Report - 12pw4536.pw/

Report Overview

Submitted URL
12pw4536.pw/
IP
172.67.188.114
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 04:07:26
Access
public
Website Title
Just a moment...
Final URL
12pw4536.pw/?__cf_chl_tk=GksLk2Zk14H0RqMRdNZdYw2reETQPN_xp0p4d609ckE-1715141230-0.0.1.1-1557
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
12pw4536.pw	unknown	2023-10-03	2023-10-03	2023-11-17	4.8 kB	292 kB	104.21.8.114
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-07	5.4 kB	325 kB	104.17.2.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	12pw4536.pw	Sinkholed
2024-05-08	medium	12pw4536.pw	Sinkholed
2024-05-08	medium	12pw4536.pw	Sinkholed
2024-05-08	medium	12pw4536.pw	Sinkholed
2024-05-08	medium	12pw4536.pw	Sinkholed
2024-05-08	medium	12pw4536.pw	Sinkholed
2024-05-08	medium	12pw4536.pw	Sinkholed
2024-05-08	medium	12pw4536.pw	Sinkholed
2024-05-08	medium	12pw4536.pw	Sinkholed
2024-05-08	medium	12pw4536.pw	Sinkholed

ThreatFox

No alerts detected

JavaScript (71)

	URL	Size	First Seen	Last Seen
	12pw4536.pw/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694d43f6956c4	395 kB	2024-05-08	2024-05-08
Pretty URL 12pw4536.pw/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694d43f6956c4 IP 172.67.188.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:07:26 Last Seen2024-05-08 06:07:28 Times Seen2 Hash 37c3a786828811b7604cea542a906588 44c3993f46f81f2f980bd5ee497cff8423bccfd6 69e9072d46324702e85d4627ba385fcd60230c9705d80c374fd7c27558cdbe20 Loading...

	challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit	43 kB	2024-05-03	2024-05-09
Pretty URL challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 14:37:28 Last Seen2024-05-09 16:04:48 Times Seen753 Hash a5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5 Loading...

	12pw4536.pw/	4.8 kB	2024-05-08	2024-05-08
Pretty URL 12pw4536.pw/ IP 104.21.8.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 06:07:26 Last Seen2024-05-08 06:07:26 Times Seen1 Hash 3d596b1198cc8fe3b675fe355c51de47 958a14831b55e667477c1a3ed9c6cb3d7117f19a 9523db9ad434fcb578dce1be894624af553fc25e52d6766d23f543cdb35380e4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - a4bbf4c54b76ec70ee2a2aa920b419aa	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:26 Last Seen2024-05-08 06:07:26 Times Seen1 Hash a4bbf4c54b76ec70ee2a2aa920b419aa 8eea16340d3a285404918c1b126cef3b9a7fe0fa f1cbf1f70e99de581cbdafbe14069ed56c1333752b107efc8934aca6e4092b3c Loading...

	#2 Eval - 0a0cb63bdeb458f77394a3f0b8928d25	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:26 Last Seen2024-05-08 06:07:26 Times Seen1 Hash 0a0cb63bdeb458f77394a3f0b8928d25 807842fa85ccdc4da51d52d76c9cc915673e2a18 95faa667454f2e369873606dc5b6f4995bd4debf04d4c6b0881eebf428c3fb68 Loading...

	#3 Eval - 2ea5e21e30ce582873196a492ea00daa	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:26 Last Seen2024-05-08 06:07:26 Times Seen1 Hash 2ea5e21e30ce582873196a492ea00daa f9159040b66e070f0da6a39b65280108dd547af2 a0120ba5235c52e547bd86d7cd285dcdf0f184805c64d7db22b058eeba2c4781 Loading...

	#4 Eval - 46fca5d36fe06cb0ad14bc0ffb135dad	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:26 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 46fca5d36fe06cb0ad14bc0ffb135dad 57afe130d027c4368398279c1109fa124dc1f8a5 826527c8c21be7ad194704cbf41469448c36a9647348635f3eff6c85525cc3ba Loading...

	#5 Eval - 44ce9c2b5dbdc0f28d7037c070550b74	62 B	2024-05-03	2024-05-09
Pretty Observations First Seen2024-05-03 14:37:29 Last Seen2024-05-09 15:26:38 Times Seen386 Hash 44ce9c2b5dbdc0f28d7037c070550b74 a9d8ff605c113bef81e606ea0bb2d8b0d65bd13e b87899b17160a1ab0138f3ff2eacc0c7c9107f22f6ab3ad6e9d9973b98deb26d Loading...

	#6 Eval - f5995434155b13c691bb1c11477b0cc0	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash f5995434155b13c691bb1c11477b0cc0 7e4e34584433ad8b48e3c7b6ddfdb309ed467087 cc5195653df5c1a109a690e6139c04953c04a9536f970660b1139edaaf903cb8 Loading...

	#7 Eval - 32c95b1cd105994bcfe51bc42e42d100	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 32c95b1cd105994bcfe51bc42e42d100 4b43062175b95a309033babf1cedd3ec8df43fd3 c336e39aa5a4a5fa66d6a098c833b1ce74d0c13a70e26c8fb6b2e7787879f35e Loading...

	#8 Eval - 59268a552ef65337710a0091fae530f5	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 59268a552ef65337710a0091fae530f5 df681be857d563e5f628ed6f66f1e5f939ff1b3b 1dc19502dd61a20677e03453ab3c5d3c3751abbe318bb7c91dc572dbaf0e1185 Loading...

