| zippyfinickysofwps.shop/M/ | 172.67.148.231 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1zippyfinickysofwps.shop/M/ IP172.67.148.231:80
File typeHTML document, ASCII text, with very long lines (14363), with no line terminators Hashb3776da878d5bcfd730e8bb879737b9b c3c3f7880ac2b19e9529672347a8a525420a9a65 ae803d75606215e755b8ae3141fab3b8b4fb3ce672c96ee6315ff04063628f1e
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /M/ HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 06:58:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: L+piD9gz8KBQk2/jh2QEPpwXJD4N2TBqNtk/cIgF7C0Sde7XYQEPB4vL64T8n7UlhuNr24b2Ac8gMoF2PYuv1MEuLkaDP5/eScDpg9jH7wIUrHgSlRytFwG2Ndvh3BhuZPEsGwvOtxz4aNtRud7ZRA==$59LMqYZiYoCfB5jI9dqIug==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3e5InwcIlURQ%2FEzd%2FwOqzWT0ag0VXRptIvWtdCJDuIbNjGDbh69lP9nl%2BH%2FmwCoKa9vA%2FdChrZ7KjXoyx%2BWOkCYIiqbR8rpZXyMZ4dnKDXKM9tv7iPslK8Mz1cn4C7xXiOKfgTREhQHktA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880790113d2656b1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880790113d2656b1 | 172.67.148.231 | | 113 kB |
URL zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880790113d2656b1 IP172.67.148.231:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size113 kB (113054 bytes) Hash38ccdb96b6ba5a9cbcd92ebb870bcb16 fe54014e7e231d941f8d9be129c83d4b90d71e54 501501857e1c070abad7a75946da5c56991f611773a0562268d2e076d876713f
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880790113d2656b1 HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/M/?__cf_chl_rt_tk=MJ0QB0BZfzpYUfTtTiZRxf9an50hHjb7tSUXenxqkcI-1715151521-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 06:58:41 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJmmLTxtQh616GUcnUh%2FFfhbEO%2BIJvDvZUDgaRQecZ0ianRrrsMU4gnK%2BbT75aLC0iutXt2BJy3mB5%2FhPZcT03eXbnD84kGYgfFSocTR2kAG11l%2F0OLPQGBvs9Aiui%2Bxo%2FbC2oWToBuRDg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88079012fbb4b521-OSL
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/favicon.ico | 172.67.148.231 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1zippyfinickysofwps.shop/favicon.ico IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/M/
File typeHTML document, ASCII text, with very long lines (14442), with no line terminators Hash9fe1acbe90bf7f0a6d4430d296d2529a 332027bcd68959f8bda8df643b71169ee3065cdc ac40ffd304bd6137e13917c4dd21231e4e3dbf97619af0f4085ca8956504cb4c
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/M/
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=7e382a27086a788
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 06:58:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 0UB3GSRg58LXZmAcBzqP8ZB1NM2dkj3jqRW54ddEooeWpnWYsO7zbu+cUcX+DIdEXTrHwBpSH+HRJJmivgQvJT4AsPGUvdqe97leI0axuN8aY3+DcbcZdQfprUoIaRfh2DzhdIYqgoUF2f21rkNQTQ==$/kBWUwInum5M9yJyCAc/fQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tEWPI153nB8Q%2FQprGFIewSVH%2BKez2qeC3VQDg%2F8X4Emsn%2FoEC61FTOYBFO1nEahpeLprqLFP%2BvGp8G%2BkhPj2bjqwYs9PvDHccl2FqWALwzDSy1qGupfMhUo3xy7MT3svz7YdkmF7zHT0Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88079013edfd7127-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/498599623:1715149681:89PiEm-0--S1KXQaLJT4gDwyNGi0p_yWoda7II3REU0/880790113d2656b1/7e382a27086a788 | 172.67.148.231 | | 12 kB |
URL zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/498599623:1715149681:89PiEm-0--S1KXQaLJT4gDwyNGi0p_yWoda7II3REU0/880790113d2656b1/7e382a27086a788 IP172.67.148.231:0
File typeASCII text, with very long lines (16316), with no line terminators Hash48518f718177036b796f7dcd5a915fe1 bfe01e45e1db87b573b902bfa0019bb5d7c140f1 8252ab2d12c30446f9a54174b0eb73b5a7ce9ed29c9029cab36bdd57ccea4011
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/498599623:1715149681:89PiEm-0--S1KXQaLJT4gDwyNGi0p_yWoda7II3REU0/880790113d2656b1/7e382a27086a788 HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/M/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 7e382a27086a788
Content-Length: 1840
Origin: http://zippyfinickysofwps.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=7e382a27086a788
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 06:58:42 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: keQd8uOcQG4OF9bPA0Rzdpk++wZSwMkCsMdetPlypTffEGUq9bd5QpkiBFRCtZWu$W9eN2VEQisBTx3bvjzGgow==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BrOVpx6P%2B0VJYntl%2FNSmicS2wCTwDXBetjNfvdZnAHse5PokF9NFFZgWNzh3KQnsR6TUg29tF3oml69SlAgwXI1GQfmHSYi3ctXZHt0kgmXsXlcuFjqULZzd5oJAVfVTyejltxdF7q%2Fyw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8807901489590b55-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/knr07/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/knr07/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hash0ef39892c1a68a99aed48f197175096f 48a6cb081406eed4f750d8fffa400a7532a3c005 0b968279ee8be5e34dc53410bc482dd394ad06ceba5d062ca5730c0d550d3428
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/knr07/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 06:58:42 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
cross-origin-embedder-policy: require-corp
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
vary: accept-encoding
server: cloudflare
cf-ray: 880790158b14b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zippyfinickysofwps.shop/favicon.ico | 172.67.148.231 | 403 Forbidden | 503 B |
URL GET HTTP/1.1zippyfinickysofwps.shop/favicon.ico IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/M/
Hash4ae3363ee4645a85517d731c726eaf6e 37610df8a4d0caa9a89380d0276329ecf26c4dac ac1154dc930e1b75c6e9c438f328bbfc68f7bd127f6ae2633ac47993ed7f131c
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/M/?__cf_chl_rt_tk=MJ0QB0BZfzpYUfTtTiZRxf9an50hHjb7tSUXenxqkcI-1715151521-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 06:58:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: yoUkjgm3VNkL77W2GiEFSXM8rbcGXHuicttjpK/aKRZclqj8ZifsM0R/QMhloARL9vD9J60lD55uPLtu9Fqgbvy9AgdE7CTMu/oeQL+QsjxH6vJSbouN8AgkD/f/Qv+eT3LqUdlB505mN0RjepED9Q==$vT5pKiBXCYTY3oorpZo7PA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VT00LWbnaQg9rPVFxb2S07gjTfeIT3Yq%2BTQWqhCm5tMLsZcGReywLwFHpocDSEF0krRaYXg70B%2FC04C24UZoEfp8NWC6RmFG2FWEWLd1N6kXkLB2j694zlT%2BcJiMa8VLIywyAiJ0oggTRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880790135c03b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit | 104.17.2.184 | 200 OK | 15 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP104.17.2.184:443
Requested byhttp://zippyfinickysofwps.shop/M/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://zippyfinickysofwps.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 06:58:41 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 880790141c2fb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880790158b14b4f7/1715151522623/wnc7EywAIYvPTsi | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880790158b14b4f7/1715151522623/wnc7EywAIYvPTsi IP104.17.2.184:0
File typePNG image data, 22 x 77, 8-bit/color RGB, non-interlaced Hashbf13741ca637e48e280a150fa68da891 a0782da33764fbe3c39729ff088add244f614649 c2274aa3484c7f2c9600b43b5ef3c9ed86e15d81c130e31e9002c0cd298affff
GET /cdn-cgi/challenge-platform/h/b/i/880790158b14b4f7/1715151522623/wnc7EywAIYvPTsi HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/knr07/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 06:58:44 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880790239c61b4f7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/498599623:1715149681:89PiEm-0--S1KXQaLJT4gDwyNGi0p_yWoda7II3REU0/880790113d2656b1/7e382a27086a788 | 172.67.148.231 | | 1.8 kB |
URL zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/498599623:1715149681:89PiEm-0--S1KXQaLJT4gDwyNGi0p_yWoda7II3REU0/880790113d2656b1/7e382a27086a788 IP172.67.148.231:0
File typeASCII text, with very long lines (2328), with no line terminators Hash9ad88fc2aa1039f3e88d841613c62ce2 b4c1e32ad9440ae208e25ecda3981e8205e34ccb ca612007a3d6a28d3468e0803e1fc2151ff1201e445442df8b7eb40706f33643
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/498599623:1715149681:89PiEm-0--S1KXQaLJT4gDwyNGi0p_yWoda7II3REU0/880790113d2656b1/7e382a27086a788 HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/M/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 7e382a27086a788
Content-Length: 2540
Origin: http://zippyfinickysofwps.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=7e382a27086a788
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 06:58:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: Qq+3fLemqTk3Gt/e/o7IqQ==$QwZm3qfFG9TYjHdl6V2OjA==
cf-chl-out: +jVDTCSRbw4lnjpJoAIVrNSMXGFzPVZfhjiucNJOniXzLN+CKPzfQCyhsGkV5ay94Y22oAdr7O6S47jEvvzjdSdMvpviuVT5bW0yD5c7nzg=$hWIVBVpxdWX4+xjYpDMKBA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFQ5Xcuy6E%2FtHyIlmdrK%2Brxko3lW%2BA1M4XWwRFxWrIs47%2BoSAcTkxshG6k5YMbwFc3TsxiLQRjAHCiVxU2Uc%2B5Ghzv3bkgW6ITFMu3d1gI3ELSJJDfF4UeyAn%2FRapKL7TrEVPaNiM9I5%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8807904a589f0b55-OSL
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/M/ | 172.67.148.231 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1zippyfinickysofwps.shop/M/ IP172.67.148.231:80
File typeHTML document, ASCII text, with very long lines (14405), with no line terminators Hash3e2e893cb95ac9a4edfaef0694f8eb3f 0546911c067faada34b13b9f701a74b6a30a2caf 154888b2495fe8ebc46ba42118a86aacdebd08231983be87a162f1918ddce5f8
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /M/ HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=7e382a27086a788; cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 06:58:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: HuzDMCxbGRo9UG58y40qgTKLipkVM0MpP8d00L99GUa4xTwqyBAzNJdpTK/20auXms693l1J5jAaMvCmkYM7dq5R8f+/+AstFhC/6XSwW0vTKEoM/QDnfvE/nOr30qIVxKVn03DpFm+HmajKpMBf6g==$MLlZ4GvGAk2b25vSN57O5A==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1%2BqzVs%2Bjoqf2EVrtrHwEfyBZgiIvt9TB0Nmo3bFPaUQARzGrffteirJ2Z66trMWfl5ZDIyTz9z0sC7WKzqXQ0wQy%2Bw3b2BBcSvBFomuRnUIGSLQI3ZNlkT4U8kTFJ4QBnTGCFzOFfta7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880790572c7d0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880790572c7d0b55 | 172.67.148.231 | 200 OK | 113 kB |
URL GET HTTP/1.1zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880790572c7d0b55 IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/M/
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size113 kB (112800 bytes) Hash72f946d224330e684213d08ecd7d5a7c 87830864e3e904edad631895ac0d6310cea6e248 f63187c24062ed1fdec36ef9e4692afb96a320d8bb6496cd39a8f5852f927d27
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880790572c7d0b55 HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/M/?__cf_chl_rt_tk=s.heuLj_cJN78l.9dyqTmRRlSv5nso456IV20S6OnEE-1715151532-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=7e382a27086a788; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 06:58:52 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MKF4nHGdkHTA80aN5Q7FLrOS4ZSnfMEQETq1IPDCYFqmEDAZtatsmEtxHP%2FwK6hj7wbbQEDx5ZPrdH81qyPCuVeCnC8ROpPWhBQoAuLJs3dkByqWFvAZJvfwWxFS9RNc41otwVePawi3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880790578986b52d-OSL
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/favicon.ico | 172.67.148.231 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1zippyfinickysofwps.shop/favicon.ico IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/M/
File typeHTML document, ASCII text, with very long lines (14442), with no line terminators Hashc9b2fd93ceed9d89d496579702e9cfa9 6059c65fc28299005ca287e1ce3dd0b49f3c9526 5cd7cc0eb001c512e351f6d3a3b9533b4526a65708832b101614b3fcc3d3b6fe
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/M/
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=a74234e8efaf122; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 06:58:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: c8Y0kRvWx7b93JLJo7D3fGZhS7nZC2gQ1JeOvRGFbsd8e5L/6uaoy2ZGJSTS2TbWomc+80gnzgpoZU8Q6bcXTIZ8HL72L67f1fN5gRrNHTRGQzQUjG+PrNCodPr74h9pXWv6LmyALMPb5euDss11kA==$KdB5+6QU1kMl9kbx7PQHBQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RF5EppS%2FD5GHk7ANXHWcNnYJd8wax8Y4fTf4litcSmcc4THehGXCNga8Pz1B58h6c4gZ3kSwAXwVc4MG8Yt76wwYyX17OPoPeqTlGsPKTVN%2Fyi2m7w0ulUZevPXKTeHALcWSSX68Datf8A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880790585c4756bf-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| zippyfinickysofwps.shop/favicon.ico | 172.67.148.231 | 403 Forbidden | 12 kB |
URL GET HTTP/1.1zippyfinickysofwps.shop/favicon.ico IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/M/
File typeASCII text, with very long lines (16316), with no line terminators Hashb6ad23980798b66f43979885b6cd5a6c 3a4b61e2d1d8f366234ce2a7f26be16f8e794df0 4ece45740eb1638a778915f34a139c6eac2b0efb117f1146765b885f4b824957
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/M/?__cf_chl_rt_tk=s.heuLj_cJN78l.9dyqTmRRlSv5nso456IV20S6OnEE-1715151532-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=7e382a27086a788; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 06:58:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: h5n+u5KwyNc7Je3vFka+MC6GQIWTdDye8U52g5wKxd5jGk8A+eKFyRhuClmonqNh6+qEdB2vtqxTgS5rgcz32gbQUoTscELOsWuqqBNay7Pf1AegUGDZvJsqIQ0mBZI4dcDXiN5bmO7lIt/Cz0PMZA==$ykYBDzD6Pq4GIrD9DWeMYQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9xRGHTldJ2DUucSn%2BXLaiUp%2B7KgJ3o2X4oPlnONNF0e6KBIEP%2Fda99FT%2BNUeKrh1inusTOHu5N3PNZradtpPgik9thzKA1N824cOFlFsSZEYocsJIPwIcOIpWi9bBXxqx9aCO8ZC76uieg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88079057d9eeb52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c31px/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | 200 OK | 26 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c31px/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:443
Requested byhttp://zippyfinickysofwps.shop/M/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hash339b51ab14d443aa5dd7f8aa87b7af38 4dc85e303e1f0bca737ea2267f63711434b0297e 4472ad452e6eda94ecd47c413ece3f00f08eeaedab9c752555b792e20a802f5f
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c31px/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 06:58:53 GMT
content-type: text/html; charset=UTF-8
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
document-policy: js-profiling
origin-agent-cluster: ?1
cross-origin-opener-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 88079059efbab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/88079059efbab4f7/1715151533560/rd2zEtdVMLjW81i | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/88079059efbab4f7/1715151533560/rd2zEtdVMLjW81i IP104.17.2.184:0
File typePNG image data, 28 x 55, 8-bit/color RGB, non-interlaced Hash5945b8bcb616fce19f086538d0b2145d 427eaa1c0438ff29608b319e24946b950ec6ce49 2a0fe76ffcae59089d25f51457b4548b4cfef1c137cfad8b630049a64db7b707
GET /cdn-cgi/challenge-platform/h/b/i/88079059efbab4f7/1715151533560/rd2zEtdVMLjW81i HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c31px/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 06:58:54 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880790649b91b4f7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1221008885:1715149709:P-0oN5I152GfSF0GAVaRLzOOyK2_q8LOH4O2O74xOn8/880790572c7d0b55/a74234e8efaf122 | 172.67.148.231 | 200 OK | 1.8 kB |
URL POST HTTP/1.1zippyfinickysofwps.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1221008885:1715149709:P-0oN5I152GfSF0GAVaRLzOOyK2_q8LOH4O2O74xOn8/880790572c7d0b55/a74234e8efaf122 IP172.67.148.231:80
Requested byhttp://zippyfinickysofwps.shop/M/
File typeASCII text, with very long lines (2328), with no line terminators Hash7bf0b8616b64459da3e8799b0e89c3c6 db19ecfb3024b28a5b01ab66505291d2e7420211 ba97471db3d6dea009b3f782acdc9d1f9f77bed7a2b45cd35326ac4cb4dbd928
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1221008885:1715149709:P-0oN5I152GfSF0GAVaRLzOOyK2_q8LOH4O2O74xOn8/880790572c7d0b55/a74234e8efaf122 HTTP/1.1
Host: zippyfinickysofwps.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zippyfinickysofwps.shop/M/
Content-type: application/x-www-form-urlencoded
CF-Challenge: a74234e8efaf122
Content-Length: 2540
Origin: http://zippyfinickysofwps.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=a74234e8efaf122; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 06:59:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: 71Bx7LnDfqohdsSlEtK8q5HqQQFq3iNIzWb7GHSS6hWEgPGFn1X3tF/6YuRtZcPY8djL5JbtosWdQnU1G1W77sM52MNzBQ5NSUS7uHfeG44=$2NDnU0G071Ii+WCaC5EImA==
cf-chl-out-s: QyjG3qR0MN/j9VhJQTNprw==$eJX1QGCCy0vTLROllL7r+Q==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HImTjtrnlEedCFRjf1ZyI8UV67cv5HUERqUCGMpxL0CUEI9MgnlkqpNVhsPhs14cI967v2zlauK8I%2FaqyDz7zsJ4AneKt5w84nvX%2BedbOYjfG2CVCc%2F3%2BkQrSUykoGFWBdWfcehVSLdobQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88079098eb58b4ed-OSL
alt-svc: h2=":443"; ma=60
|
|