| | 104.21.8.114 | | 6.0 kB |
IP104.21.8.114:0
File typeHTML document, ASCII text, with very long lines (14577), with no line terminators Hashacd6bbe463dda5851a74624fc942afbf 57727c4348acd6a3c9169ec96020c03bd83be246 6b5ba4e45f976f688aa2589bfcea8426cc708eff3f96629896d29583ba902a2f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 04:07:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: PISxQdPklFKhkN0t6jWOO0zVzCe2M3dZRY9uMder4gJ2LFsIRVu5NIu7d2cPzuO5hRa4lOdZI/aOTl4q1XJL6pKcClgAoa8o6xoAoz+NwAbgU6g5zXEQnvpRB/XUeBVLv2/g1EXVsT9UJoQ1KtqqrQ==$JlFwldDg1fC1JtoJjx6R1w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhh6lBOAf%2BSqpvPjMXRQQVUKXIeb9Q0YMCgrVa5A1YLAj%2BcKV%2FWHiZEAhS9C8XLOA7G96tnL53LAwhKFksWjZG113XgKCCJ6RvEc02bk8k9s%2FCj3XrsHUdWLaZlsiA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880694926ff57131-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| 12pw4536.pw/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694926ff57131 | 172.67.188.114 | | 113 kB |
URL 12pw4536.pw/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694926ff57131 IP172.67.188.114:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size113 kB (112908 bytes) Hash234aa549c51ad6cb034621ed49530af5 369ca5b9405973084ab045f31bf66edde00163c5 38039c512e105c671379ac2ff9328b8c20a819c77c9d6f70bfd0251ee2242607
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694926ff57131 HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/?__cf_chl_rt_tk=THQmmdCTEiNA1oXofuGlHtaKu4.HJHThL9E5HgIIpRM-1715141220-0.0.1.1-1557
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:00 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qahNWBtN2sHK7dHU%2FWDwJbQNbi0ht4THEvmoeewElWefdXOiC0AlXpctKXTSS9mL8EX0vDzEjiQrIdSzdTlFzRf5ybxpquP7%2FgEkzDUTE1xTOHZut60SeXdvTJXlrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88069494386356c0-OSL
alt-svc: h2=":443"; ma=60
|
|
| 12pw4536.pw/favicon.ico | 172.67.188.114 | 403 Forbidden | 6.1 kB |
IP172.67.188.114:80
File typeHTML document, ASCII text, with very long lines (14708), with no line terminators Hashdeafe5dc1960727b5a65cad9128fb3d3 db639103a92894929e6c9a23e28ef771741de62d 302f013dd576356ffa963ddfc758cd0989d0a75edcb744a92a5a67e177b29d2e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/?__cf_chl_rt_tk=THQmmdCTEiNA1oXofuGlHtaKu4.HJHThL9E5HgIIpRM-1715141220-0.0.1.1-1557
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 04:07:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ReFs4vOeqVX3Ah8n1OhKepIU0m2GhK5xaV3WFQy8JvXdX97lVswGjXgpGBlR9y7YgcyXyR1u5gPP+gPu+uVwjl+A43lx/Di9KaOYYIl65A23z7Q5l7aWUZb+CiCpjgPU3kTnSHX6L3Z3Uq2qtTvZJw==$mtGxNYDmy5XXjawqEv4/gQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CzdVecqADnB8fZNICHQTgR8NqUKiejzkGPXjuSz2f3GofIYs3z3bElT78FUmaSS%2BXofipF%2FOg0AwDreCmlcZn2QFZn3cqHT%2FYAqK%2FpCbrNckpxoboRPcopGTM8c0A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88069494888e56c0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| 12pw4536.pw/favicon.ico | 172.67.188.114 | 403 Forbidden | 6.0 kB |
IP172.67.188.114:80
File typeHTML document, ASCII text, with very long lines (14622), with no line terminators Hash969e6cb1199edbdbade3115b18040979 d4c43d18c4762d9b1f475ecb6fbfd528b58fb2b5 49ddc5d8e807beb283793c7ba5fc26b1bc342bcdb0b03f612c5e52a1d208b203
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 04:07:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: yAOtPYnUWw9xXrC2PPDyhYkIhAurbLhJXiBznpAEUr8J3inxI+QsGDJpkCRtaiLFRM1NXNMwPHNtjh54ah37qiyx/C7IKnM96h+on+D4futYmYNF/B26fYkDD+kiJvvMfY0GTjXPKtHpWTEoCNIDFA==$Trjh0dLevDvlRA+g2HxJaw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJvokTnXB2axqJe2Z8%2BXiT3sKkR8iETgYjOaUOuiMeq3Yrpvxd6z9DQwyyM%2BuYLTslssx1HTQ3coDiFm6P6TpHMLN4%2B5LOaIwyTsmRrteiqbTiDfL%2FRnN9DhDjQN2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880694951aa256b9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| 12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7 | 172.67.188.114 | | 12 kB |