	#9 Eval - 1fa42210284c55bb51d0e9f459835330	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 1fa42210284c55bb51d0e9f459835330 7763e131b6aa1b25ed9930f4dc8f24008e813590 1c6a9e2c1b0a8f352e37eec351171c712fd83b40c23b995cd4b54fc1ebfe1b6e Loading...

	#10 Eval - 761ee5f4f1cc8a6a71d57e3d88afd844	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 761ee5f4f1cc8a6a71d57e3d88afd844 6c46d8b74dff9f9221e3b9047a1e064670e27cc9 19fd53aeba3723c4903bcf35167ae33d8ced25349a4ec60c7ebdd18c674b0687 Loading...

	#11 Eval - a8e296dc26f71a010e04492458be5c0a	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash a8e296dc26f71a010e04492458be5c0a df46ea97217e90f7a97f251b267aba90390c991c 04ccf7f44cfa7601ba8721b206ad0f5bcfefe939e4e08ca9444af93af6201657 Loading...

	#12 Eval - 92cff89c33988d962f8b6793762ecc0d	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 92cff89c33988d962f8b6793762ecc0d fee1f7e17286bc0b4a1d64ed810bf796822fbcdd f5072c1d5769bb65b19f36f9717c29c8c264ffc1b98faff76e5b2035053f8d63 Loading...

	#13 Eval - 75d1660c0c7d7046d387573710662a49	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 75d1660c0c7d7046d387573710662a49 6b421a49e6ee24f17c5427778a7fa143e90428f0 7c0a69823e9fcb6c67e3fb0d54a22ae0b5ac9cf0281a94127a2d3a473575d05d Loading...

	#14 Eval - d691dcf15afc44c3d55becd388cc729b	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash d691dcf15afc44c3d55becd388cc729b bcdbb0e0b3ddc3c9e4d533e92e49bcd41fcb01c1 d9319c1231bfe1497656d7c3611fad5f9d2f0b68b86ef5ea59e067df724ef289 Loading...

	#15 Eval - 4b89bc7ab7785b99ba2c7932bed5ee4b	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 4b89bc7ab7785b99ba2c7932bed5ee4b b8c82fe53559c179665bcf54df1f800b3656f235 46bf0217aec13c41d3ca9ff8f0f34e9fbab5e7335feec41a636e7d80ad617873 Loading...

	#16 Eval - 400211c0d2c89c2c07dd1238f9238107	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 400211c0d2c89c2c07dd1238f9238107 cbae6d30563ba3bf4a2de34fef2921791312efe3 613c163ca9421124f69f903b960d292b37be04bf8d723d22cae01a54a2c945b1 Loading...

	#17 Eval - 3395ba8348fc2c8f0b069dfdd69baae4	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 3395ba8348fc2c8f0b069dfdd69baae4 d90a8f178c19fa0b3a551a16ac00d3ec9043e210 1a3a0176d3165f3dfc66d9a0718322819b1c97f0c937dceb7e86a4942d08f5de Loading...

	#18 Eval - e8f9c0f405d4a617f82646ab81a67afe	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash e8f9c0f405d4a617f82646ab81a67afe 970afa27936ea0d6846a0367a010ef066b55a94d 8e71248adc69400dcdb80f38c27175a47c466a86e221b5e091ce9d3f5421aa53 Loading...

	#19 Eval - 6a4f0512d8370da6347d219e1561cfaa	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 6a4f0512d8370da6347d219e1561cfaa dd97f9e1ec941e8963bcb4a94a50f9119551f9b8 b5474494a9d786e3557bec7a65a0a65bba1ce8d8052b6168ec65878932434062 Loading...

	#20 Eval - f3dbcb4184126a77b00128bd6219a0bc	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash f3dbcb4184126a77b00128bd6219a0bc c46f9e813733a554c6e43e418f64d155bde6f3d9 ae95130ee688159d6a0c2858e4a523c68bdaf646d1634a4bed5336e53bbfc7e0 Loading...

	#21 Eval - 6e4000cca67bea8b84fa8a049f618127	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 6e4000cca67bea8b84fa8a049f618127 cf50ffc15035e576ec0a75fb2842cf581a130004 47853920bdf169f2df10fab3faa3ef0c14d4304d4d38df5884045b60eaeaa35e Loading...

	#22 Eval - edb3882cfcc9b0b0781f38a3a29b8a48	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash edb3882cfcc9b0b0781f38a3a29b8a48 9fb3cf4e6064ff79d9e92cf171fbffb4da1d8efe c191d65a68ad5fa2a58937b29e1b80732a6a03f25fb74649d28d280084995707 Loading...

	#23 Eval - 62517dcea715473fdb58c3012a366d4c	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 62517dcea715473fdb58c3012a366d4c cd70d5f0d4ee42e7b4fb4680c20d698d8b6890bb 637e84f8b75536d20e376f6b061f152c70e9000e61497e80c71735e1a4a8da2d Loading...

	#24 Eval - 5f6c614953375c74d9244dc71709e273	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 5f6c614953375c74d9244dc71709e273 d6f1e8ba1aec4ec86df9e572a4ed557bdb45288f 4408ce897d71d947a46a25fcd13b87d1dfb106cd3d93993176278c541c3cb0ea Loading...

