0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net
104.21.88.100403 Forbidden 3.6 kB URL User Request GET HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net
IP 104.21.88.100:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1790), with CRLF, LF line terminators
Hash a986b80764895f8a7f5328f25ddf8192
f655d1a5d2f7a9a7b784e74eba23047407222ee3
5864b7fb6a2343731eb30b2660fc58e8f8d78ee6ebafbac1f8a8ed913a859140
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Mdavid.simmons@slurpmail.net HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 May 2023 17:41:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEkFGr2LHG%2FZ7GDbzTM5Y0IE%2F0txD2p7yN7JoNMeCXjCB3Xlf8vn6HEkKAcyxgJk1l6kKU0pb1BQSIeoqqheScSTfZi3X4kVT7N3CZsQfBZh%2BS0iWvDrgg5mL2zohYXmvgV9dsjwAklsjRVGa0QhgIdXqEE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cd7cfc859c2b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cd7cfc859c2b527
104.21.88.100200 OK 42 B URL GET HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cd7cfc859c2b527
IP 104.21.88.100:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cd7cfc859c2b527 HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 17:41:54 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 25 May 2023 08:39:03 GMT
ETag: "646f1ea7-2a"
Server: cloudflare
CF-RAY: 7cd7cfca092ab509-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 26 May 2023 19:41:54 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd7cfc859c2b527
104.21.88.100200 OK 54 kB URL GET HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd7cfc859c2b527
IP 104.21.88.100:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net
File type ASCII text, with very long lines (65536), with no line terminators
Hash f3c5f45a89aaf812c93847c744077aeb
4bae7181756e09b382d83df96543710c4c8d7db2
014fead8da13fa765f4d53d743a2b8673677828fb23b99042b55595cae27a9d0
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd7cfc859c2b527 HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net?__cf_chl_rt_tk=MiGTTL3HHhfHzKeOo9.B2vYuDLCisIiik2LVQ07VLxM-1685122914-0-gaNycGzNBtA
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 17:41:54 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1b37LMQ3Ed0Loz%2BrkjD89jet5S3Ul6Zgfvn%2FZ5YbAzjP56lrDCzbusN7%2BNy4pbO1tVYpnRdicj9FQsf9t6CrZFne6YGj8NUnH9GdMCZNmrE44J3LvR859LOQqeeDueXy3qVgur0woVlyQPl06xL9%2FD5kDc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cd7cfca18f0b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
0gpilhhtlb646b2a32a499c.ocupac.ru/favicon.ico
104.21.88.100403 Forbidden 3.6 kB URL GET HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/favicon.ico
IP 104.21.88.100:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1833), with CRLF, LF line terminators
Hash 560194a0d507aac4f0d8bfb62c36323b
d5f4223ba6c97851ca737389de94aed603053c0f
727b8f351d74347ef7aa24f02e247e2c6f788b30f1b24c30fd5c3450cee1cc8b
GET /favicon.ico HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net?__cf_chl_rt_tk=MiGTTL3HHhfHzKeOo9.B2vYuDLCisIiik2LVQ07VLxM-1685122914-0-gaNycGzNBtA
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 May 2023 17:41:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdIdqrezyV6LVnAK006pynLHpy1XiKqruPbN5NnVqdLHARr%2Fo6QozYOYmT%2FJAVEV3r8qoG9A346Mb%2B95eh9BPApL26klN38a5tqyUaWU%2BwZED3nlnDpryWLIh9G9o2SWpQ1w0qn9NV2h80UBXdDsGpkTyr0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cd7cfca5951b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1936539014:1685121098:z9XCbX7hKykX0UYhht7uEY3O59lx4x0gMkgbEwL6PS8/7cd7cfc859c2b527/830a10534463730
104.21.88.100200 OK 5.6 kB URL POST HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1936539014:1685121098:z9XCbX7hKykX0UYhht7uEY3O59lx4x0gMkgbEwL6PS8/7cd7cfc859c2b527/830a10534463730
IP 104.21.88.100:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net
File type ASCII text, with very long lines (7400), with no line terminators
Hash 0370b9beeffc4331adcd83b4888995c4
2f6dfbfd007b500559be803d3b81b45a40ff9f52
5433eeb02467737d77b384843d2f4054e018bba994484cad1765b2dcf2083cb1
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1936539014:1685121098:z9XCbX7hKykX0UYhht7uEY3O59lx4x0gMkgbEwL6PS8/7cd7cfc859c2b527/830a10534463730 HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net
Content-type: application/x-www-form-urlencoded
CF-Challenge: 830a10534463730
Content-Length: 1799
Origin: http://0gpilhhtlb646b2a32a499c.ocupac.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 17:41:55 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: Fn3RcR+Zb3IhbX6xC++5Qn5pZfAmL5Pm39lytUbhWwlFopOUyqI+U3C+tNLCHw8E$n36h+j1mSW80EwOLwvv6Cw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXVCNNJuK97%2Bau0%2Faidr3Xi1AgkmatdLChkZm063xnESIaiY7WC%2BlglAxps3vJZJyIP3ZQh59ux2VD2u078YTDtWoib1t9%2FAnhIOcZhQFsedOtPEIg%2FnPJ7ZS4ipUkzC4l0C1O7ZX37beojr0rS82TdWpgQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cd7cfcb4ab5b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 16 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:443
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (15748)
Hash 2a1262ba5cd32899831d483322a28dd7
3805876db8773ed5820043e1f39b0b6c049f61b2