URL 12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7 IP172.67.188.114:0
File typeASCII text, with very long lines (16216), with no line terminators Hasha80e957315d10ae18baf9e566b7fdfc9 10021f276357e70e7ff140e35fc066dff228cbfb b4e2624f41e7e38bc23384a742148ee5f8f0b731100f7d7c5e09f173f15e0bd6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7 HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 05d8509cb8be0e7
Content-Length: 1817
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:00 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: vOUjPZYQzS9vfwQ8yTTGHRj7vJzVuHItwTN4JzGl3XxA4zzJ8BeOq3mtJ90CJVPf$GKpl1Pvbm4xDBZw+wcFkrw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PNs8%2B8SBTzw%2BoAR4t158v2uWvLTuaM3O2kkXkfrPoA25%2Bo1yjclL5Q3g2kyTb8rB0JxZIuh%2B5oW1%2FdARAF%2B7F2%2FiwcYLoM4NkI7cXWjUDahPgRJHKDrKiM4A07imw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880694961aca56c4-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j0kus/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:01 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880694979e370b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880694970e040b51 | 104.17.2.184 | | 179 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880694970e040b51 IP104.17.2.184:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size179 kB (178966 bytes) Hashf04cd0a272d38cc54b1ec6c0fd7addf8 cdfaae418e9e74072510a753a87b70577afd926c 89c65682f385e1f95a583da30b704afb8f50ae614b0dc3ad1fc1ad09152f0f13
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880694970e040b51 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j0kus/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:01 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 880694979e3c0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit | 104.17.2.184 | 200 OK | 28 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP104.17.2.184:443
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 04:07:00 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 880694955f367128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880694970e040b51/1715141221386/ZwNAD89_27RBTHF | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880694970e040b51/1715141221386/ZwNAD89_27RBTHF IP104.17.2.184:0
File typePNG image data, 56 x 15, 8-bit/color RGB, non-interlaced Hash4d62edb750f01270ccd2c6b52f515b70 039da262a8bb70cf7137325e6f3dea0bc0bd6f6a c48988ee1e6c58285616950174d32c5af68f7598610a88a3a05b0335a6037a73
GET /cdn-cgi/challenge-platform/h/b/i/880694970e040b51/1715141221386/ZwNAD89_27RBTHF HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j0kus/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:03 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880694a56be20b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7 | 172.67.188.114 | | 1.8 kB |
URL 12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7 IP172.67.188.114:0
File typeASCII text, with very long lines (2328), with no line terminators Hash26a08a757530e4c384105c5f638b59f6 2629be6d1673ded476cfadac5234af5b22d56a5b 7d5ffdef01cd7ed0734b22ce1849d53eba74c00946e0c5cbcfdb36b83f61e0ac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7 HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 05d8509cb8be0e7
Content-Length: 2458
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: MGoLQLjHwq6WqFhK739/YA==$b3Mh33/YyBcKZez3E99vSg==
