Report - krp1hvj.airgele.com/QX5240UwczqG1/

Report Overview

Visited public
2025-07-15 19:24:17
Tags
phishing rockstar
Submit Tags
URL
krp1hvj.airgele.com/QX5240UwczqG1/
Finishing URL
krp1hvj.airgele.com/QX5240UwczqG1?common/oauth2/v2.0/authorize?client_id=f91aee3e-6e04-3f361130-b75b5f31-46be679cf354&locales=en
IP / ASN
104.21.66.110
#13335 CLOUDFLARENET
Title
Continue
Phishing - Rockstar2FA Phishing Kit

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-07-09	7.3 kB	598 kB	104.18.94.41
krp1hvj.airgele.com	unknown	2024-11-07	2025-07-15	2025-07-15	2.3 kB	8.6 kB	172.67.159.114
fatjonashkambio.ru	unknown	2024-10-23	2025-06-27	2025-07-08	454 B	283 kB	172.67.157.125
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-07-09	458 B	90 kB	104.17.25.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (60)

	URL	From	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 74b21885afad43412523b876ec7aba1d 606eec520ba470b767c46c5afa3670f545a7527d e37075fbb02e4cd8c24509b7f76dc65e6aaaa6167d82c6f26945f859a55acbb7 Loading...

	krp1hvj.airgele.com/QX5240UwczqG1/	ScriptElement	508 B	2025-07-15	2025-07-15
Pretty URL krp1hvj.airgele.com/QX5240UwczqG1/ IP 172.67.159.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 27b48e558acd4841ce762781f3fca47b a0823f4d1e6bdc4c735c7bcf01daab423d87828a 9cf636c2f5efa2f3cf8f8e88c6e039e48362cede7cefa3eddd4b72f376205dcb Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 7b8deccbc9e508797940d5f9ec42a0e2 6a627728a61809e57b459afb49068faf3c0aefdc b4ecdf9bbc3df24f054a72502e6437a661a404047b1acfe76ad8e49ad5ceed17 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash f877b737b82ef6e80d6f035670b1c5a6 7f4b33c1fdb01f9d67092e19e59c6e3bf3d8805a 7693e719ceaa0a81d28bf9b7eef820946fb666f87f30432b183f7453ad316efd Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-07-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 03:59 Times Seen244638 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash a5b5ca3b8274c127e6151561b4472ad5 c1c1aa3b90fbdc2958a9333bdde46c0a4a870161 5fab733a0ab2467461572538d9645053a7b7a206c7622c018869e528653439ff Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 3d5f7c476cc2f011da4768a4818eaddf f089931c71ceb1bb486e8eafe88466378b8eb14b 3b923eda4e0fbce76c1879caed5a2d1cb7a5b687b781aac29714e0e9080909cb Loading...

	krp1hvj.airgele.com/QX5240UwczqG1/	ScriptElement	110 kB	2025-07-15	2025-07-15
Pretty URL krp1hvj.airgele.com/QX5240UwczqG1/ IP 172.67.159.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash c51c7649568242f844416c6223be8b03 8ea09062a660eae63d1731df2e4b31df74939778 5326c2f16dbb8e30a92685fb2f55fa9fc74626fce18edc8dbde0ac896180af22 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	16 B	2024-12-12	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-16 04:06 Times Seen45293 Hash ca897fb253cc8807c5aafc947eb02fb6 25137d68712ada7d3ad424c80bc0d688a696f7bb 57f9c536daa79c4d770534dbafbe2e7b2b2aa48b9eb2617b4e670b8a78a4a4ce Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 0c7b376e8cfc2eaab027234e65893a68 5054d88d337ab0a87b9eafe67fccd303acd1cfcd e6c9d23a9be80cad37518913dc04a4c3b0e78833f03c98d7bb41e48d30eb0ff2 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js	ScriptElement	49 kB	2025-07-10	2025-07-16
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-10 21:00 Last Seen2025-07-16 04:06 Times Seen6962 Hash 707a05535c9f035d06963e6bd60b1bad 3dd101c54d1bd9ce2a3ee2d03284f95acde594da ac0d4e7a101b3dca7dabdbb9c04424dd776496494730d046391ee590f3502713 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash d8510ecdaf23d93280d10b98d7610f41 6e17a65f1a6abbfe255aa9c9dc291e41f157cb54 66b209791b51e34052a15ff474f9f3101e013cac8713c526fdfe28822b3cbb1c Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	14 B	2024-12-12	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-16 04:06 Times Seen45593 Hash ff03fc8f0c3179fb4dcf4389f88a1c16 05ff911d7ddf2d7c14b4316a87fd08f42c618f9f 025229ec6bb50e915572750c5045d22c5fe16851fd077f1411f41b19aa1dfece Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 762e4ceeb0b65e9935d3826bdfcc52d2 8c23856e65188812e895fb439eda3845090c12a5 17caa64a5a87f12ce36d60afcca5b39d89f7a06f837f2a1703a6282dd4129219 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 3553bf6eb340554209a4e3cb95d9b0e7 4816b3e1728a7fd0469406145f8f0bd656812e63 884e79de535f29e9e594793ca999fc2e7cd08260f3b28219f84d9f0df4e9ff0e Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash ff6ea730fd9c44d701b2e90749f51611 25d80fa641d5931587e09c86cfc3aa904174c4f1 d99cff33041c7046b1dd917a228cba5f1ab4f8adfc0b4a57c0abbc456b3a1dc0 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 02742a29cf3350f2d3450c8bac3a13a2 7ffbbc6a62b1c083d1c55dc320a512f2771f38bf 1ba6448e1bc6e0e791eee315fedda205f7c6e99a468dcb56ff90d9f80651f500 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	ScriptElement	3.4 kB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 326356f88e13d1daf0817c330da63151 9942f3faa4c54c6fafe73a2c7cb0cc46650e6995 57351d2d28c1a5731020d6da2dcbd37ba5e088bbdc1af6ce6abf9c93fe0d6f30 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	87 B	2025-06-07	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-07 05:38 Last Seen2025-07-15 19:39 Times Seen326 Hash ca5f6389ac681b6e6de07307e43d30d3 3f08fa276ecb93c4e2b6b9ac453b8067b827dd0c c772e84e2f70f0960ca70975b511adf67f51d7da70d11c6cf6e94654982b97f5 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.1 kB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 18:39 Last Seen2025-07-15 19:27 Times Seen7 Hash c0c979ff8418b6328f5a160c122a2a0e 5293c3734f4076ab6eeb4c16850c5d49a4792afc 1c9bd1f478e20d6b01e67eb7df160d7f1916b69660d6a8ec713aa9955fd27068 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash b03c7e8404fbab495a39b7792ea3212d 8026f852bfcce0900debfb7345d5c08a51dd6da1 aa366943d1aae14ce25d4ba1f487380b66458251db706e6a6d7e7cc07737e292 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 633fdd8aa6f207de8230a249cd6723b1 a9e77d235ab08d5024948e3a4c35e718e8435c69 986fa697cc74b1c2056ebba8fbf665aa4ed5358eae0785fed4ceb404f6852a60 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=95fba2a73d2356a5&lang=auto	ScriptElement	144 kB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=95fba2a73d2356a5&lang=auto IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 4b2aeb37beef192bf6b05b5f0da6bb31 2d7675d7183517da65f92e26a1aaffe319312468 5260f8f847a351521cd4e0299324a9b8bb03c81bd0c267f5b45742789715a96f Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	94 B	2024-12-12	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-16 04:06 Times Seen45249 Hash f47389d2f1abd47dbebeef3e2d3ae8a7 dde5aa75f9a647e73d3e2d3fdda68898f850f72d 30893b81b3c71cdbd5cf34b54fb52f8eef50b27d8a3f2498a28d2b89bd987fda Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	14 B	2024-12-12	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-16 04:06 Times Seen45824 Hash 33ff6022e88df59f8dfc9eb546435e9c 7f2ad96c0a1276fbc858c652a6e2d0b3c9d4d3e4 a1c845cab782ea7dec04543ec72e0b354cb8e9aae23acc02ee02b1832e3acd9a Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-15	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 94cff9b0117c00f512967ed245dd465b b627f1dc45aeace3ef70a4076b0835a345014688 11cd36aeab76fe20b4fa838e29ff38c13988cf5a8066b4b1b033fae8f864f58f Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen417199 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07 01:03	2025-07-16 04:06
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 04:06 Times Seen105424 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

	#2 Write - 51b18d6e5f77bb8ceb5e119ccd7ddc21	212 kB	2025-07-15 19:24	2025-07-15 19:24
Pretty Observations First Seen2025-07-15 19:24 Last Seen2025-07-15 19:24 Times Seen1 Hash 51b18d6e5f77bb8ceb5e119ccd7ddc21 7c458a85282d831c09581ce429fbb70f1dcb9cb9 4318769ce85348be6b0b04736a5f593226ef29d6fb889b32f0aea7963eae23d8 Loading...

HTTP Transactions (16)

URL IP Response Size

POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2106817483:1752604100:GTQnnp5F5yCT7w2ohM2axpGPNUMAztAGNOMGCoggeT4/95fba2a73d2356a5/l.XSK89NbXaKWTKdnJh07_TfBV4JV3x6rKF_Jnb3DXw-1752607417-1.2.1.1-u292a7RazoktxQG.TlG.g57HXWwJw_2jNIl6zTqXe5ha3ReBsjqYVLDTj0GdFb.a

104.18.94.41

200 OK

30 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2106817483:1752604100:GTQnnp5F5yCT7w2ohM2axpGPNUMAztAGNOMGCoggeT4/95fba2a73d2356a5/l.XSK89NbXaKWTKdnJh07_TfBV4JV3x6rKF_Jnb3DXw-1752607417-1.2.1.1-u292a7RazoktxQG.TlG.g57HXWwJw_2jNIl6zTqXe5ha3ReBsjqYVLDTj0GdFb.a
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
ASCII text, with very long lines (29696), with no line terminators
Size
30 kB (29696 bytes)
Hash
fcfd59dcf09e6d3a42cbaef64bfa1d42
8d357d81ecc6af9d05fb1d096eddeb39fdc1fde9
5a15c846c243e7702f8754a00b22ac0a67e10616ad141c3f035a0facbc4c0437

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2106817483:1752604100:GTQnnp5F5yCT7w2ohM2axpGPNUMAztAGNOMGCoggeT4/95fba2a73d2356a5/l.XSK89NbXaKWTKdnJh07_TfBV4JV3x6rKF_Jnb3DXw-1752607417-1.2.1.1-u292a7RazoktxQG.TlG.g57HXWwJw_2jNIl6zTqXe5ha3ReBsjqYVLDTj0GdFb.a HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
cf-chl: l.XSK89NbXaKWTKdnJh07_TfBV4JV3x6rKF_Jnb3DXw-1752607417-1.2.1.1-u292a7RazoktxQG.TlG.g57HXWwJw_2jNIl6zTqXe5ha3ReBsjqYVLDTj0GdFb.a
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 35191
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 19:23:44 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: UCoGdZuqzDYRFNt4OCzDckJHeCMtddxFVR76GclJGxF5e6ya4UUDpioP1GD40fl1$Qbr8jCzL4c/1LBOJ5SvUVA==
priority: u=3,i=?0
server: cloudflare
cf-ray: 95fba2d08e9056a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET krp1hvj.airgele.com/favicon.ico

172.67.159.114

404 Not Found

1.2 kB

URL GET
krp1hvj.airgele.com/favicon.ico
IP
172.67.159.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://krp1hvj.airgele.com/QX5240UwczqG1/
Certificate
IssuerGoogle Trust Services
Subjectairgele.com
Fingerprint8A:08:73:D7:85:EF:4D:FC:4C:1F:14:91:CB:73:85:F6:D1:6D:27:0D
ValidityWed, 02 Jul 2025 09:10:14 GMT - Tue, 30 Sep 2025 10:07:46 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1249 bytes)
Hash
f58515dfe987f7e027c8a71bbc884621
bec6aebf5940ea88fbbff5748d539453d49fa284
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Rockstar2FA Phishing Kit

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: krp1hvj.airgele.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://krp1hvj.airgele.com/QX5240UwczqG1/
Cookie: PHPSESSID=gqlfjk2jid4k3sf6dfeveci4cm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 15 Jul 2025 19:23:37 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FV2nPTj%2BucYXSQT5SLi57F0u2XpfOLy%2BetGw30qbuxJaCJXbhqt0QEu58eUUfus1I4RxauZifKDGpcnVHwb4Ih%2FNnmxibYjA6Df0hTeFCb9gqOY2pLLzR4dt9uw1z69kKYXT4fh5"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
vary: Accept-Encoding
cf-cache-status: BYPASS
content-encoding: br
cf-ray: 95fba2a729a7b503-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2579&min_rtt=652&rtt_var=2222&sent=119&recv=165&lost=0&retrans=0&sent_bytes=10927&recv_bytes=9409&delivery_rate=478629&ss_exit_cwnd=14902&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=e26ce137bb6d6982&ts=566&inflight_dur=55&x=40"

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1

104.18.94.41

200 OK

86 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced
Size
86 B (86 bytes)
Hash
70c202196187ab3c11b4e094c20c6de1
9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863
6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 19:23:37 GMT
content-type: image/png
content-length: 86
priority: u=4,i=?0
server: cloudflare
cf-ray: 95fba2a7be0456a5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

104.18.94.41

200 OK

285 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2106817483:1752604100:GTQnnp5F5yCT7w2ohM2axpGPNUMAztAGNOMGCoggeT4/95fba2a73d2356a5/l.XSK89NbXaKWTKdnJh07_TfBV4JV3x6rKF_Jnb3DXw-1752607417-1.2.1.1-u292a7RazoktxQG.TlG.g57HXWwJw_2jNIl6zTqXe5ha3ReBsjqYVLDTj0GdFb.a
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
285 kB (285016 bytes)
Hash
9a07b142395104a3dc55e7ec29e0d299
428c651d386fab00ea81bac1e50b2530266da039
ea970dd95bfa6902fcef268ed7246fa5066cf4683866218e7dbae229badf0a26

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2106817483:1752604100:GTQnnp5F5yCT7w2ohM2axpGPNUMAztAGNOMGCoggeT4/95fba2a73d2356a5/l.XSK89NbXaKWTKdnJh07_TfBV4JV3x6rKF_Jnb3DXw-1752607417-1.2.1.1-u292a7RazoktxQG.TlG.g57HXWwJw_2jNIl6zTqXe5ha3ReBsjqYVLDTj0GdFb.a HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
cf-chl: l.XSK89NbXaKWTKdnJh07_TfBV4JV3x6rKF_Jnb3DXw-1752607417-1.2.1.1-u292a7RazoktxQG.TlG.g57HXWwJw_2jNIl6zTqXe5ha3ReBsjqYVLDTj0GdFb.a
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3660
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 19:23:38 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: ymZ6xKduxoEObXBVSmeO6xB6xCJ/9uYvyvaVuecx6IThtrD3UP1UmbiWihDTx97PHpxFnmkMzgjCgetsJ5ezkr3RVcbeUyKgGcM+vaYJJV0HKs0E88ihFOZW3sehbMLWYPhoIWHxlremGPW2auDGByPU9ybYWwo2M+inqUVjI5fBWizgl9c3MUi4aS9y+dJpA7jl41oLc/EfLCmHJfL0t2GSYqOdY3UyiDZLzxqnpbsSCfdHKUc7FALb3FxhRzzAHUgx//YLiOh4nrikDYmQR6BRBljmenf4F2jF52XDw6xegNwBO1E3sRmInbX5wB3SMGdD1sE84jq6576O1Y1O0geS5ppu0jU3bT6BR4htte17/0UWgPkewavySuR/QXCxSzs+5YHhwd47kEx2aFhrJ17RCzYAasMi96C0UNKYWBXfmj4QzufoAQlARey9fJMSU+skRVYM5mUP2Yk5aryKyyqb4GzkiDx1hOs1CdEfWF0KlP+2f6sCrMFSCk8vg9eEO6FGXdVejsrNyPBbHIJ+L5v+lSo2Q7af3tXBifghG6HQWQUqPPa4EZj1hZ8ApfDXwqf35+Em/VV1DKvK9SoODkCYkjJE6f9QTXVXdgG3tqwaqdOifDhXBGgt+87oi7XPkI7yEi9MbmmgI7JOYDIxZiR0UCgS2RzMYaa8qGkPWrUEfvc9mEV+bBFNPP9hxRMvf2AoQfXjJ5N/iOBPCau4S+VT7o3I1i90b9qAj98y5h78iGnx8PxAq/pbr0dMIyWBuhMqP+37y4U1+EF9/9kVsw==$8YGcathvsBGotZ/5U1kJeQ==
priority: u=3,i=?0
server: cloudflare
cf-ray: 95fba2aaba0456a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET challenges.cloudflare.com/turnstile/v0/g/01a6b50f61fd/api.js

104.18.94.41

200 OK

49 kB

URL GET
challenges.cloudflare.com/turnstile/v0/g/01a6b50f61fd/api.js
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://krp1hvj.airgele.com/QX5240UwczqG1/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (48827)
Size
49 kB (48828 bytes)
Hash
707a05535c9f035d06963e6bd60b1bad
3dd101c54d1bd9ce2a3ee2d03284f95acde594da
ac0d4e7a101b3dca7dabdbb9c04424dd776496494730d046391ee590f3502713

HTTP Headers

GET /turnstile/v0/g/01a6b50f61fd/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krp1hvj.airgele.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 19:23:37 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Jul 2025 13:50:19 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
priority: u=2,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 95fba2a66bde56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/95fba2a73d2356a5/1752607418065/-JTTOXkmfbLuU40

104.18.94.41

200 OK

185 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/95fba2a73d2356a5/1752607418065/-JTTOXkmfbLuU40
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
PNG image data, 21 x 16, 8-bit/color RGBA, non-interlaced
Size
185 B (185 bytes)
Hash
5e1abf724e60831d025c139c7bf45a5d
697fae4b328694838a2b4f7a2bff4c60924a60aa
d4240a3f7a72d63a97e6b6ce7eae02a9b8fd373cc56e870cef138252d7f06c35

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/d/95fba2a73d2356a5/1752607418065/-JTTOXkmfbLuU40 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 19:23:42 GMT
content-type: image/png
content-length: 185
priority: u=4,i=?0
server: cloudflare
cf-ray: 95fba2c759ad56a5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET fatjonashkambio.ru//

172.67.157.125

200 OK

282 kB

URL GET
fatjonashkambio.ru//
IP
172.67.157.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://krp1hvj.airgele.com/QX5240UwczqG1/
Certificate
IssuerGoogle Trust Services
Subjectfatjonashkambio.ru
FingerprintEC:08:C0:0B:9F:27:7C:74:D1:B7:8E:17:62:18:79:04:01:F2:41:34
ValidityTue, 17 Jun 2025 03:38:10 GMT - Mon, 15 Sep 2025 04:33:08 GMT

File type
Arhangel archive data
Size
282 kB (282084 bytes)
Hash
2bf058d1b97f9e07faf9abbbffdc5fd9
4604446cf8b6dfcc497774e32b49eb4ddeef5508
98ab3b9dac370b73e2c8b0ec6b2dd24af9f765b908df8d872e947fe65dadf2c9

HTTP Headers

GET // HTTP/1.1
Host: fatjonashkambio.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krp1hvj.airgele.com/
Origin: https://krp1hvj.airgele.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 15 Jul 2025 19:23:53 GMT
content-type: application/json
content-length: 67722
x-powered-by: PHP/7.3.33
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
server: cloudflare
x-turbo-charged-by: LiteSpeed
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=JOtdqSzvwFiRAF0iBOldCvCBLXI4XCt7f70SlsilJoQydhaoyYLoLq5SnrvEkyfAcprf1Y22e%2FkAGRJhfzo6hFb%2BVhqNPKyc02lIppHOkg4%3D"}]}
cf-ray: 95fba2f9ed4f569d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.25.14

200 OK

90 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://krp1hvj.airgele.com/QX5240UwczqG1/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://krp1hvj.airgele.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 15 Jul 2025 19:23:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
cf-ray: 95fba30eae020b45-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 411450
expires: Sun, 05 Jul 2026 19:23:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yBmsZcc7B4PyArFZqzPRz30WBQoOGSIyw9E3Usd5giJPwL%2FqSW3UqUzr9WrdywvjRVekCQv6ujF9oy5Yx47KgFOWIX7s%2BrGlalYKVWFSbeYEP8QWNs%2Fb1ZwltsUUx7TZ4mNrpTCL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET krp1hvj.airgele.com/QX5240UwczqG1/

172.67.159.114

200 OK

640 B

URL User Request GET
krp1hvj.airgele.com/QX5240UwczqG1/
IP
172.67.159.114:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectairgele.com
Fingerprint8A:08:73:D7:85:EF:4D:FC:4C:1F:14:91:CB:73:85:F6:D1:6D:27:0D
ValidityWed, 02 Jul 2025 09:10:14 GMT - Tue, 30 Sep 2025 10:07:46 GMT

File type
HTML document, ASCII text
Size
640 B (640 bytes)
Hash
9968b4f1d0a6781c88c2f18e6cbe0eff
c9beca4204cc33e4e9a53ace450a33dab296e623
cd6ce2c626866d48cbf2e36b6195a9a64bbd34c292af3b8606b5af52545a53c1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Rockstar2FA Phishing Kit

HTTP Headers

GET /QX5240UwczqG1/ HTTP/1.1
Host: krp1hvj.airgele.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 15 Jul 2025 19:23:36 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Mv%2F0gvs5iTCnmdUne84pAbzOquwkZAMdHHOIE49kwkIjb5T58Vy1ucAVZhwj580IWlP2jBS3%2BBJybECiptQaw8e7H8by92kBqkpTWgnqy6Qw"}]}
vary: Accept-Encoding
server: cloudflare
x-turbo-charged-by: LiteSpeed
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: PHPSESSID=gqlfjk2jid4k3sf6dfeveci4cm; Path=/
cf-ray: 95fba2a39bd17129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/95fba2a73d2356a5/1752607418063/92d11fb01215c13728289835bc6effcf0506e0a80887492e868570a7422fcd62/JAEZiU5IcFQ6ez7

104.18.94.41

401 Unauthorized

1 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/95fba2a73d2356a5/1752607418063/92d11fb01215c13728289835bc6effcf0506e0a80887492e868570a7422fcd62/JAEZiU5IcFQ6ez7
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/95fba2a73d2356a5/1752607418063/92d11fb01215c13728289835bc6effcf0506e0a80887492e868570a7422fcd62/JAEZiU5IcFQ6ez7 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 401 Unauthorized
date: Tue, 15 Jul 2025 19:23:42 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gktEfsBIVwTcoKJg1vG7_zwUG4KgIh0kuhoVwp0IvzWIAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIJLRH7ASFcE3KCiYNbxu_88FBuCoCIdJLoaFcKdCL81iABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIJLRH7ASFcE3KCiYNbxu_88FBuCoCIdJLoaFcKdCL81iABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArFBSpY0YPcNslVpklXsEb2gfZsCpmIVdQhoS4K7cHrhquWhyk4MLkyi7_s6aWrx_Xf7HlTYTdYhnNJYeSmBvNR-rT9Jr-vgHew2EKxCRkzFMKPiBFgHMw6CQNwFmH4vtDoB7QjzQGuScPRdzh7kPu8509ew2xkFnr9tjB-6n7HM01yE-AK-YLGAsO2pnr7E7uB1wVPOxxon_JAZ3bYOfTUgjOOdXlFNC8lcuocjbz6S74A95qx_Ud-iEvXXfOoBv5KLuG4xndLeZHQmGd8Zt7VxbSldzBAmsB7NLLExZxPD-x71RLAY9HVS2lcMOPbQ3diWMBwpfS95tytYOn-a5rwIDAQAB", max-age=20
priority: u=4,i=?0
server: cloudflare
cf-ray: 95fba2c37c5656a5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

POST krp1hvj.airgele.com/QX5240UwczqG1/

172.67.159.114

200 OK

1.7 kB

URL User Request POST
krp1hvj.airgele.com/QX5240UwczqG1/
IP
172.67.159.114:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectairgele.com
Fingerprint8A:08:73:D7:85:EF:4D:FC:4C:1F:14:91:CB:73:85:F6:D1:6D:27:0D
ValidityWed, 02 Jul 2025 09:10:14 GMT - Tue, 30 Sep 2025 10:07:46 GMT

File type
HTML document, ASCII text, with very long lines (506), with CRLF line terminators
Size
1.7 kB (1742 bytes)
Hash
e0cd114e0d31c01cfd658890b89cd0c4
e9043a64a7d6c012199419c0e61faa32d7a08265
5c2fb8497ec16cf46379e00b3e4f439e99a8b7b52a18eabdef53e477a89cce1a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Rockstar2FA Phishing Kit

HTTP Headers

POST /QX5240UwczqG1/ HTTP/1.1
Host: krp1hvj.airgele.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1030
Origin: https://krp1hvj.airgele.com
DNT: 1
Connection: keep-alive
Referer: https://krp1hvj.airgele.com/QX5240UwczqG1/
Cookie: PHPSESSID=gqlfjk2jid4k3sf6dfeveci4cm
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 19:23:50 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xe4k%2BR8yqS674upOxbps5RCf9KQ%2FxFvNufln378sBBLrhvMpKaZIqF5twgvRK37Ic2rn9qgKdb3jf4S5ToEfs%2B9DvGYwWC48K7B4tdTG84g%2F5KRQEfIYo%2BAwS1jPR8QROMjimLdK"}],"group":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95fba2f61a93b503-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2485&min_rtt=652&rtt_var=1422&sent=123&recv=169&lost=0&retrans=0&sent_bytes=12367&recv_bytes=11004&delivery_rate=478629&ss_exit_cwnd=14902&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=e26ce137bb6d6982&ts=13561&inflight_dur=80&x=40"

104.18.94.41

200 OK

5.0 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2106817483:1752604100:GTQnnp5F5yCT7w2ohM2axpGPNUMAztAGNOMGCoggeT4/95fba2a73d2356a5/l.XSK89NbXaKWTKdnJh07_TfBV4JV3x6rKF_Jnb3DXw-1752607417-1.2.1.1-u292a7RazoktxQG.TlG.g57HXWwJw_2jNIl6zTqXe5ha3ReBsjqYVLDTj0GdFb.a
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
ASCII text, with very long lines (5024), with no line terminators
Size
5.0 kB (5024 bytes)
Hash
7b4a5016fdf19610b550c96a1341d0f2
eb192e950bbb0c3fdeb5ec7cb364de6442a8d48d
4413a0b43024a4b65ed559f7c64d1f8d4420a7bf7cced54b70ad8885a4f64d0d

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2106817483:1752604100:GTQnnp5F5yCT7w2ohM2axpGPNUMAztAGNOMGCoggeT4/95fba2a73d2356a5/l.XSK89NbXaKWTKdnJh07_TfBV4JV3x6rKF_Jnb3DXw-1752607417-1.2.1.1-u292a7RazoktxQG.TlG.g57HXWwJw_2jNIl6zTqXe5ha3ReBsjqYVLDTj0GdFb.a HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
cf-chl: l.XSK89NbXaKWTKdnJh07_TfBV4JV3x6rKF_Jnb3DXw-1752607417-1.2.1.1-u292a7RazoktxQG.TlG.g57HXWwJw_2jNIl6zTqXe5ha3ReBsjqYVLDTj0GdFb.a
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 44802
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 19:23:49 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: HB2Fnj6a4Z+INPg5sBKO3t0hFvZh3VugnELxZrHdmI1wwAEfVLGM5HCqTYGnFdHvdPCmnHvOBZcicshuS4CepQ==$CMmR5gwpxRxqP+NMDq2SYw==
cf-chl-out-s: VeGhyqGicBSOX7bLK/wjZWUc2dBjQZ2iTRmOr+6iVSqMIJItxPbiceOBQLjyD/oG/TvD0vncUjm8SMbU/WT1zrT4rIJHgNi689HYxuzRrIyVTlG+FyhelLR8E5L9PsWgZOfsr/xOexiTQY0loTvfKH7ERvbEs+wM/KWwkjTt/4cbVw59EBslo5lgFd+rhEOw2ppgl59nOG65+eE4RFS3n+27kp8kBKX0j4V23RQxmpUWMFkrf6skZiLoZ+YQlCfjmcG8pjxdquSCIaVZ77mV+Ms5oYcOVta+37EmuIHBhPPys9JOfsZ0b1GUr4GIU0LFJdk1HJDQDlpFdcJsS6mMkBB7JPj9STpTapejnKhC26XrDv+BMLTZsIsnA6djxvtCx1HKwGYPgndbx1/jrBcm68pyTNkdd/FgmQqb5lZ3loKHmTCYpBVT2l3rSLUmCalET+LzLqduQQoPPkcM5Ov0lMjN2le/b/wHQOn1OTTRgbf/h8SDNULaTpGOQ3QaUZX8mdDDtiTqp0Mv4AFcdRzmqlwArNZQ3Nz0mst0KefnpCIx840C9GyRhfHGIFB+mbNS4rRd0nyhkvROWiaQE51SOYiygNVoQfdDnWlBxIGdv8eOqyY/Pp/h3/pVkdu11xLY2tdDO87kZ/dQWw9J7MQZ7MHQe4dgsFncBtfGUk206KtEzIdks9YTJ5265ejEhhbMxjiB6D5AK99GHLMIleecPSD5gceqZcg/aTvLCKb0ICzn5+2mc/SawDaIgioqaB6oM4GLjyN2IaMgnOq9OM08fWR0j8zOnkjvApH3HCN4XVu+ahLiSwQ1rJ/hYtXtFeNVRK5GU1aaq+veY8orpCsn3T8B8N250LEOdixYnYqgLtES+YXHvzKNmgBa84cJb0aRBotJKDmDbZizX+yoHLkzYN03cZ7cWyGnHuyYAw27k75v/oBT3vIfE97yEvlacunZZLRSxNy2Fy6akPwK8nR26wxbc3ztniLwBjb71iCISNr8R3gtSGvP1n/f6wSWjlzCfCCz9uOHoqEfPXzvjbSuHczfOOETAjuO2iJWG4K/90vTRtYyt3jd79/YJj2K6O0HZjUhSVq3jRFGi/aBxAHypCWW5RsbZ5ZtJHVXc02qM0XL8ByBW+uhKe4rw2X4w86M86BtR3JpzSqnkIuUYzUTPaFXRxzuXloh4q5z3i6y3JC2q3jz+BMJ9FoSQdeRvUBB/qctya7vOgFyuGlRBvhVkEKzA9tpvLZb28dv8oz7mkSK1snqYoF9cyzbuaiXHdcZKFgdCe8Diuu0cg78aY8iu281oSmmrq5JGfbQJsAhnAM=$du6iWaa0LtnsrybNdUu9bQ==
priority: u=3,i=?0
server: cloudflare
cf-ray: 95fba2f51eaf56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET krp1hvj.airgele.com/favicon.ico

172.67.159.114

404 Not Found

1.2 kB

URL GET
krp1hvj.airgele.com/favicon.ico
IP
172.67.159.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://krp1hvj.airgele.com/QX5240UwczqG1/
Certificate
IssuerGoogle Trust Services
Subjectairgele.com
Fingerprint8A:08:73:D7:85:EF:4D:FC:4C:1F:14:91:CB:73:85:F6:D1:6D:27:0D
ValidityWed, 02 Jul 2025 09:10:14 GMT - Tue, 30 Sep 2025 10:07:46 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1249 bytes)
Hash
f58515dfe987f7e027c8a71bbc884621
bec6aebf5940ea88fbbff5748d539453d49fa284
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Rockstar2FA Phishing Kit

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: krp1hvj.airgele.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://krp1hvj.airgele.com/QX5240UwczqG1/
Cookie: PHPSESSID=gqlfjk2jid4k3sf6dfeveci4cm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 15 Jul 2025 19:23:50 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=746v%2BeqBCDXM9SQnMuMWKt6cfhkDRVnT1VOrZQ4kKydI4F3HHPkL8E2i8rx4VIwjmPgbGlvKWsH0SriqHQk%2BTX0eG9d%2BRGbgaNdcyQuVRiubB0oeZSh6SLAv6Liyuj%2FAyTZfCybl"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
vary: Accept-Encoding
cf-cache-status: BYPASS
content-encoding: br
cf-ray: 95fba2fa0ab7b503-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2314&min_rtt=652&rtt_var=1408&sent=126&recv=171&lost=0&retrans=0&sent_bytes=13964&recv_bytes=11382&delivery_rate=478629&ss_exit_cwnd=14902&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=e26ce137bb6d6982&ts=13799&inflight_dur=84&x=40"

GET challenges.cloudflare.com/turnstile/v0/api.js

104.18.94.41

302 Found

49 kB

URL GET
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://krp1hvj.airgele.com/QX5240UwczqG1/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type

Size
49 kB (48828 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://krp1hvj.airgele.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 15 Jul 2025 19:23:37 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/01a6b50f61fd/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 95fba2a5e8fc5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/

104.18.94.41

200 OK

27 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://krp1hvj.airgele.com/QX5240UwczqG1/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
HTML document, ASCII text, with very long lines (27220), with no line terminators
Size
27 kB (27220 bytes)
Hash
9cc7c62b5cd3d2ecc1016eff2a5da0d3
8d95a6a78f19777afe3f5425c31670b034cef2b7
666b1c170d9a3a8114f02b68bf324626d62a85f7368587360bd03c7d334be435

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://krp1hvj.airgele.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 19:23:37 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-tR9jThSDfcAA0Cyl' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 95fba2a73d2356a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=95fba2a73d2356a5&lang=auto

104.18.94.41

200 OK

144 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=95fba2a73d2356a5&lang=auto
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
144 kB (144253 bytes)
Hash
4b2aeb37beef192bf6b05b5f0da6bb31
2d7675d7183517da65f92e26a1aaffe319312468
5260f8f847a351521cd4e0299324a9b8bb03c81bd0c267f5b45742789715a96f

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=95fba2a73d2356a5&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/miipt/0x4AAAAAABiWnevxgBS7kCMy/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 19:23:37 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 95fba2a7ee3a56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (60)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML