| acceptabledcooeprs.shop/api8( | 172.67.180.137 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1acceptabledcooeprs.shop/api8( IP172.67.180.137:80
File typeHTML document, ASCII text, with very long lines (14373), with no line terminators Hash3f7a8a2603e1133579226d8641fef9cb 814938dfafb4e17a60d82e0a3108295564d20cc5 436f3316b910617d4dc6f93937600e98bf537f4fcbb7b5a8daf17df9934237f4
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /api8( HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 20:43:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: vwKMaSkVEwqcqxDeuDMNiGprUGvLnXyg79ROiS7NqUT1SsyRKsZdOsOpISn5cBI09uQJaiI6JBmnMwhX5soOCqF1aX10vqjsnWUY16XTLNB6GpqsPK1tKaDLbaNkFoTd+SEjsW0XWCWckRE6i5VQlA==$SPRtMGh/voXzuiP+5CcKNg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OApXEZUyT1d8Uoam%2BKSLGVCe97B0ZPMM4%2BRaGoOR0PlEMmPBZh2DrxeYuknTDoPdHoVeghhtuf2ymPRXyO6dBuxQoJAveTVNQTeNhJnotuNbXU7s1p%2FvaV%2FPZgjmiMOSv0ErgxE01ispxw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88040a30bc257131-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88040a30bc257131 | 172.67.180.137 | | 111 kB |
URL acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88040a30bc257131 IP172.67.180.137:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size111 kB (111078 bytes) Hashb305d9635e7880751463f219ea5dd01a a54d0a2a13425eb1f13ade352fcf2bfad9203720 f5f6707e1ffc65fd9e67acabbbb53d0ea3211b4d1fa84d4abdfaf821166bef6a
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88040a30bc257131 HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acceptabledcooeprs.shop/api8(?__cf_chl_rt_tk=gSmyqU2q3.0KuTh7NeQn2Jjeol7GXuC.uZIFoKo.Eio-1715114580-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 20:43:00 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cP281FYpz45Hy4SKd2lENR9N%2FCs1eLSB22goOfe%2Fpuh%2FPIVd8HNdu2DZwsOiJ%2BxIqrlTXbSUArCogEl6wqyAUtHJa3kUJH1nBc2yMlQvZvpNh4vDfgF7hIwjHkj2Qtc3zH3plDBSgK7ymA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88040a32cbfa5690-OSL
alt-svc: h2=":443"; ma=60
|
|
| acceptabledcooeprs.shop/favicon.ico | 172.67.180.137 | 403 Forbidden | 5.8 kB |
URL GET HTTP/1.1acceptabledcooeprs.shop/favicon.ico IP172.67.180.137:80
Requested byhttp://acceptabledcooeprs.shop/api8(
File typeHTML document, ASCII text, with very long lines (14173), with no line terminators Hash0cac835ba915d6c8f7f4c6816ec4ecb1 d45342f33c72ea7185580b2b1fee071f76b898a8 e3ad300f49234883bf5167179485bd50a8ed597eee1f8bd3290840c56d37f8ed
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acceptabledcooeprs.shop/api8(
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 20:43:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: osB872IHpiUlluzUabjNXI5YjUVEsc+8onER8C/SLruHX0VdEGCvTDA1p3tK3XwjaRseHT4ZJkX5USh1FDPV25TqsmIQZ+xfxLSN2RDi5fPi2iov8sTtZdiWFXRP95WPCKQ2uyL5A0/dK3gnjmH5zA==$RU26UjOD7tSu9O6W7vvd0Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kM2EsiJWLcYNsv72u4qdh5OjkfupEsSnCXnHesUUKeB%2FnJF3o5iFI%2FSt7sDLCUKyflFsgTeOHkHC6rxnyXvBaQY3OW6iVcLseJe2nxdgSQS7Tjtv%2BLg2ev%2Byhw7arKgKXuS8e38dpGjQTw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88040a33bfa01c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1939197979:1715113506:qswKpYOEwHqOX4YV0CBZ3xmAe6-wNBigweMWCtl5Y4k/88040a30bc257131/45842dfae3c4c73 | 172.67.180.137 | | 12 kB |
URL acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1939197979:1715113506:qswKpYOEwHqOX4YV0CBZ3xmAe6-wNBigweMWCtl5Y4k/88040a30bc257131/45842dfae3c4c73 IP172.67.180.137:0
File typeASCII text, with very long lines (16316), with no line terminators Hashd299ee04bbd0e3ca542a3b0e36040aa1 7d6f67bd5957deda76795d7a32d965aef21c4b3d 7b8cf7b6ab2e987772c5b3f59af4500e900d5fff9d75def533bcce29077de6bf
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1939197979:1715113506:qswKpYOEwHqOX4YV0CBZ3xmAe6-wNBigweMWCtl5Y4k/88040a30bc257131/45842dfae3c4c73 HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acceptabledcooeprs.shop/api8(
Content-type: application/x-www-form-urlencoded
CF-Challenge: 45842dfae3c4c73
Content-Length: 1858
Origin: http://acceptabledcooeprs.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 20:43:01 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: JnP8S/jfaBlKkzR/8Gqc04lhtkUlwa2W6Zp8ZXgXQb8RB/5tbLXwVqY4MNrcVKm1$cXdwcFm5Fd12brasxpYw3A==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53V1jYY3snl8CTGR4L0155FHpZyZC1sbWRqUhCM1L8BDQ7AHcyhXM101n4pxXZFKPPPbMLdGE9a1R5CsdwrjwTF5vpOq3hS7CTLpeNzSTxwjDwOtQfpN5Th7%2FW%2BQ2iZEiOVskDLrrFRBJg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88040a347b2f1c0a-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uuff4/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 20:43:01 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 88040a361f9456ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/88040a358ee256ca/1715114581832/aS7WOYwCoh868GJ | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/88040a358ee256ca/1715114581832/aS7WOYwCoh868GJ IP104.17.3.184:0
File typePNG image data, 10 x 9, 8-bit/color RGB, non-interlaced Hashbc6a8329cf24d2cfe99a31987cea9fea 5e0dd8911a72b6866f470a848ba69f996af56db1 710270d1344b70c1c007f750ba63f4f9902df4bf9ae35e287a472699fde2e830
GET /cdn-cgi/challenge-platform/h/b/i/88040a358ee256ca/1715114581832/aS7WOYwCoh868GJ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uuff4/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 20:43:02 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 88040a3b883856ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1027018493:1715113443:OcChShg9l3_DI9cxZ4-pjKoUKQ2oyvvLnf6PU0DZTpk/88040a358ee256ca/7179cfb8fb83829 | 104.17.3.184 | | 23 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1027018493:1715113443:OcChShg9l3_DI9cxZ4-pjKoUKQ2oyvvLnf6PU0DZTpk/88040a358ee256ca/7179cfb8fb83829 IP104.17.3.184:0
File typeASCII text, with very long lines (22272), with no line terminators Hash0006f56c19b8628f258d2ed73abd8ed6 f0ebd1d94081be22606b870121b6faa58e790ece 658d8d11e018a225aa58127862977d53ada5ffb6a71b996f0f7b7c12bc561e6c
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1027018493:1715113443:OcChShg9l3_DI9cxZ4-pjKoUKQ2oyvvLnf6PU0DZTpk/88040a358ee256ca/7179cfb8fb83829 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uuff4/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 7179cfb8fb83829
Content-Length: 27644
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 20:43:05 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 3VTb4Q9DXZQQgg/CVd74mqFD64qAP0lzQG8CaNjlMS72J36WFpLhzDMaMmyUkSDw$eeKZw7ybueQEnHKh01+5Iw==
vary: accept-encoding
server: cloudflare
cf-ray: 88040a4e6c7456ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1027018493:1715113443:OcChShg9l3_DI9cxZ4-pjKoUKQ2oyvvLnf6PU0DZTpk/88040a358ee256ca/7179cfb8fb83829 | 104.17.3.184 | | 7.0 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1027018493:1715113443:OcChShg9l3_DI9cxZ4-pjKoUKQ2oyvvLnf6PU0DZTpk/88040a358ee256ca/7179cfb8fb83829 IP104.17.3.184:0
File typeASCII text, with very long lines (960), with no line terminators Hash23c3295fa8b92ff7f948a2e41a7f2077 4db379a9f98301fb91b261e4772d7087e4709cbf 54b880b7d0976c5d63c2cce9764aae79e3c9ff4f783df4d076d3049db643ebb6
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1027018493:1715113443:OcChShg9l3_DI9cxZ4-pjKoUKQ2oyvvLnf6PU0DZTpk/88040a358ee256ca/7179cfb8fb83829 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uuff4/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 7179cfb8fb83829
Content-Length: 40248
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 20:43:10 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: s5gTlg74KxdAvXwu0ZBn04uuHKPB9dc4b/Y9XP4PitPlbr5+XH/kTsBOogoOoKklYjneiHkLVHuuOWOu/axVnKqxogZy54sckOe60QfTj2A=$R3HSvKBt0opcRdd52GanAQ==
cf-chl-out-s: MYU+te27Gz/LY64SuMTuig==$Y9qS20UP5TanoEVdvmPTiw==
vary: accept-encoding
server: cloudflare
cf-ray: 88040a6b7eb056ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| acceptabledcooeprs.shop/api8( | 172.67.180.137 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1acceptabledcooeprs.shop/api8( IP172.67.180.137:80
File typeHTML document, ASCII text, with very long lines (14416), with no line terminators Hash639d69c080a5291a74188d8607a55db4 6f5e229c39405be8333969a336beb5d979af8160 9531c3599930c44d9c1ad38f8053262029e2b30e881cee6ef00ae92d1bf8eb9b
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /api8( HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 20:43:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 811JIGhxVA2O361PHLblVIEeO3m3ib1Xm6ufuQXNLA/AAwqbdpolgylyOaYDdmGRnfBWQy/z9Y4zfoX7E7XhpRikU1ZdYiYhXOQQPMX40ESwn2kOnEzIo5sLx0KT40B6P66ZxSaB36TggrMM02KLbg==$S3M7WekdQ0j6ExxE3ihqNA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mtWEDVV9SD9JECuD5eBWyJJPpYgM%2FaGP%2F5sYmW%2BAUO%2FUotZr9bAcrXu3JwIUx6EBApSxW8%2B0fJwaJAEuBsB06DRdt5fbIPobvKzEAsaoY5zWxwFV%2F0twjoak3rHUtm2YLENwvJhNrAWU5A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88040a78fcdf1c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88040a78fcdf1c0a | 172.67.180.137 | | 110 kB |
URL acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88040a78fcdf1c0a IP172.67.180.137:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size110 kB (110424 bytes) Hashc4eba8ee45f43b4d43d9f511e5245b8d 6a11831c3b3f466754ee0a6380a5f57730380ae6 fb8a69eaa1e0e8a23414bd16daab20c738acc9f0fa116c71ede6d5315bf9fdb6
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88040a78fcdf1c0a HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acceptabledcooeprs.shop/api8(?__cf_chl_rt_tk=0RMSSlzlPUobXFSXStiWVJb8BPfpyyFUHDKvVTNWbHw-1715114592-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 20:43:12 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UmAjVmh%2FEwMxPIeiJQjZZd0XR8Rwzy5pgzxmm4jsW7cxUYrW1OXw0esO9YBeVbau%2BB%2BYTFMR7QRCNq4HJvhxE6o3RWkfU9iCwg%2Fti2RrvAXDYJoiWvI6Qz3rYVY5S4rjg4HAt5dMjRDTPA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88040a797ff4b4f4-OSL
alt-svc: h2=":443"; ma=60
|
|
| acceptabledcooeprs.shop/favicon.ico | 172.67.180.137 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1acceptabledcooeprs.shop/favicon.ico IP172.67.180.137:80
Requested byhttp://acceptabledcooeprs.shop/api8(
File typeHTML document, ASCII text, with very long lines (14421), with no line terminators Hashde9121616c5b49d4f3cc5675ebe03224 ee48460c392142eeae73c0b4b98f074327a33ae5 99c6e666a9a5bd8b678ef9d3648a5d138ba408792b5fbfa47ea06772c546585a
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acceptabledcooeprs.shop/api8(
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 20:43:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: BwLZL5H86r9bBTZfqXcfI813n/CMdZW8LlVMQUS9eSGE5ksB/OHC/krkLCH0XpDzckWSl22w4cfDu3Sldnt4boXDkrNtpJyNWoB63intORZsS3xrzOXtReLOOh6L44tIKttdezRcyxsIAEnnpveXIA==$m4YWTwGBIHdFEuKSuf1Axw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gohhJ8x0m%2FmO968QBMDr%2Bap%2BjXuLcRrUMrFqxcexex43Q8OQ4CFXcugQ9ndXPSHy7nO9UA%2FBHCM1WNqYovzhRiw9jhlWNGDCLPjurw9zkcjQKkRIoTWLdZzmUnUF2Yb4y7GPoGEPRXEYGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88040a7a89e756cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| acceptabledcooeprs.shop/favicon.ico | 172.67.180.137 | 403 Forbidden | 5.5 kB |
URL GET HTTP/1.1acceptabledcooeprs.shop/favicon.ico IP172.67.180.137:80
Requested byhttp://acceptabledcooeprs.shop/api8(
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hashb12c093bf6e1531003a7eeaebf9e3331 f1df8f7fa30f393c9f4fdd02b0250a7f215efc36 694317482c7c94d97e2d8334c439cdc0587a3af89667faac58bb8c5705c231ab
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acceptabledcooeprs.shop/api8(?__cf_chl_rt_tk=0RMSSlzlPUobXFSXStiWVJb8BPfpyyFUHDKvVTNWbHw-1715114592-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 20:43:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: H6Cgczm0RoJsy+8tjV6eN6K/w/lVSxd4mE5Ci/L/DtMi2D13ypsC+FEfUmUL1iP2T7FO/Jw8J2jXZWlnRbB8yNBPkcPw3+qgxQyZgYfyM7UWfibqImN+cj3K2N+Im6mw1g3SQz8UaZZzGvHIvad6tQ==$BdlVxueNgGxmU+HatHqEoA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tKYA7Z6k8iRweiDeF1735HeAJZI660rxud0x4OmMGKZAqHbYqlZGDVuLv9%2FoX4Hwja6PPb5j10q%2Fj8f4IhhDeGhdg70rUq1Qbsmyclvv5C70ghY7wJD7GOGeDUuoTxTGCuwIply2mZ4DUw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88040a79f90ab4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1901099151:1715113489:_R5Q0ozqD_SIPQHaeYylGvyGGuQiYEy_zjZxzipAsyY/88040a78fcdf1c0a/85fbb11e3ebd352 | 172.67.180.137 | | 12 kB |
URL acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1901099151:1715113489:_R5Q0ozqD_SIPQHaeYylGvyGGuQiYEy_zjZxzipAsyY/88040a78fcdf1c0a/85fbb11e3ebd352 IP172.67.180.137:0
File typeASCII text, with very long lines (16320), with no line terminators Hash5665ebb6cb7719965c252392f7ca9681 fc8c0715e558eb944b35446ef48a449eeb91ea0a 90d96acfe0cbc4123993643d0bd3fa8c7851960488d4c78714028267e14ae107
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1901099151:1715113489:_R5Q0ozqD_SIPQHaeYylGvyGGuQiYEy_zjZxzipAsyY/88040a78fcdf1c0a/85fbb11e3ebd352 HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acceptabledcooeprs.shop/api8(
Content-type: application/x-www-form-urlencoded
CF-Challenge: 85fbb11e3ebd352
Content-Length: 1886
Origin: http://acceptabledcooeprs.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 20:43:12 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: q/Nvc6WlWvXi9VeAygcBPjEPnmoLWebG+hSlTHnQfgH1xQQKKpqRJkJ7WzKrCeMI$RXLysxIMmJ+cFB2PXt6nyg==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c0VhqYQxuANPxG6azYyOCJtdeR9HPGeE4O9C9WsXFZjBgoWRM5vq8dbm8WjxoBjBkug%2B8fdNN2oNcYSK5RpKFl7QDxEZTH9U23ioPZFrwPOf0MUF3SnChe7OK3ET1p6E7zENrMdIcLYcQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88040a7b6a2856cb-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/w20ul/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 20:43:12 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 88040a7cea3c56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/88040a7c58f156ca/1715114593196/Z45_-WBaYBjCN1Y | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/88040a7c58f156ca/1715114593196/Z45_-WBaYBjCN1Y IP104.17.3.184:0
File typePNG image data, 62 x 13, 8-bit/color RGB, non-interlaced Hash7479a1c8da01df6cd1e8e09097977314 e11f6ce129e42dfe088c2f2a006bb11fa5a10da4 47ef7b0eadb19671bfc947d255eb34ae1446f8fa56a8ca9daefa1e4f5fea7aac
GET /cdn-cgi/challenge-platform/h/b/i/88040a7c58f156ca/1715114593196/Z45_-WBaYBjCN1Y HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/w20ul/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 20:43:14 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 88040a8518fd56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1434907400:1715113536:-808DbDqqLZf5HFK-JCD21nmgZ2X-8hNtYJuhIW9u7E/88040a7c58f156ca/1b0ab3437f2aace | 104.17.3.184 | | 111 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1434907400:1715113536:-808DbDqqLZf5HFK-JCD21nmgZ2X-8hNtYJuhIW9u7E/88040a7c58f156ca/1b0ab3437f2aace IP104.17.3.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size111 kB (111359 bytes) Hash53f24ffe4df1e1f5a353f47b15921ce6 44a618c19c48a6cc0eefa06911798893ed2498e0 ae9e72933bbfbddd532105ea86f2709cf21dfac0b25c899f850d61231af9bbc3
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1434907400:1715113536:-808DbDqqLZf5HFK-JCD21nmgZ2X-8hNtYJuhIW9u7E/88040a7c58f156ca/1b0ab3437f2aace HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/w20ul/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 1b0ab3437f2aace
Content-Length: 3530
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 20:43:13 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: WcF1fRvofLlCTznAX8ntoOq7BHfNSk8KmaLuQb19+V0O+f7Asi86B/7wlX/tGYinQWy7qWnPcMeDebyP4pOGigJ8Pdg5opfre+6LRSfPKQNBBtk95uh05UAxDW+1eu2C+APaiTknyJqj8LuY5Jl7WqvXaOan3LMTC/gUCTwAfpi2Sog5ax/OlKSbhcEbiTsiowFFbIGw8N4pLKH2P5F0v2xsnJhPAdCAfJDz+4CTZOrAoiFkezwHGSx13XUd2waGEUXQI3GXFawyYAIfNr4mMMs39ujyWbeEDk/EeeugSVqtF7Wy8lBgw9n6vkOKtJjal8twwrWqXyXJdOkx9c71IkoNa3Mm88svVn2dx2EUYC6YfjWpX/SACfxoWWarzwiUC+nPuYEvBLJSieh6ECqTQs3tbdAqdt+B6+BxknqEBqkdFvHESKjR6kH5aoDfuxTII8NPkCUSh3Ii5P38NHpYPWU0Vz+7jOmz691y7w0L4PACgnXiu7LrjT8o3fBTmSqu$FPuCCx3JE3Tr7GRbp+Av3w==
vary: accept-encoding
server: cloudflare
cf-ray: 88040a7f5e3d56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| acceptabledcooeprs.shop/api8( | 172.67.180.137 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1acceptabledcooeprs.shop/api8( IP172.67.180.137:80
