@valleyfine.com?__cf_chl_rt_tk=b8Ny3noFdT_iCZu.u9J3LSV8SKQ3KLqzniRJSvnMeHo-1714003655-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:35 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YsKtVhRtViqw1bV97z%2BbYxqN86UDrxU8Qywh2InExVwJ%2B1xnDVz9%2BGmvSO6nCxytYRKnYZh3yqXHvQPe36xxISreZMiRM81N%2BsQxaAqjVj1GqjgRQChRMNbsDLvSEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879a17fe6f7d5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/117102110:1714001268:3iZBnkF79otujh3fvl8lsIZXDHG1Ao81bk2KToUbrQs/879a1800e987b529/8f510e271a5a70c | 104.17.2.184 | 200 OK | 92 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/117102110:1714001268:3iZBnkF79otujh3fvl8lsIZXDHG1Ao81bk2KToUbrQs/879a1800e987b529/8f510e271a5a70c IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash9b8e4c76881ec8894f38779d70235d29 be94df57b4fc86fdd52b3c9b06cfd935339794b2 3fbc141ef472392586e2dc795881c023547bad48c28a8059e7e167ea8fdc1849
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/117102110:1714001268:3iZBnkF79otujh3fvl8lsIZXDHG1Ao81bk2KToUbrQs/879a1800e987b529/8f510e271a5a70c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8f510e271a5a70c
Content-Length: 3338
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:36 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: R1nOxdJvCQgwcq8sP27Y85ZnBMCyHTitx0E9EzxLRYxBfaqE3BZtG2Wyt7O82osWzPb18jM5rLdX78tU0xORBzWXDjwluQvfJm8NI+N019oV6qkQU16R7HMn1JqlTJsqWP1XFPfOvUF8u5P2Zc5RC7M0GPrt9te1YrHOBeoBBjs6tSnjWSErVZO/1y23TNDhEKdNZi0fFH9LhBNurEliRul0uPnz5fo14+mIRpAl3uBgA6h4A2AjaAMFqXCgHv8jeN5oLZLc9hajHlnO8FC0N10CUwqexxFvpLqTuWt92Czsanyrc14L9lQKNrWFcSpncX40CaU+xa09hwwX/z4l4igRhI2vqZoXH1VdIwY3QW+74OP5kCbxWYh0p09LYTgD$nf13yQEpk1g2IyfcoH6L6w==
vary: accept-encoding
server: cloudflare
cf-ray: 879a18035adeb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| agdevc0.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1163517303:1714001152:TGuAnZmXeTZ_GBgm_Sbk0hbRKZg3uFcjcgpiUtbBvUo/879a17fe0f625699/38234715e2d764a | 172.67.179.210 | 200 OK | 16 kB |
URL POST HTTP/3agdevc0.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1163517303:1714001152:TGuAnZmXeTZ_GBgm_Sbk0hbRKZg3uFcjcgpiUtbBvUo/879a17fe0f625699/38234715e2d764a IP172.67.179.210:443
Requested byhttps://agdevc0.com/Mbcullen@valleyfine.com CertificateIssuerLet's Encrypt Subjectagdevc0.com FingerprintEE:F8:BF:51:AD:A6:32:7C:B2:74:82:F0:C5:DF:59:33:F9:BB:94:C1 ValidityFri, 29 Mar 2024 09:44:31 GMT - Thu, 27 Jun 2024 09:44:30 GMT
File typeASCII text, with very long lines (15920), with no line terminators Hash80cf400e4e8710fd4e5d88954bc91dc3 954308ab7f2e244ea8292e429821a778874b12af 8ab7e6ec173b9fcb7ca375511c1bd61f1d62371e1adef5e37de10f8da1ad9762
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1163517303:1714001152:TGuAnZmXeTZ_GBgm_Sbk0hbRKZg3uFcjcgpiUtbBvUo/879a17fe0f625699/38234715e2d764a HTTP/1.1
Host: agdevc0.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agdevc0.com/Mbcullen@valleyfine.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: 38234715e2d764a
Content-Length: 1909
Origin: https://agdevc0.com
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:35 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: NZJ3fgn9trUIgGB7066nV8s57f3+ZGqDM9eG4dlMNy5SzNvzs3ilRrQhT49qTUIz$zCVu/+xJZ3DgDJldAPppvg==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oyJyETmZhRcE3LEERx%2B%2BnVUagtw%2BzsKUVCEIFW%2FfZt7f4GCZ8snuhB8BD0%2BWrzuedMR2lWO9K3f6yNEgr%2BL1yOqk6GhJ82xIf0eDLJwnxu4PukaQFusdvIoGZVEEiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879a17ffe8265699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879a1800e987b529/1714003656231/d9267e3bb7058eff9af0de3db4727ab951e6dc5e9bfbd89fa19648ada9f07655/dPJxt7HQ3ShaaM3 | 104.17.2.184 | 401 Unauthorized | 1 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879a1800e987b529/1714003656231/d9267e3bb7058eff9af0de3db4727ab951e6dc5e9bfbd89fa19648ada9f07655/dPJxt7HQ3ShaaM3 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/879a1800e987b529/1714003656231/d9267e3bb7058eff9af0de3db4727ab951e6dc5e9bfbd89fa19648ada9f07655/dPJxt7HQ3ShaaM3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Thu, 25 Apr 2024 00:07:37 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g2SZ-O7cFjv-a8N49tHJ6uVHm3F6b-9ifoZZIranwdlUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tINkmfju3BY7_mvDePbRyerlR5txem_vYn6GWSK2p8HZVABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 879a18091d49b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| agdevc0.com/favicon.ico | 172.67.179.210 | 403 Forbidden | 16 kB |
IP172.67.179.210:443
Requested byhttps://agdevc0.com/Mbcullen@valleyfine.com CertificateIssuerLet's Encrypt Subjectagdevc0.com FingerprintEE:F8:BF:51:AD:A6:32:7C:B2:74:82:F0:C5:DF:59:33:F9:BB:94:C1 ValidityFri, 29 Mar 2024 09:44:31 GMT - Thu, 27 Jun 2024 09:44:30 GMT
File typeHTML document, ASCII text, with very long lines (15843), with no line terminators Hash5ce690e644d4b81442fb430958554119 6bef6cd6fe54f9d5860cc86dbbe9803bb6727f83 80ee7c1e3aa0c929726ee33967800078081a4fab301fdf418f7c491cb6ff9d16
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: agdevc0.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agdevc0.com/Mbcullen@valleyfine.com?__cf_chl_rt_tk=b8Ny3noFdT_iCZu.u9J3LSV8SKQ3KLqzniRJSvnMeHo-1714003655-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Thu, 25 Apr 2024 00:07:35 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: AOrMQGiQidDKx3klhCTR4vIV+eRYKpR7G3/soHt4eTW5kLj/jlZZnMwHyJnJFmtvLfv74zRY+WbAftd8ocHFgRbkj6PZjCGzyX0FoR9S/wv4MNp7i380+ZPuYkyJXw+yfqW+AFi9PNgVM2uZbHac0w==$ghZDhmIdF7Ripi7MIAhD/A==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fGWK1SF7NKPhwMp5npwx6tWPh5vDgmGfSXWVh%2Flefkzqbm8Bnu6l%2B71T7LEMZoMpqz1gYCGEaaH0KICufpSbujvrK5M530KE1eGgkqWd%2BioQd%2FQ2qeclWYm9YKt8Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879a17fecfb35699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/117102110:1714001268:3iZBnkF79otujh3fvl8lsIZXDHG1Ao81bk2KToUbrQs/879a1800e987b529/8f510e271a5a70c | 104.17.2.184 | 200 OK | 23 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/117102110:1714001268:3iZBnkF79otujh3fvl8lsIZXDHG1Ao81bk2KToUbrQs/879a1800e987b529/8f510e271a5a70c IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22568), with no line terminators Hashc4125077a4355f1d067c9dc623c537a4 f582638e27270235ee8dd8794cd0e229c2b6b825 179ff165b466b3f0f0eaa69b6b85d30d6a16724c46703fd3ea8cce6d806389c6
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/117102110:1714001268:3iZBnkF79otujh3fvl8lsIZXDHG1Ao81bk2KToUbrQs/879a1800e987b529/8f510e271a5a70c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rm9wg/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8f510e271a5a70c
Content-Length: 26008
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 00:07:37 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 8OxHxxI/x0RdO6tz4oZREYn4R7cPsj/RBKc4TCW4tIZXG6+tJ7jsnOSumkWnXtAs$ig9adbPMXj5W6oc/3YX4Jw==
vary: accept-encoding
server: cloudflare
cf-ray: 879a180adde4b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|