| holicisticscrarws.shop/Ab | 104.21.40.92 | | 5.8 kB |
URL holicisticscrarws.shop/Ab IP104.21.40.92:0
File typeHTML document, ASCII text, with very long lines (14359), with no line terminators Hash9a0d845fc495668b50e90f977f304bcb ec04709f47e155ac3f120316a6549ea808368aef 4bd56bd1e01493f8ab3298ca3366f502644e8d746009f29295e2e067c6912726
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /Ab HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 23:01:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: nMBAKJGdBJmAYOkztRMICfofcEnDWgRzvmG9wsh6+qgRr0+20sXqhm87WDyXhUJGQQsxhKjYGbJAwhP0Oql1HQNnDHlPp8LG6KtlnN3V1jgJHxI3+OjzFf/pmR0stGzHwD/H7BNCZHPMkzXjL9gtmQ==$yy8/BCvoHMSRBu2PHaPjAQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C4RYrkjN%2F7qrSoqLPSqRnsW4VrmAW%2FAmJYmfd282qygaQQeveuvh0cfvqKjuZWfFEilrWXJrq%2FGFvXVKPGQxu1fMxVYsVpKZfPhRJYdutacvntUCXLnHft02Qg6l%2FYuuh4jqK%2FPt%2BrZG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8804d5813ba20b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8804d5813ba20b59 | 104.21.40.92 | | 113 kB |
URL holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8804d5813ba20b59 IP104.21.40.92:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size113 kB (113302 bytes) Hash048a90f02891e50cd4b460fe908f2fb6 ab35e20d0bd3fee96c8f1104db961977e62f962b 2878d464409df12f78af9d7fac75786fe513de2633a93943af25f1d78cdf05e0
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8804d5813ba20b59 HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/Ab?__cf_chl_rt_tk=yevYFpiBQG2tlH8xrt_eb6w0aTioFI.syJUdXT3Dwmw-1715122908-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 23:01:48 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0SzDgbb86%2FHgzkGKueMVPJieKPwyjI2PtxUZ82lL0%2FqmOqAgDH2j4VG%2BKt9l9CcpdJxGpDYHbsTahFBlk1qwsrj%2Bu0Z2xDQuNtA8RfxeFkiM7ecpxcu6DPyd%2Bj7h2roohZ%2FroVOF96el"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8804d58389c0b51b-OSL
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/favicon.ico | 104.21.40.92 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1holicisticscrarws.shop/favicon.ico IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/Ab
File typeHTML document, ASCII text, with very long lines (14484), with no line terminators Hash8b608cc67505c7cbcbcfa483c2fd566d 70cc62ce6a4f0449cf577e91ea14d62d97bc5c4a d701ec8b28ff6f780f0743f76561da31826c418a75c1f6b48f5308d827936b1e
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/Ab?__cf_chl_rt_tk=yevYFpiBQG2tlH8xrt_eb6w0aTioFI.syJUdXT3Dwmw-1715122908-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 23:01:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 2Itsgr6I9Z4qdS5aJ39SB4OWngDxvbVsEc02+i9guiTb9LEcRRtsNWAHe7JLBGg0ITRJK9IdunRGHP0u1lRdMSDI/vNc2oKwt46F/+FEL13EflbJ/W2f2b8GbidgLdqM5tChjBwU+7gB6sp7scqq+Q==$2bQQzfKnBtI8tSCFbTvzZA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Mtvc0m7CWVBOq5TEPUQoMZjYAwErp5o5sFlEeltcxVxipEHcFaze1THZKHediZ4xy0eMZRMEOAPTE1Y%2F3Pbd074q9OAc4USFlDHcvh9lm9ODot0Q2Wc9kXRGEAfDxvuoa0yhkKb8cj1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8804d583e9eeb51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/favicon.ico | 104.21.40.92 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1holicisticscrarws.shop/favicon.ico IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/Ab
File typeHTML document, ASCII text, with very long lines (14398), with no line terminators Hash48207e2b105baa0a508c3f9cf7928fe7 50d00e3c8006b68d0c08d973fcc426ce0d1ca8b1 b5967b7b9956f94135ba77500a1c5f5ed655d5bf92993eed9408a1f92f450857
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/Ab
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 23:01:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 1aEGIEQXW7PFyw8DygC9vq8aC62WBQHBDcK08xW8bUj9z99Gxxg8Euk9wiNHDzM9/w/WN2aeoZti6GXqD936BqxOIdx88iTl7y32BQu29FtRQxK4yRGQflcJ09du7+7ppRgN7Uv4VUwclAxIHyBbkQ==$80cwSi5ftvv4/Hh9md9Wnw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIAbnlPQgaUtU7%2BBrPnFa0eVDRQE0VMbaeGdfqtsGoZiOqlcNXvWMHYIwKMa9O7TRFqM9tMHlIR2U0JBiYSO355mR97nXrEkYPxM1U3E42vLgkDl45uRDjqNn5LXn7aVlTGO5o%2FJ7Jrr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8804d5847980b4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/252708526:1715120924:ZF7rQUNpoM1nP76bCw7fwKtiapKEpwbK35KkfJDAZL8/8804d5813ba20b59/8023043f3bc46c7 | 104.21.40.92 | | 12 kB |
URL holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/252708526:1715120924:ZF7rQUNpoM1nP76bCw7fwKtiapKEpwbK35KkfJDAZL8/8804d5813ba20b59/8023043f3bc46c7 IP104.21.40.92:0
File typeASCII text, with very long lines (16336), with no line terminators Hashfb3102bb2469e69683d4c148e2d9c91c 6b2b5aa21f7a14efc5c4cbdb8fcb378e06cc9f56 49bd323a8611b454e5c20c32aeb3c8cbfa02944d5b25d76f1d56d244782722b7
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/252708526:1715120924:ZF7rQUNpoM1nP76bCw7fwKtiapKEpwbK35KkfJDAZL8/8804d5813ba20b59/8023043f3bc46c7 HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/Ab
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8023043f3bc46c7
Content-Length: 1853
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 23:01:49 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: qxd2rpcm/rSqJvK/pjJNs2wR7Yyf4knYWmji6SHgpeWRC/342ljClKtKulzV+5FB$MeFOy5wHc4En+VlfpPQlzQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dmWAeo1bM8jA1FO6Y%2FPpC9AHvDUTvLWDLzEGOeNfvteJtvGIQ%2BRJz5V%2Bh3I3dngXImYdV%2ByXrX8y18%2Boh9dVW6MhVPDSgEdXRPD6Fj0pZcnAgY9xs%2FY%2FLJ%2BpDJ62CAgqhFU2%2FTs%2FB%2BNX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8804d5856bafb523-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ujom/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ujom/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hasheef90bfebfce96ad12496b0259ba4f13 449aff06c198bfdcfdd703c7f4e16ddf7e579ae9 f5d5175c2c031485c294a5181f86cadcccb8bb836144bac268e4c6d1924883d2
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ujom/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:01:49 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
referrer-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
vary: accept-encoding
server: cloudflare
cf-ray: 8804d5868e0756ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2102417045:1715121120:Zwm7P3078RzNol_QMqfOGB3-3w7tdrk6AYfMwFOZnhg/8804d5868e0756ba/16867d5a8728d91 | 104.17.2.184 | | 108 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2102417045:1715121120:Zwm7P3078RzNol_QMqfOGB3-3w7tdrk6AYfMwFOZnhg/8804d5868e0756ba/16867d5a8728d91 IP104.17.2.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size108 kB (108276 bytes) Hash5a3a03fe1f6fd8d95d3492b820c14ed5 09f9da7e7f7e17c3ba25c263c8c8dba01dbc6a14 25789111e4ef9ad1ebed00fdb5d47c56b93076bea016705cc6060034a1956719
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2102417045:1715121120:Zwm7P3078RzNol_QMqfOGB3-3w7tdrk6AYfMwFOZnhg/8804d5868e0756ba/16867d5a8728d91 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ujom/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 16867d5a8728d91
Content-Length: 3533
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:01:49 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 9J8sSmV/R/YysweoBt7xbFy69aX8i4UZCb25p5GaUMu2iXgPr6tcRKWDg0l4Y/PqjSbyZnvvu9vOPUF79na+2AfcGckL/GMlOuzZRHCgtl011zo0TGYUiWr4JvmeNZuNEOunVx9ug1ZxZfFRQe8NdPZ9aeYS2IYROwD8EqtCJSyjmLd2KLGM3sH2/UBnNAPRH7uwaHRKncPIaBiYAW8BplzBTYrM4VwDEQsw+/OOXe9cJoyTVjX0EADL1jHRrtG4WIA3d82dE8Nx++Y3MNF2FmzyEdJdIPJNLOdL/HGFIGT7Dju1wz9J8rTDLGaJjxea8IheOsqVPeQse7MA/1i8RTUifH0iV4lsI1NK/qFwb6dEVfVx4zzw4h3jJCkqk9A/ixyrLAtP2NW+l6TWkdMLwRn8+VPjmvqOThbDxuBe834=$/CF1gCh4XoPfETn0tKJlJQ==
vary: accept-encoding
server: cloudflare
cf-ray: 8804d589282356ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8804d5868e0756ba/1715122909650/HVQimLBBjaxYjiX | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8804d5868e0756ba/1715122909650/HVQimLBBjaxYjiX IP104.17.2.184:0
File typePNG image data, 6 x 65, 8-bit/color RGB, non-interlaced Hash22a4b71bf88aa483050b89fd3c01022d 3fc4ea6f313dda4b17eb3b58cd14771573a9d849 5857f8d00e5fe3f08a7800d5c0d786dc49c92c22d771e8b3893963ad8f303fa7
GET /cdn-cgi/challenge-platform/h/b/i/8804d5868e0756ba/1715122909650/HVQimLBBjaxYjiX HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ujom/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:01:52 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8804d59babbc56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/252708526:1715120924:ZF7rQUNpoM1nP76bCw7fwKtiapKEpwbK35KkfJDAZL8/8804d5813ba20b59/8023043f3bc46c7 | 104.21.40.92 | | 1.8 kB |
URL holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/252708526:1715120924:ZF7rQUNpoM1nP76bCw7fwKtiapKEpwbK35KkfJDAZL8/8804d5813ba20b59/8023043f3bc46c7 IP104.21.40.92:0
File typeASCII text, with very long lines (2328), with no line terminators Hash724bd314221ccc9c370f437a757cc2a3 60b444fc3cbc2c9e74d5b20a3b4944930465c25f edab5b62141765ed9eea5f0933ae54f5da92df3ffac15c86d2aa6a2f6a1809cf
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/252708526:1715120924:ZF7rQUNpoM1nP76bCw7fwKtiapKEpwbK35KkfJDAZL8/8804d5813ba20b59/8023043f3bc46c7 HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/Ab
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8023043f3bc46c7
Content-Length: 2531
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 23:01:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: 8PxsnVacDpLjqHhFn/G4xa7xCaSAX/m+anpwA8dIrBgHHzn1/OveWE2qM0EQmn1NbQFoboxiUrh3o+oEj4zcvup4BwgaHDljJOTnOMy47Fo=$fWrE6AvH0qiMdq2NpaUkPA==
cf-chl-out-s: fKh/H/OqBgA0DxVKZYztaA==$AD4f3V4EkrZ1HBBq9DnEbA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QXExjjwhkNB4ZaBRpNNqSi%2BHUDsGV1%2BjQfpjHWJeoXmeJb%2F7Rzifw15omQBdJAMvVyjEikeTLejQTofeCFEgMD2tE77HZVPrOl8iEuaq8NhkY7dDnjtPMuKh%2Bs8W3VSHUh4DpooaMC3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8804d5c63de0b523-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2102417045:1715121120:Zwm7P3078RzNol_QMqfOGB3-3w7tdrk6AYfMwFOZnhg/8804d5868e0756ba/16867d5a8728d91 | 104.17.2.184 | | 27 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2102417045:1715121120:Zwm7P3078RzNol_QMqfOGB3-3w7tdrk6AYfMwFOZnhg/8804d5868e0756ba/16867d5a8728d91 IP104.17.2.184:0
File typeASCII text, with very long lines (22284), with no line terminators Hashdb2bf56989defdfbb14daec4febe4afc 96339294b6faa0147c5f517bcccaed4f5e8b3c76 b9a83cd8431e5178c66c6b9627fd4ee6719a3b670729e8f0adb3219b0cc8da3a
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2102417045:1715121120:Zwm7P3078RzNol_QMqfOGB3-3w7tdrk6AYfMwFOZnhg/8804d5868e0756ba/16867d5a8728d91 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4ujom/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 16867d5a8728d91
Content-Length: 27679
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:01:52 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: h05cE+lfUIIP2kfFzDpNQizjy/VS1umtxJVQgArt/igS9yLSn7lLeacJMXFEfS9o$3M3wYGbbBDNxLCVTPxTI7Q==
vary: accept-encoding
server: cloudflare
cf-ray: 8804d59cac3656ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| holicisticscrarws.shop/Ab | 104.21.40.92 | | 5.8 kB |
URL holicisticscrarws.shop/Ab IP104.21.40.92:0