	#25 Eval - fa0f6a9bee719f3dc4d216254ccbed27	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash fa0f6a9bee719f3dc4d216254ccbed27 f07747c43a025de45f0d805f8193e18d676d76d5 bed9fd917bedabddf7414013a8bbd9feae6a271badeb5144ba852de4f28803c2 Loading...

	#26 Eval - 17a02682d63e213832d086c2925f7466	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 17a02682d63e213832d086c2925f7466 8bed00b606813d1092502103164183bc8e516060 c1916dc2438aabdb7eab29f77e9ea0d226d38777121dd82ffdc84d6e2c43bedc Loading...

	#27 Eval - a392c69075b7f96206bb139e14b52240	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash a392c69075b7f96206bb139e14b52240 d52babf82eb0f2647f2787f4b8636098db4a68c9 783c847a70ea05f269cc2399f2d89533ddd47aa4065e7cfb09a9d0cbd91f1656 Loading...

	#28 Eval - a3a7860ce50cd18e44613f7a09693c37	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash a3a7860ce50cd18e44613f7a09693c37 9f85ff4c9f62149a7eb888e3374e7b42e792a55e 219fee7f0e6360953c53db1da5b20869116ff011f767d8734002c50b09106167 Loading...

	#29 Eval - 1d56985e5a5892f544fa97cc983bc533	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 1d56985e5a5892f544fa97cc983bc533 877603e77006cd62610568d792ea1264500ddbc1 87d3e5a67888beeaf98756e1c60f48059f85e9626b2420a6787edd3b34c60967 Loading...

	#30 Eval - eae1a4d9d02b7c1eb1637717c155c7bf	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash eae1a4d9d02b7c1eb1637717c155c7bf b3f61886af130f595384a0bc9457c67ec923ce72 edbcd3ba2f321200b781a6d2971ddbc09335e1c376ca9832761ef130b2e25509 Loading...

	#31 Eval - 19e9927cca0ae20dd7f92ae0f5afe7df	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 19e9927cca0ae20dd7f92ae0f5afe7df 1b8c2f87d99bfc99785d36193b3476c5fb6d0bd7 8f351a5ae1132843597e4ff812c2ea349fc5f917e4b58bd7504c87678f728d8a Loading...

	#32 Eval - 9ef43d889080e7be8bdc6976c6f57bf0	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 9ef43d889080e7be8bdc6976c6f57bf0 c93c917ed6e3a6b94769c75b84319869e61dc061 ae0fec0081d4a4911edc59e193c755582667f6d94f28525a1e408519e2a7dfb9 Loading...

	#33 Eval - e19d52d3e9f88570303ac19c9e6167b9	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash e19d52d3e9f88570303ac19c9e6167b9 892c0e46f84cb6a735c08bd224fe49bd5906188a 8ec12d3aa9f9b4e776ee2ab8845c6d8f8e2257fd58a13f02d05df60fd66e8cdd Loading...

	#34 Eval - 350d50420d81040db39979fd4e194929	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 350d50420d81040db39979fd4e194929 0b4daac16d0aceacc3526165c5ef9664c0c0d914 3dd0c1477ac208dc8836c052ab5cf01635a99efd3e0c8fe07b3ceaf579cf6da4 Loading...

	#35 Eval - c0b7460078084d4341a6265f484785ad	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash c0b7460078084d4341a6265f484785ad 1aff5a0b3f3b6cbe30057677d676b309f4cd7572 c4ad4be8a452d11d3eefae99af223a49a3a795ecd36866959805704443ad7226 Loading...

	#36 Eval - e85c19df1e90fdbe9cc3f57e116a64da	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash e85c19df1e90fdbe9cc3f57e116a64da 2c4e2139b0f827e777eaedc8ba0fa7a21aae98b2 859628b3b772225f43444f5de22ee87f589cc83b703e7452237676b8d72f66a5 Loading...

	#37 Eval - 7983517d5ee5e4222b23d67b6720db54	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 7983517d5ee5e4222b23d67b6720db54 ced718cfdf16386d659d4a74d88e75b54e3bbfe8 7462bc211efe02ab2cc4d4bc46b316f4908e1994c4080b645ee3b83b867fd01a Loading...

	#38 Eval - cda4a77cc05b96b88ebf12599b2f80f7	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash cda4a77cc05b96b88ebf12599b2f80f7 c01c9d40364974a016fb3ec4179e27ffa7666b89 387a4a7c9efd99ddcb46dfbc8a72863c49ce1897ff985493c5073130abcac541 Loading...

	#39 Eval - 42617502de4e9b22e9cc8c80c45029d5	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 42617502de4e9b22e9cc8c80c45029d5 f0bd81e52251e2b3671f5cf5f703470ccabfd1e0 78db71452f6158302c63b8f9d279479e9a9baee6954e6a0c90baab6ff45cf063 Loading...

	#40 Eval - 0f0f5d1c28ae30fa8e8eaafd360896dd	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 0f0f5d1c28ae30fa8e8eaafd360896dd 49cca1f6daf95b14d8b79789961c0ca617086dd1 bd7f6a09ba75cc602d81303febdaafee7026dcd397a85e7d0c64cdb3898d9012 Loading...

	#41 Eval - e8b1a82e47e1ea336a149bbc62a08cfb	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash e8b1a82e47e1ea336a149bbc62a08cfb 9d946d822977417421021ecbfc8d1b5b74aa3725 f414504aaf08e8659c5e50b19285eb0240abfd6a2c359fb3c5fbf5a7e81675c8 Loading...

	#42 Eval - b36609454e126fa1ecda4fdd1dd038e8	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash b36609454e126fa1ecda4fdd1dd038e8 8978296d6d8ebc62273d600d1e79e092c019a542 3bc78698249748bf93b136da4bf33bd59df7dae7d097a525a75785f53000c233 Loading...

	#43 Eval - 569f23fe8a42e867e3e30db15bd066c1	2.8 kB	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 569f23fe8a42e867e3e30db15bd066c1 514d759248a22792d8d06b1de14fe179d452c878 6098251f971a9f369508cfaf433464598b19934200355ad144040ffc142dcb78 Loading...

	#44 Eval - 76f744efcddef140b0181ad75310a6a1	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 76f744efcddef140b0181ad75310a6a1 1b1debb9dcb3affcc29fdc3ddfced6e19f4e40c1 4844be97e047aa44c3b55d7f97f835d3e23e8668c8cf9736f2ba1a69e95eb4b4 Loading...

	#45 Eval - 844761ed9f6ded4a72aa03603748dc8b	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 844761ed9f6ded4a72aa03603748dc8b fb9afcf2eabea488b759b841b05cc33b8d9df52b b6d3f19f7d22c42fcd96fabd9508ff128de62e3b09e8315fabfc99e8c3356b29 Loading...

	#46 Eval - b2ebb8f1aac9cbb52c8219c06aef5f2b	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash b2ebb8f1aac9cbb52c8219c06aef5f2b c4936da3699b781d7f08d9a37c34676cb51e2641 79d6fa3e55215bae91730cf9f3c1be3df22b47748e25b02f42a2dd985b2e6607 Loading...

	#47 Eval - b563b835a04a8dfb21c3c63cde34f483	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash b563b835a04a8dfb21c3c63cde34f483 508ed4d04dbd8fcaedcb0c14093e38ecddb0904b 8b5f38b5cdf6df956ce89a8a753fce2bf0ffe3bd61f8b01590f47b1c5d76cedb Loading...

	#48 Eval - 1b3e717181678bd1492e09743cb972ec	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 1b3e717181678bd1492e09743cb972ec 0195e9a2cc9fe4eefb3e08ba23f2ab0b5db9bc69 acb1ab71e7ab4d073c982832475f9288d281051377fc3c0be2edb9d058a1b7b0 Loading...

	#49 Eval - f127d889249ccb3535679000d5740a21	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash f127d889249ccb3535679000d5740a21 8c9938d95cd6539522d7977774d5986d488c44f3 fe4456325b3323fc7bea2f8706d83678b805b1cf0a956e9fe8b2ecb12ed72514 Loading...

	#50 Eval - cabdea324025ea7ed0815a78b814981c	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash cabdea324025ea7ed0815a78b814981c a3407dd6db34f7fe05cccae022c734e71ac986cb 72d975d35b63e3a77b5f636fa6d99b219d7a65e8a4a0b8bb39952fc2c6410505 Loading...

	#51 Eval - 8bce26353eb0b3ad1b2b6a8366432a82	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:27 Last Seen2024-05-08 06:07:27 Times Seen1 Hash 8bce26353eb0b3ad1b2b6a8366432a82 6bb4ac7ad6acef2080db766421c94185da8ba5a1 cc90f354ddb4cc76fe862769fad2ed9d9a3d60fea57dd47ee1da5986a8aadc72 Loading...

	#52 Eval - 426d05aa4caa45f916d68ade9e478d92	2.8 kB	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash 426d05aa4caa45f916d68ade9e478d92 d04730733b0d25a44de827ae3b76148e7cfeeab3 b835c74336ec8983e8e26002168ef0c58d525ed45df84b0ca09610401ff209ba Loading...

	#53 Eval - bff47287a6da3f7e53cab7e5840815ee	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash bff47287a6da3f7e53cab7e5840815ee ffa77d729d856be2c052eef892d906fbdd26b6b4 f12c0431dd14908646ab3e367a743db47ef561367cf676442a817af834e01996 Loading...

	#54 Eval - 1b03c2efcd801b79b8ada16a17545aec	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash 1b03c2efcd801b79b8ada16a17545aec 22a4b2dd8c2ee1cb9e7c3b191509e69e1045c2f2 4a05b1f7d49743e7b84683b2257ebd0dfcc43051d4fd07ed983e5ee567b48263 Loading...

	#55 Eval - bbb5a0b2200dc4664b31f9094435d660	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash bbb5a0b2200dc4664b31f9094435d660 c1f50cc32c36d2c7a247632b5ffcd96ab3357c7b 4318a6a7c1049318c3bf44540b2159a0e2ff951ce06f621b5837803f057d9fa2 Loading...

	#56 Eval - 513320e49a23a084abcfa99ea0a350f0	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash 513320e49a23a084abcfa99ea0a350f0 a24d25c72a5e1135845c2fc6dfb5e7d90c3ed95f 01d5678308c7c83658dd4b84d47e2a746fe97011d6f369713bc7a4805ebedd33 Loading...

	#57 Eval - cafd1e01e946c45ecbc0319894da16b8	977 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash cafd1e01e946c45ecbc0319894da16b8 8fdaffb20b032b816efd0e64cd3f144f7eeb4c12 2a2f3a7cca2f6437ee27fd75b10ea916761c75995e8e065be025788c51399996 Loading...

	#58 Eval - 30cb6d6b850af8756514d45bf1381db8	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash 30cb6d6b850af8756514d45bf1381db8 815f33ce13e8359eff797e7ce4b94c2cff57678c 790f01205f2c814786a17a15e804b3726eeb63aa9d0257e4f27cdd2196aa1e4e Loading...

	#59 Eval - 180857d8a7f4b16091beb6a6b4c86c56	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash 180857d8a7f4b16091beb6a6b4c86c56 3e15ba564bb253d86ec7f39d429aaac3e94ce4a4 6e4802145a39a02c9b50a65ba13cc3c078f8641e4bbf3ca0c7e031eb8b70d496 Loading...

	#60 Eval - 6a570e27a56f92845da732f23f09da73	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash 6a570e27a56f92845da732f23f09da73 2aef79da56e08e30e1228d884223977edcf7c272 cf2ea1db7fe41dcc02107b89def9e39300f6709b3e94ebd33664bfa4791179ac Loading...

	#61 Eval - 5e29828b96142dcbb5d809a42611528c	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash 5e29828b96142dcbb5d809a42611528c 03c513a57d36b15478362b3c16b4a7702910836e 343d8632bfd34416f3aa60cecb03b97d5624e0630d5af31856aa4659b64165d9 Loading...

	#62 Eval - a900acabd17e3cb4117011251200209a	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash a900acabd17e3cb4117011251200209a bb1b42969623f044f29a575854d4fd6d45081b0b dd75945152bae8e912991e57268781c492b495cf4a77965f5f8475d9461391d4 Loading...

	#63 Eval - a5b6dd62b49c260d88fee4d4ef55ec31	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash a5b6dd62b49c260d88fee4d4ef55ec31 0ea352d94d50b3da48870ceea4e1f662ab64bc8e e8eecb5007b1a672fe24ffaa7f38f99477ab5e60c1efe19c0d9fa7c0ad6e6ed5 Loading...

	#64 Eval - 6c26d13af25738118e3a1cbdfc2751f3	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash 6c26d13af25738118e3a1cbdfc2751f3 d7de075ca05c0e3f789b3845c650951e3bb818d2 ec1c11c2b2688456413b417029bfa542abb7d6ff52c1ae9f01f38d4af7db753c Loading...

	#65 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-19 21:08:43 Times Seen353118 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#66 Eval - a51a4f7611b5e8ea8c2896bfadaeb91e	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash a51a4f7611b5e8ea8c2896bfadaeb91e 4584d548e48e1eaace80458011d90a875b207886 abc0774f36d63a7f4fae17e1abc57fecd7954280663faca8bee42e45a3a65a02 Loading...

	#67 Eval - 8e5cd1084b16ed34704109ed0076e3c2	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash 8e5cd1084b16ed34704109ed0076e3c2 fbfc377bcdea6b2168a167069dd64377995bc080 e98ebd737ec8668dfae01725e1288a0a31927cb1ccc2eaeaa9e4b23b97298e6e Loading...

	#68 Eval - 33a882e54e37646c30a2f6a8a865df74	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 06:07:28 Last Seen2024-05-08 06:07:28 Times Seen1 Hash 33a882e54e37646c30a2f6a8a865df74 2c298da060b16cd138bd85e860f8cb264e39fbae 2e97288f7dfae02069e3b0a9c7fc30052c46fb96810b396937489f20b709141e Loading...

HTTP Transactions (19)

URL IP Response Size

12pw4536.pw/

104.21.8.114

6.0 kB

URL User Request POST
12pw4536.pw/
IP
104.21.8.114:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14577), with no line terminators
Size
6.0 kB (6024 bytes)
Hash
acd6bbe463dda5851a74624fc942afbf
57727c4348acd6a3c9169ec96020c03bd83be246
6b5ba4e45f976f688aa2589bfcea8426cc708eff3f96629896d29583ba902a2f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 04:07:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: PISxQdPklFKhkN0t6jWOO0zVzCe2M3dZRY9uMder4gJ2LFsIRVu5NIu7d2cPzuO5hRa4lOdZI/aOTl4q1XJL6pKcClgAoa8o6xoAoz+NwAbgU6g5zXEQnvpRB/XUeBVLv2/g1EXVsT9UJoQ1KtqqrQ==$JlFwldDg1fC1JtoJjx6R1w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhh6lBOAf%2BSqpvPjMXRQQVUKXIeb9Q0YMCgrVa5A1YLAj%2BcKV%2FWHiZEAhS9C8XLOA7G96tnL53LAwhKFksWjZG113XgKCCJ6RvEc02bk8k9s%2FCj3XrsHUdWLaZlsiA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880694926ff57131-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

12pw4536.pw/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694926ff57131

172.67.188.114

113 kB

URL
12pw4536.pw/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694926ff57131
IP
172.67.188.114:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
113 kB (112908 bytes)
Hash
234aa549c51ad6cb034621ed49530af5
369ca5b9405973084ab045f31bf66edde00163c5
38039c512e105c671379ac2ff9328b8c20a819c77c9d6f70bfd0251ee2242607

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694926ff57131 HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/?__cf_chl_rt_tk=THQmmdCTEiNA1oXofuGlHtaKu4.HJHThL9E5HgIIpRM-1715141220-0.0.1.1-1557
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:00 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qahNWBtN2sHK7dHU%2FWDwJbQNbi0ht4THEvmoeewElWefdXOiC0AlXpctKXTSS9mL8EX0vDzEjiQrIdSzdTlFzRf5ybxpquP7%2FgEkzDUTE1xTOHZut60SeXdvTJXlrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88069494386356c0-OSL
alt-svc: h2=":443"; ma=60

12pw4536.pw/favicon.ico

172.67.188.114

403 Forbidden

6.1 kB

URL GET HTTP/1.1
12pw4536.pw/favicon.ico
IP
172.67.188.114:80
ASN
#13335 CLOUDFLARENET

Requested by
http://12pw4536.pw/

File type
HTML document, ASCII text, with very long lines (14708), with no line terminators
Size
6.1 kB (6108 bytes)
Hash
deafe5dc1960727b5a65cad9128fb3d3
db639103a92894929e6c9a23e28ef771741de62d
302f013dd576356ffa963ddfc758cd0989d0a75edcb744a92a5a67e177b29d2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/?__cf_chl_rt_tk=THQmmdCTEiNA1oXofuGlHtaKu4.HJHThL9E5HgIIpRM-1715141220-0.0.1.1-1557
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 04:07:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ReFs4vOeqVX3Ah8n1OhKepIU0m2GhK5xaV3WFQy8JvXdX97lVswGjXgpGBlR9y7YgcyXyR1u5gPP+gPu+uVwjl+A43lx/Di9KaOYYIl65A23z7Q5l7aWUZb+CiCpjgPU3kTnSHX6L3Z3Uq2qtTvZJw==$mtGxNYDmy5XXjawqEv4/gQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CzdVecqADnB8fZNICHQTgR8NqUKiejzkGPXjuSz2f3GofIYs3z3bElT78FUmaSS%2BXofipF%2FOg0AwDreCmlcZn2QFZn3cqHT%2FYAqK%2FpCbrNckpxoboRPcopGTM8c0A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88069494888e56c0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

12pw4536.pw/favicon.ico

172.67.188.114

403 Forbidden

6.0 kB

URL GET HTTP/1.1
12pw4536.pw/favicon.ico
IP
172.67.188.114:80
ASN
#13335 CLOUDFLARENET

Requested by
http://12pw4536.pw/

File type
HTML document, ASCII text, with very long lines (14622), with no line terminators
Size
6.0 kB (6038 bytes)
Hash
969e6cb1199edbdbade3115b18040979
d4c43d18c4762d9b1f475ecb6fbfd528b58fb2b5
49ddc5d8e807beb283793c7ba5fc26b1bc342bcdb0b03f612c5e52a1d208b203

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 04:07:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: yAOtPYnUWw9xXrC2PPDyhYkIhAurbLhJXiBznpAEUr8J3inxI+QsGDJpkCRtaiLFRM1NXNMwPHNtjh54ah37qiyx/C7IKnM96h+on+D4futYmYNF/B26fYkDD+kiJvvMfY0GTjXPKtHpWTEoCNIDFA==$Trjh0dLevDvlRA+g2HxJaw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJvokTnXB2axqJe2Z8%2BXiT3sKkR8iETgYjOaUOuiMeq3Yrpvxd6z9DQwyyM%2BuYLTslssx1HTQ3coDiFm6P6TpHMLN4%2B5LOaIwyTsmRrteiqbTiDfL%2FRnN9DhDjQN2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880694951aa256b9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7

172.67.188.114

12 kB

URL
12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7
IP
172.67.188.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (16216), with no line terminators
Size
12 kB (12318 bytes)
Hash
a80e957315d10ae18baf9e566b7fdfc9
10021f276357e70e7ff140e35fc066dff228cbfb
b4e2624f41e7e38bc23384a742148ee5f8f0b731100f7d7c5e09f173f15e0bd6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7 HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 05d8509cb8be0e7
Content-Length: 1817
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:00 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: vOUjPZYQzS9vfwQ8yTTGHRj7vJzVuHItwTN4JzGl3XxA4zzJ8BeOq3mtJ90CJVPf$GKpl1Pvbm4xDBZw+wcFkrw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PNs8%2B8SBTzw%2BoAR4t158v2uWvLTuaM3O2kkXkfrPoA25%2Bo1yjclL5Q3g2kyTb8rB0JxZIuh%2B5oW1%2FdARAF%2B7F2%2FiwcYLoM4NkI7cXWjUDahPgRJHKDrKiM4A07imw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880694961aca56c4-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j0kus/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:01 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880694979e370b51-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880694970e040b51

104.17.2.184

179 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880694970e040b51
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
179 kB (178966 bytes)
Hash
f04cd0a272d38cc54b1ec6c0fd7addf8
cdfaae418e9e74072510a753a87b70577afd926c
89c65682f385e1f95a583da30b704afb8f50ae614b0dc3ad1fc1ad09152f0f13

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880694970e040b51 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j0kus/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:01 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 880694979e3c0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit

104.17.2.184

200 OK

28 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://12pw4536.pw/
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42565)
Size
28 kB (27971 bytes)
Hash
a5b92920e25651d2058f4982a108347b
caeeadd68d38fdb681c52006c68880abc2e8a1a6
49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5

HTTP Headers

GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:07:00 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 880694955f367128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880694970e040b51/1715141221386/ZwNAD89_27RBTHF

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880694970e040b51/1715141221386/ZwNAD89_27RBTHF
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 56 x 15, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
4d62edb750f01270ccd2c6b52f515b70
039da262a8bb70cf7137325e6f3dea0bc0bd6f6a
c48988ee1e6c58285616950174d32c5af68f7598610a88a3a05b0335a6037a73

