Report - www.google.com.hk/url?q=KWUZMS42J831JSWOSF4KEIP36T3IE7YuQiApLjODz3yh4nNeW8uuQi&rct=XS%25RANDOM4%25wDnNeW8yycT&sa=t&esrc=nNeW8F%25RANDOM3%EF%BF%BDxys8Em2FL&source=&cd=tS6T8%25RANDOM3%25Tiw9XH&cad=XpPkDfJX%25RANDOM4%25VS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ=

Report Overview

Visited public
2024-12-12 09:38:48
Tags
suspicious
URL
www.google.com.hk/url?q=KWUZMS42J831JSWOSF4KEIP36T3IE7YuQiApLjODz3yh4nNeW8uuQi&rct=XS%25RANDOM4%25wDnNeW8yycT&sa=t&esrc=nNeW8F%25RANDOM3%EF%BF%BDxys8Em2FL&source=&cd=tS6T8%25RANDOM3%25Tiw9XH&cad=XpPkDfJX%25RANDOM4%25VS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ=
Finishing URL
ha.rionvent.ru/uB3yTphR/#Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ=
IP / ASN
142.250.74.67
#15169 GOOGLE
Title
Suspicious - Anti-debugging code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ha.rionvent.ru	unknown	2024-07-13	2024-12-06	2024-12-06	2.1 kB	40 kB	172.67.155.22
www.google.com.hk	9875	2001-07-14	2013-04-25	2024-12-10	1.8 kB	2.5 kB	142.250.74.67
asubiad.online	unknown	2024-12-05	2024-12-06	2024-12-06	458 B	268 B	185.221.216.117
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-12-11	2.7 kB	160 kB	104.18.94.41
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2024-12-11	436 B	15 kB	104.17.24.14
code.jquery.com	634	2005-12-10	2012-05-21	2024-12-11	408 B	32 kB	151.101.2.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07 01:02	2024-12-26 10:22
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-12-26 10:22 Times Seen151865 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	48 kB	2023-03-07 01:31	2024-12-26 09:33
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2024-12-26 09:33 Times Seen58155 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yac1f/0x4AAAAAAAfEBeInnh5kzxE1/auto/fbE/normal/auto/	3.7 kB	2024-12-12 09:38	2024-12-12 09:38
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yac1f/0x4AAAAAAAfEBeInnh5kzxE1/auto/fbE/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-12 09:38 Last Seen2024-12-12 09:38 Times Seen1 Hash c91da879b355b4284c7b94ea28d44568 225225fc067635cb7fe1dc72b398520baf0f09a4 0a5b2dbc0731942c99bb799f3321edd7f577907c63c91d87930bd57a83e5c013 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8f0cbdcc4b791bfa&lang=auto	114 kB	2024-12-12 09:38	2024-12-12 09:38
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8f0cbdcc4b791bfa&lang=auto IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 09:38 Last Seen2024-12-12 09:38 Times Seen1 Hash 04933dfe7321bdfc8cc86d58355d9041 3e91268d47c4579ba7a4ef938a5cb03a9048b2e0 2417647da74d0a15445806671aec9827451965d34468e2f1f09e0fb7053b5042 Loading...

	ha.rionvent.ru/uB3yTphR/#Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ=	20 kB	2024-12-12 09:38	2024-12-12 09:38
Pretty URL ha.rionvent.ru/uB3yTphR/#Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-12 09:38 Last Seen2024-12-12 09:38 Times Seen1 Hash e3eda5854fcf3d0df8862bedb7585cb2 9a57437f1d916e29023b1f3fd752ec9193defeef 727a704a9c04b53f7f78bd1501b669f2eedd824874451bf822ed82f3d6f0908a Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	48 kB	2024-12-05 14:49	2024-12-17 09:29
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 14:49 Last Seen2024-12-17 09:29 Times Seen3946 Hash b0b3774e70e752266b4cf190e6d95053 03823d33d8c374dd69b66f1d75a5fc93d29967e1 a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141 Loading...

	unknown	1.6 kB	2024-12-12 09:38	2024-12-12 09:38
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 09:38 Last Seen2024-12-12 09:38 Times Seen1 Hash bb237755ef9f79d50659f2a082fcd46f 9bddc01ac1f68a5dddbeeb00c107819a4110948c 6cba78ce975c0a3bc0dc3a9e3999bdde2d3238fbeae208ee20276e0611d1d08e Loading...

	unknown	1.5 kB	2024-12-12 09:38	2024-12-12 09:38
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 09:38 Last Seen2024-12-12 09:38 Times Seen1 Hash 368fedc382787b1d3726a9e77a3ce6e0 2f29f8e08368b6ba03a564f915cf5452a320142d 7e82f53af9defa42d126680f4cfe63e5f8f11fc06f5ddb346926f372f60ad9f1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2024-12-26 10:19
Pretty Observations First Seen2023-03-07 01:03 Last Seen2024-12-26 10:19 Times Seen332521 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

		Size	First Seen	Last Seen
	#1 Write - c5ca55d3bef2471dcd5f9abe38fe6366	5.5 kB	2024-12-12 09:38	2024-12-12 09:38
Pretty Observations First Seen2024-12-12 09:38 Last Seen2024-12-12 09:38 Times Seen1 Hash c5ca55d3bef2471dcd5f9abe38fe6366 ee416d22b4ca3193900a2fe968024fc6fd24357e eb65956fcc134d282fde4deca5236589229667383a6d4b9527fa2755d873bfc2 Loading...

HTTP Transactions (13)

	URL	IP	Response	Size
	www.google.com.hk/url?q=KWUZMS42J831JSWOSF4KEIP36T3IE7YuQiApLjODz3yh4nNeW8uuQi&rct=XS%25RANDOM4%25wDnNeW8yycT&sa=t&esrc=nNeW8F%25RANDOM3%EF%BF%BDxys8Em2FL&source=&cd=tS6T8%25RANDOM3%25Tiw9XH&cad=XpPkDfJX%25RANDOM4%25VS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ=	142.250.74.67	302 Found	315 B
URL www.google.com.hk/url?q=KWUZMS42J831JSWOSF4KEIP36T3IE7YuQiApLjODz3yh4nNeW8uuQi&rct=XS%25RANDOM4%25wDnNeW8yycT&sa=t&esrc=nNeW8F%25RANDOM3%EF%BF%BDxys8Em2FL&source=&cd=tS6T8%25RANDOM3%25Tiw9XH&cad=XpPkDfJX%25RANDOM4%25VS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= IP 142.250.74.67:0 ASN #15169 GOOGLE File type HTML document, ASCII text, with CRLF, LF line terminators Size 315 B (315 bytes) Hash 44d2f0df2d865e91e38ab69e505a8921 639cb35b1cba1f4100ee8464523ae767669a1ec7 7804c25b6995ec5faa2adf597ae41bcd4902bda0c5f63e38ff2146c1a1752d75 HTTP Headers GET /url?q=KWUZMS42J831JSWOSF4KEIP36T3IE7YuQiApLjODz3yh4nNeW8uuQi&rct=XS%25RANDOM4%25wDnNeW8yycT&sa=t&esrc=nNeW8F%25RANDOM3%EF%BF%BDxys8Em2FL&source=&cd=tS6T8%25RANDOM3%25Tiw9XH&cad=XpPkDfJX%25RANDOM4%25VS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= HTTP/1.1 Host: www.google.com.hk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found location: https://www.google.com.hk/amp/asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= cache-control: private content-type: text/html; charset=UTF-8 strict-transport-security: max-age=31536000 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-6rMBOUIfcj2fKIhdKglzTA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Thu, 12 Dec 2024 09:38:23 GMT server: gws content-length: 315 x-xss-protection: 0 set-cookie: __Secure-ENID=24.SE=IV2EGEK6iaBdL_CYezCb-GsG-SKfyzn4YIHxlCaFAs_tyOucJIJEGtlyzJmbGpsmmLUnh_Q84UEOzZVPuVbcOvA6rwAkrurn0Xit6fg5QQ0eVPjSsQokOa84u39j1AXHgW7pMlmzzy1P9RVCThDiSuGFu_HIwLvnTBg7-W1U8AfpIbCKPCrc_HW2ADyqhCYMqI_3WcvXvxQy--dIkrJ1EvYUW02oXwV-vaTam6wF; expires=Mon, 12-Jan-2026 01:56:41 GMT; path=/; domain=.google.com.hk; Secure; HttpOnly; SameSite=lax alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com.hk/amp/asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ=	142.250.74.67	302 Found	292 B
URL www.google.com.hk/amp/asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= IP 142.250.74.67:0 ASN #15169 GOOGLE File type HTML document, ASCII text, with CRLF, LF line terminators Size 292 B (292 bytes) Hash efef005cef2ded5c76c4f47f4861d1e5 bb47c0179d4b07dc475cab5d5e6d0b9d487a91cc ac1b47fd65b46dd783939e0c4f78b9733acdafee3f2170aed7cd822630978d50 HTTP Headers GET /amp/asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= HTTP/1.1 Host: www.google.com.hk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=24.SE=IV2EGEK6iaBdL_CYezCb-GsG-SKfyzn4YIHxlCaFAs_tyOucJIJEGtlyzJmbGpsmmLUnh_Q84UEOzZVPuVbcOvA6rwAkrurn0Xit6fg5QQ0eVPjSsQokOa84u39j1AXHgW7pMlmzzy1P9RVCThDiSuGFu_HIwLvnTBg7-W1U8AfpIbCKPCrc_HW2ADyqhCYMqI_3WcvXvxQy--dIkrJ1EvYUW02oXwV-vaTam6wF Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 302 Found location: http://asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= cache-control: private x-robots-tag: noindex content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-BBTXnPl974j7Np_wGyOMDg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]} date: Thu, 12 Dec 2024 09:38:23 GMT server: gws content-length: 292 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ=	185.221.216.117	200 OK	0 B
URL asubiad.online/grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= IP 185.221.216.117:0 ASN #393960 HOST4GEEKS-LLC File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /grieksm/1de483b1b4db83623cd9067fd3c054d3/Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= HTTP/1.1 Host: asubiad.online User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 12 Dec 2024 09:38:24 GMT Server: Apache Refresh: 0; url=https://hA.rionvent.ru/uB3yTphR/#Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8`

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	104.18.94.41	302 Found	0 B
URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://ha.rionvent.ru/uB3yTphR/#Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /turnstile/v0/api.js?render=explicit HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ha.rionvent.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Thu, 12 Dec 2024 09:38:25 GMT content-length: 0 access-control-allow-origin: * cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public cross-origin-resource-policy: cross-origin location: /turnstile/v0/g/f9063374b04d/api.js vary: Accept-Encoding server: cloudflare cf-ray: 8f0cbdca5f22569f-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	104.17.24.14	200 OK	14 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://ha.rionvent.ru/uB3yTphR/#Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= Certificate IssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02 ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT File type JavaScript source, ASCII text, with very long lines (48316), with no line terminators Size 14 kB (13972 bytes) Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 HTTP Headers `GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ha.rionvent.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 12 Dec 2024 09:38:25 GMT content-type: application/javascript; charset=utf-8 content-length: 13972 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "61182885-3694" last-modified: Sat, 14 Aug 2021 20:33:09 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 36196 expires: Tue, 02 Dec 2025 09:38:25 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9TZ5bUdpp4SU0jcS%2FxwC8Hf43tBpIeMk%2BlIueG1XCju2thtA1sxGYSCaBODmGhnyK%2BFOPWGKaMrNe58AvFbnp0XFUy8ao9jzy%2FMAp3MehkYMmMNmLbJ8%2FSq0OvU9LhO3dMryPgAF"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 8f0cbdca5e21b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js	104.18.94.41	200 OK	16 kB
URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://ha.rionvent.ru/uB3yTphR/#Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT File type JavaScript source, ASCII text, with very long lines (47691) Size 16 kB (16260 bytes) Hash b0b3774e70e752266b4cf190e6d95053 03823d33d8c374dd69b66f1d75a5fc93d29967e1 a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141 HTTP Headers `GET /turnstile/v0/g/f9063374b04d/api.js HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ha.rionvent.ru/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK date: Thu, 12 Dec 2024 09:38:25 GMT content-type: application/javascript; charset=UTF-8 last-modified: Tue, 03 Dec 2024 18:31:41 GMT cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public access-control-allow-origin: * cross-origin-resource-policy: cross-origin vary: Accept-Encoding server: cloudflare cf-ray: 8f0cbdca7f45569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	code.jquery.com/jquery-3.6.0.min.js	151.101.2.137	200 OK	31 kB
URL GET HTTP/2 code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137:443 ASN #54113 FASTLY Requested by https://ha.rionvent.ru/uB3yTphR/#Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= Certificate IssuerSectigo Limited Subject.jquery.com FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5 ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65447) Size 31 kB (30875 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /jquery-3.6.0.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ha.rionvent.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-15d9d" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * cross-origin-resource-policy: cross-origin content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Thu, 12 Dec 2024 09:38:25 GMT age: 3978631 x-served-by: cache-lga21931-LGA, cache-hel1410032-HEL x-cache: HIT, HIT x-cache-hits: 71, 1208116 x-timer: S1733996305.198378,VS0,VE0 vary: Accept-Encoding content-length: 30875 X-Firefox-Spdy: h2

	ha.rionvent.ru/favicon.ico	172.67.155.22	404 Not Found	64 B
URL GET HTTP/3 ha.rionvent.ru/favicon.ico IP 172.67.155.22:443 ASN #13335 CLOUDFLARENET Requested by https://ha.rionvent.ru/uB3yTphR/#Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= Certificate IssuerGoogle Trust Services Subjectrionvent.ru Fingerprint5F:5A:40:7D:97:E7:81:B4:BC:76:07:86:F6:5B:B1:D8:30:13:97:E6 ValiditySat, 09 Nov 2024 11:40:49 GMT - Fri, 07 Feb 2025 11:40:48 GMT File type data Size 64 B (64 bytes) Hash 2c3dd3d4a9bc9d1ffdf125e8439a3c00 a9b83cd7e27c23a420c3f56107ce51368e4662cb 0d68a8110cb0daf3c313fce8c1e3b950e49ed0d27fe4403f708734c3af15003d HTTP Headers GET /favicon.ico HTTP/1.1 Host: ha.rionvent.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ha.rionvent.ru/uB3yTphR/ Cookie: XSRF-TOKEN=eyJpdiI6Ik1nR25tVlpmaURoUlpEK2Z0Q2VFYkE9PSIsInZhbHVlIjoidFF2RTBXckh5dWljUnY3TUNSMmZkY2NxTlFkaWpuNzNaWDUxRFY1WUVYZmlPWXU4TzROdFhNRE8yN2lrNDBreUoxNEMyTW9JMWNodFpIUE5pL1RrQ3dPeUw4eXhnMHJnTEpxVFptQWxJSUQ3dnk2TUt1bmZNLzFyZ0RuRzl1WG8iLCJtYWMiOiIyNmJkNmU0NGY0NDQ4YzExNjJiZTc0ZTUxYzg5MjEzZjA0NWFiNzY2ZmE0MGNlNTExMjViYjM3YzgxNGI5YzhiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InFPYy9aY1IvOGpDU2E3ZU41TjIzR0E9PSIsInZhbHVlIjoiZHdUZGdITi9sWFA1V3RmNVp5NHQrS2xlazBkR1VYYWxBNFlrZC9UV2JjNDN3NEZPSDF2RHZSaGVRYkVJU3pmMHRseC85bkh2ckdpRUo1UzRHNmVZVUlIZE9BUE5keHV3aTJGU3V6K2xtbVByQWhXalVvL3pyK3pXMkhuZVlCRWgiLCJtYWMiOiJjZmU5MTMyMDlkNDI3ZGQxZjc3ODcxNGQwNDM0ODFmYWJiODI4YzVjZmJmNTZhMTcxNGU5OTcyNjc1YWViOTdjIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 404 Not Found date: Thu, 12 Dec 2024 09:38:25 GMT content-type: text/html; charset=UTF-8 cache-control: max-age=14400 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=woHX9idFXd7yRFzg2ehorE3r3KP4VCkLzjUspYVPXwSGM3Dawp8qbJTSqI10ILLnNfNrz9sDTLm6YvhFalDSrlUL0Ulftifnc4V2KpKwIetEX%2Bg%2BI%2FAeDrWkcxtNuA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 cf-cache-status: HIT age: 4862 priority: u=6,i=?0 server: cloudflare cf-ray: 8f0cbdcc9b980b65-OSL content-encoding: br server-timing: cfL4;desc="?proto=TCP&rtt=1389&min_rtt=1388&rtt_var=392&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2826&recv_bytes=2082&delivery_rate=2896848&cwnd=248&unsent_bytes=0&cid=5cfd1f84ff04c937&ts=324&x=0", cfL4;desc="?proto=QUIC&rtt=7636&min_rtt=1865&rtt_var=4821&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4114&recv_bytes=1782&delivery_rate=315704&cwnd=12000&unsent_bytes=0&cid=04efabd685652e73&ts=549&x=1", cfExtPri, cfHdrFlush;dur=0

	ha.rionvent.ru/uB3yTphR/	172.67.155.22	200 OK	15 kB
URL ha.rionvent.ru/uB3yTphR/ IP 172.67.155.22:0 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjectrionvent.ru Fingerprint5F:5A:40:7D:97:E7:81:B4:BC:76:07:86:F6:5B:B1:D8:30:13:97:E6 ValiditySat, 09 Nov 2024 11:40:49 GMT - Fri, 07 Feb 2025 11:40:48 GMT File type HTML document, ASCII text, with very long lines (7429), with CRLF line terminators Size 15 kB (15234 bytes) Hash cce1a7c9f6ed4549470e61fd9f7b4040 6340e36aa3104ef6b832a735f4130151c57e1f42 3e5b854a097ddb6c243c53ff0b8352b314d9c4912f28799ffabb061af026035d HTTP Headers `GET /uB3yTphR/ HTTP/1.1 Host: ha.rionvent.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 12 Dec 2024 09:38:24 GMT content-type: text/html; charset=UTF-8 cache-control: no-cache, private cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1T2WrxdSgAepmqwQuWzkUtX1ao826tAdXenfBdguLTKCHjygtYUo4BeM%2ByXr6lOPZkBtHnBaOMB8Z7QVUlS0oN%2FgKrfrF59%2Fsu20cUJaNEEwjN4glrhZXWVDUqqeVg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 set-cookie: XSRF-TOKEN=eyJpdiI6Ik1nR25tVlpmaURoUlpEK2Z0Q2VFYkE9PSIsInZhbHVlIjoidFF2RTBXckh5dWljUnY3TUNSMmZkY2NxTlFkaWpuNzNaWDUxRFY1WUVYZmlPWXU4TzROdFhNRE8yN2lrNDBreUoxNEMyTW9JMWNodFpIUE5pL1RrQ3dPeUw4eXhnMHJnTEpxVFptQWxJSUQ3dnk2TUt1bmZNLzFyZ0RuRzl1WG8iLCJtYWMiOiIyNmJkNmU0NGY0NDQ4YzExNjJiZTc0ZTUxYzg5MjEzZjA0NWFiNzY2ZmE0MGNlNTExMjViYjM3YzgxNGI5YzhiIiwidGFnIjoiIn0%3D; expires=Thu, 12-Dec-2024 11:38:24 GMT; Max-Age=7200; path=/; secure; samesite=none laravel_session=eyJpdiI6InFPYy9aY1IvOGpDU2E3ZU41TjIzR0E9PSIsInZhbHVlIjoiZHdUZGdITi9sWFA1V3RmNVp5NHQrS2xlazBkR1VYYWxBNFlrZC9UV2JjNDN3NEZPSDF2RHZSaGVRYkVJU3pmMHRseC85bkh2ckdpRUo1UzRHNmVZVUlIZE9BUE5keHV3aTJGU3V6K2xtbVByQWhXalVvL3pyK3pXMkhuZVlCRWgiLCJtYWMiOiJjZmU5MTMyMDlkNDI3ZGQxZjc3ODcxNGQwNDM0ODFmYWJiODI4YzVjZmJmNTZhMTcxNGU5OTcyNjc1YWViOTdjIiwidGFnIjoiIn0%3D; expires=Thu, 12-Dec-2024 11:38:24 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none server: cloudflare cf-ray: 8f0cbdc68c3d0b45-OSL content-encoding: br server-timing: cfL4;desc="?proto=TCP&rtt=1465&min_rtt=1421&rtt_var=426&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2825&recv_bytes=1383&delivery_rate=2773662&cwnd=252&unsent_bytes=0&cid=2d5ee2ee099e7010&ts=186&x=0", cfL4;desc="?proto=TCP&rtt=6468&min_rtt=452&rtt_var=12003&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3272&recv_bytes=1250&delivery_rate=7541666&cwnd=254&unsent_bytes=0&cid=e3cc7a5779783dda&ts=450&x=0" X-Firefox-Spdy: h2

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8f0cbdcc4b791bfa&lang=auto	104.18.94.41	200 OK	114 kB
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8f0cbdcc4b791bfa&lang=auto IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yac1f/0x4AAAAAAAfEBeInnh5kzxE1/auto/fbE/normal/auto/ Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 114 kB (114415 bytes) Hash 04933dfe7321bdfc8cc86d58355d9041 3e91268d47c4579ba7a4ef938a5cb03a9048b2e0 2417647da74d0a15445806671aec9827451965d34468e2f1f09e0fb7053b5042 HTTP Headers GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8f0cbdcc4b791bfa&lang=auto HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yac1f/0x4AAAAAAAfEBeInnh5kzxE1/auto/fbE/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Thu, 12 Dec 2024 09:38:25 GMT content-type: application/javascript; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 priority: u=2,i=?0 server: cloudflare cf-ray: 8f0cbdcd1c2a1bfa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yac1f/0x4AAAAAAAfEBeInnh5kzxE1/auto/fbE/normal/auto/	104.18.94.41	200 OK	26 kB
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yac1f/0x4AAAAAAAfEBeInnh5kzxE1/auto/fbE/normal/auto/ IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://ha.rionvent.ru/uB3yTphR/#Y29yaS5hbWVzQHNsdXJwbWFpbC5uZXQ= Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT File type HTML document, ASCII text, with very long lines (22073) Size 26 kB (26463 bytes) Hash 43e63f1f2d58822ab94c3e15127e95c0 5bbc8f99085063a4308d627972a79a48e9471820 d68b494e4ea811e8c43b51dea8e2ddd6762ed8b8a3db10e7aa503e9595eb2ee3 HTTP Headers GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yac1f/0x4AAAAAAAfEBeInnh5kzxE1/auto/fbE/normal/auto/ HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ha.rionvent.ru/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Thu, 12 Dec 2024 09:38:25 GMT content-type: text/html; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self' cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: cross-origin origin-agent-cluster: ?1 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA referrer-policy: same-origin document-policy: js-profiling priority: u=4,i=?0 server: cloudflare cf-ray: 8f0cbdcc4b791bfa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	ha.rionvent.ru/uB3yTphR/	172.67.155.22	200 OK	20 kB
URL User Request GET HTTP/2 ha.rionvent.ru/uB3yTphR/ IP 172.67.155.22:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjectrionvent.ru Fingerprint5F:5A:40:7D:97:E7:81:B4:BC:76:07:86:F6:5B:B1:D8:30:13:97:E6 ValiditySat, 09 Nov 2024 11:40:49 GMT - Fri, 07 Feb 2025 11:40:48 GMT File type HTML document, ASCII text, with very long lines (7429), with CRLF line terminators Size 20 kB (19766 bytes) Hash cce1a7c9f6ed4549470e61fd9f7b4040 6340e36aa3104ef6b832a735f4130151c57e1f42 3e5b854a097ddb6c243c53ff0b8352b314d9c4912f28799ffabb061af026035d HTTP Headers `GET /uB3yTphR/ HTTP/1.1 Host: ha.rionvent.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 12 Dec 2024 09:38:24 GMT content-type: text/html; charset=UTF-8 cache-control: no-cache, private cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1T2WrxdSgAepmqwQuWzkUtX1ao826tAdXenfBdguLTKCHjygtYUo4BeM%2ByXr6lOPZkBtHnBaOMB8Z7QVUlS0oN%2FgKrfrF59%2Fsu20cUJaNEEwjN4glrhZXWVDUqqeVg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 set-cookie: XSRF-TOKEN=eyJpdiI6Ik1nR25tVlpmaURoUlpEK2Z0Q2VFYkE9PSIsInZhbHVlIjoidFF2RTBXckh5dWljUnY3TUNSMmZkY2NxTlFkaWpuNzNaWDUxRFY1WUVYZmlPWXU4TzROdFhNRE8yN2lrNDBreUoxNEMyTW9JMWNodFpIUE5pL1RrQ3dPeUw4eXhnMHJnTEpxVFptQWxJSUQ3dnk2TUt1bmZNLzFyZ0RuRzl1WG8iLCJtYWMiOiIyNmJkNmU0NGY0NDQ4YzExNjJiZTc0ZTUxYzg5MjEzZjA0NWFiNzY2ZmE0MGNlNTExMjViYjM3YzgxNGI5YzhiIiwidGFnIjoiIn0%3D; expires=Thu, 12-Dec-2024 11:38:24 GMT; Max-Age=7200; path=/; secure; samesite=none laravel_session=eyJpdiI6InFPYy9aY1IvOGpDU2E3ZU41TjIzR0E9PSIsInZhbHVlIjoiZHdUZGdITi9sWFA1V3RmNVp5NHQrS2xlazBkR1VYYWxBNFlrZC9UV2JjNDN3NEZPSDF2RHZSaGVRYkVJU3pmMHRseC85bkh2ckdpRUo1UzRHNmVZVUlIZE9BUE5keHV3aTJGU3V6K2xtbVByQWhXalVvL3pyK3pXMkhuZVlCRWgiLCJtYWMiOiJjZmU5MTMyMDlkNDI3ZGQxZjc3ODcxNGQwNDM0ODFmYWJiODI4YzVjZmJmNTZhMTcxNGU5OTcyNjc1YWViOTdjIiwidGFnIjoiIn0%3D; expires=Thu, 12-Dec-2024 11:38:24 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none server: cloudflare cf-ray: 8f0cbdc68c3d0b45-OSL content-encoding: br server-timing: cfL4;desc="?proto=TCP&rtt=1465&min_rtt=1421&rtt_var=426&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2825&recv_bytes=1383&delivery_rate=2773662&cwnd=252&unsent_bytes=0&cid=2d5ee2ee099e7010&ts=186&x=0", cfL4;desc="?proto=TCP&rtt=6468&min_rtt=452&rtt_var=12003&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3272&recv_bytes=1250&delivery_rate=7541666&cwnd=254&unsent_bytes=0&cid=e3cc7a5779783dda&ts=450&x=0" X-Firefox-Spdy: h2

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1	104.18.94.41	200 OK	61 B
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yac1f/0x4AAAAAAAfEBeInnh5kzxE1/auto/fbE/normal/auto/ Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Size 61 B (61 bytes) Hash 9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84 HTTP Headers GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yac1f/0x4AAAAAAAfEBeInnh5kzxE1/auto/fbE/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Thu, 12 Dec 2024 09:38:25 GMT content-type: image/png content-length: 61 cache-control: max-age=2629800, public priority: u=4,i=?0 server: cloudflare cf-ray: 8f0cbdcd0c1d1bfa-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (13)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash