pporh693jb645514274d8fc.tkdref.ru/
104.21.18.37403 Forbidden 7.8 kB URL User Request GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/
IP 104.21.18.37:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3012)
Hash 616ffcf7909dc62d570c67ef49b05e37
f6fa07b6ed74a1a061e883082735d14770ef8fe2
5d2268f2e31d501e8ebbecffc3decefa5b52cee2a62e678a43132e5159e0a9ac
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Wed, 24 May 2023 20:34:36 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlBhHnfHrXZU5ozc6KiFRgxuXCaMmp1ic8cNyg0mwK0CZt9UmND6Dntb6w1ESyz5uyINpECzFWbgh54yR6leBoZNG0H97ARG5pwpWwWwlGZ2rO7LAThoFAM7raytoQl%2FcGtnI85GI%2FkgQsNnVzvoqXo%2BHh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc85202be7efab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/styles/challenges.css
104.21.18.37200 OK 2.6 kB URL GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/styles/challenges.css
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type ASCII text, with very long lines (6600), with no line terminators
Hash 2c78b7f8fa496092bf41d5edd51611e7
8b0b1b276e8194b0a5497db478ec2ea9b4f83c42
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 20:34:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 14:44:50 GMT
ETag: W/"64678b62-19c8"
Server: cloudflare
CF-RAY: 7cc85204de83b509-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Wed, 24 May 2023 22:34:36 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cc85203bffcb50c
104.21.18.37200 OK 42 B URL GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cc85203bffcb50c
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cc85203bffcb50c HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 20:34:36 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 14:44:50 GMT
ETag: "64678b62-2a"
Server: cloudflare
CF-RAY: 7cc852051edcb509-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Wed, 24 May 2023 22:34:36 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cc85203bffcb50c
104.21.18.37200 OK 55 kB URL GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cc85203bffcb50c
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type ASCII text, with very long lines (65536), with no line terminators
Hash adedaf8357b8dfff73964e97a291226d
2f26433d4978f2758f5a4404c20cfd9d82c94ebd
c5b3639a7fc8dc71055c31a5506ce5689b8cdda55a569233d2f4399cb05997e6
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cc85203bffcb50c HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/?__cf_chl_rt_tk=6bHo7FWg25ND0FgsR9Oj6mzmVLzUN7GnpirQdSjciNU-1684960476-0-gaNycGzNBns
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 20:34:36 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ne4rM4p3SfErvCfNeduS1fkUd9F8O5L9cwVd2uYvcYrJcUMYFOpGcCxdrOF1s2nQ8RuC5YUxuRr14xpb%2BmZfZauCpmiCE%2BvjKs9oA8%2BMaBHhjNatZgbTLaj7XdCUo9r9ISXNOGcJwM0zqlowUvYGXt67asE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cc852051ee4b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
pporh693jb645514274d8fc.tkdref.ru/favicon.ico
104.21.18.37403 Forbidden 3.6 kB URL GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/favicon.ico
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1732)
Hash 0cc8e93711d9b07300a88b970f7a6e1a
cc6595ff6cfae29a050d483434c93ccd0dd45cb3
f0602fc7bb87e6372def0f0231962c9356294175b714950b41935e7909924070
GET /favicon.ico HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 24 May 2023 20:34:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9o5aOPp%2Bht7oPQ2D1CbS3UNkXEIchEKHGaZE9exvNUprf%2F5CZhMEpAVXLPNeb6lU7zhNoj1ahgwh%2BpMXXBzUeYlfid4xEaB8mICacCSqgykJVo%2BAs59nOYXlVgp%2F66XVzpgpoV%2FkUCrEu375lbFXDa7u0I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cc852054f37b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
pporh693jb645514274d8fc.tkdref.ru/favicon.ico
104.21.18.37403 Forbidden 3.6 kB URL GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/favicon.ico
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1732)
Hash 740bba4d9536121ed02fe0660ea2267a
6508f375b26f09fbc4ebfcd0c53da8135feb9dbf
1185f4398b884923e77a0105314a1fc6dbdfb19cac4bc74f8f168f924471d2c5
GET /favicon.ico HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 24 May 2023 20:34:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pm5s4UJmMgjuK3f1K5i3Q8lBHT1uapC5e3O0H4zVbzJx0cP%2FxJS6StA6JdP%2FmYf6oNpFPtgSi%2BEZ%2BpjGVClGJNh1GmOmaJwXUWH01UQtbdGJxUO1vAe0hnC0UdVXNg5ZGNOttoiRVNdKUiomE5%2BlkrdLA%2Fw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cc852059a7ab518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 11 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:443
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (15748)
Hash 2a1262ba5cd32899831d483322a28dd7
3805876db8773ed5820043e1f39b0b6c049f61b2
2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0
GET /turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pporh693jb645514274d8fc.tkdref.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 20:34:37 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc85205baa7b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1095425260:1684958903:XlXZUP_azgv4mQ3oObH5n5OAPCREFBnjKg65wBTrCKs/7cc852069bc2b52d/132f0db77f07fe8
104.18.6.185200 OK 13 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1095425260:1684958903:XlXZUP_azgv4mQ3oObH5n5OAPCREFBnjKg65wBTrCKs/7cc852069bc2b52d/132f0db77f07fe8
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ev5af/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (13184), with no line terminators
Hash c1b2854a335340e15b4b32189cc89925
91774424118ee7083a9921e8fdede815f5b9d608
857b29c744100cc86f777743056886af7efbbb2e380f63469282be7efbbf50de
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1095425260:1684958903:XlXZUP_azgv4mQ3oObH5n5OAPCREFBnjKg65wBTrCKs/7cc852069bc2b52d/132f0db77f07fe8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ev5af/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 132f0db77f07fe8
Content-Length: 18321
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 May 2023 20:34:38 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: xTvqi6pg14Fv5E58xZ6YDfw/Vq788soBs06U8cvWyxTV72nm/r9rGAckg2llvewk$ujHYLKMSabdVxM62JvBFrQ==
server: cloudflare
cf-ray: 7cc8520e7facb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1985466320:1684958830:34PJ_SeKTiepcunKmQZsBxe_5UC8sRdowF7LVkQ_Xzs/7cc85203bffcb50c/bce4ae1bd610852
104.21.18.37200 OK 7.4 kB URL POST HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1985466320:1684958830:34PJ_SeKTiepcunKmQZsBxe_5UC8sRdowF7LVkQ_Xzs/7cc85203bffcb50c/bce4ae1bd610852
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type ASCII text, with very long lines (7416), with no line terminators
Hash 71a8ea2cb8de7b25526b1a0e329f2b5f
92930a7d8f558a41e04bd226566316c8014faaad
2e36f25c8f8d280692664b49f097382faaedd36e60567a9e3a3cff9245afab94
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1985466320:1684958830:34PJ_SeKTiepcunKmQZsBxe_5UC8sRdowF7LVkQ_Xzs/7cc85203bffcb50c/bce4ae1bd610852 HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/
Content-type: application/x-www-form-urlencoded
CF-Challenge: bce4ae1bd610852
Content-Length: 1754
Origin: http://pporh693jb645514274d8fc.tkdref.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 20:34:37 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: uFFU7dNGxl/nqxnJJdxI2xt1BDyqTXVTL38WMEFoD+CV5gd/hQxxYHWCYcXF9dHs$YE82mhfLk7wwT8nv6+0Mlw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5nukboVNAhmpzmqbC819RxWuJntOAjRt1j4HwvTtFF02Bd3%2BpluUGSTHNN0G3EZ0zWsQQFqiyrvJXtrhpZJINGVIEgFP71IhXDsq%2B0gowRo2kgf9Ij7UbLG%2BSLKjC4dsrCcC6bS%2BaFr9Sq7c6chI4Fb2TM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cc852063ce1b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ev5af/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
104.18.6.185200 OK 24 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ev5af/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP 104.18.6.185:443
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10899)
Hash 7894cb2e49567e69fd57c18305eb41a8
90c143dd5587d3ae0857eb24d060ce52898fe9b6
da6a4f9df2b293633f0866c05c46b1fc3e12f73223e8e292e769807dda1ca9dd
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ev5af/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 May 2023 20:34:37 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7cc852069bc2b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1095425260:1684958903:XlXZUP_azgv4mQ3oObH5n5OAPCREFBnjKg65wBTrCKs/7cc852069bc2b52d/132f0db77f07fe8
104.18.6.185200 OK 114 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1095425260:1684958903:XlXZUP_azgv4mQ3oObH5n5OAPCREFBnjKg65wBTrCKs/7cc852069bc2b52d/132f0db77f07fe8
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ev5af/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 114 kB (114376 bytes)
Hash d96df6c49ab83c35e86912306cc3393c
09241337d17f26bcd753c0a3cea62d8703f7d6f1
acb888f2f28973a6799a47097fafd527b778a5ad74b5e297653c35f4b7066e2b
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1095425260:1684958903:XlXZUP_azgv4mQ3oObH5n5OAPCREFBnjKg65wBTrCKs/7cc852069bc2b52d/132f0db77f07fe8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ev5af/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 132f0db77f07fe8
Content-Length: 2731
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 May 2023 20:34:37 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: nVEnRCwIeL6BCTpySAt3oX5Nife5Towl/YVjSWGZ1eWHilRzTmIgnZ9oaOSFPX3DW9dqFJNlqrKWMnagGjAoY6VVI7WG6FLedk+KyrAWtSN9vcAWC/PFY3V9ANmFuCW8z9yQ3NEClAeryQqGXy7sWBzdRldPd/nlaLRkweSeGFl8+VVLrKwoDoQ3MrUH0/fTpDSSxijNeyRLXLmUnXylV0KrT9/FqDmWq6KYjLfFLmJTiFj57YinHXDHpYWBTVRPpxnXqrq+4Z2vrJHY/+9MZJBy8t9e/ziUUCrUc2QA+2gyTS/3JxaetXLweNrpYGFhft4gYOQ+wrwxLc3hkosK1ZDjKu6GmFnqfMzzKR6HtBvjBZC+xeQbdqi1Kq4EYh2wkUDjwDhu2yie/IVqg/QefVs66dgnvbm4vJ21Jzg0vP4Ew7we9I+KE6sY2jbsQtIeJZnil4ONSsThBMrpHTYsAg==$9VFeIy4Em0fERBFsfX+3ng==
server: cloudflare
cf-ray: 7cc852083e23b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cc852069bc2b52d/1684960477486/PSrsccO1BiTYe5V
104.18.6.185200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cc852069bc2b52d/1684960477486/PSrsccO1BiTYe5V
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ev5af/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type PNG image data, 5 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 2e26cd017555852dae9c9ee676404312
ef8b542b20910608997fbf85aadabfd78d4afc6e
9f81ffa213021c337def3456237de9814f1f9c0bbc326543dbffb94e9b80cf02
GET /cdn-cgi/challenge-platform/h/b/img/7cc852069bc2b52d/1684960477486/PSrsccO1BiTYe5V HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ev5af/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 May 2023 20:34:37 GMT
content-type: image/png
server: cloudflare
cf-ray: 7cc8520a898cb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cc852069bc2b52d
104.18.6.185200 OK 161 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cc852069bc2b52d
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ev5af/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 161 kB (160976 bytes)
Hash f62cf7dc1e77997c11cb60687fb3c1a0
473cb512f91f4d54f8c873ab19ad6ca72ccee20f
6b5c998eb35a356b49ae947632345a399df0d92b18aeb674c8981442cdb8d5f3
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cc852069bc2b52d HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ev5af/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 May 2023 20:34:37 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7cc852070c5fb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400