File typeHTML document, ASCII text, with very long lines (14154), with no line terminators Hash3a5809e5bf9be1e553698007490188ff fe8854c02dc25061fe9a8e53d0056da623f08470 857de793a72826f27e782d3b975203fcf7592b54a8cce555d21e557f11cbdb5b
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /Ab HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 23:02:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: xZSAwaMhG38pW/zUalGbyFvTLVVztZiei4Mvo8w6eRjIi5Rdhmw5opbwuBm7VZcvdPjcaJ1jx3l21jU85RZ0LZlukHajIBDZZsb9qBIKx7iLkH+/nMFZZqfXoTmliAxz1L2AW/X0PqjwciItDP2Whw==$hBYUDyoXm8t2mqM1xlqHLg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQZPo6KWmKyml30H%2BiAKY3v6%2BcudefkoxhgUJZl1YDwpk8mVtBIQuFnGZQKO7k6Avw81z1S5UurM7FKku4%2FvvOaSiQr3TZkmRAWyc8ideNNS1shcAIeNcZe2Oj6%2BrP3PlADRgRIgbfs1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8804d5d31882b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8804d5d31882b523 | 104.21.40.92 | 200 OK | 115 kB |
URL GET HTTP/1.1holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8804d5d31882b523 IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/Ab
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size115 kB (115285 bytes) Hash66a8f11cd7860abd2d3451efd5eb6b59 83cc10b22cff2079305d9d38ff02998fe1b94413 1253b4219b8bd97d03a073f1aca1fb6f6fe345f9c93eb70f819e323e805323e2
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8804d5d31882b523 HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/Ab?__cf_chl_rt_tk=0L0dkjXvlZ10XapwGf9cekv5vAKJDV4e5zCtG.EmW5Y-1715122921-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 23:02:01 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4viQSl4CcUYaFEBxorjEUdy4xnJ8XX4DAMnWrE%2FQW3nnryZ2x%2BnswH2pV0EtJ9x3RA5GoMY1d%2F%2FO8jnKL5UE1KYONlrd%2BP0c500PDOv1AdLwqKgEU6aNxGc%2B%2Bct%2FM3siqoPvp9SvsXX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8804d5d3890db4ee-OSL
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/favicon.ico | 104.21.40.92 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1holicisticscrarws.shop/favicon.ico IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/Ab
File typeHTML document, ASCII text, with very long lines (14279), with no line terminators Hashc17bd2faaab550c6ca6ef39de1e0e11c 0feea761466c3f5f1e94acd142c7c10a76bb998b 932d08bf74b0e282bb281c8583ec89b08153c09c710e115f081d34bc023f3042
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/Ab?__cf_chl_rt_tk=0L0dkjXvlZ10XapwGf9cekv5vAKJDV4e5zCtG.EmW5Y-1715122921-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 23:02:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ayw+05nPC1YZ2ROGUot1laGstrKHUEl75DIhib5fvN9gTPvsn4O5TbA86Mc+888S6zlwbR/XcjZit03oSTrsTaUi2e8PIgUYpz5Hch+pkxquLaS0cPBdZy4e5h8fUCGr66GD5oI34Xj7mOyWlAXy6A==$iaj6a80ooSYNHc4OhQ98jQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2BZZrRDubAzmNF7vfQVA%2FarjYLJk%2FhA94vrR1STcsh64qyrfJFTYeogF1JAQIFa83EfWjmqTvQsPcpTc4xRckoXylOb0P%2FTs14DRj542q6lcV%2BNS6nV8hHePK94AFGE%2FqnHmOO9w3zAO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8804d5d3d92eb4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/favicon.ico | 104.21.40.92 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1holicisticscrarws.shop/favicon.ico IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/Ab
File typeHTML document, ASCII text, with very long lines (14420), with no line terminators Hash3e6ca1d75ba20373b15c7b6db4015b78 0a20da2c787e03da03f9248fef346c6e29b58351 d873363f7d02bf786afa636bdccb0a6fa06734f5625a15348324e1cc963bd1b6
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/Ab