cf-chl-out: sBDSNc6Fd0KRZ9oLA7kq+cFRY0bRiT1uYjnRlPVs+NqgFQ/pvEgzpVAhd2n46mspKLLewQT1le1hgUIiQ+TR0vevtg+9RQJN/n0kcCrmfYY=$DA6F6RUc9N23ssgjE5mXZQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yhCJXOVpfIbAAdfzpRON%2Bps3z9z%2BQNaRf73B9eTkwKMt4N9nVEXd0eYcJJfmnnXoS0nOfT%2F7i%2F74kjlQxYjkl%2BwUAf5l2QG%2BsT1H0j1548QIWT5QoMwbsk%2Fxasy68Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880694c77f0356c4-OSL
alt-svc: h2=":443"; ma=60
|
|
| | 172.67.188.114 | | 6.0 kB |
IP172.67.188.114:0
File typeHTML document, ASCII text, with very long lines (14600), with no line terminators Hash21b8bc1db1edc98d0c313de71f778966 36856905476f9fd43262b4cf9d3de4661fc35446 8840f0d0882c668cfd650c4d0e3c1d570ebad81caf91ea2a8e321e213297c33c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 04:07:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: M5ApOilD7vGkVMSHB2PGSLb92evyVuHdm3uWofoa26qqcvxnXQ1KsPTkvsTHXTGklsXT9L03QOGj1Z37s6CBA+lgQYQks/VRnyu00VTAZBfppq/UoPR0MckdT/4jlR7TvwDR4WFF6mcFjhj64m/J/g==$PrJau8s0tfoFXROgqLTZfw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKUZr2eEMqtLNYDeIZbhSguksW7InEXlEA0adXNmQW1dXoe9VL8GjTf0Xzt%2Fl0vptxicr1CFK5CLVOyoa%2F7xmU0WF%2FQ0PxTNu0tzUFzPEgxZ3XAm7VIOXwVhE6Bb3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880694d43f6956c4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| 12pw4536.pw/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694d43f6956c4 | 172.67.188.114 | 200 OK | 114 kB |
URL GET HTTP/1.112pw4536.pw/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694d43f6956c4 IP172.67.188.114:80
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size114 kB (113731 bytes) Hash37c3a786828811b7604cea542a906588 44c3993f46f81f2f980bd5ee497cff8423bccfd6 69e9072d46324702e85d4627ba385fcd60230c9705d80c374fd7c27558cdbe20
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694d43f6956c4 HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/?__cf_chl_rt_tk=GksLk2Zk14H0RqMRdNZdYw2reETQPN_xp0p4d609ckE-1715141230-0.0.1.1-1557
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:10 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GeFGm0WNal3IsRZg00OJowFrePGhY0flllNNWQlpn6s58DnjAqykHfG2qOgJV0euPr7qfLVjdAosoTy6PjA50wyEeb1zDNsTKZdGEIXNfL1iFLMlP3BQ1Re4AM0D%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880694d48e74b4f4-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1947266511:1715138942:pLRAMhqj7Q1_Qq-pD10bgUQeQT4DaBUul41UOXmAZd4/880694970e040b51/562f712c8abbb76 | 104.17.2.184 | | 6.1 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1947266511:1715138942:pLRAMhqj7Q1_Qq-pD10bgUQeQT4DaBUul41UOXmAZd4/880694970e040b51/562f712c8abbb76 IP104.17.2.184:0
File typegzip compressed data, from Unix Hash52b24a06320826565d996e24c4ae3f13 302370f314fa12fa2c2e2289769d4a17cbf64f4a d5264452befc8bdbf9a5c14c7364a1b944f06842661d142a227aff71bcf5d6e0
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1947266511:1715138942:pLRAMhqj7Q1_Qq-pD10bgUQeQT4DaBUul41UOXmAZd4/880694970e040b51/562f712c8abbb76 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j0kus/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 562f712c8abbb76
Content-Length: 3441
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:01 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: E7w27DH/1J8r12pKxzzsgTCN+tqqMvOa6/OBnH1Ya2m14ELp2WSpIeSakxaa/PSh6GzZGNp0OoHSvdjjvNgmaLiCQL6ftkbWS5jAvhB6t4GiWelaKGmHTrEffXNuPNufkLWeJ+xhTWQXzWAEuzKZgzIezX43J1eOyfg1fiGalyJO5g3wakA9zqBWRaPJWEfSHLnx6a6+ZoiMctbrho0v7jLQwSJxmch81NaYF9M80br0cjSsFVEVJQ/9bgM+6inNzkG4LD0e1h63F6rKBH497eYzZTeSq7/qlNXXCeP2z2tFOgB5fLQdSnGnXioEgEgtnHwvpYsDV8bLmhWkJgGUJfHDTOsjLSDLh7hS5oNRkUxV+T5C6kNdSO3CiUbU7yAoU+zqp6Q/zRv1mcloYUb6tYRUWfNu5Tni4Ff5qi8VGV06hZvdOwNr9zQf5RgfOwjWM6sQCksBH49hqCwb8OOfUOWKOiZNsmWwoQ017NDn33k=$c36rDIDfKllBmnZ/4PsYMA==
vary: accept-encoding
server: cloudflare
cf-ray: 880694999eed0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit | 104.17.2.184 | 200 OK | 28 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP104.17.2.184:443
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:10 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 880694d56b860b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c | 172.67.188.114 | 200 OK | 12 kB |
URL POST HTTP/1.112pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c IP172.67.188.114:80
File typeASCII text, with very long lines (16272), with no line terminators Hash5be4377e7aa4d9ee785aff5d36f3dd04 0c7405dc6e23b8800f2345fe104c7a19a1b1329d 4516df2a2f433db20ac6ce78dea6511076c6af118e51f94f55680821767974d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 352c1a5cd05d80c
Content-Length: 1820
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:11 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: jvMt5xr+vPdUZl7LBg4xYegzOKx/Wr2ucJtJgED/oyQnLr/4NgmwCymhvdrr48ZK$O3Kg/D1drcXHYXz8F5oKdQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K55ukvLGHwlRrELx7yHy0M4YbXg6G9f1%2FTToOtXtd9bbHyqr%2FXz43ZoyRP8%2BmrvSTRu4Ns9sU44Ej1EbsBTO%2B4YIzLyx15m5d82LXyea7IH5hSybeHsN%2FddJ%2BdoYiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880694d63d5756c0-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/omnif/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:11 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880694d77c2c0b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880694d6fc050b51/1715141231623/41x1bSKcwTCTvGr | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880694d6fc050b51/1715141231623/41x1bSKcwTCTvGr IP104.17.2.184:0
File typePNG image data, 63 x 26, 8-bit/color RGB, non-interlaced Hash66e2f73764b203e8cde86eb33dd1ad91 f6f95d8eb1962626ea8fd379691060af6aaffb2e b704818b3721488e57e3c6fc4ca08388c9afbbbe57f2e7e71d37622b4a27f2d5
GET /cdn-cgi/challenge-platform/h/b/i/880694d6fc050b51/1715141231623/41x1bSKcwTCTvGr HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/omnif/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:13 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880694e408400b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c | 172.67.188.114 | 200 OK | 2.7 kB |
URL POST HTTP/1.112pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c IP172.67.188.114:80
File typeASCII text, with very long lines (3548), with no line terminators Hash82db75302acfb39211d00498ee197d43 b8b0535c1ecef8394f56708f638b5d275c779529 72141bc96825b32a143a59e4971ecbeb616cca4895f11b025705fc32c7bca769
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 352c1a5cd05d80c
Content-Length: 3251
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: o2nTTS1de0JNjIFBMPwTT0tJlFNOS7pHqPZ56/IJhRI14IF6vK9qnan7L+U+c9DEKVv8D8Fm8j+WrqQwuobB9w==$9mhbrPItYRzJAudMHIOx9w==
cf-chl-out-s: HSv+b+RWHo7LcUfzGtaxKg==$bVmUCPDV64TXnwJFa5bhBA==
set-cookie: cf_chl_rc_m=;Expires=Tue, 07 May 2024 04:07:19 GMT;SameSite=Strict
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3PkpQggTT1UoR%2FxEPjsJSijphmLe8Q97ijfoviy%2B74E9MflOxAg9iRzQV7IHA5foflbEi0obfG1Wbe9Tv5kU7IMh%2FnhOTGfZaAs8gLhyS%2F%2FYl8Yhmg52AzKeh%2BMZ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8806950d6ab356c0-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/omnif/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.2.184 | 200 OK | 80 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/omnif/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.2.184:443
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hashbbec8167d9427f5d4556abcd7f91e930 abdfd2a3e2b726a14e50341dae1239df7fbf7b4d 3ffdcdf52f1a8c64f0d2fd5d3a6ab101d2b65e034d8716daecefe9b906de35e2
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/omnif/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:11 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 880694d6fc050b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|