Report - www.google.com/url?q=https://www.google.com/url?q=3HOSozuuQiApLjODz3yh&rct=tTPSJ3J3wD5CHARyycT&sa=t&esrc=7CrVJLLAFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJ6CHARlDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ==

Report Overview

Visited public
2024-09-18 04:07:23
Tags
URL
www.google.com/url?q=https://www.google.com/url?q=3HOSozuuQiApLjODz3yh&rct=tTPSJ3J3wD5CHARyycT&sa=t&esrc=7CrVJLLAFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJ6CHARlDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ==
Finishing URL
g3j6.vitiacarc.com/7Zg4xu6/#Mquestions@aesindianarebates.com
IP / ASN
142.250.74.164
#15169 GOOGLE
Title

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20 07:02:03	2024-09-17 18:13:37	5.7 kB	515 kB	104.18.95.41
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2024-09-17 18:47:51	412 B	32 kB	151.101.2.137
g3j6.vitiacarc.com	unknown	unknown	No data	No data	1.6 kB	19 kB	172.67.213.146
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-17 18:12:05	327 B	887 B	23.36.76.226
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2024-09-15 18:22:04	1.7 kB	2.5 kB	142.250.74.164
cells2go.co	unknown	2021-07-06	2022-10-06 18:53:15	2023-04-26 12:59:01	456 B	270 B	103.83.194.5
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-09-17 21:26:44	440 B	15 kB	104.17.24.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-18	medium	vitiacarc.com	Sinkholed
2024-09-18	medium	vitiacarc.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (51)

	URL	Size	First Seen	Last Seen
	unknown	1.3 kB	2024-09-19 19:54	2024-09-19 19:54
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 42c7b0d70543072050ca4e489f3509aa 6cf0f4c7bef71bf07ad028a984d154725e80853c c216d52fecf41bc23ef2d2388871b20fdb89cd925646f1ed6596fc56de5014d9 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8c4e776b2f8ab521&lang=auto	118 kB	2024-09-19 19:54	2024-09-19 19:54
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8c4e776b2f8ab521&lang=auto IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 36288ce61934788b43a1d09d8a808780 144326167609198ee1582189071d652fb487cd50 fe95ccaf505d4d6022cff52f58c46cdb935597968ded87b2f1d9d9b24b9fecd5 Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	48 kB	2023-03-07 01:31	2025-01-15 12:48
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-01-15 12:48 Times Seen61038 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/	4.2 kB	2024-09-19 19:54	2024-09-19 19:54
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 2e925dacfabb467109846aa7b2b5a12a 849317d69baea221b35b887d7e3b3efa0c0b7879 ecc6c49ddae01e2842f1c5e93a29c5035cc0eb74cb351d465d3a67ccc7a817f4 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	47 kB	2024-09-12 16:15	2024-09-19 21:03
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-12 16:15 Last Seen2024-09-19 21:03 Times Seen3083 Hash d7bb07b6ecd6fb1a2e123203006c33ba 09cc76938fa366e40992880ff94accd8be0c6640 8eae5159c56bf66c17e0cb002b25fc2e343f3e009dc2a39a7e230f08b7b8c672 Loading...

	unknown	188 B	2024-09-14 02:07	2024-09-19 20:43
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-14 02:07 Last Seen2024-09-19 20:43 Times Seen377 Hash 7f16f1bb9897dc3cf45f621cdf999885 628e1d4ee73cfdc863d97cf560507ec262a08f57 00293f78a7300236ca7eff20dbd16221e74052248dbf170db16ca2a4f15d590c Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07 01:02	2025-01-15 12:48
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-01-15 12:48 Times Seen157489 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	g3j6.vitiacarc.com/7Zg4xu6/#Mquestions@aesindianarebates.com	17 kB	2024-09-19 19:54	2024-09-19 19:54
Pretty URL g3j6.vitiacarc.com/7Zg4xu6/#Mquestions@aesindianarebates.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 341189adea613ddd8ee5df781a25664d 5ef365267f3f70532cab4837f1d51f9d0d649d21 70778697641dd327e9ed03d94c31df23b1ac7b2e981e985a2e0ba00b7647d8e2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 259bf41eb3418919d1c8f0fc707fe2f3	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 259bf41eb3418919d1c8f0fc707fe2f3 e2e5c83ef21e22fdd43e776f4311cfcb279bcd83 532e92d7e53ed8af94b93c0445e3bc78658a00c0bbe418013131b87b1f90deda Loading...

	#2 Eval - 8844878bfe60a4045204c7c49f16f7a6	60 B	2024-09-12 16:15	2024-09-28 07:23
Pretty Observations First Seen2024-09-12 16:15 Last Seen2024-09-28 07:23 Times Seen2586 Hash 8844878bfe60a4045204c7c49f16f7a6 66da0e45037f7760b046267b01ef012a9d4990b7 de499be6fbba9dea6a37ae1b22b6d660edd20f3ea96e3099f9a9a6d88defd8a6 Loading...

	#3 Eval - 9434e14ce7669a9fbe8a1c5b92287ced	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 9434e14ce7669a9fbe8a1c5b92287ced 05eff7e7a7f22ed2cea0916dd87f76db18385660 eebf148e0c3d319b6f2c9ee8067ce54dd4e8156a6b6c1bfee39bdd23d0fcb13a Loading...

	#4 Eval - 2aa3cab223d94530874e8927328cf21f	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 2aa3cab223d94530874e8927328cf21f a3df99b065a84f3aaa799845e9312874c700ad09 95ec04bf4cab80ed04fe50696abc3e909cf4e145d8a3536b4a15b59b9f974c48 Loading...

	#5 Eval - 5d410d6ea972ef3365f18ea86f9b8fdb	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 5d410d6ea972ef3365f18ea86f9b8fdb 7496177fff7116913546bbea923c43f67beb5256 491a961f3b9aca37ba8e19eb81de4485d3e55fa2704e7677df4c57334195474d Loading...

	#6 Eval - 60bcb8f417334200ee68abf4c78aae28	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 60bcb8f417334200ee68abf4c78aae28 3565930eb72ca9ac04cf50d4e0d899e4e66cd8d9 5cc5179edede46039ea7f68dc000f04e74f6ea0b9ca501ace163180d7a3176d6 Loading...

	#7 Eval - 7a4c256de9c31481b83020aaaa7fb5c6	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 7a4c256de9c31481b83020aaaa7fb5c6 be0f9f22f620f6ac7ab948ce024efc5c72a10045 ca92851d86653d7affde2f55cbc1448d77ce3a29ac4ec9270bdf36e7516e7e02 Loading...

	#8 Eval - 81cb1c2fbe71c2fd27cb2f0bd0ef8b82	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 81cb1c2fbe71c2fd27cb2f0bd0ef8b82 6b1bfd8df6401c14bbd8c2b5ce5f2d66343ca8bd 23820ba8dbde62de2ebb3eee325c5275077331ed8c62865aba4a2a43c43105a0 Loading...

	#9 Eval - 3b37c737325ef4f04bff6536b60ac786	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 3b37c737325ef4f04bff6536b60ac786 995552f16b839f27e924e5099bc9005d17a36066 58a0aead218cc5aeed9862b70c7e4eb7142a829bf23a31c30e79d70ee79f4956 Loading...

	#10 Eval - 6c2fe229950c17b812228263c46f7662	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 6c2fe229950c17b812228263c46f7662 0a62ffae057d252fdde58580136785a3202d62ca 3ecc8e7153b5d8f61ffcc046fd142a1f049681deb89420e21aa071be3c6df201 Loading...

	#11 Eval - f348310d8f96c10ac3c5bf534b67e293	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash f348310d8f96c10ac3c5bf534b67e293 fd0b70e3f2fd3841d7f211c2606063b6cbc26d28 253acdda3c9cf87e3448d2a43b5cdd933eedfd880f7630f5a2b78141bef05f0e Loading...

	#12 Eval - 4a0ff2f962a7e7f4d0615f84ba3613ac	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 4a0ff2f962a7e7f4d0615f84ba3613ac 59b300ab40bdbeadeffac2be6f134b277aebb065 674134c679e118cf87c3e2dd207fc864f5e420b31c8ef1db312f3bbba361555f Loading...

	#13 Eval - b59fa7c774ab33582e44f4cd26f68d2c	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash b59fa7c774ab33582e44f4cd26f68d2c cdc5c84c416b50520586e720da00f5bfb85a7370 7824b3ea20f64e34c929e1a2f9043a2ce680fdaca58cae1070eedcae72802557 Loading...

	#14 Eval - f19be5dd8fa43a95dc991ac68e1724f8	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash f19be5dd8fa43a95dc991ac68e1724f8 b27c410efeda9b06ad05f25ae49e9302a0ce584d eddd849666ef4b2f8b0cfe937167dac77db3e58aa8bff02e9f3a8eff6719ef52 Loading...

	#15 Eval - cf8eb6d273168b69713392cbcf9a4aff	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash cf8eb6d273168b69713392cbcf9a4aff ba6f9539ebd7485a1ddc09ea9bc6304e99ada440 191ca55392f2ab83c315d6ca807f0ed7e3b03c38776d109d63db12f3209566ec Loading...

	#16 Eval - 44d67dd1dd36976b021f2809eaf6ed46	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 44d67dd1dd36976b021f2809eaf6ed46 96b33bf277b600b0e2dd6ba93a6e84a7d0dfe3a9 677c466d3a2e0b4df8943dd5b1caf02452c3274efead8585c32aa8d297042e94 Loading...

	#17 Eval - d66b57f843b938d7c4cab8d0f54d95a8	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash d66b57f843b938d7c4cab8d0f54d95a8 17c3012e54e6322a2dee8b914ca3f948161b7b6d b3801fc94be808535efa8465f1eebab8f1fd2255fb4e0cf7b3c1af9d6d3fd308 Loading...

	#18 Eval - 2624f094b4c72fa7bb24507bf66cc0c0	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 2624f094b4c72fa7bb24507bf66cc0c0 ac41d8c70888402b206e57f3ff1f055f9b22ec3e aa1cd9a01376225f906785d6421dc0131c86c74688ca3ff99b7505faa7f0e1f1 Loading...

	#19 Eval - 1a322e9ca5ea1f08bb922c489d65bd66	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 1a322e9ca5ea1f08bb922c489d65bd66 3253e5c2e181e6ab0bf6ed1b61622aa5c9b13f06 539f0db73b260dc59d4840ac5cc0a9fb25d6f983e73160649e4f5b9a29d3aa4e Loading...

	#20 Eval - b935536a45d30c68dfbe60a4645eda5d	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash b935536a45d30c68dfbe60a4645eda5d afdf035bd173fce7d1f7d355f685772ae705faf4 35c331bc7a27d3dd78492a87d721b105571cc2afd368d633e5cc38eb3c0cfd8d Loading...

	#21 Eval - 1d9132e131b755a1c9a599d598b5b59e	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 1d9132e131b755a1c9a599d598b5b59e 645b39b4934148d68e888a3777ae35dedf339ff2 1ed2a6f63b53d460d67443bcef7d264746d6feed26aa4045b2ded33cfa98e990 Loading...

	#22 Eval - c5a72991f1ce1f471517039f8ed0e49a	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash c5a72991f1ce1f471517039f8ed0e49a 1a806e9a9a99ea3a591b0988f6ff1a0a936b2b61 e06d98510f7125e584cf5705532739c656621300b3a2b578d23f5a160f5d4724 Loading...

	#23 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-01-15 12:48
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-01-15 12:48 Times Seen339273 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#24 Eval - 0ffe2ce4ed19c7412f9a265c100590cc	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 0ffe2ce4ed19c7412f9a265c100590cc d7b84d4424ccdf4ff085cd8051d18d31feb3e497 07cbf3e63e1b3dbee1eb128d7b61c479bbc9723e4dcfd0c89650e1d6d27505ba Loading...

	#25 Eval - af7f458660e9975d38a43c2885a0b386	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash af7f458660e9975d38a43c2885a0b386 20322131442b24dbf3f8b9d5332b03193d519540 54b9bd2935410362cee3a305b0ce0ffe98e47cea6c2b76a224cacca6c3c967e6 Loading...

	#26 Eval - 5f8c0e1a5e7dd854c362f5e931319a19	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 5f8c0e1a5e7dd854c362f5e931319a19 c5843f190a01081e41d6297fa1f1ecf80834bd32 19b7c46d3a2b7bd7518bd71f5039e6956447c73b5db856a2c81d3d4572789359 Loading...

	#27 Eval - a291b9ccf7eb05b980e994b35bbd8580	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash a291b9ccf7eb05b980e994b35bbd8580 f467256839a5a01c74ad2dfabe6ec2eda9e10213 9709d45f945a2e17ead7b91d479e9fe5cc3e1301d729502d191a73e23712da51 Loading...

	#28 Eval - 61b1eeea4772cbd6fc672b04905b5ee0	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 61b1eeea4772cbd6fc672b04905b5ee0 8df4d61a2f845d5055faaf8d805698279faecb52 4795ce76f93db7d23b511a286182f726553ecaef78961f699e16856da3bf9af3 Loading...

	#29 Eval - 6a23df6fc91fd640e0589b7a815e24f3	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 6a23df6fc91fd640e0589b7a815e24f3 5ca01fb1f6c57678bb3b4ec0ffb168afac1d34f3 b5478f7a5cb00ab815d11eebb6ecd6a70cfba7f8144e2d12fcf0e50ad079f9e0 Loading...

	#30 Eval - 16533925289cdb7c5588bf2b80d87417	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 16533925289cdb7c5588bf2b80d87417 cbbed01a4e090c43a0a26001f2eb323da27df6b8 cfe556e2d7edb948969f646de2e7cbd4b9f7011012a2945538da3db97b2375bd Loading...

	#31 Eval - 91e3f6ef4a1cac0c122f949b6b969956	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 91e3f6ef4a1cac0c122f949b6b969956 f19a458585bf59e5a30c318b647540585dbb03ee 7dc2168192a070970021fd108a4f0a3eead2d55235d26df399b84f258d749b61 Loading...

	#32 Eval - d04cb98a5134a5ee0597e96c99184993	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash d04cb98a5134a5ee0597e96c99184993 d7163d5d140fb2480a3bd7eff828ce6a80048a10 ee72ea8e624edb5d0ae985feb4692c5ce96a4e03532655ab80bf551bf33f34ef Loading...

	#33 Eval - 63419755a499c3ae3fa7f68276257715	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 63419755a499c3ae3fa7f68276257715 ea47cee33b00848ef1d8d786c514968e79d929a7 de6d18a9f6e7c86845536c9476d45d87154f7db17d6808f6fcf9633c2529ce4e Loading...

	#34 Eval - 61fa153f2827c887a48a351ae3c6cfd3	8 B	2023-03-07 01:03	2025-01-14 13:05
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-01-14 13:05 Times Seen16611 Hash 61fa153f2827c887a48a351ae3c6cfd3 5fbd02245cf700ea94d638c8d76924ecca52d330 4c44d7c28ec0f6ca3e2624c6af1d3be324576d01ef6f6c2dc0af7e61664b8c2c Loading...

	#35 Eval - d4cdc56ab09df28895e668bce08e312b	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash d4cdc56ab09df28895e668bce08e312b df444a964f845a1ad4985bd490518640f3f0c15c e8274a2b330e48154703df6661752a21279bb91f9b609b52c019735d4c6eab8b Loading...

	#36 Eval - f79da6cc69c87f488ae33723ffab34b8	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash f79da6cc69c87f488ae33723ffab34b8 c8e7bb54c3be4a05c443e3055c7b4921fa79377e ea41a6d1802d8eb70e86114b4b2ceb8505521a52f120cc8e028886c2dfffad7f Loading...

	#37 Eval - 9bb110c1624a5890cb69f7d49dee66eb	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 9bb110c1624a5890cb69f7d49dee66eb f71b97fd4887a2896e39155f3330efada86edeb0 6829f70d3e0b86b37bf794ca32bf5b301814158e91562152c70469350fb47b0d Loading...

	#38 Eval - 75d3b0b28634777166388d04a8803be9	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 75d3b0b28634777166388d04a8803be9 2b3913b7a75e397c2a9a0a19744e470115e550f4 a28e17195651c964d2abf4a419a4a8dca154b4bebb397b420f9bc76b9a0e5e2d Loading...

	#39 Eval - 3468e8e7aab79e78c24e945472028e11	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 3468e8e7aab79e78c24e945472028e11 cbe9341c8f58887ce2d2d873950a11139b10d61f 75f62679891c32dd27438ae7d9a45fc78d543f178b7b11d4a183c7b8b88dbc6e Loading...

	#40 Eval - 8fa961f36d585d73fba4962f46cee55a	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 8fa961f36d585d73fba4962f46cee55a 0dd98f84d6192da1a9874d2bff09e289e6f72f6a d31e0527527c49abef956ea488cbb170963f7145bd917e6f76105ab3f66e6dc6 Loading...

	#41 Eval - 0d85917625483be2d8dca1a442ca9742	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 0d85917625483be2d8dca1a442ca9742 f05ceeebedd03ab9d51e7b857a4a1ec42d9f9219 cb14e266d4f734083919b9d32f8a527141d6603bcb01f3e30140e025f3cec237 Loading...

	#42 Eval - 9f74cf53accc9e34c8cbe264a8a8d37c	28 B	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash 9f74cf53accc9e34c8cbe264a8a8d37c c016ad77d32ec198dffcfd3bb33fba902ba1c845 9b156d052cf18301747c5609db7e31609a3ea608774820ee561367958770c1fa Loading...

		Size	First Seen	Last Seen
	#1 Write - cb389997c568c04776420e4ea1441bcd	4.6 kB	2024-09-19 19:54	2024-09-19 19:54
Pretty Observations First Seen2024-09-19 19:54 Last Seen2024-09-19 19:54 Times Seen1 Hash cb389997c568c04776420e4ea1441bcd c0234c2dc145c70ffe06aaa6df1a6993bdd48bde 826be22b7b945effc0be044d556df117be189cda9bd1fa088abc6d97759718e4 Loading...

HTTP Transactions (17)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
946bd983da8ed3f6d5c12abcab5273e0
eaf94210f1202240080722b9f0a78aa64b6cc1b3
f772e410f6d95169a72a7473bf8ff96f7c642b0e8cd820c34b9debdfc367c44e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F772E410F6D95169A72A7473BF8FF96F7C642B0E8CD820C34B9DEBDFC367C44E"
Last-Modified: Tue, 17 Sep 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2407
Expires: Wed, 18 Sep 2024 04:47:04 GMT
Date: Wed, 18 Sep 2024 04:06:57 GMT
Connection: keep-alive

www.google.com/url?q=https://www.google.com/url?q=3HOSozuuQiApLjODz3yh&rct=tTPSJ3J3wD5CHARyycT&sa=t&esrc=7CrVJLLAFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJ6CHARlDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ==

142.250.74.164

310 B

URL
www.google.com/url?q=https://www.google.com/url?q=3HOSozuuQiApLjODz3yh&rct=tTPSJ3J3wD5CHARyycT&sa=t&esrc=7CrVJLLAFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJ6CHARlDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ==
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
310 B (310 bytes)
Hash
028a5ef5a22317e35a8a99b1fed9b0d1
bb83bd04307dfa27114907036cbcc87d4cf986dc
9d5c00fff9ba54e2e467a74dd343e4e600918d0354339e4f30c49c39a4deb7c5

HTTP Headers

GET /url?q=https://www.google.com/url?q=3HOSozuuQiApLjODz3yh&rct=tTPSJ3J3wD5CHARyycT&sa=t&esrc=7CrVJLLAFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJ6CHARlDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ== HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://www.google.com/amp/cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ==
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Cjh0URWdOzUPWIbbNuvRmw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Wed, 18 Sep 2024 04:06:57 GMT
server: gws
content-length: 310
x-xss-protection: 0
set-cookie: __Secure-ENID=22.SE=ZB_y9VcC4YIZYs2sxIXbsXvFfRut0b7aCqSVcClGuyAsekYvxpTkJVlN2b8YdsBTAjbCcRIAC28mTTb-A-GxP_EdzUd2_hkhY5mqXUWXOUMWOWRckSO7Ok0eTxjZxjMcGqHEFNonUO8H1AaLBDyZ9pHYluJn-_9Za388PYKxzMcb_2fnOmtWEpV2iiSl1bBJ4csN_lIEOV5fKv7KFJxkbWfEofgxTXBwq87pkPI; expires=Sat, 18-Oct-2025 20:25:15 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/amp/cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ==

142.250.74.164

290 B

URL
www.google.com/amp/cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ==
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
290 B (290 bytes)
Hash
e2ec8eb513c70c5cd86157b9771725e2
49596dfbfc97da8fad5241295228570a508bb392
f32593408213a1480474f0cb27d19d2235d13e5b24dee3c2814c84707b8d1f4a

HTTP Headers

GET /amp/cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ== HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=22.SE=ZB_y9VcC4YIZYs2sxIXbsXvFfRut0b7aCqSVcClGuyAsekYvxpTkJVlN2b8YdsBTAjbCcRIAC28mTTb-A-GxP_EdzUd2_hkhY5mqXUWXOUMWOWRckSO7Ok0eTxjZxjMcGqHEFNonUO8H1AaLBDyZ9pHYluJn-_9Za388PYKxzMcb_2fnOmtWEpV2iiSl1bBJ4csN_lIEOV5fKv7KFJxkbWfEofgxTXBwq87pkPI
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
location: http://cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ==
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Y8meScjK6FaR7c6hRMeYKQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
date: Wed, 18 Sep 2024 04:06:57 GMT
server: gws
content-length: 290
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ==

103.83.194.5

0 B

URL
cells2go.co/one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ==
IP
103.83.194.5:0
ASN
#393960 HOST4GEEKS-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /one/.me/IiPfZUuDtKYtDLfdgBOD8/cXVlc3Rpb25zQGFlc2luZGlhbmFyZWJhdGVzLmNvbQ== HTTP/1.1
Host: cells2go.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 18 Sep 2024 04:06:57 GMT
Server: Apache
refresh: 0;url=https://g3j6.vitiacarc.com/7Zg4xu6/#Mquestions@aesindianarebates.com
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.24.14

200 OK

14 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g3j6.vitiacarc.com/7Zg4xu6/#Mquestions@aesindianarebates.com
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:EC:C6:E9:D9:C1:6D:05:88:6E:33:AF:3B:E7:7B:86:81:20:66:CA
ValidityWed, 31 Jul 2024 04:16:10 GMT - Tue, 29 Oct 2024 04:16:09 GMT

File type
JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Size
14 kB (13972 bytes)
Hash
2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g3j6.vitiacarc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 18 Sep 2024 04:06:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 36874
expires: Mon, 08 Sep 2025 04:06:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGO9dusgHH%2Bhe8ml9gCS8FFTvdapJHuFNpssAhYS3rJPL6WKYsgoB%2F5y9l59dpjkI33mUEKlfikSUELbMZrkLJKrq%2B9Yapfl6x%2BOE9AYqyqp2Hj%2BZOkDBEsMplehJrxF0%2FZVMAYE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8c4e7769e90a712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

104.18.95.41

302 Found

0 B

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g3j6.vitiacarc.com/7Zg4xu6/#Mquestions@aesindianarebates.com
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g3j6.vitiacarc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 18 Sep 2024 04:06:58 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/388c99dd0998/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c4e7769ede756bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.2.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://g3j6.vitiacarc.com/7Zg4xu6/#Mquestions@aesindianarebates.com
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g3j6.vitiacarc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 18 Sep 2024 04:06:58 GMT
age: 2824525
x-served-by: cache-lga21931-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 543903
x-timer: S1726632419.919501,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/api.js

104.18.95.41

200 OK

58 kB

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/api.js
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g3j6.vitiacarc.com/7Zg4xu6/#Mquestions@aesindianarebates.com
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
JavaScript source, ASCII text, with very long lines (47261)
Size
58 kB (57982 bytes)
Hash
d7bb07b6ecd6fb1a2e123203006c33ba
09cc76938fa366e40992880ff94accd8be0c6640
8eae5159c56bf66c17e0cb002b25fc2e343f3e009dc2a39a7e230f08b7b8c672

HTTP Headers

GET /turnstile/v0/b/388c99dd0998/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g3j6.vitiacarc.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 18 Sep 2024 04:06:58 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 11 Sep 2024 15:58:53 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c4e776a3e1656bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8c4e776b2f8ab521/1726632419422/ty7NXVmLbPQ0jP3

104.18.95.41

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8c4e776b2f8ab521/1726632419422/ty7NXVmLbPQ0jP3
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
PNG image data, 70 x 17, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
29c836f5ba5ac4e1c53c243103ba188b
d1c80fc41d6dedaa896381c613e77492f2a21fd2
6c71f5180c61c81a4ecfb08bcc842c25821a5448691262891191f475f8ae060d

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/8c4e776b2f8ab521/1726632419422/ty7NXVmLbPQ0jP3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:06:59 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8c4e77704a39b521-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8c4e776b2f8ab521/1726632419425/77df885a0dedb7aba994c4c8d8cab77c78155c11d33f6b77acc22450f1ff8058/QJ4ntilHAxd8D_X

104.18.95.41

401 Unauthorized

1 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8c4e776b2f8ab521/1726632419425/77df885a0dedb7aba994c4c8d8cab77c78155c11d33f6b77acc22450f1ff8058/QJ4ntilHAxd8D_X
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/8c4e776b2f8ab521/1726632419425/77df885a0dedb7aba994c4c8d8cab77c78155c11d33f6b77acc22450f1ff8058/QJ4ntilHAxd8D_X HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Wed, 18 Sep 2024 04:07:00 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gd9-IWg3tt6uplMTI2Mq3fHgVXBHTP2t3rMIkUPH_gFgAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIHffiFoN7berqZTEyNjKt3x4FVwR0z9rd6zCJFDx_4BYABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIHffiFoN7berqZTEyNjKt3x4FVwR0z9rd6zCJFDx_4BYABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAuJroJOc-tyeoeQjFgfJ8GZidY1pYZ3E6vnRPKA0M4VuvYINC4ZmqLOQzac3aJzNuRrxrQ8vCXrvu97kqdHJSuD7c4F3hVN6pS2ay8sAL7u7jJt6lacsQHuSPC9EIde0igAXxPC2mDw7WVmKBnW1L8eX49fv385hVn2lkvVbn6g2RCo-8cr_vCaywLT1Y4m5m_6XjP6Oekt71A2a9NKotkb81Y8DjanuZ8fdTQWt6O8NqyhDobyHRcF9-9o8acjcIRT5cfkSGzFdMpznnIFdDtr33BOQv2usHcnClM6om78iaqVMykh3JylHkrYXv9gOBIy3r8i0wOr_0t9XKtgxipQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8c4e77758e25b521-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.18.95.41

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:06:59 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8c4e776bbfd9b521-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8c4e776b2f8ab521&lang=auto

104.18.95.41

200 OK

118 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8c4e776b2f8ab521&lang=auto
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
118 kB (117665 bytes)
Hash
36288ce61934788b43a1d09d8a808780
144326167609198ee1582189071d652fb487cd50
fe95ccaf505d4d6022cff52f58c46cdb935597968ded87b2f1d9d9b24b9fecd5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8c4e776b2f8ab521&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:06:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8c4e776bbfe0b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/686540809:1726630034:p6o0r58mbHMbskc9YVAj-wdjktqFzBv4slYcj8mo2CQ/8c4e776b2f8ab521/31e2a445427ea5d

104.18.95.41

200 OK

140 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/686540809:1726630034:p6o0r58mbHMbskc9YVAj-wdjktqFzBv4slYcj8mo2CQ/8c4e776b2f8ab521/31e2a445427ea5d
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
140 kB (140380 bytes)
Hash
e853303797bc7439f8d0625ba72fffa1
77c6a2d4c17f1fdbbe74a59c70a6ae25eb167f26
5bf9f1e4bc608431b14677cd7fe4cbf0d7de9ab2c3142bda8225d6aea0676d77

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/686540809:1726630034:p6o0r58mbHMbskc9YVAj-wdjktqFzBv4slYcj8mo2CQ/8c4e776b2f8ab521/31e2a445427ea5d HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 31e2a445427ea5d
Content-Length: 2551
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:06:59 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 3uYnJFPySie2xXObhPAjHlOwfrjB0ercBAy8Ctfz7kOlI7tOYgDmHotR/4hialW+NxDlg+JC5QYXlYBtcJRB/OH/TSnqIG2Lw3YqlN262xBnRCrAW/HJOF6SKoENFTdnHlzUcESWUQCCe2LDxvkUY41i6gXbqFFQ+0ic0I8aFD4SPH6Z2btuQL3szQMcvWDGrpnLw5fCfRtJPILregH+ZTv04pv1YIThdBuF3nvBEHP+U8UzAZHJCiSpyBjHs+Igns7fxHx6zLuUdtR5N6YuNyx9hLOG3Gys1yqt1LF42KbEMDdJSrx0+5kNl6eP1sWm5Ob9ArV3WmOn4w/3rc9J5QZJs9TIaOOkShi4lKPI5FC+0P+Dg66p7qt6Q8OjfPDaI5SE5DO77gNGykWhAwk/xr+4K0aJHRTlJUHr7XkBokP3F7EkujeLHMo+nZHxvEq/Ol7TAnUQRbWaqn7wcA==$almuj6fEIresEjA2
server: cloudflare
cf-ray: 8c4e776d48a5b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

g3j6.vitiacarc.com/7Zg4xu6/

172.67.213.146

200 OK

17 kB

URL User Request GET HTTP/2
g3j6.vitiacarc.com/7Zg4xu6/
IP
172.67.213.146:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectvitiacarc.com
Fingerprint1E:B5:AF:BE:D3:7A:D5:46:B3:94:23:F9:77:53:BA:06:C1:94:82:1E
ValiditySun, 01 Sep 2024 06:18:41 GMT - Sat, 30 Nov 2024 06:18:40 GMT

File type
HTML document, ASCII text, with very long lines (6213), with CRLF line terminators
Size
17 kB (17000 bytes)
Hash
a1878dd4e870ece8152e3d60dae3e28e
f53245634811f2957ee9accacc3567e6b0e379bc
3bd4ed6d219135a71a1c96b118da6d6204d0be25e3b4c894aa8a71e16665997c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /7Zg4xu6/ HTTP/1.1
Host: g3j6.vitiacarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 18 Sep 2024 04:06:58 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZEenF39RpQeJWounvZ2bk2gJQPd8d9ODVOxj0H8r8jExgKSO7ascdUDGk4X3Oda4O5ZfrQ9uTHtmBameds%2FHYrJEcrQRvF5yrG5XTxUruwYm4COo1uPFmUmNtvYzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6IkhzWDlEZVhtZUFlZ3M3ZHM3NEFHbkE9PSIsInZhbHVlIjoiS0lIcWxzOTV4QXgvck9WR1FMWXVUSHVFRC9pNEhBVVkxdlI4azNDeXR6dDJIZmQyS1diRk9XaU55NFNodk16dFpPUDEwU2VQLzRsdmIxOWRieUxBemtaUzdmL0hqbm1WNDBUV2hxZTJseEVjRlh5eFJnMFc3eGl1WlVHYlR4Q2MiLCJtYWMiOiIzNWFjM2JlZTQ1NzM4ZTYzMTcyNGJiMzU4YjVhYjI1ZTI0ZTMyZjlmMWQ5ZDc1YzEwNTFkZDNiOTM0NDJjNTRlIiwidGFnIjoiIn0%3D; expires=Wed, 18-Sep-2024 06:06:58 GMT; Max-Age=7200; path=/; secure; samesite=none
laravel_session=eyJpdiI6IlFWY1I2QnVSZFVieU1WbElnZE5ES0E9PSIsInZhbHVlIjoicjZNYTVjUEtqRHhLVloxdG1uSzJHOFZyMDBoOWNuWlBsam5mL1hMdmtWU3ROZmlra2d5MkYyQUpIUWk0aEg1QlVyQ0piYVFQODl4TCtBMFp4N1FCSktITm9RME0xZFFlRjVtbE9odXdLeHlSNmdJTWpTMGlKVzdoQ2h5L0ZMRWkiLCJtYWMiOiJhZDJjYWRiNmY0NWI5YTljMmIzNmQwMjg4MGY1ZTczYzUxMTMzZTEyODhiYTRjZmI1M2M5YzMyNmYyYWUyYTgzIiwidGFnIjoiIn0%3D; expires=Wed, 18-Sep-2024 06:06:58 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8c4e77651b4eb521-OSL
content-encoding: br
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/

104.18.95.41

200 OK

165 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g3j6.vitiacarc.com/7Zg4xu6/#Mquestions@aesindianarebates.com
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
HTML document, ASCII text, with very long lines (42605)
Size
165 kB (164722 bytes)
Hash
461323d2819ca4b27c94e6af45c1b09d
2affce005b0c53437177fa837f5eec818a95af39
e8319e84c8592a52bdc1431cee8cb2c78a79589881fbcaaeda1001f3fd03125f

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g3j6.vitiacarc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:06:59 GMT
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
origin-agent-cluster: ?1
cross-origin-opener-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 8c4e776b2f8ab521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

g3j6.vitiacarc.com/favicon.ico

172.67.213.146

404 Not Found

0 B

URL GET HTTP/3
g3j6.vitiacarc.com/favicon.ico
IP
172.67.213.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g3j6.vitiacarc.com/7Zg4xu6/#Mquestions@aesindianarebates.com
Certificate
IssuerGoogle Trust Services
Subjectvitiacarc.com
Fingerprint1E:B5:AF:BE:D3:7A:D5:46:B3:94:23:F9:77:53:BA:06:C1:94:82:1E
ValiditySun, 01 Sep 2024 06:18:41 GMT - Sat, 30 Nov 2024 06:18:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: g3j6.vitiacarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g3j6.vitiacarc.com/7Zg4xu6/
Cookie: XSRF-TOKEN=eyJpdiI6IkhzWDlEZVhtZUFlZ3M3ZHM3NEFHbkE9PSIsInZhbHVlIjoiS0lIcWxzOTV4QXgvck9WR1FMWXVUSHVFRC9pNEhBVVkxdlI4azNDeXR6dDJIZmQyS1diRk9XaU55NFNodk16dFpPUDEwU2VQLzRsdmIxOWRieUxBemtaUzdmL0hqbm1WNDBUV2hxZTJseEVjRlh5eFJnMFc3eGl1WlVHYlR4Q2MiLCJtYWMiOiIzNWFjM2JlZTQ1NzM4ZTYzMTcyNGJiMzU4YjVhYjI1ZTI0ZTMyZjlmMWQ5ZDc1YzEwNTFkZDNiOTM0NDJjNTRlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlFWY1I2QnVSZFVieU1WbElnZE5ES0E9PSIsInZhbHVlIjoicjZNYTVjUEtqRHhLVloxdG1uSzJHOFZyMDBoOWNuWlBsam5mL1hMdmtWU3ROZmlra2d5MkYyQUpIUWk0aEg1QlVyQ0piYVFQODl4TCtBMFp4N1FCSktITm9RME0xZFFlRjVtbE9odXdLeHlSNmdJTWpTMGlKVzdoQ2h5L0ZMRWkiLCJtYWMiOiJhZDJjYWRiNmY0NWI5YTljMmIzNmQwMjg4MGY1ZTczYzUxMTMzZTEyODhiYTRjZmI1M2M5YzMyNmYyYWUyYTgzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 18 Sep 2024 04:06:59 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
age: 12567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9pD2w2hnMaPGdWjjMGwHSMwokzwwB11lNODY3BTCwlsZ6Mq%2FbwATffWJbm2UiKSwb4MvPvgzkSXUaTJkBHvbLSEbMu71suTRtjOJr9prNZQtZKrgAv%2B9cFAzW52KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 8c4e776b38fa569c-OSL
content-encoding: br

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/686540809:1726630034:p6o0r58mbHMbskc9YVAj-wdjktqFzBv4slYcj8mo2CQ/8c4e776b2f8ab521/31e2a445427ea5d

104.18.95.41

200 OK

28 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/686540809:1726630034:p6o0r58mbHMbskc9YVAj-wdjktqFzBv4slYcj8mo2CQ/8c4e776b2f8ab521/31e2a445427ea5d
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
ASCII text, with very long lines (28048), with no line terminators
Size
28 kB (28048 bytes)
Hash
2444a63519bd67c818ef8e0b5cab58bd
5c9403fe0f3aea94f72a960057983f6b5cdcb0cd
2520e3e8c00cccd800ed6f0ce1331974cea9202273030d471b808550d7d83dec

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/686540809:1726630034:p6o0r58mbHMbskc9YVAj-wdjktqFzBv4slYcj8mo2CQ/8c4e776b2f8ab521/31e2a445427ea5d HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/41lqu/0x4AAAAAAAigph6sU-lio1_P/auto/fbE/normal/auto/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 31e2a445427ea5d
Content-Length: 27871
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:01 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 3+FdRThD16MgWaQH9hbf/B2n1A3Phw8nBgxYET90fEkxx3BUCkvWjgYP9Fh5YYhz8/pPwIwDpXekGf4h$pT/cBZG3Izl8jwaF
server: cloudflare
cf-ray: 8c4e777bb90bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (51)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations