| ad-delivery.net/px.gif?ch=1&e=0.7088262389751865 | 104.26.2.70 | 200 OK | 43 B |
URL GET HTTP/2ad-delivery.net/px.gif?ch=1&e=0.7088262389751865 IP104.26.2.70:443
Requested byhttps://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9 CertificateIssuerGoogle Trust Services LLC Subjectad-delivery.net Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18 ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.7088262389751865 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://captcha-bot-verification.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 08:59:15 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 442063
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBTcB7gqM7PlF%2BVYVlmoYzWkR1WzfFXv1OViZZ6oFzqgOd6qMdkcCzaeqGdoRrT7oHaIA%2BXSG%2FBfqsRN1RIqBxiiZ3K11iTAt%2Bsb%2Fkq3UGu58JPO5qNQPOXjz1EklwyPJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876375308f801c0e-OSL
X-Firefox-Spdy: h2
|
|
| ad-delivery.net/px.gif?ch=2 | 104.26.2.70 | 200 OK | 43 B |
URL GET HTTP/2ad-delivery.net/px.gif?ch=2 IP104.26.2.70:443
Requested byhttps://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9 CertificateIssuerGoogle Trust Services LLC Subjectad-delivery.net Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18 ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://captcha-bot-verification.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 08:59:15 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 442063
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3qcdNVxo1V%2BbPV1KxwlLtFxazrBSsdYdkj2p8o9Ko6%2Bv8zCcF4v%2BxthqK8wqGkK%2BmuKt%2BaaAIe98cSdmwerdpAW3FweXrOi0Kd2Gw9CCsHwhV3eenRazC%2FlnxcsTZZv5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876375308f7e1c0e-OSL
X-Firefox-Spdy: h2
|
|
| js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/animation.css | 143.204.55.121 | 200 OK | 722 B |
URL GET HTTP/2js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/animation.css IP143.204.55.121:443
Requested byhttps://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9 CertificateIssuerAmazon Subjectjs.chargebee.com Fingerprint52:82:F0:7C:BC:34:17:D8:A0:66:8F:88:80:B7:A2:DE:2C:94:03:0D ValidityMon, 12 Feb 2024 00:00:00 GMT - Tue, 11 Mar 2025 23:59:59 GMT
Hash520016f3fad41f77bb889758ac030aaf 48ca24438fbec42628371ec9320c6730a887f3e8 c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd
GET /assets/cbjs-2023.10.09-09.27/v2/animation.css HTTP/1.1
Host: js.chargebee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://captcha-bot-verification.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 722
last-modified: Tue, 10 Oct 2023 04:38:56 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: foyXDctj67AQ38AQugjXyXC8alSOBAgn
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
date: Thu, 18 Apr 2024 08:55:45 GMT
cache-control: max-age=300,public
etag: "520016f3fad41f77bb889758ac030aaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nC56D_B_mP6x7r7BiClYsKHa19e0NHFK5dT5g_1v_5f4XEg5uQx91g==
age: 299
X-Firefox-Spdy: h2
|
|
| captcha-bot-verification.xyz/public/img/logo.png | 104.21.66.106 | 200 OK | 15 kB |
URL GET HTTP/3captcha-bot-verification.xyz/public/img/logo.png IP104.21.66.106:443
Requested byhttps://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9 CertificateIssuerGoogle Trust Services LLC Subjectcaptcha-bot-verification.xyz FingerprintEB:E2:63:D6:DD:67:D6:2A:05:43:3D:52:24:9C:AE:FA:69:CA:07:3F ValidityFri, 12 Apr 2024 22:58:51 GMT - Thu, 11 Jul 2024 22:58:50 GMT
File typeRIFF (little-endian) data, Web/P image Hash09c754ad1c663c4478489bb1648e439b 39c52cf6ace0dff4bf06457a7bd856534f314319 6227e69f1c3711825b5166ddcbd07539e556ce7068917ad7701a5af5b4814f33
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/img/logo.png HTTP/1.1
Host: captcha-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:59:16 GMT
content-type: image/png
content-length: 14910
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 14 Oct 2023 11:15:41 GMT
etag: W/"3a3e-18b2de62b48"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTIiwHpDSv62ZybTfl%2BA9vgne7ZBN%2BKPiD2oQuVyzChTRHIfNcHMb60JYIsCSgRmsDBV0wvOSjJeEebhxQX9k%2BuXnUwaHDICmgEY6ZanCAsEd2r1x0697dfwKEMYqtOx0OHN4trnsvNoTmwxgNWP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876375306b300b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.discordapp.com/icons/1204083732903108698/545afdc5fd982b1f8c81bcf73b2e1ea5.png?size=128 | 162.159.130.233 | 200 OK | 25 kB |
URL GET HTTP/2cdn.discordapp.com/icons/1204083732903108698/545afdc5fd982b1f8c81bcf73b2e1ea5.png?size=128 IP162.159.130.233:443
Requested byhttps://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9 CertificateIssuerCloudflare, Inc. Subjectdiscordapp.com Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39 ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File typePNG image data, 128 x 128, 8-bit/color RGB, non-interlaced Hash500ccccd11d86942a89758c8a02b9422 873017c7e0c9b4cceb3a699c13195a0113dde6ad 42adfa30939eb03a8c68baf62ab73af06b51d9f8575894135df5ff60674e6968
GET /icons/1204083732903108698/545afdc5fd982b1f8c81bcf73b2e1ea5.png?size=128 HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://captcha-bot-verification.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 08:59:16 GMT
content-type: image/png
content-length: 24607
cf-ray: 87637533ba3c56b7-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 480988
cache-control: public, max-age=31536000
expires: Fri, 18 Apr 2025 08:59:16 GMT
last-modified: Mon, 08 Apr 2024 21:16:24 GMT
x-discord-transform-duration: 22
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iariaZ1z6To6%2B8z0K5w7TWpQNhOgdFKPRe9rSPMdnPogyQe2fE4yYrHlxYFMdvnJEIzTsYo7z1L4xB41HjXfjL5AYVAOxPjO4TGGTBiE0KIixwco%2Br9x0C425v1Kd3Zp0rqS5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=f67Ty59mCg8esAhqJd05YYzdIlJ73QUyiCKDMOpJf7M-1713430756-1.0.1.1-2.iT8UCe8_cXVCb6zRmoQ1INn5yUNj_wPY79fHPtK_1DID9xWCrXVTcmBz3DXJkU7t85T4FTmf9LT7kjRU9O.g; path=/; expires=Thu, 18-Apr-24 09:29:16 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=Ysp38YULXIF7.H.r8JlXdpGevlqXWIUIfndA9PqfUvg-1713430756466-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| captcha-bot-verification.xyz/public/css/css1.css | 104.21.66.106 | 200 OK | 15 kB |
URL GET HTTP/3captcha-bot-verification.xyz/public/css/css1.css IP104.21.66.106:443
Requested byhttps://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9 CertificateIssuerGoogle Trust Services LLC Subjectcaptcha-bot-verification.xyz FingerprintEB:E2:63:D6:DD:67:D6:2A:05:43:3D:52:24:9C:AE:FA:69:CA:07:3F ValidityFri, 12 Apr 2024 22:58:51 GMT - Thu, 11 Jul 2024 22:58:50 GMT
File typeASCII text, with CRLF line terminators Hash2f15d0cde17da568c555b6b4256f78d8 53a94943fe5f69de31e3ab87e1a086a6cff8d60b 2cdda814d18cff3eb1e028f2a409182dcb96b93c5f26cfde631189ae29e4d3d0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/css/css1.css HTTP/1.1
Host: captcha-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:59:16 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 14 Oct 2023 11:16:22 GMT
etag: W/"307-18b2de6cb70"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xOo8gsP8gZDUOddDXkdbfZZ%2B44LRFbUbDuXbSxo4371e8uRhxzWLpSRkmxAiFJrMK%2Bowws5wwVM7vE5gcLHpiVTBSJFiX7%2BLM6hsu7Fx5biu6YBp%2BeDOEqM9iGcVa8yP4z2DbsnEpVje998iwJX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876375306b1c0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9 | 104.21.66.106 | 200 OK | 50 kB |
URL User Request GET HTTP/2captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9 IP104.21.66.106:443
CertificateIssuerGoogle Trust Services LLC Subjectcaptcha-bot-verification.xyz FingerprintEB:E2:63:D6:DD:67:D6:2A:05:43:3D:52:24:9C:AE:FA:69:CA:07:3F ValidityFri, 12 Apr 2024 22:58:51 GMT - Thu, 11 Jul 2024 22:58:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9 HTTP/1.1
Host: captcha-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 08:59:15 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
last-modified: Tue, 09 Apr 2024 15:00:39 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fv7fepYWD%2B1kq%2BN2Cn%2FTTsVd1C%2F12J8FyZ4N7KXrpcrvePUxV3KNZnxmi12HQLx%2F%2BziPBeycAg8SnPtfPwnlVg%2Bqs5g2GRtS7Iq1PACUSyr4r7%2BymqsQY0ri2%2F1tKPXdROGGRGooPB0Vz7OirBlt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763752daec8b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| captcha-bot-verification.xyz/public/js/adcf9ed6.js | 104.21.66.106 | 200 OK | 968 B |
URL GET HTTP/3captcha-bot-verification.xyz/public/js/adcf9ed6.js IP104.21.66.106:443
Requested byhttps://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9 CertificateIssuerGoogle Trust Services LLC Subjectcaptcha-bot-verification.xyz FingerprintEB:E2:63:D6:DD:67:D6:2A:05:43:3D:52:24:9C:AE:FA:69:CA:07:3F ValidityFri, 12 Apr 2024 22:58:51 GMT - Thu, 11 Jul 2024 22:58:50 GMT
File typeASCII text, with very long lines (1034), with no line terminators Hasha5b15446344cb7705b65db541ba2ce8d 3ebfe877253e8abad043fd347718792752d2338f a8bfe1e58f814dbd44e90bc97e67f1de29e4b7c39ba564ad3cde9ff1a59660ec
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Anti-debugging code | Quad9 DNS | malicious | Sinkholed |
GET /public/js/adcf9ed6.js HTTP/1.1
Host: captcha-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:59:16 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 14 Oct 2023 13:22:41 GMT
etag: W/"3c8-18b2e5a70e8"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mvw4pVyNzSrCthYxp4AXTXz8z07sUwDBL8EHdg%2FSYIydvt3JII%2F%2F4QhgFJErNRwWnw%2Fh9hFU2DZzKyd%2FZ2LYOjspfpQAcVZYPCOvxR1S%2B1lIuusLLhMi9JE7XuCcMjE6Nkr3U2l%2BmUdhpdAb%2Ffkq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876375306b280b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| captcha-bot-verification.xyz/public/css/css2.css | 104.21.66.106 | 200 OK | 56 kB |
URL GET HTTP/3captcha-bot-verification.xyz/public/css/css2.css IP104.21.66.106:443
Requested byhttps://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9 CertificateIssuerGoogle Trust Services LLC Subjectcaptcha-bot-verification.xyz FingerprintEB:E2:63:D6:DD:67:D6:2A:05:43:3D:52:24:9C:AE:FA:69:CA:07:3F ValidityFri, 12 Apr 2024 22:58:51 GMT - Thu, 11 Jul 2024 22:58:50 GMT
File typeASCII text, with very long lines (11029), with CRLF line terminators Hash6dc1ae326a7d470f2cc8d1f4790fcd4c 68514999effb3d6c3a4127aeb0a3b616058f83f3 771e7c1cbc2175cbff3f975636b57d860fb14825f7759960113f279ec89a5aa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/css/css2.css HTTP/1.1
Host: captcha-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://captcha-bot-verification.xyz/verify?data=eyJndWlsZElkIjoiMTIwNDA4MzczMjkwMzEwODY5OCIsImNsaWVudElkIjoiMTIzMDI5NDc5MDU0MTgwNzcyOCIsImV4cGlyZXMiOjE3MTM0MzA5MzI3NjcsImRvbWFpbiI6ImNhcHRjaGEtYm90LXZlcmlmaWNhdGlvbi54eXoiLCJuYW1lIjoiVGVlbiUyMEVnaXJscyUyMCUyQjE4JUUyJTlEJUE0JUYwJTlGJThEJTkyIiwibWVtYmVycyI6MTczMTcsImljb24iOiJodHRwczovL2Nkbi5kaXNjb3JkYXBwLmNvbS9pY29ucy8xMjA0MDgzNzMyOTAzMTA4Njk4LzU0NWFmZGM1ZmQ5ODJiMWY4YzgxYmNmNzNiMmUxZWE1LnBuZz9zaXplPTEyOCJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:59:16 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 14 Oct 2023 11:16:32 GMT
etag: W/"da51-18b2de6f280"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bgu2bglWvYytykwsTeO2d1Qm2EQ81EqMeN9mWi65BWDaUVfK4JuoHN%2FPSK0PI691v2%2BuvJUWJJu6RmKE9MlwvYPDEBgCngwuLdoNFNQG6g2g8JQYnX5IToFfGv85iTn4AAr5HDGZ%2FlAU7cHcwxgA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876375306b230b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|