2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0
GET /turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://0gpilhhtlb646b2a32a499c.ocupac.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 May 2023 17:41:55 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cd7cfcaa828b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ges9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
104.18.6.185200 OK 24 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ges9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP 104.18.6.185:443
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mdavid.simmons@slurpmail.net
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10899)
Hash 3c9c26fa912df1a3cde38b9b35da98bd
81fe681f61cfc803844bad6d206d6652368cfbed
02dd923da3d03e6d3cbb53c7db0748fed5c55b071e3200efc3a14fedacc01d26
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ges9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 17:41:55 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7cd7cfcbbeacb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7cfcbbeacb527
104.18.6.185200 OK 162 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7cfcbbeacb527
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ges9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 162 kB (162221 bytes)
Hash b55b0653f97ecb6b30ef7a9cfd6079ce
062c8354d31790524bda8465c100dffdfa93bf45
cb8a30731d4a10a980f8dd22e86234f4560bedfce28c8e34e489bd3781b534a4
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7cfcbbeacb527 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ges9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 17:41:55 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7cd7cfcd08a5b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cd7cfcbbeacb527/1685122915598/KqKCCTQv5kynZSl
104.18.6.185200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cd7cfcbbeacb527/1685122915598/KqKCCTQv5kynZSl
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ges9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type PNG image data, 63 x 78, 8-bit/color RGB, non-interlaced\012- data
Hash 07d5ef37e29ae7447845ff6d4fc62121
371f9d56ba03c2cfa0417b8094c35513d0d0069e
7e7d72b58268090724347c88b947f11fb6e5d161bf99cf95688a305e6a8bbbfa
GET /cdn-cgi/challenge-platform/h/b/img/7cd7cfcbbeacb527/1685122915598/KqKCCTQv5kynZSl HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ges9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 17:41:55 GMT
content-type: image/png
server: cloudflare
cf-ray: 7cd7cfd00de4b527-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1461085158:1685120957:WUS0tlR2oIU1XLy8oxzSkR1dVMGGOybewlSTjrkv3dE/7cd7cfcbbeacb527/9277c1d7252d3d7
104.18.6.185200 OK 13 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1461085158:1685120957:WUS0tlR2oIU1XLy8oxzSkR1dVMGGOybewlSTjrkv3dE/7cd7cfcbbeacb527/9277c1d7252d3d7
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ges9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (13216), with no line terminators
Hash d5051fdc09eaf0c1d15547086fdba67d
d165399b36fb204f8b29b4b2d47cf4fc216c9c80
fb6a50e0ea221d26f079838b371a287c7a15c4539516256b2f9e1f72d78fd585
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1461085158:1685120957:WUS0tlR2oIU1XLy8oxzSkR1dVMGGOybewlSTjrkv3dE/7cd7cfcbbeacb527/9277c1d7252d3d7 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ges9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9277c1d7252d3d7
Content-Length: 17349
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 17:41:57 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: aTc3lwmak3lf1sH0TSlRFHPjWKalOCSYgiySpHjAh8eLfWi4cgnh95nvPqPnTKuA$gZm88Yof4j4t67CseyOfxA==
server: cloudflare
cf-ray: 7cd7cfd7a984b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1461085158:1685120957:WUS0tlR2oIU1XLy8oxzSkR1dVMGGOybewlSTjrkv3dE/7cd7cfcbbeacb527/9277c1d7252d3d7
104.18.6.185200 OK 92 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1461085158:1685120957:WUS0tlR2oIU1XLy8oxzSkR1dVMGGOybewlSTjrkv3dE/7cd7cfcbbeacb527/9277c1d7252d3d7
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ges9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 33ea41555bacfbcd5e03e90db2fb49eb
aa478517f2760f79cfb4eb9e1d901f5d8b8b696a
e9a6bb3effb97d93c1f9fdaa873240fe3041e22908b21c63aad82c6083dd4097
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1461085158:1685120957:WUS0tlR2oIU1XLy8oxzSkR1dVMGGOybewlSTjrkv3dE/7cd7cfcbbeacb527/9277c1d7252d3d7 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ges9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9277c1d7252d3d7
Content-Length: 2790
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 17:41:55 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 42gVc/xNLwvb/5zglJ8ZVXGiSRAnzseV3/reMoKn1piO9CZvUAJIvQIQQVtrAIyiG8LdkytZ3fqimUOn3v4+8AvI+zatUZ/geguS71I+my15Xw2qRZrE9R3dbweRoB0Kn+yuoMdOj6AL6t1mAkUm8tJRQ/zFCt+GiQP60BN3xSM0YbNyhQOh2luE/eqQQLQgOfLMvVjULgIG4CREq/mVoZiGz+nKdeB2f5rclhKyEIhP0wZ4N3Vc5gmcd3ZDB54O/IenOu2orfV09ZQHJ6KDDZHz7zP+/5F9YRb54kRlB8HTOJIHUp/bJERIMgZs8Vqdr+wJK8DFxQm1WEy4bAD+hUJpKkurEf0Ktdgi72x8sKM=$/ZMyRPOVVAqUaS4r+nsuOw==
server: cloudflare
cf-ray: 7cd7cfce6b1ab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400