File typeHTML document, ASCII text, with very long lines (14416), with no line terminators Hashbcf40a2d69917579ff5d1555c70faf80 65ab89f5b64bdb342be2894571a5c0893d511d0d b176b6a8648c45cf715e672594258bde6a4460a3e37418a155da70f00af8f24c
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /api8( HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 20:43:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: t33w4tPUqelIR/QcBs8cfwFOdyhnnnDv4IRfo1cAT3dUSBFYZ2nTc8+/T3d/x17s2IA8TlHRtKh52dphKHWsWv+KTDwTs6W0ch37O07jnzSgUGKMH7U4CK5WG6YyzkgfYtoWr22rLhJaa6HWIAR0Hg==$bWRO1sOLtnbtuT61PrbD6Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4HI4QDtyqrJramAzdxqlWQvT%2Fg93g5xE56WjztXa%2F1sOsXrAg0YWCH%2FtsTzdnkoBnPKB0zqE5BBLvG1Y2r8VyhnQ97lk%2F0n5wglIOTflGscZC664ZAjzpD3qg1oGIg6%2BNDnOyhakcZgmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88040ab7e94856cb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88040ab7e94856cb | 172.67.180.137 | 200 OK | 110 kB |
URL GET HTTP/1.1acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88040ab7e94856cb IP172.67.180.137:80
Requested byhttp://acceptabledcooeprs.shop/api8(
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size110 kB (109465 bytes) Hash850a44dfb89ae4696278fa2feac35d40 dc9fa384159ddae539a47619a9e8bc3145ae1683 ff1929ec96f46e4101d8493343b707e5bec31264a5ec6d084b1f5041a22cb234
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88040ab7e94856cb HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acceptabledcooeprs.shop/api8(?__cf_chl_rt_tk=luYmPVmyhtch0CCJHN5yeNnuksTVsYQyz6LSDhg9F_U-1715114602-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 20:43:22 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8TKVc2abfEduLEdxpnrEyVJ%2F5urHf5%2FyNu12Rkn7yNn3ITzcWBVm%2FCO1OxS%2F6UECPKxQOfKCY9njkoiT7VmivT6DZy1n%2BJQX0AFGZJjTSiNGSX1b1xA%2FJKM26qWt4Sv26GIh44y0j%2BHHIg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88040ab89d1cb529-OSL
alt-svc: h2=":443"; ma=60
|
|
| acceptabledcooeprs.shop/favicon.ico | 172.67.180.137 | 403 Forbidden | 5.8 kB |
URL GET HTTP/1.1acceptabledcooeprs.shop/favicon.ico IP172.67.180.137:80
Requested byhttp://acceptabledcooeprs.shop/api8(
File typeHTML document, ASCII text, with very long lines (14195), with no line terminators Hashe785dbe5131356f473610e25113b3f9e 283573e77df5858eca4bb591661db7e8158512c9 8f04d96624031cc079c35edb6d020584c208e36dde2c3bb68111de8d3d362a5a
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acceptabledcooeprs.shop/api8(
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 20:43:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 9JhrIWKCn0xszpGZPnMr9OvwQD2xdOCf16dVInrnFofuWGa/ZzF6sC97nHs4NaJajBhZrR/Tzb/BRxTwaOyrjlnaStOxrPQbq/rdlNr6VZjU0uz1fevsJGKZ1Xrg/NK6yP4ZDmLQOC7q+tuGKyaSpA==$U16JfqYVJhlnJILOr9b6pg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2e%2BW5C%2FOzw9rpr%2F9KiZ6YSeWDQghl3JknIg1L0UXEbBufvADzL4UQOqYog77Lojnu3938pQVT48NK7eHtavkta%2BebzhLXbQjbqLZC6chZXS%2B9Do94BBCsbYD9Xm%2FqPj0cYeAARBi5ILXfA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88040ab97d4d56b7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| acceptabledcooeprs.shop/favicon.ico | 172.67.180.137 | 403 Forbidden | 27 kB |
URL GET HTTP/1.1acceptabledcooeprs.shop/favicon.ico IP172.67.180.137:80
Requested byhttp://acceptabledcooeprs.shop/api8(
Hash3b55b5c720d34896b6bb90a14c4a7c82 0329beeb08003e47cce1d04a70240891917129a7 b596b2c39f91c28d165cd2a8820c6b7442ec435fda1eebd91973a7da1e373963
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acceptabledcooeprs.shop/api8(?__cf_chl_rt_tk=gSmyqU2q3.0KuTh7NeQn2Jjeol7GXuC.uZIFoKo.Eio-1715114580-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 20:43:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: iIZ+7AO7bvUm/I6ijbWGCIx2kWsMY10J0rQIg4b1yXYctZlbkojcVGqWeshOro1iMLhnWTAm2Ev6FmUM04XzJwFopIqZ7EJ7JUjfh2nHSXFHSmL/7z9HCQYkuKKg1Ch4Fz+qeytySnC6QvrNQA7ABA==$05YUca3lhbi0XWCjSMUm9g==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yu3azd96qkUrpQ9UaVhmM6KJu7JoU8MrekMrBGCL8Xpf9GPYZPDhJ11V2wUSfmmN0cuckYL70pJ%2Bj2L7WcLV7QpJM1uQwlf0bBKCpLxnRrp26GI5BfJty8l1m5hK%2BXBbbBzvRlmNW18Uyg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88040a332cd95690-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/sjax8/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 20:43:22 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 88040abc2bea56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit | 104.17.3.184 | 200 OK | 43 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP104.17.3.184:443
Requested byhttp://acceptabledcooeprs.shop/api8( CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://acceptabledcooeprs.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 20:43:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: max-age=604800, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 88040ab97fd156ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/2004585192:1715113523:HFMb-g_WBwNoFZCfh3vqSOApZ67_KYj0lZIj6g405JY/88040ab7e94856cb/4fdd32de1c4ac0b | 172.67.180.137 | 200 OK | 16 kB |
URL POST HTTP/1.1acceptabledcooeprs.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/2004585192:1715113523:HFMb-g_WBwNoFZCfh3vqSOApZ67_KYj0lZIj6g405JY/88040ab7e94856cb/4fdd32de1c4ac0b IP172.67.180.137:80
Requested byhttp://acceptabledcooeprs.shop/api8(
File typeASCII text, with very long lines (16312), with no line terminators Hash8b4e285332f06ee650f085c9d8769b19 7be9ea8135cc8d2be86cf0b9c055da8e21fccafa a7c4ad6f3b12322f066fa3c039ced63d17e9ef28f8216690e8359ce154184bc7
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2004585192:1715113523:HFMb-g_WBwNoFZCfh3vqSOApZ67_KYj0lZIj6g405JY/88040ab7e94856cb/4fdd32de1c4ac0b HTTP/1.1
Host: acceptabledcooeprs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acceptabledcooeprs.shop/api8(
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4fdd32de1c4ac0b
Content-Length: 1870
Origin: http://acceptabledcooeprs.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 20:43:22 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 6MZhvaMw7jucHM/p7kySgwPT0PHMEP1vUbbwX5XyJjeKdYdMOYm/PZthwd4kJ653$qfCUi6Q405WSv1rCeaBZNA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnYUsyykA%2B2DzSFT6Ar6e44p6Wiz9SxzO2Aqnap2bNShGwigU%2FEqO5AUal0Hkmtg8bpF%2BjzBKp8fajXnGAE4JBjrvSLUNGXm0fulwDM2Q%2B%2FtqP%2FWN69kElie8l2%2BuEOvg77boOfjTGcpzw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88040aba3b99b4ed-OSL
alt-svc: h2=":443"; ma=60
|
|