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/880694970e040b51/1715141221386/ZwNAD89_27RBTHF HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j0kus/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:03 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880694a56be20b51-OSL
alt-svc: h3=":443"; ma=86400

12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7

172.67.188.114

1.8 kB

URL
12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7
IP
172.67.188.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2328), with no line terminators
Size
1.8 kB (1800 bytes)
Hash
26a08a757530e4c384105c5f638b59f6
2629be6d1673ded476cfadac5234af5b22d56a5b
7d5ffdef01cd7ed0734b22ce1849d53eba74c00946e0c5cbcfdb36b83f61e0ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1659652843:1715138881:d0T8sIYiLUk4mBZct6-A4TLVWT_y4AXcF4aJwbY0q-M/880694926ff57131/05d8509cb8be0e7 HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 05d8509cb8be0e7
Content-Length: 2458
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: MGoLQLjHwq6WqFhK739/YA==$b3Mh33/YyBcKZez3E99vSg==
cf-chl-out: sBDSNc6Fd0KRZ9oLA7kq+cFRY0bRiT1uYjnRlPVs+NqgFQ/pvEgzpVAhd2n46mspKLLewQT1le1hgUIiQ+TR0vevtg+9RQJN/n0kcCrmfYY=$DA6F6RUc9N23ssgjE5mXZQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yhCJXOVpfIbAAdfzpRON%2Bps3z9z%2BQNaRf73B9eTkwKMt4N9nVEXd0eYcJJfmnnXoS0nOfT%2F7i%2F74kjlQxYjkl%2BwUAf5l2QG%2BsT1H0j1548QIWT5QoMwbsk%2Fxasy68Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880694c77f0356c4-OSL
alt-svc: h2=":443"; ma=60

12pw4536.pw/

172.67.188.114

6.0 kB

URL User Request POST
12pw4536.pw/
IP
172.67.188.114:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14600), with no line terminators
Size
6.0 kB (6039 bytes)
Hash
21b8bc1db1edc98d0c313de71f778966
36856905476f9fd43262b4cf9d3de4661fc35446
8840f0d0882c668cfd650c4d0e3c1d570ebad81caf91ea2a8e321e213297c33c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 04:07:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: M5ApOilD7vGkVMSHB2PGSLb92evyVuHdm3uWofoa26qqcvxnXQ1KsPTkvsTHXTGklsXT9L03QOGj1Z37s6CBA+lgQYQks/VRnyu00VTAZBfppq/UoPR0MckdT/4jlR7TvwDR4WFF6mcFjhj64m/J/g==$PrJau8s0tfoFXROgqLTZfw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKUZr2eEMqtLNYDeIZbhSguksW7InEXlEA0adXNmQW1dXoe9VL8GjTf0Xzt%2Fl0vptxicr1CFK5CLVOyoa%2F7xmU0WF%2FQ0PxTNu0tzUFzPEgxZ3XAm7VIOXwVhE6Bb3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880694d43f6956c4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

12pw4536.pw/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694d43f6956c4

172.67.188.114

200 OK

114 kB

URL GET HTTP/1.1
12pw4536.pw/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694d43f6956c4
IP
172.67.188.114:80
ASN
#13335 CLOUDFLARENET

Requested by
http://12pw4536.pw/

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (113731 bytes)
Hash
37c3a786828811b7604cea542a906588
44c3993f46f81f2f980bd5ee497cff8423bccfd6
69e9072d46324702e85d4627ba385fcd60230c9705d80c374fd7c27558cdbe20

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880694d43f6956c4 HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/?__cf_chl_rt_tk=GksLk2Zk14H0RqMRdNZdYw2reETQPN_xp0p4d609ckE-1715141230-0.0.1.1-1557
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:10 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GeFGm0WNal3IsRZg00OJowFrePGhY0flllNNWQlpn6s58DnjAqykHfG2qOgJV0euPr7qfLVjdAosoTy6PjA50wyEeb1zDNsTKZdGEIXNfL1iFLMlP3BQ1Re4AM0D%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880694d48e74b4f4-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1947266511:1715138942:pLRAMhqj7Q1_Qq-pD10bgUQeQT4DaBUul41UOXmAZd4/880694970e040b51/562f712c8abbb76

104.17.2.184

6.1 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1947266511:1715138942:pLRAMhqj7Q1_Qq-pD10bgUQeQT4DaBUul41UOXmAZd4/880694970e040b51/562f712c8abbb76
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
6.1 kB (6055 bytes)
Hash
52b24a06320826565d996e24c4ae3f13
302370f314fa12fa2c2e2289769d4a17cbf64f4a
d5264452befc8bdbf9a5c14c7364a1b944f06842661d142a227aff71bcf5d6e0

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1947266511:1715138942:pLRAMhqj7Q1_Qq-pD10bgUQeQT4DaBUul41UOXmAZd4/880694970e040b51/562f712c8abbb76 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j0kus/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 562f712c8abbb76
Content-Length: 3441
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:01 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: E7w27DH/1J8r12pKxzzsgTCN+tqqMvOa6/OBnH1Ya2m14ELp2WSpIeSakxaa/PSh6GzZGNp0OoHSvdjjvNgmaLiCQL6ftkbWS5jAvhB6t4GiWelaKGmHTrEffXNuPNufkLWeJ+xhTWQXzWAEuzKZgzIezX43J1eOyfg1fiGalyJO5g3wakA9zqBWRaPJWEfSHLnx6a6+ZoiMctbrho0v7jLQwSJxmch81NaYF9M80br0cjSsFVEVJQ/9bgM+6inNzkG4LD0e1h63F6rKBH497eYzZTeSq7/qlNXXCeP2z2tFOgB5fLQdSnGnXioEgEgtnHwvpYsDV8bLmhWkJgGUJfHDTOsjLSDLh7hS5oNRkUxV+T5C6kNdSO3CiUbU7yAoU+zqp6Q/zRv1mcloYUb6tYRUWfNu5Tni4Ff5qi8VGV06hZvdOwNr9zQf5RgfOwjWM6sQCksBH49hqCwb8OOfUOWKOiZNsmWwoQ017NDn33k=$c36rDIDfKllBmnZ/4PsYMA==
vary: accept-encoding
server: cloudflare
cf-ray: 880694999eed0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit

104.17.2.184

200 OK

28 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://12pw4536.pw/
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42565)
Size
28 kB (27608 bytes)
Hash
a5b92920e25651d2058f4982a108347b
caeeadd68d38fdb681c52006c68880abc2e8a1a6
49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5

HTTP Headers

GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:10 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 880694d56b860b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c

172.67.188.114

200 OK

12 kB

URL POST HTTP/1.1
12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c
IP
172.67.188.114:80
ASN
#13335 CLOUDFLARENET

Requested by
http://12pw4536.pw/

File type
ASCII text, with very long lines (16272), with no line terminators
Size
12 kB (12381 bytes)
Hash
5be4377e7aa4d9ee785aff5d36f3dd04
0c7405dc6e23b8800f2345fe104c7a19a1b1329d
4516df2a2f433db20ac6ce78dea6511076c6af118e51f94f55680821767974d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 352c1a5cd05d80c
Content-Length: 1820
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:11 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: jvMt5xr+vPdUZl7LBg4xYegzOKx/Wr2ucJtJgED/oyQnLr/4NgmwCymhvdrr48ZK$O3Kg/D1drcXHYXz8F5oKdQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K55ukvLGHwlRrELx7yHy0M4YbXg6G9f1%2FTToOtXtd9bbHyqr%2FXz43ZoyRP8%2BmrvSTRu4Ns9sU44Ej1EbsBTO%2B4YIzLyx15m5d82LXyea7IH5hSybeHsN%2FddJ%2BdoYiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880694d63d5756c0-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/omnif/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:11 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880694d77c2c0b51-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880694d6fc050b51/1715141231623/41x1bSKcwTCTvGr

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880694d6fc050b51/1715141231623/41x1bSKcwTCTvGr
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 63 x 26, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
66e2f73764b203e8cde86eb33dd1ad91
f6f95d8eb1962626ea8fd379691060af6aaffb2e
b704818b3721488e57e3c6fc4ca08388c9afbbbe57f2e7e71d37622b4a27f2d5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/880694d6fc050b51/1715141231623/41x1bSKcwTCTvGr HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/omnif/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:13 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880694e408400b51-OSL
alt-svc: h3=":443"; ma=86400

12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c

172.67.188.114

200 OK

2.7 kB

URL POST HTTP/1.1
12pw4536.pw/cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c
IP
172.67.188.114:80
ASN
#13335 CLOUDFLARENET

Requested by
http://12pw4536.pw/

File type
ASCII text, with very long lines (3548), with no line terminators
Size
2.7 kB (2725 bytes)
Hash
82db75302acfb39211d00498ee197d43
b8b0535c1ecef8394f56708f638b5d275c779529
72141bc96825b32a143a59e4971ecbeb616cca4895f11b025705fc32c7bca769

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1365391923:1715138960:Cg4rlT4AhsejfoGgsFUjPbLt_aDpIyzcClz22buSCi0/880694d43f6956c4/352c1a5cd05d80c HTTP/1.1
Host: 12pw4536.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12pw4536.pw/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 352c1a5cd05d80c
Content-Length: 3251
Origin: http://12pw4536.pw
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:07:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: o2nTTS1de0JNjIFBMPwTT0tJlFNOS7pHqPZ56/IJhRI14IF6vK9qnan7L+U+c9DEKVv8D8Fm8j+WrqQwuobB9w==$9mhbrPItYRzJAudMHIOx9w==
cf-chl-out-s: HSv+b+RWHo7LcUfzGtaxKg==$bVmUCPDV64TXnwJFa5bhBA==
set-cookie: cf_chl_rc_m=;Expires=Tue, 07 May 2024 04:07:19 GMT;SameSite=Strict
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3PkpQggTT1UoR%2FxEPjsJSijphmLe8Q97ijfoviy%2B74E9MflOxAg9iRzQV7IHA5foflbEi0obfG1Wbe9Tv5kU7IMh%2FnhOTGfZaAs8gLhyS%2F%2FYl8Yhmg52AzKeh%2BMZ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8806950d6ab356c0-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/omnif/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

104.17.2.184

200 OK

80 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/omnif/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://12pw4536.pw/
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
80 kB (79974 bytes)
Hash
bbec8167d9427f5d4556abcd7f91e930
abdfd2a3e2b726a14e50341dae1239df7fbf7b4d
3ffdcdf52f1a8c64f0d2fd5d3a6ab101d2b65e034d8716daecefe9b906de35e2

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/omnif/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:07:11 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 880694d6fc050b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (71)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations