| r10.o.lencr.org/ |  23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb7dbdd91e33b4b40b990affe38907ed8 8c1dc814dfd071e0c4dcfc0f5429eb7c221d609a 842512e65717b866647d52bc726c962cc42c7e2027c53a2b5b79d7b86d2e50fc
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "842512E65717B866647D52BC726C962CC42C7E2027C53A2B5B79D7B86D2E50FC"
Last-Modified: Sun, 30 Jun 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5938
Expires: Tue, 02 Jul 2024 00:55:07 GMT
Date: Mon, 01 Jul 2024 23:16:09 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf6d043d7b5e98906db1fe2695e98859c 154db889ef567d2839bb7eaa15818cd546495b4f f4fcc79261acda8e1cb81b9fc6524ee560b60740b0cf8107308dc82750dc079a
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F4FCC79261ACDA8E1CB81B9FC6524EE560B60740B0CF8107308DC82750DC079A"
Last-Modified: Sat, 29 Jun 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2530
Expires: Mon, 01 Jul 2024 23:58:19 GMT
Date: Mon, 01 Jul 2024 23:16:09 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashcbf18fc0b8495e9002d75d18377ee564 26efedcb55b771589d559b798261c86a87c0b313 3358d5f916c82bb4d1a67b717d2a280302e3f54a687893b0c2556c93616cbdfb
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3358D5F916C82BB4D1A67B717D2A280302E3F54A687893B0C2556C93616CBDFB"
Last-Modified: Sat, 29 Jun 2024 16:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15239
Expires: Tue, 02 Jul 2024 03:30:09 GMT
Date: Mon, 01 Jul 2024 23:16:10 GMT
Connection: keep-alive
|
|
| aceks34ke.cc/invite/i=362 |  188.114.96.1 | 200 OK | 5.7 kB |
URL User Request POST HTTP/1.1aceks34ke.cc/invite/i=362 IP188.114.96.1:80
File typeHTML document, ASCII text, with very long lines (14106), with no line terminators Hashb7f46d35abad545c261341b33a421d1d 337c3acd0ddf1f89f4899a7360df1e352b19f327 da048221a9beeb479bf87326bee2a1a4b202f6fe0244bc923432a4cbc7426ecc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /invite/i=362 HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Mon, 01 Jul 2024 23:16:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: OZl9LJQTatE+EufjTrZQ/hn4BSOq3+VNV0+xSF+pMdRpg1q3EAjwSmm72CO4Uz3hi8qE+GiLMZeDZRfYGJHHhOl2eo5bfeEN0qrRG66Vnn4=$NGrk4yqLMz4ok0b27zZJ1Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GqwJpbDArvOg7u7OQ8zSgVCpjiLcz%2BKoYNZs6doAUIe%2BkmufW5as%2Fw1QaYz2iBWdJbqZDQJ%2Bn%2FoDIeo2koufd7YhOplhsMeRbDSYYfLQ2POnTbeN%2BcBB1ysrCIDW1ls%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a2d1d62abdb-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| aceks34ke.cc/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89ca1a2d1d62abdb | 188.114.97.1 | | 107 kB |
URL aceks34ke.cc/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89ca1a2d1d62abdb IP188.114.97.1:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size107 kB (106911 bytes) Hash7680c4bc15d71ea4816dc6a1d10865dc 5136ca13802783ce59f24f51387ab117dbfe33e6 dbbf6dc594f2ae5d5d5718718c99744212362d3ed50ceceb5addebcd3ee62e96
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89ca1a2d1d62abdb HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aceks34ke.cc/invite/i=362?__cf_chl_rt_tk=rZtEufaFRiPxEtsn_HA5n.5INU9xdNK_ZbIqAAmGbac-1719875770-0.0.1.1-2238
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:10 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IW5QkqpQa7%2FXHMRT9AF2ZntUOBrI3vG%2BGL%2ByaBQyBzDxXqaU7OtOOfaNsAxtKtXr3QAjcQajiOyHO%2B6weU%2Ft8wgkg1i33XOShFIh5D%2FmMMdQ59X9OCmNmDnEVxKT%2Fxc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89ca1a2edfd2be47-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| aceks34ke.cc/favicon.ico | 188.114.97.1 | | 993 B |
IP188.114.97.1:0
File typeHTML document, ASCII text, with very long lines (2704), with no line terminators Hash1b9fd0d532939733442589aaad350cc5 61d47201f356bbaf75dcbbfe157dc49870978980 5faf21ab21ee15023db3da43643ae3ab3c78a89706955017ccc80cfb9b0e8eed
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aceks34ke.cc/invite/i=362?__cf_chl_rt_tk=rZtEufaFRiPxEtsn_HA5n.5INU9xdNK_ZbIqAAmGbac-1719875770-0.0.1.1-2238
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1602
Last-Modified: Mon, 01 Jul 2024 22:49:28 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADjzkVx97Cuc9eEfTu1iCezNF6yVgZXkDz3w7%2B1HJNJj7I2bN7j1sx%2BdrjBl5IZe8GzfpHdvclUU3gnUFhAOCcwWaJQn69eJTEhNHohqC41x0IWHSmFQHW0L%2BaF37%2F8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a2f5829be47-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| aceks34ke.cc/favicon.ico | 188.114.97.1 | | 993 B |
IP188.114.97.1:0
File typeHTML document, ASCII text, with very long lines (2704), with no line terminators Hash1b9fd0d532939733442589aaad350cc5 61d47201f356bbaf75dcbbfe157dc49870978980 5faf21ab21ee15023db3da43643ae3ab3c78a89706955017ccc80cfb9b0e8eed
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aceks34ke.cc/invite/i=362
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1602
Last-Modified: Mon, 01 Jul 2024 22:49:28 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0SzD9xeYhm%2BIlY8n5BughmlCepI%2B%2FhZxVi1O9VXXquoyhXrsrxo40dqwnqRzIlH1dy1cECB%2FIOln1qP8auWkKS58qgE7i4zBO1sOtBWXIB5qnqVLBUgVTvz180aGWvc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a2fb86bbe47-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| aceks34ke.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/217459579:1719871674:n638B9tyso19OlnOpdpWvBXdcn2Il2UcgV7sPro94Y4/89ca1a2d1d62abdb/418ad1ba01cbe90 | 188.114.97.1 | | 12 kB |
URL aceks34ke.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/217459579:1719871674:n638B9tyso19OlnOpdpWvBXdcn2Il2UcgV7sPro94Y4/89ca1a2d1d62abdb/418ad1ba01cbe90 IP188.114.97.1:0
File typeASCII text, with very long lines (16460), with no line terminators Hashd58fc7d0be8da08f4d25a851003bde0c aad77a8b20a1d700b978ab97a25849c0fa0a4ae7 46744728cc996671b98265243f3745c38e74300943d9a67fd9e76e1ab36cf0e9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/217459579:1719871674:n638B9tyso19OlnOpdpWvBXdcn2Il2UcgV7sPro94Y4/89ca1a2d1d62abdb/418ad1ba01cbe90 HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aceks34ke.cc/invite/i=362
Content-type: application/x-www-form-urlencoded
CF-Challenge: 418ad1ba01cbe90
Content-Length: 1612
Origin: http://aceks34ke.cc
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:11 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: J2kCnJzaBJj4i0GonSts5uVxXrq5A8UphwZQzFtJBm+Iqgr0onr2vBKqlP8Xdbck$8FtT22OdgVW0rJX6t7M0mQ==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULUvF6nnYU1fTTTbYWK2jD2EEbCfbcmHZfj9E6px0Nz97BPW5xhjPOGs0%2BpVvJOpg0%2FwkPaWbcIm%2BXt8HoIGRKo2PjkVtgvToNexNRJVipkvKg1noIWUPBarGb4VKR4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89ca1a30c932be47-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D |  104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xyyvu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 01 Jul 2024 23:16:11 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 89ca1a326cdc92e0-CPH
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/89ca1a31bc3392e0/1719875771573/-LY5PwB3SK2hfTt | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/89ca1a31bc3392e0/1719875771573/-LY5PwB3SK2hfTt IP104.17.3.184:0
File typePNG image data, 60 x 79, 8-bit/color RGB, non-interlaced Hash5dd3352898ee17efba20b357d0cca4bd 4f832e36a03e2c29d55b682985ad4436e98c64a0 8d97ba14ded5ce3542d24770cd15ea0480622e04e38b93971e55f88d828ac4ca
GET /cdn-cgi/challenge-platform/h/g/i/89ca1a31bc3392e0/1719875771573/-LY5PwB3SK2hfTt HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xyyvu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 01 Jul 2024 23:16:12 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 89ca1a3979d092e0-CPH
alt-svc: h3=":443"; ma=86400
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc4b71305103f33b56dd398fb1f3fa9fe 6237cf96ced2a5d69a73769180ae8250221727ea 4120fbb0536a3608210c487750025bea2ff87804924732c527207e00add13a34
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4120FBB0536A3608210C487750025BEA2FF87804924732C527207E00ADD13A34"
Last-Modified: Sun, 30 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3243
Expires: Tue, 02 Jul 2024 00:10:15 GMT
Date: Mon, 01 Jul 2024 23:16:12 GMT
Connection: keep-alive
|
|
| challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/api.js?onload=KHGO2&render=explicit | 104.17.3.184 | | 15 kB |
URL challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/api.js?onload=KHGO2&render=explicit IP104.17.3.184:0
File typeJavaScript source, ASCII text, with very long lines (42690) Hash985094f1486391033426c17505182792 d44ff6bef2e3d9b2f6deaa0170458b1ae39350d4 14b108c7f687c327d6aa759fd1d255a981d5d505b241b5b968b674e3bf50b2b9
GET /turnstile/v0/g/d2a97f6b6ec9/api.js?onload=KHGO2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://aceks34ke.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 01 Jul 2024 23:16:10 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 27 Jun 2024 13:08:16 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 89ca1a30383fabe7-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc4b71305103f33b56dd398fb1f3fa9fe 6237cf96ced2a5d69a73769180ae8250221727ea 4120fbb0536a3608210c487750025bea2ff87804924732c527207e00add13a34
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4120FBB0536A3608210C487750025BEA2FF87804924732C527207E00ADD13A34"
Last-Modified: Sun, 30 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3243
Expires: Tue, 02 Jul 2024 00:10:15 GMT
Date: Mon, 01 Jul 2024 23:16:12 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc4b71305103f33b56dd398fb1f3fa9fe 6237cf96ced2a5d69a73769180ae8250221727ea 4120fbb0536a3608210c487750025bea2ff87804924732c527207e00add13a34
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4120FBB0536A3608210C487750025BEA2FF87804924732C527207E00ADD13A34"
Last-Modified: Sun, 30 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3243
Expires: Tue, 02 Jul 2024 00:10:15 GMT
Date: Mon, 01 Jul 2024 23:16:12 GMT
Connection: keep-alive
|
|
| aceks34ke.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/217459579:1719871674:n638B9tyso19OlnOpdpWvBXdcn2Il2UcgV7sPro94Y4/89ca1a2d1d62abdb/418ad1ba01cbe90 | 188.114.97.1 | | 3.3 kB |
URL aceks34ke.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/217459579:1719871674:n638B9tyso19OlnOpdpWvBXdcn2Il2UcgV7sPro94Y4/89ca1a2d1d62abdb/418ad1ba01cbe90 IP188.114.97.1:0
File typeASCII text, with very long lines (4300), with no line terminators Hashb4bf52f2d92565f8469af4a7da9ac160 2615cf51ab20b1e7934f3b5f850b8e039cbb9495 b4a61277a7ca116b0fd8982f5c0cb5be5724e49bdbc3370fdaab6985e11b4617
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/217459579:1719871674:n638B9tyso19OlnOpdpWvBXdcn2Il2UcgV7sPro94Y4/89ca1a2d1d62abdb/418ad1ba01cbe90 HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aceks34ke.cc/invite/i=362
Content-type: application/x-www-form-urlencoded
CF-Challenge: 418ad1ba01cbe90
Content-Length: 3059
Origin: http://aceks34ke.cc
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: IjuFrtlmR+kl1Um2h5HWZdONusydmtKQ+U/nPaBPiZrxDmgKAyYsX0g8UMxsYoYDW+t+u+EdBw0f4E1mD3zJ2xasikFiGFWSTvFasG8n3KhvmlWKxTaeJiEqtGSxxTqtzRpomf1QmghHd7c/CA3PIod2cmV/O4XQNP5uQlYYnowViXla3Trb+6F/fjhLyxyTcGwdUJTPaKPf9IuPERb/XCDICzCfQLCkK5HxQeRBsyTfM0TfkFXLyO90P11tp5hDgmRSMcx5MOiFKBoEOAwzKUzohHNCT+CTNTgFXFIw/4/3rRuoDUT5AcFpH8j3XRW7VhvmwWV167p/jEUNsr2DQsSu7qxnZhhrR+Cp7pcpQyACfH4RdagBQhasMnDNrVoA4Qy5rz9DGm8ovQ53FHJ+It5AtWnuqMTQASnAKvlC9HjOCKpr0LJklb7hbqMFVfM6J+mvRRKkwf0loQTWNXdj8A==$V8VBm+Kofl7NRjOsyA2Zrw==
set-cookie: cf_chl_rc_m=;Expires=Sun, 30 Jun 2024 23:16:18 GMT;SameSite=Strict
cf-chl-out: NdJfX6AqNw5byeVWerJXQ2h8llrthzS60R2uD5BANV9PbPcrcvXltqDQPp7cvu/7h+7OB8kX+to0PlBLBEVj9w==$U37lbNXivXliYXTk2i+BLA==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fgf%2BYp8T4S%2FI7ECF60uX%2FuNjwr0HrbHaSqEsNUYaB2233xX3uJsaI2ZAziOjaH6QddSlzmCaYplymM3M9SkzZh3uLJwsTDg0xgC0kUBB%2BdvyBWgK3SMCtQVqTnlwbeQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89ca1a603bcabe47-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xyyvu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.3.184 | | 19 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xyyvu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.3.184:0
File typeHTML document, ASCII text, with very long lines (42151) Hash6f116f675522e596a757fb1f6cacf577 5864803d42a0bfb683796b2add1fd07dbbc2416a 9ef544e444242fa0c51375ea3362c41affad3307b67f0b53811758827f7a135b
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xyyvu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 01 Jul 2024 23:16:11 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
document-policy: js-profiling
origin-agent-cluster: ?1
referrer-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
server: cloudflare
cf-ray: 89ca1a31bc3392e0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aceks34ke.cc/css/app.41e80a53.css | 188.114.97.1 | 200 OK | 2.5 kB |
URL GET HTTP/1.1aceks34ke.cc/css/app.41e80a53.css IP188.114.97.1:80
Requested byhttp://aceks34ke.cc/invite/i=362
File typeASCII text, with very long lines (14103), with no line terminators Hashc43e0ff73d7bcf7fc548785dd1892b61 891821a754819b1efcc327755c89af9279156562 6d51b2accbe2b35c9d8322a0414c53a24c941e150ef251b6c7e942a9c0dc88fc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/app.41e80a53.css HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://aceks34ke.cc/invite/i=362
Cookie: cf_clearance=h_ZXguZ8LoMRhwmAfwuMUY_OmNwbr6pUJd70khFnEJ8-1719875770-1.0.1.1-pCX9Pa096aegSjcUOy8fB8r_csLvTj3U892sSxUgJOJSbGFNYD8bYBJzp2j7aZs2xtqy.ohcuWXLhGBCtNtxWQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:18 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Jul 2024 17:49:08 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1604
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9o6rgU8NjtJ0W1AP2dzq1WrvxWU%2F57Gimd%2BAdVPLvGqDCA2H5lhxBqAkvwPzdrEZBGViDCY5gK249ZjtTSYyUvXRCRBp6lAqthXYhv%2BNpAIF6V9m1shnu0Nsfh8Ssg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a62882c930d-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| aceks34ke.cc/css/chunk-vendors.c57533e1.css | 188.114.97.1 | 200 OK | 44 kB |
URL GET HTTP/1.1aceks34ke.cc/css/chunk-vendors.c57533e1.css IP188.114.97.1:80
Requested byhttp://aceks34ke.cc/invite/i=362
File typeASCII text, with very long lines (65536), with no line terminators Hashebfffebc1f62c3be51082e6595a0a005 e278fbd6fd48150b3f366b50ed388983d934978c f5ce9e73e1f7cea326eedd4f39d9b2d703ba4ccb31a6078cdc1fb16481298a32
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/chunk-vendors.c57533e1.css HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://aceks34ke.cc/invite/i=362
Cookie: cf_clearance=h_ZXguZ8LoMRhwmAfwuMUY_OmNwbr6pUJd70khFnEJ8-1719875770-1.0.1.1-pCX9Pa096aegSjcUOy8fB8r_csLvTj3U892sSxUgJOJSbGFNYD8bYBJzp2j7aZs2xtqy.ohcuWXLhGBCtNtxWQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:18 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Jul 2024 17:49:23 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1604
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81vr8vz9jXe6GWX8CVpNwgxwamxZY0aKUSuP109P9BzYQ7ydvu1LTwqrBJAo00PuYj1OY9CgKhUcG4MSGE0%2F1uAP2e6lMFH%2BxjzIJ0ZCRCeDHZRSyAjEO8lCx67FpLY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a628fbd92f2-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| aceks34ke.cc/js/app.6611f189.js | 188.114.97.1 | 200 OK | 24 kB |
URL GET HTTP/1.1aceks34ke.cc/js/app.6611f189.js IP188.114.97.1:80
Requested byhttp://aceks34ke.cc/invite/i=362
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashdda50ddfa637d1cde03f77f10cd51f0e a7008dd6ad5e72143442dc71492c4720433a4e82 23f38014991e9e079291e1e3100926df99533175ee60bd07252456f525de508f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/app.6611f189.js HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://aceks34ke.cc/invite/i=362
Cookie: cf_clearance=h_ZXguZ8LoMRhwmAfwuMUY_OmNwbr6pUJd70khFnEJ8-1719875770-1.0.1.1-pCX9Pa096aegSjcUOy8fB8r_csLvTj3U892sSxUgJOJSbGFNYD8bYBJzp2j7aZs2xtqy.ohcuWXLhGBCtNtxWQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:19 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Jul 2024 17:54:01 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=07Jbum3yKosEu2oXaFRJM3jYs%2F5EK4M8AzSICnp%2FQlzgiRm%2FjbuGg96c4MT3zosr%2Bh%2FZ1VGLsX6H%2BZwszZXOKQXx6yJyiP3Lx0qjOus5yDYkRvphfhWlAG88%2FzIjdwc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a628a05be4e-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89ca1a31bc3392e0 | 104.17.3.184 | | 75 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89ca1a31bc3392e0 IP104.17.3.184:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash1a93a71daf835e827a5096b1d51d3cc9 1a623635d752fcd6153b6c6b85bb87006e9b5076 ac5bd28b71bc7c2ab229f367041055640e0aa483712b081b8d9635aa2e9b9a9a
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89ca1a31bc3392e0 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xyyvu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 01 Jul 2024 23:16:11 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 89ca1a326cde92e0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aceks34ke.cc/img/icons/favicon.svg | 188.114.97.1 | 200 OK | 993 B |
URL GET HTTP/1.1aceks34ke.cc/img/icons/favicon.svg IP188.114.97.1:80
Requested byhttp://aceks34ke.cc/invite/i=362
File typeHTML document, ASCII text, with very long lines (2704), with no line terminators Hash1b9fd0d532939733442589aaad350cc5 61d47201f356bbaf75dcbbfe157dc49870978980 5faf21ab21ee15023db3da43643ae3ab3c78a89706955017ccc80cfb9b0e8eed
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/icons/favicon.svg HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://aceks34ke.cc/invite/i=362
Cookie: cf_clearance=h_ZXguZ8LoMRhwmAfwuMUY_OmNwbr6pUJd70khFnEJ8-1719875770-1.0.1.1-pCX9Pa096aegSjcUOy8fB8r_csLvTj3U892sSxUgJOJSbGFNYD8bYBJzp2j7aZs2xtqy.ohcuWXLhGBCtNtxWQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4826
Last-Modified: Mon, 01 Jul 2024 21:55:54 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sluleVlb56uSyN%2BKorcHfVYF4rUHstH86hO2quSbyz9XA9gbWLKnNovn%2Fu%2Fh2TEp1T96I26qwI5F30Ps3w3hxeGnHArRh0H%2BT6dZUOxctdWCBoHLtOaKpI16OgHlAo0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a6c1906be4e-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| aceks34ke.cc/js/chunk-vendors.ea790e22.js | 188.114.97.1 | 200 OK | 272 kB |
URL GET HTTP/1.1aceks34ke.cc/js/chunk-vendors.ea790e22.js IP188.114.97.1:80
Requested byhttp://aceks34ke.cc/invite/i=362
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (51759) Size272 kB (272420 bytes) Hash4fee178f809d1b2a829099a8bb91c56c 178b6322fdc40c08fcbda0c096c668855ad49b51 c3580c9951b9554639c1404a246b3f27f818a99240c728f04cb964cd9e50b73d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/chunk-vendors.ea790e22.js HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://aceks34ke.cc/invite/i=362
Cookie: cf_clearance=h_ZXguZ8LoMRhwmAfwuMUY_OmNwbr6pUJd70khFnEJ8-1719875770-1.0.1.1-pCX9Pa096aegSjcUOy8fB8r_csLvTj3U892sSxUgJOJSbGFNYD8bYBJzp2j7aZs2xtqy.ohcuWXLhGBCtNtxWQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:19 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Jul 2024 17:58:08 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJddfluOHYx5MkoRgq%2F%2FEe84PHlRWKl5gv%2BBoy%2BfneJd%2BWpQM1r9CgW7lpHrnQCoo%2FYUqNLrH9C0ikAhkW83j7tKfh7Ku8SnVRIZCp1gy5k%2F6P8%2BQMgc0Ys3hq6yrNY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a625dbdbe47-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| aceks34ke.cc/img/icons/apple-touch-icon-152x152.png | 188.114.97.1 | 200 OK | 4.0 kB |
URL GET HTTP/1.1aceks34ke.cc/img/icons/apple-touch-icon-152x152.png IP188.114.97.1:80
Requested byhttp://aceks34ke.cc/invite/i=362
File typePNG image data, 152 x 152, 8-bit/color RGB, non-interlaced Hash1a034e64d80905128113e5272a5ab95e 92328e60f63d690f33cd4961b9934a539dc29b82 4d9685d610c4411caadd8d36ce94d3303cf5b05c8e04d67fc232c16a4469a135
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://aceks34ke.cc/invite/i=362
Cookie: cf_clearance=h_ZXguZ8LoMRhwmAfwuMUY_OmNwbr6pUJd70khFnEJ8-1719875770-1.0.1.1-pCX9Pa096aegSjcUOy8fB8r_csLvTj3U892sSxUgJOJSbGFNYD8bYBJzp2j7aZs2xtqy.ohcuWXLhGBCtNtxWQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:20 GMT
Content-Type: image/png
Content-Length: 4046
Connection: keep-alive
Last-Modified: Mon, 01 Jul 2024 17:49:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0gHd3EW%2FmAxB%2FKDjVSFcTOl%2BXfNNfg1%2FYMZCKvVy0JZAiPCJZG%2FprFL7leezw1zE1e9Fe3gqJKlUzTHh0F1UsmXJrJVmjhrqzIVL56qSrDuEbymFnqhXeRv9CVV8Jqc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a6c1df592f2-CPH
alt-svc: h2=":443"; ma=60
|
|
| askbem6x.cc/socket.io/?EIO=3&transport=websocket |  172.67.158.16 | | 7.0 kB |
URL askbem6x.cc/socket.io/?EIO=3&transport=websocket IP172.67.158.16:0
File typeHTML document, ASCII text, with very long lines (15959), with no line terminators Hashb5724db7faf750fe1fef33f24545d4e6 4a93838e3c008c7fbebd059022cb182d6c2c1fd9 2a528fac649aa4863cb6681ccaec1bbcf52eb18809b556cd5c96e898a5ed6643
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: askbem6x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://aceks34ke.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VSE2FDDKq5GAKmkqf+PE4w==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Mon, 01 Jul 2024 23:16:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: rr5G3oQMk8sSBFoPrvHGZFDM+gyInHNTVriICLntUyRJ1KEg/5NJHCG1zybeDQhJTpRuKE0vlwFLXdBF1lfAuC3ixk/XGb0CghZ1LEqhzzo=$VquaFyDBjD6CLwvZd0Y6xg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SIEt6jccpWiaxEPoAWBPnh7HlS%2Fv0pzku9fRgOOIK7qtvayMBylONUMInKuNivSzEC%2FtBb2jHGq0m6iPRJJU83G%2F68QTQlyk6Evsy7wYMWYa5neyOj%2BtLyG5btO7pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a704c79be4e-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aceks34ke.cc/getlog | 188.114.97.1 | 200 OK | 1.4 kB |
IP188.114.97.1:80
Requested byhttp://aceks34ke.cc/invite/i=362
Hashc75705b0976c4c67304cfb18661cb785 8a1e1f3f82bba46ba5b903150aa2b5fbba3f56ab b407fecc0621fd81ce8926ea360773debd895f75919cd4066ec7b64bf0fb3efe
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /getlog HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://aceks34ke.cc/enter/register
Cookie: cf_clearance=h_ZXguZ8LoMRhwmAfwuMUY_OmNwbr6pUJd70khFnEJ8-1719875770-1.0.1.1-pCX9Pa096aegSjcUOy8fB8r_csLvTj3U892sSxUgJOJSbGFNYD8bYBJzp2j7aZs2xtqy.ohcuWXLhGBCtNtxWQ; inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:21 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMnjZd37jjd%2BDxwA6LG65SBXa903pUNhm%2BCHYxV6p%2FBcSciJ40WKdvGeR5irLZs6%2FPZkU3VSViVpD%2F6kKdUSTvzCdnCPFsOSuCTxVtJqI1lRe3hwqL%2Fy4LDcNZpMNcg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89ca1a6ef80692f2-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| aceks34ke.cc/invite | 188.114.97.1 | 200 OK | 0 B |
IP188.114.97.1:80
Requested byhttp://aceks34ke.cc/invite/i=362
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /invite HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Content-Length: 18
Origin: http://aceks34ke.cc
DNT: 1
Connection: keep-alive
Referer: http://aceks34ke.cc/invite/i=362
Cookie: cf_clearance=h_ZXguZ8LoMRhwmAfwuMUY_OmNwbr6pUJd70khFnEJ8-1719875770-1.0.1.1-pCX9Pa096aegSjcUOy8fB8r_csLvTj3U892sSxUgJOJSbGFNYD8bYBJzp2j7aZs2xtqy.ohcuWXLhGBCtNtxWQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:21 GMT
Content-Length: 0
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VaszpqovD95hvJF5yT3GJA%2FNK0yPkjUtT8mXWFlS89%2B0t9prpWA%2BxGfD9kMLoGESJu36yFoT3VYeQS87k4dWhTU%2FiZ54lrGchC9QHqC8lEZl0fDVJQ3ccMrQeJwVEJI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89ca1a6e1d8abe47-CPH
alt-svc: h2=":443"; ma=60
|
|
| ocsp.sectigochina.com/ | 172.64.149.190 | | 472 B |
IP172.64.149.190:0
Hash120d82dab9f3a58b7cd49565e79c8556 06c5e55e96fbeb9cfffa30837d2165f8d4f01d87 25c27141d50612343d7d8e6314e172350d32018a1e023c3bd7ae40217c4037d4
POST / HTTP/1.1
Host: ocsp.sectigochina.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2024 23:16:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 30 Jun 2024 00:59:52 GMT
Expires: Sun, 07 Jul 2024 00:59:51 GMT
Etag: "06c5e55e96fbeb9cfffa30837d2165f8d4f01d87"
Cache-Control: max-age=437884,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 89ca1a75ca69abcc-CPH
|
|
| b.yzcdn.cn/vant/icon-demo-1126.png |  154.85.69.56 | 200 OK | 8.9 kB |
URL GET HTTP/2b.yzcdn.cn/vant/icon-demo-1126.png IP154.85.69.56:443 ASN#139057 LEGEND DYNASTY PTE. LTD.
Requested byhttp://aceks34ke.cc/invite/i=362 CertificateIssuersslTrus Subject*.yzcdn.cn Fingerprint6A:A8:BA:7C:D4:B4:86:0B:74:EB:E6:19:C8:69:2E:8B:13:6C:1E:1B ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hashf87c46f346a5548224ccbe0b6bd75df5 8e8b8bd4ba3e6b6c8557d94a726061fdd62492fd b6304eb9b754d38d3ad74d0acce42c156536840351368ed3e4895a6b50cd9370
GET /vant/icon-demo-1126.png HTTP/1.1
Host: b.yzcdn.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://aceks34ke.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 01 Jul 2024 23:16:22 GMT
content-type: image/png
content-length: 8886
server: openresty
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
access-control-max-age: 2592000
cache-control: public, max-age=2592000
content-disposition: inline; filename="icon-demo-1126.png"; filename*=utf-8''icon-demo-1126.png
content-md5: +HxG80alVIIkzL4La9dd9Q==
content-transfer-encoding: binary
etag: "Fo6Li9S6PmtshVfZSnJgYf3WJJL9"
last-modified: Mon, 26 Nov 2018 11:08:05 GMT
x-reqid: YyIAAAASg9geDiAX
x-svr: IO
x-qiniu-zone: 0
x-log: X-Log
x-ser: BC5_dx-lt-yd-zhejiang-huzhou-3-cache-7, BC165_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, BC46_DE-Frankfurt-Frankfurt-11-cache-4
x-cache: HIT from BC46_DE-Frankfurt-Frankfurt-11-cache-4(cloudsvr)
X-Firefox-Spdy: h2
|
|
| aceks34ke.cc/invite/i=362 | 188.114.97.1 | 200 OK | 11 kB |
URL User Request POST HTTP/1.1aceks34ke.cc/invite/i=362 IP188.114.97.1:80
File typeHTML document, ASCII text, with very long lines (15749), with no line terminators Hash957b4b1d01800c38d9926d353aac8588 b569aad9ed7db0a1bc184cb96a14803e745c4bbc 6a5ed6587e7e25b0c9099a8c07eb72d550c18ae7e42072e56ef0a36f2a244f37
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /invite/i=362 HTTP/1.1
Host: aceks34ke.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Mon, 01 Jul 2024 23:16:10 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: o13sMZb/FWROHvLbWtQtssYL2Tr+EkCFe1QBSbu5WsLn/uBXFP40KS9r9hj/fU08AdeXjwg4o/AtAwTMUybDk/Zxjm85AtePJHurBl4nKFw=$4yRCRHAGM9KUGLI3AJ11qw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1TGEuJZ%2FFFryAxpHQF2K1ut81vbPxDuyPhsOcU5NY%2BaFPfLtrLrDBOMXtDaQaTiYqzND%2BHCEouz3hW%2F1KMaHVqYIo6BWHcfCysyaqEiMP3g8Ui4PxKeXugiZRc76do%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89ca1a2b7fc7abcf-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| matrix-client.matrix.org/_matrix/media/r0/download/matrix.org/WRVntnqHsyYRJnPeWgsftiNQ | 172.67.2.63 | | 7.4 kB |
URL matrix-client.matrix.org/_matrix/media/r0/download/matrix.org/WRVntnqHsyYRJnPeWgsftiNQ IP172.67.2.63:0
Hash08515402b504dd003e0b342f64b3f8fc e4ec5df59e4066482f116edc5954128d255d3a7b e77aeb83d9e12890bde92838ebf6edb85fad55f61ad310968f7ef50b58d2dcd3
GET /_matrix/media/r0/download/matrix.org/WRVntnqHsyYRJnPeWgsftiNQ HTTP/1.1
Host: matrix-client.matrix.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://aceks34ke.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Mon, 01 Jul 2024 23:16:21 GMT
content-type: application/json
synapse-trace-id: 99db2c28ef9acc3a
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Date
access-control-expose-headers: Synapse-Trace-Id, Server
cross-origin-resource-policy: cross-origin
content-security-policy: sandbox; default-src 'none'; script-src 'none'; plugin-types application/pdf; style-src 'unsafe-inline'; media-src 'self'; object-src 'self';
x-content-security-policy: sandbox;
referrer-policy: no-referrer
cache-control: no-cache, no-store, must-revalidate
permissions-policy: interest-cohort=()
cf-cache-status: BYPASS
vary: Accept-Encoding
server: cloudflare
cf-ray: 89ca1a6fdd1e92f8-CPH
X-Firefox-Spdy: h2
|
|
| askbem6x.cc/socket.io/?EIO=3&transport=websocket | 104.21.33.26 | | 6.9 kB |
URL askbem6x.cc/socket.io/?EIO=3&transport=websocket IP104.21.33.26:0
File typeHTML document, ASCII text, with very long lines (15937), with no line terminators Hasha994b4483146be770076d4abeee6e4d1 d82ab6aadc4781a52d032486f6c88a5adef7bfcf 1e0309c8ae21e73ff946e7f05fb27895a3ee8fe73975b7de1457d4d375ad17d2
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: askbem6x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://aceks34ke.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pcSs1Z4iN4Ap5GH2F/bcXA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Mon, 01 Jul 2024 23:16:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: c3uh4YOgBizoem8fYLRCrWG4iqIvrnVOKlpUyn2V/S5iMT4EtxgUevrZgrvcVOSyIA360uBGyV3h30jwTHDBKnAtnph6tb2CuRIlTz3vUYQ=$0AdORDF3uV5tg2Q0fvFUDg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PTZoE%2B%2FrTkfgJNWf6%2BVOcmOB4QicHkYi%2B6EWt7sknCghfIw8uC%2Fo3UebcDZUgMKP%2BLJZx%2FtSBMG5JlbucT3b%2BSfhszZZRFamuxfddz6v9lyTZD56lkp5K0QFzNRIzw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a867f8bbe42-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| askbem6x.cc/socket.io/?EIO=3&transport=websocket | 104.21.33.26 | | 6.9 kB |
URL askbem6x.cc/socket.io/?EIO=3&transport=websocket IP104.21.33.26:0
File typeHTML document, ASCII text, with very long lines (15959), with no line terminators Hash89f6e37c3a726da22c83690f10fb38cc bd878b8dd72de6e4602b912c56d1e718c2ddad0c b3eb8e5f8a3d9ad8b8e4bb4c670684d405da37f7506410c4b812ba4ad3fd46b2
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: askbem6x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://aceks34ke.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 93mLONPCWc5iStYC6XKVBw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Mon, 01 Jul 2024 23:16:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: UmB25gJXYEx889JR6iUwjzysNvc5mVL3wQtMd7nulqlMMqUGvTuGNJSBAuxeTHFM5w86fnCR39TuNeT5zXr1pwln49ihizMw2Z6+A8/qVzg=$LzGl/wpZ62wVwtwN9w+wUg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2rOmmd2Xn%2FydNnZWJvyNdnEDNvSAJ6FWeQpi7ENS7%2F%2Bx%2BvcgU6biUg%2BqvVYKdaz%2F4KgBLfHnp46O8lLeGgDwAAEaq%2BPBQMW1ckiMc5L6J8Y3yfkvhABfa79tuEMoFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a98385b8f5f-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| askbem6x.cc/socket.io/?EIO=3&transport=websocket | 104.21.33.26 | | 7.3 kB |
URL askbem6x.cc/socket.io/?EIO=3&transport=websocket IP104.21.33.26:0
File typeHTML document, ASCII text, with very long lines (16385), with no line terminators Hash4eaef4311d1bd33d26b373747fbff90d a00dc7c303d6929bdaf12012e5f7d3ff3e828755 ad4ab1fd9f485a209864ea15ebfe2480ed8e06845f025ff7d80f25f630af84cb
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: askbem6x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://aceks34ke.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Nm8tjr2N/UhYzsd4L+zwTw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Mon, 01 Jul 2024 23:16:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: XrGH36p+kUNjhEknvCnYqDU2ypxzOsE8MPiLG3FJVhk33o2Hg+K6HV3yP/qPgqHyN2orD8NC6Rgp4B7/TIviULm6oIDzKvRVEhjB+V14OOc=$QoOI6mKw8/Aa3Oy77g8E4g==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2KzdnGjkZd%2Ft35KlReaOhDgV5hyu5ODS%2BFaTh8Xl7ImlSOBnXAfvJyU%2FZat1mCJod0oVqV533q2CfGSOx9CyYH3Br1eAbRMvFBL4b8muik3o1QnvxVdatEkIHyuAA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1ab839da92b8-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| askbem6x.cc/socket.io/?EIO=3&transport=websocket | 172.67.158.16 | 403 Forbidden | 0 B |
URL GET HTTP/1.1askbem6x.cc/socket.io/?EIO=3&transport=websocket IP172.67.158.16:443
Requested byhttp://aceks34ke.cc/invite/i=362 CertificateIssuerGoogle Trust Services Subjectaskbem6x.cc Fingerprint66:5E:C2:61:81:13:54:3E:5C:CE:22:27:AE:C8:36:9C:FB:CD:38:92 ValiditySun, 30 Jun 2024 12:55:57 GMT - Sat, 28 Sep 2024 12:55:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: askbem6x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://aceks34ke.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VSE2FDDKq5GAKmkqf+PE4w==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Mon, 01 Jul 2024 23:16:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: rr5G3oQMk8sSBFoPrvHGZFDM+gyInHNTVriICLntUyRJ1KEg/5NJHCG1zybeDQhJTpRuKE0vlwFLXdBF1lfAuC3ixk/XGb0CghZ1LEqhzzo=$VquaFyDBjD6CLwvZd0Y6xg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SIEt6jccpWiaxEPoAWBPnh7HlS%2Fv0pzku9fRgOOIK7qtvayMBylONUMInKuNivSzEC%2FtBb2jHGq0m6iPRJJU83G%2F68QTQlyk6Evsy7wYMWYa5neyOj%2BtLyG5btO7pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a704c79be4e-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| askbem6x.cc/socket.io/?EIO=3&transport=websocket | 0.0.0.0 | | 0 B |
URL GET askbem6x.cc/socket.io/?EIO=3&transport=websocket IP0.0.0.0:0
Requested byhttp://aceks34ke.cc/invite/i=362
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: askbem6x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://aceks34ke.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Nm8tjr2N/UhYzsd4L+zwTw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
|
| matrix-client.matrix.org/_matrix/media/r0/download/matrix.org/WRVntnqHsyYRJnPeWgsftiNQ | 172.67.2.63 | 404 Not Found | 0 B |
URL GET HTTP/2matrix-client.matrix.org/_matrix/media/r0/download/matrix.org/WRVntnqHsyYRJnPeWgsftiNQ IP172.67.2.63:443
Requested byhttp://aceks34ke.cc/invite/i=362 CertificateIssuerLet's Encrypt Subjectmatrix.org Fingerprint95:53:E2:B9:11:52:CA:D3:E5:8C:B6:CC:4B:C2:49:BA:AA:23:50:96 ValidityFri, 31 May 2024 05:08:05 GMT - Thu, 29 Aug 2024 05:08:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_matrix/media/r0/download/matrix.org/WRVntnqHsyYRJnPeWgsftiNQ HTTP/1.1
Host: matrix-client.matrix.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://aceks34ke.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Mon, 01 Jul 2024 23:16:21 GMT
content-type: application/json
synapse-trace-id: 99db2c28ef9acc3a
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Date
access-control-expose-headers: Synapse-Trace-Id, Server
cross-origin-resource-policy: cross-origin
content-security-policy: sandbox; default-src 'none'; script-src 'none'; plugin-types application/pdf; style-src 'unsafe-inline'; media-src 'self'; object-src 'self';
x-content-security-policy: sandbox;
referrer-policy: no-referrer
cache-control: no-cache, no-store, must-revalidate
permissions-policy: interest-cohort=()
cf-cache-status: BYPASS
vary: Accept-Encoding
server: cloudflare
cf-ray: 89ca1a6fdd1e92f8-CPH
X-Firefox-Spdy: h2
|
|
| askbem6x.cc/socket.io/?EIO=3&transport=websocket | 104.21.33.26 | 403 Forbidden | 0 B |
URL GET HTTP/1.1askbem6x.cc/socket.io/?EIO=3&transport=websocket IP104.21.33.26:443
Requested byhttp://aceks34ke.cc/invite/i=362 CertificateIssuerGoogle Trust Services Subjectaskbem6x.cc Fingerprint66:5E:C2:61:81:13:54:3E:5C:CE:22:27:AE:C8:36:9C:FB:CD:38:92 ValiditySun, 30 Jun 2024 12:55:57 GMT - Sat, 28 Sep 2024 12:55:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: askbem6x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://aceks34ke.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 93mLONPCWc5iStYC6XKVBw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Mon, 01 Jul 2024 23:16:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: UmB25gJXYEx889JR6iUwjzysNvc5mVL3wQtMd7nulqlMMqUGvTuGNJSBAuxeTHFM5w86fnCR39TuNeT5zXr1pwln49ihizMw2Z6+A8/qVzg=$LzGl/wpZ62wVwtwN9w+wUg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2rOmmd2Xn%2FydNnZWJvyNdnEDNvSAJ6FWeQpi7ENS7%2F%2Bx%2BvcgU6biUg%2BqvVYKdaz%2F4KgBLfHnp46O8lLeGgDwAAEaq%2BPBQMW1ckiMc5L6J8Y3yfkvhABfa79tuEMoFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a98385b8f5f-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| askbem6x.cc/socket.io/?EIO=3&transport=websocket | 104.21.33.26 | 403 Forbidden | 0 B |
URL GET HTTP/1.1askbem6x.cc/socket.io/?EIO=3&transport=websocket IP104.21.33.26:443
Requested byhttp://aceks34ke.cc/invite/i=362 CertificateIssuerGoogle Trust Services Subjectaskbem6x.cc Fingerprint66:5E:C2:61:81:13:54:3E:5C:CE:22:27:AE:C8:36:9C:FB:CD:38:92 ValiditySun, 30 Jun 2024 12:55:57 GMT - Sat, 28 Sep 2024 12:55:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: askbem6x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://aceks34ke.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: naoG+y7TkeU6lP4yVQ43wA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Mon, 01 Jul 2024 23:16:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: pWvBdL7gZpoFyKYFKpyVABFhrA1C5y0H6bW3RcbgpY90yjaETynL5v/E7YocTvnuNXJ/JMc0gEmKorJWJEwIg29UI8k500nteMXdEMHXH2E=$OQTTwat4vWZXq90eSwzUbQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lcIl6Agy%2BJZcmUuiGonjSbcHhFz1gvQHBuMW1mFGyEXBpLswiLX2U39byC3a3Sxbs509DU6jVbrLiP1W1OkCQaD6KVCEyEbbbHQZCRaY2LbI1IA2haUmrVLOxIpnIA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a787952be3f-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| askbem6x.cc/socket.io/?EIO=3&transport=websocket | 104.21.33.26 | 403 Forbidden | 0 B |
URL GET HTTP/1.1askbem6x.cc/socket.io/?EIO=3&transport=websocket IP104.21.33.26:443
Requested byhttp://aceks34ke.cc/invite/i=362 CertificateIssuerGoogle Trust Services Subjectaskbem6x.cc Fingerprint66:5E:C2:61:81:13:54:3E:5C:CE:22:27:AE:C8:36:9C:FB:CD:38:92 ValiditySun, 30 Jun 2024 12:55:57 GMT - Sat, 28 Sep 2024 12:55:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: askbem6x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://aceks34ke.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pcSs1Z4iN4Ap5GH2F/bcXA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Mon, 01 Jul 2024 23:16:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: c3uh4YOgBizoem8fYLRCrWG4iqIvrnVOKlpUyn2V/S5iMT4EtxgUevrZgrvcVOSyIA360uBGyV3h30jwTHDBKnAtnph6tb2CuRIlTz3vUYQ=$0AdORDF3uV5tg2Q0fvFUDg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PTZoE%2B%2FrTkfgJNWf6%2BVOcmOB4QicHkYi%2B6EWt7sknCghfIw8uC%2Fo3UebcDZUgMKP%2BLJZx%2FtSBMG5JlbucT3b%2BSfhszZZRFamuxfddz6v9lyTZD56lkp5K0QFzNRIzw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89ca1a867f8bbe42-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
|
|