| |  188.114.97.1 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1IP188.114.97.1:80
File typeHTML document, ASCII text, with very long lines (14202), with no line terminators Hash13398974f70b0ebba75d91d0aaa8f724 48c05b0aec583296def9320a2950027aff53d2a9 1877f22d8c4a65410d3af527a314f08ab1b3021d419b2f5f169178ef9e835066
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /tier1 HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 19:56:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: caG4G9CNcJjLDr6ZbIcJvPvR9qQc7OjM2kqK3lZyZPU85KZa0dtIk4Ysegr1VlxCUHs5kGGCfe0Ujk+oK8/Gz1Fvyj1JmKApPuajVdf7uiI=$a4hRsU2RCUfTHLuQasUJEQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bom8IK1lu%2B%2BfWL7ZrJMrgKIDijONQxoOy7Wn%2FcVBP%2BvOwGRlMsAOt0utLYGWAeGxecCcXxtEcWxjOoENHVzCLS2yw650Jf%2Fz64PLcn9HEDL9E002mUM0ufc%2F2PQtsmo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880c03c5c95d5684-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880c03c5c95d5684 | 188.114.96.1 | | 115 kB |
URL cowh67amx.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880c03c5c95d5684 IP188.114.96.1:0
File typeASCII text, with very long lines (65536), with no line terminators Size115 kB (115084 bytes) Hash234b1b76c22401941be1a2f5e41d3191 9adeab15f9f6fb1975c0475fd1cac3ef9ad8373a ec7977e127773d873305ab87261fa7c63081c9338c8aa2b08e3a93950c05f3c1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880c03c5c95d5684 HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/tier1?__cf_chl_rt_tk=JVoKgsOyvwJ16ZBEceSjeJP8FibQrSMtswwiVDirbJo-1715198203-0.0.1.1-1471
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:56:44 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BhOB53XpggIHIGCxvWzmSuQj56QcAXGOpcRjaC4TSpJJJnDlKXKMyT0vkqRL8Q%2Fm8R5%2Bcz%2FuQk%2F6JHUiqhkCPaz9Zq4S%2BQpCLlpPTGtZLt6QpTzrbnwbjdt%2FVaAfR0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880c03c80dc956b4-OSL
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/favicon.ico | 188.114.96.1 | 200 OK | 996 B |
IP188.114.96.1:80
Requested byhttp://cowh67amx.cc/tier1
File typeHTML document, ASCII text, with very long lines (2706), with no line terminators Hash29727e454bb71111688ed5607ebcb153 884ccfa3a4744b660161682bdb200a637cd5f925 c250880e26a101e43065590450432206d7ab93490f6ae8803c84a93a3099b7c0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/tier1?__cf_chl_rt_tk=JVoKgsOyvwJ16ZBEceSjeJP8FibQrSMtswwiVDirbJo-1715198203-0.0.1.1-1471
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:56:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5650
Last-Modified: Wed, 08 May 2024 18:22:34 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jG1KTofjpAhoxYCZ2zDPSG4GdurlWXS0I%2FYwahyKsGsD58WIQt99wWfynlz2G8G7YIodyfjZIur%2FFMxGNynMumg9X8cDWl2CjEdxkgtw1QU2597NSS52LXf0LGfA%2BeE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880c03c8ff3156b4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/favicon.ico | 188.114.96.1 | 200 OK | 996 B |
IP188.114.96.1:80
Requested byhttp://cowh67amx.cc/tier1
File typeHTML document, ASCII text, with very long lines (2706), with no line terminators Hash29727e454bb71111688ed5607ebcb153 884ccfa3a4744b660161682bdb200a637cd5f925 c250880e26a101e43065590450432206d7ab93490f6ae8803c84a93a3099b7c0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/tier1
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:56:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5650
Last-Modified: Wed, 08 May 2024 18:22:34 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nftLjNOGOQqRzF%2Bcq3aCT58FcToyEVA4xVgJFhMnYYnEhYb7LvepOdYMvIuwxeogsMotD4%2BIdB8fgnfLgxd5827dYc6XK4vgqO8AdABMxRIti8OcrZexPvxePBkCH5k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880c03c9983156b4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/cdn-cgi/challenge-platform/h/b/flow/ov1/593879206:1715196432:aBLgYhpSgWK0JscLwoNMUj2iqH8HajWaQuQ7m-l5jvQ/880c03c5c95d5684/88e8597da91ce39 | 188.114.96.1 | | 12 kB |
URL cowh67amx.cc/cdn-cgi/challenge-platform/h/b/flow/ov1/593879206:1715196432:aBLgYhpSgWK0JscLwoNMUj2iqH8HajWaQuQ7m-l5jvQ/880c03c5c95d5684/88e8597da91ce39 IP188.114.96.1:0
File typeASCII text, with very long lines (16216), with no line terminators Hasha04cae46b2dfdff1d24ac75eee877fee 90b3f41e5951212d40b16bde66581e73af9faabd bb4fc537af9881cc9aea5e02b5622406debd3d657efd0b973ae55ef8fd17221b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/593879206:1715196432:aBLgYhpSgWK0JscLwoNMUj2iqH8HajWaQuQ7m-l5jvQ/880c03c5c95d5684/88e8597da91ce39 HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/tier1
Content-type: application/x-www-form-urlencoded
CF-Challenge: 88e8597da91ce39
Content-Length: 1727
Origin: http://cowh67amx.cc
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:56:44 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: fz6QYWk5ZHkI98yuj6GMC9nYH3QsZSpHdfPBsFWTh45fLb2OtzMBqbfBCBFVOnKM$3P8nHlyhsO/cscdQw2wTxw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZzbNl0DZweEl8%2FnlBiD9l4wobgJolslyx%2BeFgd%2By0I4gyvSjfrlgjQI%2BSK4LmLKHp%2Brs%2B%2F8e9mCM%2FPyvcZMIqphqwQp214gzzUvnNsiIZRUzhwjohU515qJ7DJFl6XY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880c03ca59b456b4-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D |  104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1woyp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:56:44 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880c03cc4aaeb4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1woyp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.2.184 | | 204 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1woyp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Size204 kB (204185 bytes) Hashccd4c18dc5d46b9e1c0bd1f2d2985cfd ecb8ab676a32650679e97831e66e4833baf162f7 49c2c87c152279197b658812280655b0b36fba52d67b944806f58b452ed7a597
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1woyp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:56:44 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
origin-agent-cluster: ?1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
document-policy: js-profiling
vary: accept-encoding
server: cloudflare
cf-ray: 880c03cb98a4b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880c03cb98a4b4f9/1715198205269/XAaw1Fr_5cbA9mH | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880c03cb98a4b4f9/1715198205269/XAaw1Fr_5cbA9mH IP104.17.2.184:0
File typePNG image data, 10 x 61, 8-bit/color RGB, non-interlaced Hashdc116b2fc06d9a7fb9bce34f311ab03e 9cb4c2cedb68dfc94dc04bbe8eb7df3d9e70fd4b 2c215875906d831a2efb21a618f37b1c042596becb80527f66a1dbfdc7b57ed8
GET /cdn-cgi/challenge-platform/h/b/i/880c03cb98a4b4f9/1715198205269/XAaw1Fr_5cbA9mH HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1woyp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:56:47 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880c03df6a65b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/100464767:1715196622:J2NMwyRvTIoPmVKkG5FY7f30tYIIBEC3V8BO8zBHSes/880c03cb98a4b4f9/cd48f15505df59c | 104.17.2.184 | | 2.7 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/100464767:1715196622:J2NMwyRvTIoPmVKkG5FY7f30tYIIBEC3V8BO8zBHSes/880c03cb98a4b4f9/cd48f15505df59c IP104.17.2.184:0
File typeASCII text, with very long lines (960), with no line terminators Hashec071db9fb1fcdbbc50511e07144dd45 5d0ca8071f186256c04a22543d43b248648686cf 513a36446328b04e08d0d5d9983d9ffb9ea340e9326b211908cb8b5558c6a316
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/100464767:1715196622:J2NMwyRvTIoPmVKkG5FY7f30tYIIBEC3V8BO8zBHSes/880c03cb98a4b4f9/cd48f15505df59c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1woyp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: cd48f15505df59c
Content-Length: 40519
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:56:53 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: vuArk/ZHz+ncoCB03AUtTg==$HYQhm5OzxjiFE5AHbQDKIA==
cf-chl-out: RNr0cyspJEQJix+0Gus2p5Wc6QFiEiMn9+UuWUbm9K/Jv9O9DeCW+8RBc3qSg0kHMSgRfK6ek42QrvDDBJ2z8t97exj3Qs7bua5jRUABh9o=$WtoGHv3yJOY88QP69PzmDw==
vary: accept-encoding
server: cloudflare
cf-ray: 880c04050bf1b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/100464767:1715196622:J2NMwyRvTIoPmVKkG5FY7f30tYIIBEC3V8BO8zBHSes/880c03cb98a4b4f9/cd48f15505df59c | 104.17.2.184 | | 27 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/100464767:1715196622:J2NMwyRvTIoPmVKkG5FY7f30tYIIBEC3V8BO8zBHSes/880c03cb98a4b4f9/cd48f15505df59c IP104.17.2.184:0
File typeASCII text, with very long lines (22264), with no line terminators Hash4dade673b860993e2b69ecfe92e5fc06 96ce6c3d9b62b1d1a630e1b33169d3197543f185 e76dbec1ad2e7a611ce3ae689ca7fceb5361612987229391e685bf1fb9aafd80
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/100464767:1715196622:J2NMwyRvTIoPmVKkG5FY7f30tYIIBEC3V8BO8zBHSes/880c03cb98a4b4f9/cd48f15505df59c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1woyp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: cd48f15505df59c
Content-Length: 28111
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:56:48 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: M81jGiU7trQiZLQVdwGP20TJiXB3XdqwVqJbz31R82MTzhWu7qIeG46gB2Oypjf4$mhcZGea9+lSrA2p1v14kAA==
vary: accept-encoding
server: cloudflare
cf-ray: 880c03e308fdb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cowh67amx.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880c0412aa9056b4 | 188.114.96.1 | 200 OK | 111 kB |
URL GET HTTP/1.1cowh67amx.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880c0412aa9056b4 IP188.114.96.1:80
Requested byhttp://cowh67amx.cc/tier1
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size111 kB (111438 bytes) Hash56f2771aac59f2de243bb0fcd491b0e9 00860c8a602964df1ee1ff43ef1a93c432e715c2 7a17b816648b2982718daa8a666fdb9e517d626f80ebdba0c3089c620895f19a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880c0412aa9056b4 HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/tier1?__cf_chl_rt_tk=.Lj3hiIlOA_sOXHLmBt6PuQ2.vaEhpga4XazODAJqNg-1715198216-0.0.1.1-1471
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:56:56 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2trn5dZRPbgLKi9ot8bQnXHYdkyS70ztZImxaWdEPgGxNWJZhKCx76aQNHHo2xemf75mgJEblwhBkk0FUWcPy7RiPKyMu1HuHHOtctcPoxwKQkBGrRGgmr%2F3HM%2FM5LU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880c0412ff4d0b31-OSL
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/favicon.ico | 188.114.96.1 | 200 OK | 996 B |
IP188.114.96.1:80
Requested byhttp://cowh67amx.cc/tier1
File typeHTML document, ASCII text, with very long lines (2706), with no line terminators Hash29727e454bb71111688ed5607ebcb153 884ccfa3a4744b660161682bdb200a637cd5f925 c250880e26a101e43065590450432206d7ab93490f6ae8803c84a93a3099b7c0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/tier1?__cf_chl_rt_tk=.Lj3hiIlOA_sOXHLmBt6PuQ2.vaEhpga4XazODAJqNg-1715198216-0.0.1.1-1471
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:56:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5662
Last-Modified: Wed, 08 May 2024 18:22:34 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gz%2BJTyBr1gM4Tqi7Nh8UIq7WjzfkKJX94PnTwFpPwfRF2B%2F0lOq78qTCYMSLvvoV%2FglAgjsz3Svq3d99RasF%2B%2BoOiWNGqiXXOHC7hkcFCjyguS7iTOiBQRpsXMSG2Wg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880c041378050b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/favicon.ico | 188.114.96.1 | 200 OK | 996 B |
IP188.114.96.1:80
Requested byhttp://cowh67amx.cc/tier1
File typeHTML document, ASCII text, with very long lines (2706), with no line terminators Hash29727e454bb71111688ed5607ebcb153 884ccfa3a4744b660161682bdb200a637cd5f925 c250880e26a101e43065590450432206d7ab93490f6ae8803c84a93a3099b7c0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/tier1
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:56:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5662
Last-Modified: Wed, 08 May 2024 18:22:34 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bp1ZAZt05%2BKMEife7UXUK8QurXCdPpF5MFPMtnBReUbERQgkjm5poHzs8ioZ5ncV1BUy%2B093EZO1Ar4RkU3Tbn%2BGJtT2ZTYa7Jw7NkbiTYtlKOjmjGf5RRuQSkZGBUk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880c0413e8c10b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cowh67amx.cc/cdn-cgi/challenge-platform/h/b/flow/ov1/805153577:1715196576:sybZJAAswlZWFV0hjj_3Wmfp2-_nCckhSbTAERweues/880c0412aa9056b4/6071a862f5578f9 | 188.114.96.1 | 200 OK | 12 kB |
URL POST HTTP/1.1cowh67amx.cc/cdn-cgi/challenge-platform/h/b/flow/ov1/805153577:1715196576:sybZJAAswlZWFV0hjj_3Wmfp2-_nCckhSbTAERweues/880c0412aa9056b4/6071a862f5578f9 IP188.114.96.1:80
Requested byhttp://cowh67amx.cc/tier1
File typeASCII text, with very long lines (16184), with no line terminators Hashfb519fb14062725df2d1fd2d3e8180e9 980aff702ab384bebc85865cba2651df1a2ee41c 7e3d8c1dc7562da154386bae33f3d932abc8edaeca1704ed1f7055041cae3613
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/805153577:1715196576:sybZJAAswlZWFV0hjj_3Wmfp2-_nCckhSbTAERweues/880c0412aa9056b4/6071a862f5578f9 HTTP/1.1
Host: cowh67amx.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cowh67amx.cc/tier1
Content-type: application/x-www-form-urlencoded
CF-Challenge: 6071a862f5578f9
Content-Length: 1727
Origin: http://cowh67amx.cc
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:56:56 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: K7qz++E7rJEIWyxjr7owbDCk86vafPOG8JrXJJw40m9WgAYX26P2y8MNYJMcLjFp$O+ODtPsKffwd0Gj/zywCWg==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUqY0C71SH5xVvN2XJW29cwQppSiYD9RsDDJ2v%2B9%2BTGmP9RmeySH4hSqBMF89boIZUOWcooWfRcj8XejVtwP5GnuBiyQ3DvfQcBO2E3pxyiGiWdsqet9PIBhccfaNqI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880c0414ba150b31-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/akbhz/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.2.184 | 200 OK | 26 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/akbhz/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.2.184:443
Requested byhttp://cowh67amx.cc/tier1 CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hashd66eaf01ea7a47611d0d2ec5eea51a25 3c9db2e378c4647e42385d5c7027f57360591566 a4c837f28ec8263b1ab22e15721548a6e934fe97a2ef4cd86e4c6771f4090ada
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/akbhz/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:56:56 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
document-policy: js-profiling
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
cross-origin-resource-policy: cross-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 880c04159c53b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit | 104.17.2.184 | 200 OK | 18 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP104.17.2.184:443
Requested byhttp://cowh67amx.cc/tier1 CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cowh67amx.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:56:44 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c03c9bb00569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880c04159c53b4f9/1715198217034/2zrZRXWM2o1ML1U | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880c04159c53b4f9/1715198217034/2zrZRXWM2o1ML1U IP104.17.2.184:0
File typePNG image data, 17 x 64, 8-bit/color RGB, non-interlaced Hash10650825c06a4fcf6112ec1a7be02fa0 d599b2a9811c7cf653200f44c949bd7103af6229 db1a23772077e680059068d354f0db35a16e8055476cf1dde53fb81841b0ea77
GET /cdn-cgi/challenge-platform/h/b/i/880c04159c53b4f9/1715198217034/2zrZRXWM2o1ML1U HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/akbhz/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:56:58 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880c042079bbb4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1991571144:1715196644:2iR6WPDhj-UW1R-1lUslkwOmlfggqEnXIcdiL6U8yQo/880c04159c53b4f9/a1daf46b44277ea | 104.17.2.184 | | 23 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1991571144:1715196644:2iR6WPDhj-UW1R-1lUslkwOmlfggqEnXIcdiL6U8yQo/880c04159c53b4f9/a1daf46b44277ea IP104.17.2.184:0
File typeASCII text, with very long lines (22256), with no line terminators Hash6672486fc8c3541adbe80c2b3862c9de def4ca57806c49b2620a4f500ea0289fffc50d6f b3083b9cc06dea40a22c842de0c86e6714dd3b6a4c91ffb9a04c448657d89e2e
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1991571144:1715196644:2iR6WPDhj-UW1R-1lUslkwOmlfggqEnXIcdiL6U8yQo/880c04159c53b4f9/a1daf46b44277ea HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/akbhz/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: a1daf46b44277ea
Content-Length: 28457
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:57:00 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: lUXoo+/8n2GxgI1GuqR+XrT7x44mOG6RsHlx0hJwQFwqZEMMb1OBY5nXQtQJ4F+2$PyWt0KZxrOIBq0VAYQ6DPw==
vary: accept-encoding
server: cloudflare
cf-ray: 880c042c3de1b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|