| snowplow.apps.clarivate.com/r/tp2?u=https://arfantravels.com/new/new/lrumav/YXNAZGF0YXBsYW4ubm8= |  52.36.177.214 | | 0 B |
URL snowplow.apps.clarivate.com/r/tp2?u=https://arfantravels.com/new/new/lrumav/YXNAZGF0YXBsYW4ubm8= IP52.36.177.214:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/tp2?u=https://arfantravels.com/new/new/lrumav/YXNAZGF0YXBsYW4ubm8= HTTP/1.1
Host: snowplow.apps.clarivate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 02 Jun 2023 12:52:50 GMT
content-length: 0
location: https://arfantravels.com/new/new/lrumav/YXNAZGF0YXBsYW4ubm8=
set-cookie: sp=3707633a-b348-4ffd-9fde-9967a0fd6854; Expires=Sat, 01 Jun 2024 12:52:50 GMT; Domain=; Path=/; SameSite=None
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
server: akka-http/10.1.12
X-Firefox-Spdy: h2
|
|
| arfantravels.com/new/new/lrumav/YXNAZGF0YXBsYW4ubm8= | 69.162.66.34 | | 0 B |
URL arfantravels.com/new/new/lrumav/YXNAZGF0YXBsYW4ubm8= IP69.162.66.34:0 ASN#46475 LIMESTONENETWORKS
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
GET /new/new/lrumav/YXNAZGF0YXBsYW4ubm8= HTTP/1.1
Host: arfantravels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
refresh: 0;url=https://ssxxexion.com/?&qrc=as@dataplan.no
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 02 Jun 2023 12:52:51 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| ssxxexion.com/?&qrc=as@dataplan.no |  104.21.48.85 | 404 Not Found | 0 B |
URL User Request GET HTTP/3ssxxexion.com/?&qrc=as@dataplan.no IP104.21.48.85:443
CertificateIssuerLet's Encrypt Subjectssxxexion.com FingerprintC6:17:8D:BA:6E:52:D4:D8:B4:81:B0:4A:D8:F7:B7:9A:3B:D8:F5:79 ValidityMon, 24 Apr 2023 01:33:50 GMT - Sun, 23 Jul 2023 01:33:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
POST /?&qrc=as@dataplan.no HTTP/1.1
Host: ssxxexion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
k-LXJJkPXGDdzfM1E8ISTvAwSqA: 21292624
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp:
X-Requested-TimeStamp-Expire:
X-Requested-TimeStamp-Combination:
X-Requested-Type: GET
X-Requested-Type-Combination: GET
8mfMPuOWqIFC1xJDj6cJ1jrpUyc: 73UChAP-AHOfAfgLSl8OvH-JLo
Content-type: application/x-www-form-urlencoded
Content-Length: 22
Origin: https://ssxxexion.com
DNT: 1
Connection: keep-alive
Referer: https://ssxxexion.com/?&qrc=as@dataplan.no
Cookie: Ja3jKagLb55kHGb4swSi_hQu8mg=SIM3mthGeAheuNP7St0GKH5aR6E; zIxQ7Oca08QNXLggpmX7cJYPzPE=1685710320; TO0HvJlO-kY7kCsYh_O_eD0YMxA=1685796720; Sg1woS6ndKAtVI88kfN6VAoDzZw=j17BhOUOSGrKLsBe0eNR4bjsTpQ; 0mAoCi2mm4zHXCXzUhOzo_zY_9I=lkLPZiL_UVgRTxwDers97UXe5XU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Jun 2023 12:52:52 GMT
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
set-cookie: _qu1yAEHWWJXOY2fsjYf5xiIZrg=5wiQ_-f41RqPzSGzn-6WoFUOfFU; path=/; expires=Sat, 03-Jun-23 12:52:52 GMT; Max-Age=86400;
-JSGHbN23RxMMkIQcMLfR8R5yhE=1685710372; path=/; expires=Sat, 03-Jun-23 12:52:52 GMT; Max-Age=86400;
tsvlkeauzPPs8veJXYPQIqWUzWQ=1685796772; path=/; expires=Sat, 03-Jun-23 12:52:52 GMT; Max-Age=86400;
eugdzB1kDXqB6CJPg7aME_YtwZg=mDG2FDBIGbgntzeIVulwcb6z4Bc; path=/; expires=Sat, 03-Jun-23 12:52:52 GMT; Max-Age=86400;
t96nS-ybmT07WdwM1QTXWNXyRP8=GMOtRltGeI8dMtaIuHLvc--PNPM; path=/; expires=Sat, 03-Jun-23 12:52:52 GMT; Max-Age=86400;
x-frame-options: SAMEORIGIN
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCBxB64IXH%2BJKJnxV06XNK4ZTi8SPbPVujk%2BYFZFc15%2Ba%2BYHHofMfE5UoRNfNxn7Ix4fM8XU4qLm9wEsZxDnLJHF8Qte0ag6pUtx3C%2BevIpUBvbewJcvJARdiiSvc8%2B8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fd6010a6bb509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ssxxexion.com/cdn-cgi/challenge-platform/h/g/cv/result/7d0fd6017b830b61 | 104.21.48.85 | 200 OK | 2 B |
URL POST HTTP/3ssxxexion.com/cdn-cgi/challenge-platform/h/g/cv/result/7d0fd6017b830b61 IP104.21.48.85:443
Requested byhttps://ssxxexion.com/?&qrc=as@dataplan.no CertificateIssuerLet's Encrypt Subjectssxxexion.com FingerprintC6:17:8D:BA:6E:52:D4:D8:B4:81:B0:4A:D8:F7:B7:9A:3B:D8:F5:79 ValidityMon, 24 Apr 2023 01:33:50 GMT - Sun, 23 Jul 2023 01:33:49 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /cdn-cgi/challenge-platform/h/g/cv/result/7d0fd6017b830b61 HTTP/1.1
Host: ssxxexion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12384
Origin: https://ssxxexion.com
DNT: 1
Connection: keep-alive
Referer: https://ssxxexion.com/?&qrc=as@dataplan.no
Cookie: Ja3jKagLb55kHGb4swSi_hQu8mg=SIM3mthGeAheuNP7St0GKH5aR6E; zIxQ7Oca08QNXLggpmX7cJYPzPE=1685710320; TO0HvJlO-kY7kCsYh_O_eD0YMxA=1685796720; Sg1woS6ndKAtVI88kfN6VAoDzZw=j17BhOUOSGrKLsBe0eNR4bjsTpQ; 0mAoCi2mm4zHXCXzUhOzo_zY_9I=lkLPZiL_UVgRTxwDers97UXe5XU; _qu1yAEHWWJXOY2fsjYf5xiIZrg=5wiQ_-f41RqPzSGzn-6WoFUOfFU; -JSGHbN23RxMMkIQcMLfR8R5yhE=1685710372; tsvlkeauzPPs8veJXYPQIqWUzWQ=1685796772; eugdzB1kDXqB6CJPg7aME_YtwZg=mDG2FDBIGbgntzeIVulwcb6z4Bc; t96nS-ybmT07WdwM1QTXWNXyRP8=GMOtRltGeI8dMtaIuHLvc--PNPM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:52:52 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=PQslvxzr5PrAv.ceV_xGNi9ZsgipqvH..MeFpuhp9wM-1685710372-0-AU+LKCjnTmf3wxR9J0NXlTVHnJQxSxR/DFlq2Kray2KPhQPw6DFAJoYf1OclRjHY7RDYpKW/Laxb+5NHP9ALSjQ7O4dfddjZw7K77A5sWbFr; path=/; expires=Fri, 02-Jun-23 13:22:52 GMT; domain=.ssxxexion.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6FJZcV8nNC5Pg6KYLdS47TxQ3me4K%2BJ%2F10A3fUvKOesMP8wlNbkD4u%2FK0QUbgE3GAXqPmgUcVNvuuFmEQpNCgUdWTkeFIUo5qAv3%2Bxzwioe%2FjY4dymvRbubKFAJMx9T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fd6045e2f0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ssxxexion.com/favicon.ico | 104.21.48.85 | 404 Not Found | 257 B |
URL GET HTTP/3ssxxexion.com/favicon.ico IP104.21.48.85:443
Requested byhttps://ssxxexion.com/?&qrc=as@dataplan.no CertificateIssuerLet's Encrypt Subjectssxxexion.com FingerprintC6:17:8D:BA:6E:52:D4:D8:B4:81:B0:4A:D8:F7:B7:9A:3B:D8:F5:79 ValidityMon, 24 Apr 2023 01:33:50 GMT - Sun, 23 Jul 2023 01:33:49 GMT
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators Hash6147ca10712e483b5ee714d29c21e439 7bffd4014efe0ace62d03599877153159e2a01b6 e5128b5e331cad19df2f67041ffc85bf716d6e6106dea098c37524593fb268e9
GET /favicon.ico HTTP/1.1
Host: ssxxexion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ssxxexion.com/?&qrc=as@dataplan.no
Cookie: Ja3jKagLb55kHGb4swSi_hQu8mg=SIM3mthGeAheuNP7St0GKH5aR6E; zIxQ7Oca08QNXLggpmX7cJYPzPE=1685710320; TO0HvJlO-kY7kCsYh_O_eD0YMxA=1685796720; Sg1woS6ndKAtVI88kfN6VAoDzZw=j17BhOUOSGrKLsBe0eNR4bjsTpQ; 0mAoCi2mm4zHXCXzUhOzo_zY_9I=lkLPZiL_UVgRTxwDers97UXe5XU; _qu1yAEHWWJXOY2fsjYf5xiIZrg=5wiQ_-f41RqPzSGzn-6WoFUOfFU; -JSGHbN23RxMMkIQcMLfR8R5yhE=1685710372; tsvlkeauzPPs8veJXYPQIqWUzWQ=1685796772; eugdzB1kDXqB6CJPg7aME_YtwZg=mDG2FDBIGbgntzeIVulwcb6z4Bc; t96nS-ybmT07WdwM1QTXWNXyRP8=GMOtRltGeI8dMtaIuHLvc--PNPM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 02 Jun 2023 12:52:52 GMT
content-type: text/html
vary: Accept-Encoding
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
pragma: public
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9l%2FLNOn4Et9EsAw%2F1GIJkBPSz57xy46%2FPcx3%2FuVQ8Nm2Ai0JUwgBzVPzW4%2Bjg%2FA5Qe%2FhtjJG1OUrBocHjKAbmeK0ff%2B0BcMH7T0jaWeeCQQ3pXR97u0sopMnp7qay1ht"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fd6022c180b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ssxxexion.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js | 104.21.48.85 | 200 OK | 26 kB |
URL GET HTTP/3ssxxexion.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js IP104.21.48.85:443
Requested byhttps://ssxxexion.com/?&qrc=as@dataplan.no CertificateIssuerLet's Encrypt Subjectssxxexion.com FingerprintC6:17:8D:BA:6E:52:D4:D8:B4:81:B0:4A:D8:F7:B7:9A:3B:D8:F5:79 ValidityMon, 24 Apr 2023 01:33:50 GMT - Sun, 23 Jul 2023 01:33:49 GMT
File typeASCII text, with very long lines (26125), with no line terminators Hashe25e2d5561695f97448afbfa0f1d86f8 608e6b1ed356c7935c6be46f62cd6799410c75a2 8e54a8c5f3a7bec48a9ef06f225462d5106966ce859ebe106f1aae7b3d957394
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js HTTP/1.1
Host: ssxxexion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: Ja3jKagLb55kHGb4swSi_hQu8mg=SIM3mthGeAheuNP7St0GKH5aR6E; zIxQ7Oca08QNXLggpmX7cJYPzPE=1685710320; TO0HvJlO-kY7kCsYh_O_eD0YMxA=1685796720; Sg1woS6ndKAtVI88kfN6VAoDzZw=j17BhOUOSGrKLsBe0eNR4bjsTpQ; 0mAoCi2mm4zHXCXzUhOzo_zY_9I=lkLPZiL_UVgRTxwDers97UXe5XU; _qu1yAEHWWJXOY2fsjYf5xiIZrg=5wiQ_-f41RqPzSGzn-6WoFUOfFU; -JSGHbN23RxMMkIQcMLfR8R5yhE=1685710372; tsvlkeauzPPs8veJXYPQIqWUzWQ=1685796772; eugdzB1kDXqB6CJPg7aME_YtwZg=mDG2FDBIGbgntzeIVulwcb6z4Bc; t96nS-ybmT07WdwM1QTXWNXyRP8=GMOtRltGeI8dMtaIuHLvc--PNPM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:52:52 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEWFet5Gc9DQoFOVX7qPZ99GkAWq5o0nznCvnb1jD14OlEBYLzx%2B34yGU3kTUMPDMphiAU0DkjEjnpU2uJjT3J8%2BXsMqhhz6568W7PtHbI4snWX3wP5VBaWcbzsd77Rb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fd6026c460b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ssxxexion.com/cdn-cgi/challenge-platform/scripts/invisible.js | 104.21.48.85 | 302 Found | 26 kB |
URL GET HTTP/3ssxxexion.com/cdn-cgi/challenge-platform/scripts/invisible.js IP104.21.48.85:443
Requested byhttps://ssxxexion.com/?&qrc=as@dataplan.no CertificateIssuerLet's Encrypt Subjectssxxexion.com FingerprintC6:17:8D:BA:6E:52:D4:D8:B4:81:B0:4A:D8:F7:B7:9A:3B:D8:F5:79 ValidityMon, 24 Apr 2023 01:33:50 GMT - Sun, 23 Jul 2023 01:33:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: ssxxexion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: Ja3jKagLb55kHGb4swSi_hQu8mg=SIM3mthGeAheuNP7St0GKH5aR6E; zIxQ7Oca08QNXLggpmX7cJYPzPE=1685710320; TO0HvJlO-kY7kCsYh_O_eD0YMxA=1685796720; Sg1woS6ndKAtVI88kfN6VAoDzZw=j17BhOUOSGrKLsBe0eNR4bjsTpQ; 0mAoCi2mm4zHXCXzUhOzo_zY_9I=lkLPZiL_UVgRTxwDers97UXe5XU; _qu1yAEHWWJXOY2fsjYf5xiIZrg=5wiQ_-f41RqPzSGzn-6WoFUOfFU; -JSGHbN23RxMMkIQcMLfR8R5yhE=1685710372; tsvlkeauzPPs8veJXYPQIqWUzWQ=1685796772; eugdzB1kDXqB6CJPg7aME_YtwZg=mDG2FDBIGbgntzeIVulwcb6z4Bc; t96nS-ybmT07WdwM1QTXWNXyRP8=GMOtRltGeI8dMtaIuHLvc--PNPM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 02 Jun 2023 12:52:52 GMT
vary: accept-encoding
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M07r65KlBu5%2BYk3yuQ7%2FwoXYWb3YddRuprOh3PbxwcaYRWDrzcEHRba0ETPTeiXy2p2hbX%2BiinPRJgfqHJcuxnrfLBWv0Cd8ptnGgJ0BLTExRWPMvUrT5QaVf2BFK63V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fd6023c290b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ssxxexion.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js | 104.21.48.85 | 200 OK | 5.7 kB |
URL GET HTTP/3ssxxexion.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js IP104.21.48.85:443
Requested byhttps://ssxxexion.com/?&qrc=as@dataplan.no CertificateIssuerLet's Encrypt Subjectssxxexion.com FingerprintC6:17:8D:BA:6E:52:D4:D8:B4:81:B0:4A:D8:F7:B7:9A:3B:D8:F5:79 ValidityMon, 24 Apr 2023 01:33:50 GMT - Sun, 23 Jul 2023 01:33:49 GMT
File typeASCII text, with very long lines (5731), with no line terminators Hashc9850c6bd1f11a64c6cc69a7428c4572 61401419306a7bb2f3cd9eb4bbe5b54c6eca393d 6bb36afba155289360acd1d7807b6060d5df4fc15f8aa22bf13a7af3ccdbbe21
GET /cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP/1.1
Host: ssxxexion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ssxxexion.com/?&qrc=as@dataplan.no
Cookie: Ja3jKagLb55kHGb4swSi_hQu8mg=SIM3mthGeAheuNP7St0GKH5aR6E; zIxQ7Oca08QNXLggpmX7cJYPzPE=1685710320; TO0HvJlO-kY7kCsYh_O_eD0YMxA=1685796720; Sg1woS6ndKAtVI88kfN6VAoDzZw=j17BhOUOSGrKLsBe0eNR4bjsTpQ; 0mAoCi2mm4zHXCXzUhOzo_zY_9I=lkLPZiL_UVgRTxwDers97UXe5XU; _qu1yAEHWWJXOY2fsjYf5xiIZrg=5wiQ_-f41RqPzSGzn-6WoFUOfFU; -JSGHbN23RxMMkIQcMLfR8R5yhE=1685710372; tsvlkeauzPPs8veJXYPQIqWUzWQ=1685796772; eugdzB1kDXqB6CJPg7aME_YtwZg=mDG2FDBIGbgntzeIVulwcb6z4Bc; t96nS-ybmT07WdwM1QTXWNXyRP8=GMOtRltGeI8dMtaIuHLvc--PNPM
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:52:52 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pItzwsGJk%2Bv86q7vP1%2F6V0gXlr2aikp9L3PZEsVHSGUZdwn55JDopbt1gmaADiGIhiMhlCbhrIJbrlJ%2FYYhov8xBf%2B4vn5nPO1wLzpOEKeo3zDIssUKBsG3MNugv577g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fd602ccab0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|