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 23:02:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: RzyOE/oAiYLrr2fGzEroQpjh5hmAoiWEkrdaFTEGeLg/JCDzjA0eA7JP6w+c9qaPj3yjAx678sjOVcq1pGpqQK4rJNG9Y3ehrdbkYxGtF756g26dYqoEIc/Qz9fJR8Cqcydg+heHwVsVdIDZ9JOq6A==$hXTT8Ej8BNSoczC9NJ3DhQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncjoyAoO5a89k9%2BTR3DgiQ0nrfG5pMVcl1PgQVjgi7f1wvgMlcvYsahQ4vZ2m2IFaAq2r%2BAaAZDxtp%2FJgqbcjp0sT%2F0t1PpFBMYJreVytrhfzVlpcgY%2BjTEa8mmfgnjN8ijB2Tznz5jD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8804d5d42c7eb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/538165665:1715120980:6MVJC3xQ2YAtaWGkWXVmOuEY6B0o_qXWfH3OMDr76sQ/8804d5d31882b523/6d292ef524b7fe4 | 104.21.40.92 | 200 OK | 12 kB |
URL POST HTTP/1.1holicisticscrarws.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/538165665:1715120980:6MVJC3xQ2YAtaWGkWXVmOuEY6B0o_qXWfH3OMDr76sQ/8804d5d31882b523/6d292ef524b7fe4 IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/Ab
File typeASCII text, with very long lines (16364), with no line terminators Hash11bf8d1acb4711dfb5b2e42bd9a86fed 253d12137b2e9a12203bb290aea67b4d301a64d0 2d28acfdfb02c153fdc6fb11d91483794953bc48118337ea34e4a95df2274e2b
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/538165665:1715120980:6MVJC3xQ2YAtaWGkWXVmOuEY6B0o_qXWfH3OMDr76sQ/8804d5d31882b523/6d292ef524b7fe4 HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/Ab
Content-type: application/x-www-form-urlencoded
CF-Challenge: 6d292ef524b7fe4
Content-Length: 1860
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 23:02:02 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: LalG6M5JLKo2C8j6xUMNUZgB5koQSuuuDFEtiIHRQ1g62/CftZ8uX/eQcZaAqm2L$ZqYohlCTcAbtSaf9TqPyVA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LyVRu9pBCKbqfdMD3uLUbygOuH079GBaGEW5J%2Fzcw9ebEJ%2FzMkxe%2F1IXz9eoD592CzQyDc54mDqRG7fAEFMv%2FitMWHqWOd6JiOkbtuvgebG8NVqE2tXgTeDY4jiLYlvDyWh56cmdJwFZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8804d5d6a98db52d-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hvx7f/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:02:02 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8804d5d85fe656ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8804d5d7df8e56ba/1715122922655/x7yvDhu9rCwORpw | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8804d5d7df8e56ba/1715122922655/x7yvDhu9rCwORpw IP104.17.2.184:0
File typePNG image data, 63 x 34, 8-bit/color RGB, non-interlaced Hashbbc4163764272765057f568a03de353d 86ff0635384fc6578cae659b2a79f4c0aa0418e3 a6d4bf234ed13e4835c45347e6be1bbeed947e943842943650688e2e395a7e81
GET /cdn-cgi/challenge-platform/h/b/i/8804d5d7df8e56ba/1715122922655/x7yvDhu9rCwORpw HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hvx7f/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:02:05 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8804d5eaad3e56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hvx7f/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | 200 OK | 27 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hvx7f/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:443
Requested byhttp://holicisticscrarws.shop/Ab CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hashd4405ad368119c1d972193cb8ac13321 92d6213ae70d63995a3453dd55a247152274ac4c c5c99e9c16b0693349d83a7dd7036d3626de556daf42b359260623e44ec8577a
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hvx7f/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:02:02 GMT
content-type: text/html; charset=UTF-8
document-policy: js-profiling
origin-agent-cluster: ?1
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-resource-policy: cross-origin
vary: accept-encoding
server: cloudflare
cf-ray: 8804d5d7df8e56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|