| | 172.67.143.39 | 403 Forbidden | 6.0 kB |
URL User Request GET HTTP/1.1IP172.67.143.39:80
File typeHTML document, ASCII text, with very long lines (14586), with no line terminators Hash5aa0f907a5d4f6d82a4c58de94559718 5b351a661292dd12cc559fdd360062853a7dc0da 929e26b04da4f67752fc14e2e1ba7a8c909146ed6763fb5bf3debe8540433b79
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: hartvviginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 02 May 2024 20:02:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: mv/3bIIWweQjdf29S4ZRS4J6RhMcXtjgvpnfZ1X2jKn8CqBm1dZ16JSL4IdkFnomgMNT05VHq/y21FFaPCRZ46L/DIc+iUUE7BVdOI25GRcSDL2Hc5WqFxFm5lKeTl7JL2k+uZBb+RnTIwOlLRC6sg==$zOa53Ujtxrjw0KDRenrSFw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2BSKp7%2FUujj0WVdPA2MBSrs5KnbDoobPO0VbGn5RLwQm0vssS07DiIRzjh2cuKJq7PerW3ZwYXqyxxpjnGjWcVfIamKzSy1ll82ptA3hjwvWWZztSyfAp7YjUIsdYXtTcs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87da9ca7fac6b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| | 104.21.46.235 | 403 Forbidden | 120 kB |
URL User Request GET HTTP/1.1IP104.21.46.235:80
File typeHTML document, ASCII text, with very long lines (16229), with no line terminators Size120 kB (120388 bytes) Hash631b247dccd66a81ddc7e1ca00062395 f86fc44b8529f2e8e5e3da55764fc86fa83cb3d8 9e030f27281f06d5bcee83b0cbf72f26985356a18d3d3bd0be24e261af9cab76
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: hartvviginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 02 May 2024 20:02:57 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 1Se4tfnm8JkDL74KyKKVE8o/+63mTaNW+lrzjE8kx1HCBTI95njHT/3BwzAsurJv/Ml4UgscxWhju811esq8HaiIDl8aHhHr4Nc1XiT9l+70BfybK4Yick7S2mwjdx9DAH0w82ccgEZ0khCUzTwZSg==$tweJhAAnHkjnVqrIH/hIWA==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9IEkywg2Vf1zAcpXiF%2FSF3Byw%2F6IsCsg5QwwOO66s3ADj34st1lhZkTExpAVkFxVzHH%2FVmgq05nBetmSGem46j4SlBzVH18X%2BYkzjsSNQSQq4n0FIf%2Fhac92xd%2FhjiCuZk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87da9ca65e64712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hartvviginc.com/favicon.ico | 172.67.143.39 | 403 Forbidden | 6.1 kB |
URL GET HTTP/1.1hartvviginc.com/favicon.ico IP172.67.143.39:80
File typeHTML document, ASCII text, with very long lines (14742), with no line terminators Hashe3fba6eb6e24895f09642d59580ac751 ebd49108131d217b696eadbbacbfae726777a7d6 6d994434c25ecfc49d7375095f566b78de6cd9ef75c254207fa8d5703dda1101
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hartvviginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hartvviginc.com/?__cf_chl_rt_tk=ATqERZR7MAGAO8ED.Xx.BPLcI8W0YgCS_ANFy3MkAlI-1714680177-0.0.1.1-1557
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 02 May 2024 20:02:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: HewowXdeNiB9dcKVolBiMPFfhil4G2PI5+1nI2gpBWKEx0720d09H+deQCz8N8V0XsCZgdaYqGrcnO3v5uVWozcG45zr3GLhPRcVkzFW84vizCj0H+42Vj+O9+qtI5KTlPI9sHjG307XK8dzDO8pCg==$KbsGywpQzLJIV8zhJ0O7Bw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ow4hcBxo8nPEZ%2FZNy5nnzYjwEMHO0bmkziodKQRKT9m57Yx31SUoVJpmfjf%2BC3M9zOqkOKiHf9TPuGnF%2Bos2lFWlv4erw2zmV3VbI8KzGcmYDJ0djcpJCjyZfmpChMRHC%2FM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87da9caa4ecb569d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hartvviginc.com/favicon.ico | 172.67.143.39 | 403 Forbidden | 6.0 kB |
URL GET HTTP/1.1hartvviginc.com/favicon.ico IP172.67.143.39:80
File typeHTML document, ASCII text, with very long lines (14635), with no line terminators Hashfc04a7dd8a978edf16043e47f9512427 c4c836accd1d822682baeb168ce2ea322fe283ba afb6f330ff7b98f44a0012464b1c26e2a0cefa37503876e9737bbd8ce2ac0e89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hartvviginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hartvviginc.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 02 May 2024 20:02:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: a0X8EuVNCiD+mFCSgz5tzyZ8h8QW5ZnvuUIocAVS3Ui3ZYzgOtPVa/JURjFBXUX7Wrx1nBVk6hmJoke2JfYYYf8+i4l0QxwOQWiprwg1S2o1YrHAHfP0oRtVoNqbGsQwVqetNvAfzanPLqpBLnUzeA==$OEFZgURupRlZj/xn8VDbmA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZTgFSp%2B4j9fNA9qosWMjXtC2IVoMVKpSI%2BjsgZnAMWqIawxVXvuTm68wC%2B2TCKqWtZYMt7til7agDr5bWSOZNkaqjcXZvwnD4nXbB8g9AnXCj8MXUWvIsUMd2ZCILqfRzDk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87da9caab8f856ca-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hartvviginc.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1189387561:1714678206:PQ6_PBMzLEw2frjFiufhYr2EbwQulPDxvj3yho_VEiA/87da9ca7fac6b4f9/ef36e4b89fb1e66 | 172.67.143.39 | | 12 kB |
URL hartvviginc.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1189387561:1714678206:PQ6_PBMzLEw2frjFiufhYr2EbwQulPDxvj3yho_VEiA/87da9ca7fac6b4f9/ef36e4b89fb1e66 IP172.67.143.39:0
File typeASCII text, with very long lines (16360), with no line terminators Hashee43af400f18ed2fe97c0812c1b51836 9ac74a4f189a11079e24401e02cf3ea82fb6fdb6 54f2371710de1209dec05f6ddd5fc11e42bb674e5f2abf3b415f0d616a0faa2b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1189387561:1714678206:PQ6_PBMzLEw2frjFiufhYr2EbwQulPDxvj3yho_VEiA/87da9ca7fac6b4f9/ef36e4b89fb1e66 HTTP/1.1
Host: hartvviginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hartvviginc.com/
Content-type: application/x-www-form-urlencoded
CF-Challenge: ef36e4b89fb1e66
Content-Length: 1841
Origin: http://hartvviginc.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 20:02:58 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 4K5YP/wrYUUE7V3kp5/uNsrutl2DpfbYZBLqHWthftmtWo6oukqLjbgAV1PPfRQR$8IKtgZvq4FdL9xAUJz4+YQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y324TwKuoH22KBjYQa%2BhnYxrxC7tpbfviGsMhxyg8dkbwN38BU4EwsxWjOleibdE9Wtx8dawu4Obz6nC8xPfuZh77AWNYoiCQoIphQAhRqS7uCfbjzkQnRE%2Bpi33tnaWkE0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87da9cabfc99569b-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fmcrh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 20:02:58 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87da9cadcea85695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fmcrh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.2.184 | | 33 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fmcrh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hashaf2eee817b287f1b1dc4deb6521ad485 5f00b2e32537e17b8d813a8df6a90c117992f89f 962c40f0e96bfb42c39dbb1ecb971f4576a9cc8b644cff2277139c72bc1dc96a
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fmcrh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 20:02:58 GMT
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
vary: accept-encoding
server: cloudflare
cf-ray: 87da9cad2da05695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit | 104.17.2.184 | 200 OK | 22 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit IP104.17.2.184:443
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hash65b0a652c40c95d12c4ddb3b4567c1ea c654efa19d01d6553ed4e0f500d350011e023ad1 c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7
GET /turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hartvviginc.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 20:02:58 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87da9caafd2c0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87da9cad2da05695/1714680179216/UkEROS-SJszkPMj | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87da9cad2da05695/1714680179216/UkEROS-SJszkPMj IP104.17.2.184:0
File typePNG image data, 62 x 17, 8-bit/color RGB, non-interlaced Hashdbd9962e8206c23372a1eb5321037ed6 9745eceb5063b756142bfba09a84001d823d84f3 f956e4c4fc30fd18bcc0ae677cbcda6ff4b50bb5a1c10f6ca7416007bdd03b93
GET /cdn-cgi/challenge-platform/h/g/i/87da9cad2da05695/1714680179216/UkEROS-SJszkPMj HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fmcrh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 20:03:02 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87da9cc48df95695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hartvviginc.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1189387561:1714678206:PQ6_PBMzLEw2frjFiufhYr2EbwQulPDxvj3yho_VEiA/87da9ca7fac6b4f9/ef36e4b89fb1e66 | 172.67.143.39 | | 1.8 kB |
URL hartvviginc.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1189387561:1714678206:PQ6_PBMzLEw2frjFiufhYr2EbwQulPDxvj3yho_VEiA/87da9ca7fac6b4f9/ef36e4b89fb1e66 IP172.67.143.39:0
File typeASCII text, with very long lines (2328), with no line terminators Hash4ad4c1ee9699770bfdbb6dc73b78736e 5d20c2fdeae77575e8dada94a722f31da417b375 24193f175dfe7edc87bb21e05f04b3e9bbb8540103cba63b72960c016c298f18
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1189387561:1714678206:PQ6_PBMzLEw2frjFiufhYr2EbwQulPDxvj3yho_VEiA/87da9ca7fac6b4f9/ef36e4b89fb1e66 HTTP/1.1
Host: hartvviginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hartvviginc.com/
Content-type: application/x-www-form-urlencoded
CF-Challenge: ef36e4b89fb1e66
Content-Length: 2514
Origin: http://hartvviginc.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 20:03:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: TeyHGQaVlsfKGG/W8GxobQ==$GU//BuphtkX3WYkD4YOk4A==
cf-chl-out: J+9CgmF+ym5JCps7BGNmPK5ACP5/nr7HPo7NAvNBOvA5NiA5airrLyAlaIaE13WPye6ZOQeOlE3p9z9nWr1WXajNoj5n9FG/OPPlH7P8WiI=$+wQwF4zlGgAdFFldLKwARQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CN71wgZuae9STr29btefKzVHZilqkjCVT8CylDdw1zJORSgrA1mvxbiG0XaLhUSJuk2rLCgcUsrLjXrDpdQJQoqgH8yMME8ios8z5%2BDNU4kNat2c0k%2Fmziw1FCBypqZF%2B5U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87da9cde4c23569b-OSL
alt-svc: h2=":443"; ma=60
|
|
| | 172.67.143.39 | 403 Forbidden | 6.1 kB |
URL User Request GET HTTP/1.1IP172.67.143.39:80
File typeHTML document, ASCII text, with very long lines (14629), with no line terminators Hasha222d1633fd8ab7b02e7e07e6ee4e247 0dab69334c38457bd0c147dbb134a2d10534a5a1 e0452342e859cfd168f821fb47e1a2cb4e507946e372e09a1e53d1a6a86f74e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: hartvviginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 02 May 2024 20:03:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: kBrDavp1eO6x1n8tRR5KGS38d3jrjxa00t3bGiUo+M50TeSnE7hogbCgK9/J8dxDMEkBV5BKkPnbbYcLZZPpSZenSigaQUzCbKv9k3sJ9L+tM7EAvSYSUaEnlf2EbgjMIl3cIXc1YaV3+fj2sGf4fw==$RHfmsqRaINdaVL5JiBZNyA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqTy3UaZCAFwZ6io%2FCvkhIttjzpaoYXxkOkSbjVdL6Emk9bW8CIDmcn5woKPecmXFntN1LQ0ABeGGXG%2Bf7%2FeKfM6Z7DEaF3I0QT7peqJ%2BmgHHR03EpMYiA6sh%2Bv2IluRDtU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87da9ceb3b02569b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hartvviginc.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87da9ceb3b02569b | 172.67.143.39 | 200 OK | 114 kB |
URL GET HTTP/1.1hartvviginc.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87da9ceb3b02569b IP172.67.143.39:80
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size114 kB (113891 bytes) Hashe177b7c348a5b960b231512cfeecaead f2d1380b40cede2f90f3f1cb5a6d553d7f6dbc21 b2ecedd7ce716e6358da45bd68bde95f49db5b9de50f71b40a5637dd940ea23b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87da9ceb3b02569b HTTP/1.1
Host: hartvviginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hartvviginc.com/?__cf_chl_rt_tk=dB622wBZ_Mo6xwTg5.i7MiPvPAOGZqmVlJG4fQSWjlk-1714680188-0.0.1.1-1557
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 20:03:08 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9TzSbS1CYgfu44Gt%2FiryHdVQmNhQ%2FgwWJIm5B0eXVXEpyYX1jbA%2FilgCuBQAjfZedAAD6XJNhsJg%2BG8Rqw62ySzQWEwer9WDZGucC975uj%2F04YaU%2BjItE0KlrDmocUWQ14%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87da9ceb8edf7130-OSL
alt-svc: h2=":443"; ma=60
|
|
| hartvviginc.com/favicon.ico | 172.67.143.39 | 403 Forbidden | 6.2 kB |
URL GET HTTP/1.1hartvviginc.com/favicon.ico IP172.67.143.39:80
File typeHTML document, ASCII text, with very long lines (14763), with no line terminators Hasheb95a01cc013a59e2309d4d3a50999c0 1c28d6c160d9c7b070f5ff2dc8f79307c7600df2 ef96e0ed8e98778a7ffd342a36304a10e62dbb1f4359fecc1b82e07eea345076
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hartvviginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hartvviginc.com/?__cf_chl_rt_tk=dB622wBZ_Mo6xwTg5.i7MiPvPAOGZqmVlJG4fQSWjlk-1714680188-0.0.1.1-1557
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 02 May 2024 20:03:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: xS8anDo7dH4Vilosx+Nv5h3k7ZYG1PROOHvkRTFquOHLCo1KPx1VH+BhMmZRSfbU3lXDTqGiN+ktMuQQ6jVm4IkEOSBNK5GAkb56MYBkgCWrqPyYhB+iP4D1uI5WvZIb/Gq5nwJpjp0vzM3VqE6K9A==$SzmIX+hAp1gwNDfoVLrPnA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1lE5SaoUd3exRPKejA8K7TmCBuWc6GXSPuGjBqAUFxgS%2FT%2BPjCIj2uBPkVrDF5dSJVqQkQ%2FoZWQDkPnQBxYWptxX2PWUuLEXI81v9BN%2F%2BYWJp7Vvgi9j%2FbC6H53okhTU9JU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87da9cebef957130-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| hartvviginc.com/favicon.ico | 172.67.143.39 | 403 Forbidden | 6.1 kB |
URL GET HTTP/1.1hartvviginc.com/favicon.ico IP172.67.143.39:80
File typeHTML document, ASCII text, with very long lines (14656), with no line terminators Hashad27c05f2799b3889ec6194cd5f6f762 e00eca45ef5029a59af2e41e058c655d3b7644df 7fbb23a91748930eb278ec2521f5a52d2fa23b5f0298bca41762b7c97bd2cef2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hartvviginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hartvviginc.com/
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 02 May 2024 20:03:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: RNk5kJuOjPXNx35W2FEUrGMaqrFE9uBlqNdApzGjTNbGEiAJKn0DaC/1UEkYEFnYuQz+HDyej15tT2bLX15ypMXSIliX2ZhNW4wD+AYZwyNEjX6eUOBeYmdfz7GJqm+4PihXymXdIMUXz14siWIpTg==$e7Io47K+U5KnXXzlhE8sSw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EvNE4ZPW2lCuwixPWlDDGtGIVTNMULX8RaihYCSKAbU6hP1%2FyeyBtw5fiM6VCFHohLG1XiyE5ZPf99mYcV3jcB8lFCsc3YYH0RqQPUt8vEYXL381ZWlF35jfV%2FfU7dUkjXg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87da9cec4ebc56c9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit | 104.17.2.184 | 200 OK | 27 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit IP104.17.2.184:443
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hash65b0a652c40c95d12c4ddb3b4567c1ea c654efa19d01d6553ed4e0f500d350011e023ad1 c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7
GET /turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hartvviginc.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 20:03:08 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87da9cec5fa35695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8tktr/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.2.184 | 200 OK | 26 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8tktr/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.2.184:443
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hashe13383174c6498aa819dc2062a9b514f 7a023eadd38fb7a0be7a60811822234369956bf3 191833fe97ef13245417bc7a93dc043933aa0b4c55b1ad135eaeee8656dc74b1
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8tktr/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 20:03:09 GMT
content-type: text/html; charset=UTF-8
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
document-policy: js-profiling
origin-agent-cluster: ?1
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
vary: accept-encoding
server: cloudflare
cf-ray: 87da9cee19f55695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1137183494:1714678349:ZIcMrOzC4ukDeaphK0iqFo5B85UTIksZnX37IBLJy9o/87da9cad2da05695/8164d88e1fa750f | 104.17.2.184 | | 29 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1137183494:1714678349:ZIcMrOzC4ukDeaphK0iqFo5B85UTIksZnX37IBLJy9o/87da9cad2da05695/8164d88e1fa750f IP104.17.2.184:0
File typeASCII text, with very long lines (22328), with no line terminators Hash0ea3b9dfba246db54069faa71296bd09 61d46436393c729433e1ff952cc56b0241b21fbd 0d2ba24dfe17578d337474daa8602a3b6d732e256fd97fb927654fd497ece2b6
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1137183494:1714678349:ZIcMrOzC4ukDeaphK0iqFo5B85UTIksZnX37IBLJy9o/87da9cad2da05695/8164d88e1fa750f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fmcrh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8164d88e1fa750f
Content-Length: 27274
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 20:03:02 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: b4jppMSl4wNO6f0gK45AnmRRsQQ80FeaQAZAjszM6OX99z1BGGDItKlaJ+ep6x8I$YFG450r6TUmnuE7bRKK/zw==
vary: accept-encoding
server: cloudflare
cf-ray: 87da9cc5e83e5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87da9cee19f55695/1714680189608/QJ2iTXshvU9CGfF | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87da9cee19f55695/1714680189608/QJ2iTXshvU9CGfF IP104.17.2.184:0
File typePNG image data, 34 x 61, 8-bit/color RGB, non-interlaced Hashcb30e31e4382cf916a931127c608a323 46ad81812410a0166b3bddacde120fcfd624beb3 fe75d7fc3b8963e85eaaf6eea8de15ed6c2cec730c02933282074c68da65b6e3
GET /cdn-cgi/challenge-platform/h/g/i/87da9cee19f55695/1714680189608/QJ2iTXshvU9CGfF HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8tktr/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 20:03:11 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87da9cfa6b275695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hartvviginc.com/cdn-cgi/challenge-platform/h/g/flow/ov1/178601356:1714678242:k27PjL0stnV7pxHat8rjnsoXCeTcMxdszrcILebzvPA/87da9ceb3b02569b/607ee8dbeff11cb | 172.67.143.39 | 200 OK | 1.8 kB |
URL POST HTTP/1.1hartvviginc.com/cdn-cgi/challenge-platform/h/g/flow/ov1/178601356:1714678242:k27PjL0stnV7pxHat8rjnsoXCeTcMxdszrcILebzvPA/87da9ceb3b02569b/607ee8dbeff11cb IP172.67.143.39:80
File typeASCII text, with very long lines (2328), with no line terminators Hashf26274095c3fc639ac81e1630c65e8f0 84e4f2f5d311c3e1041f4b48e60a89609aeeaa45 a3a2f4d84bfed9b81149a330ea2b8d12eb5d9101b7bc89a7591f8565041b3a5e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/178601356:1714678242:k27PjL0stnV7pxHat8rjnsoXCeTcMxdszrcILebzvPA/87da9ceb3b02569b/607ee8dbeff11cb HTTP/1.1
Host: hartvviginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hartvviginc.com/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 607ee8dbeff11cb
Content-Length: 2510
Origin: http://hartvviginc.com
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 20:03:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: NDTn5rkxQe94ukBb9BUg3RHHcQD4LBGW3M9mgXfbOxhuacuKu6/rVNbM1PoP/WnlHa+f2SB6hfz6y+IeNsgjfVhOvpOGJPBgCuYvbw9PUIE=$eQGybsOntlz+Na5zRw7N2g==
cf-chl-out-s: 1iWcof3q/1JYLVlnFay2Qg==$olXzL90VLqcH4Eg78t8YHA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BSVhanWuTuWKNOroprVGGwKVSgI93DNI85%2B3FuPXlgzpxeMuhVxMYJ3DyKjU7cFrVzIm3sM1VfwKncko1SJahkuuvFTfiJhUxKevJ15a6Vyosz%2FykqPTP7s7p2yKTogg%2BBU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87da9d268c635696-OSL
alt-svc: h2=":443"; ma=60
|
|