pporh693jb645514274d8fc.tkdref.ru/
104.21.18.37403 Forbidden 3.5 kB URL User Request GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/
IP 104.21.18.37:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1732)
Hash 044b76443303d32a97d037468d63f7b4
5bb28551c45566abd864a18e47d5de5874960f09
f10bb208f7fafac87720027503ba38a79f7ceb269b59194e7953c3966642f79e
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 24 May 2023 22:15:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsaVTDnRQRh1d4cP8RAPlQi6FV7odnH7z9hBr1K4flrAS5PFWKL9JPbbV3Fu2BncgitzCmP0bMfUD906dhpdN3O74MGdvF6aHFmVhWT0oS06o2sxSu7s4d5DDd2%2BY5t51y1d6SIAtBBQkw7yrlb%2FTHZXjUM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cc8e6200b69b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/styles/challenges.css
104.21.18.37200 OK 2.6 kB URL GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/styles/challenges.css
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type ASCII text, with very long lines (6600), with no line terminators
Hash 2c78b7f8fa496092bf41d5edd51611e7
8b0b1b276e8194b0a5497db478ec2ea9b4f83c42
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 22:15:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 14:44:50 GMT
ETag: W/"64678b62-19c8"
Server: cloudflare
CF-RAY: 7cc8e621dfeeb51b-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Thu, 25 May 2023 00:15:43 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cc8e6200b69b505
104.21.18.37200 OK 42 B URL GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cc8e6200b69b505
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cc8e6200b69b505 HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 22:15:43 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 14:44:50 GMT
ETag: "64678b62-2a"
Server: cloudflare
CF-RAY: 7cc8e622184bb51b-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Thu, 25 May 2023 00:15:43 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cc8e6200b69b505
104.21.18.37200 OK 56 kB URL GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cc8e6200b69b505
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type ASCII text, with very long lines (65536), with no line terminators
Hash 625dcb29748167b541a64ec05f10b72f
a29f3ada76310dd08c3e6e093c11693d12fdd9b3
7243f341922886334625d090ecdf704ed231594d6a13b7678cbe10d0cbec58d3
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cc8e6200b69b505 HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/?__cf_chl_rt_tk=Sys_XgLTSrMX3u.YPe6ysP1MiJK1j93spZNA.KuOXIk-1684966543-0-gaNycGzNBpA
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 22:15:43 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEzHgEAj8mCepmLNP3cu3451d32o7LXSzaQENLeN7jPUZy7myqrIDIXA%2F4RqhJgHPTUsUSuORfKWdtOeYbogpQl9gsr8DNbX12yQrTIt1tfdoWEDNSqJ95OfCzVQsRyxEzIgsPTIma%2FQIp0G5UrvT8biPos%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cc8e6221854b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
pporh693jb645514274d8fc.tkdref.ru/favicon.ico
104.21.18.37403 Forbidden 3.6 kB URL GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/favicon.ico
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1732)
Hash 84f598b94e4edb7b6e18a016533b330d
2a8c0ebe11f9d2a2aa7074843746e3b00a740bde
322f6fad7d7bc3aa2c8ce7052b075804770e59482cefe9f4893609a4953bd861
GET /favicon.ico HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 24 May 2023 22:15:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uu6qvVsOxP%2BgP2aNY%2BJ4xQvRDQM0oxTxWgq5J2iKhcsEVHC9qGLTtL9v1qzn8YCKa5k0iXAzfEL40U3AhMtq%2Bq5cMA0ZSz56%2F%2BL8SNxjxeF47asgSO6adWEYxuESH6W8JxKnT%2BUuGMX7WqbQ0YvndP%2BSwNw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cc8e6225899b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
pporh693jb645514274d8fc.tkdref.ru/favicon.ico
104.21.18.37403 Forbidden 3.5 kB URL GET HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/favicon.ico
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1711)
Hash d41e3e5b85b516b2f6f4fa1635e5be26
01c0f6a9ec16431b5727ab6350649a233c1d3d69
7c19d462b6aeb0e2cb0b3a618e9a5c227942237efd4776d6341e70723b76f55c
GET /favicon.ico HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 24 May 2023 22:15:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJ9UdNohjxuXBLvJA755K7BnqsBBOeA4JXR%2BW3CxifMSUU8e6nh89vp9CaOicZHkmaJrvedA5MDpaWb2d0tU0DiwWd42pfBCIMjR2mDnCNcfQ%2BmIDueOTKTYjG8YMkh5mivqDCAieBRJ7XFfu3wq37QYJzA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cc8e6234defb4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/80011851:1684962467:qtGUzHkEbha8VHPFYRDAhdubnHBvoRrjuxAZoEaQuLg/7cc8e6200b69b505/1bbf8fcb06cb6a6
104.21.18.37200 OK 5.6 kB URL POST HTTP/1.1 pporh693jb645514274d8fc.tkdref.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/80011851:1684962467:qtGUzHkEbha8VHPFYRDAhdubnHBvoRrjuxAZoEaQuLg/7cc8e6200b69b505/1bbf8fcb06cb6a6
IP 104.21.18.37:80
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
File type ASCII text, with very long lines (7392), with no line terminators
Hash 55d95ed08a1cd6b9827a4c97b4b4decf
d90aa86e027c6c9eeb64b35639d6610882926b3b
e301654d08483b45305a5c0a62fc9e5e738c56eba985d7c635ca731ee3ba35c6
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/80011851:1684962467:qtGUzHkEbha8VHPFYRDAhdubnHBvoRrjuxAZoEaQuLg/7cc8e6200b69b505/1bbf8fcb06cb6a6 HTTP/1.1
Host: pporh693jb645514274d8fc.tkdref.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pporh693jb645514274d8fc.tkdref.ru/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 1bbf8fcb06cb6a6
Content-Length: 1756
Origin: http://pporh693jb645514274d8fc.tkdref.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 22:15:43 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 4g/iq31IoRORPLyYYT4SLCkNGrMZHIyMf981abtQBhceybwOAIIyShGEXhpB4W6k$0wxJKc/oYzNt/s+RyWFLWQ==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1prw1ZWd2QuGBPmZsQvCot09gUZAwpPx1%2FEIz5FJAJIF9odjIkrR8p97QjnhNDf9wYf5fiP9%2BlxGwjsMCe9doncsztLairMdTSC4polS2Eu9mJRr208mW2Yype3Lzj87ZBOxkcI0s83P0Odrm4qQ8ncFZVk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cc8e6237cb9b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cc8e624fe4fb4f7/1684966544499/fGRzj8p02YWZLDW
104.18.7.185200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cc8e624fe4fb4f7/1684966544499/fGRzj8p02YWZLDW
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/i8z6x/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type PNG image data, 54 x 25, 8-bit/color RGB, non-interlaced\012- data
Hash 6cc41af9304f491a6e2fea25f690805b
f114d7f2551b72e1f4ec5d7b76f248ed091a4877
8e2e4e6a13bd24e2e27fc809ad8a44e698fdf5ce53581381f44d126572226871
GET /cdn-cgi/challenge-platform/h/b/img/7cc8e624fe4fb4f7/1684966544499/fGRzj8p02YWZLDW HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/i8z6x/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 May 2023 22:15:45 GMT
content-type: image/png
server: cloudflare
cf-ray: 7cc8e62b2dd1b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/520993267:1684962636:M0ndCA_YK8m7sVXKNGP2HbrFdiTdhhtTlXE_NOGPgSo/7cc8e624fe4fb4f7/e655239b8fb5400
104.18.7.185200 OK 13 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/520993267:1684962636:M0ndCA_YK8m7sVXKNGP2HbrFdiTdhhtTlXE_NOGPgSo/7cc8e624fe4fb4f7/e655239b8fb5400
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/i8z6x/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (13216), with no line terminators
Hash dde28ef02e427520d09807fb52fa85f8
4b9ee96b51402d318675765369ddf81d50df3ce4
ace79356d83d98c7943007f40e44d3ced291d666ef3ea7171ca7ccbf547f6df4
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/520993267:1684962636:M0ndCA_YK8m7sVXKNGP2HbrFdiTdhhtTlXE_NOGPgSo/7cc8e624fe4fb4f7/e655239b8fb5400 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/i8z6x/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: e655239b8fb5400
Content-Length: 18968
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 May 2023 22:15:45 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: mpTc4NEm9x+7Ew6JZ0ejoRMRtn0bNDvVy1cpsDmsgxAUTv9hNXa4CBt4HtKiHBbO$5vffA/EqucawwIpEGCWrbw==
server: cloudflare
cf-ray: 7cc8e62d68b1b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/i8z6x/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
104.18.7.185200 OK 24 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/i8z6x/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP 104.18.7.185:443
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10899)
Hash bdd61687673c847d3a6a341548f577f8
9d6ce632139f69c6a1905da2baeb3d3b48f9ba08
5ab183c55a7e9793d3ae077af9293b9dd04d2d3f41424077a695b00aa5768ffe
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/i8z6x/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 May 2023 22:15:44 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7cc8e624fe4fb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cc8e624fe4fb4f7
104.18.7.185200 OK 155 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cc8e624fe4fb4f7
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/i8z6x/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 155 kB (155420 bytes)
Hash 4107976ef907aac9efcf25bb343f40b5
a97ec113d10504bcb1def2f24926a9d1e91b4699
f49fa4b6069028439d59da99f6df045dae11aa75cd2114d63a64d82e39e8603d
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cc8e624fe4fb4f7 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/i8z6x/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 May 2023 22:15:44 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7cc8e6256ed4b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/520993267:1684962636:M0ndCA_YK8m7sVXKNGP2HbrFdiTdhhtTlXE_NOGPgSo/7cc8e624fe4fb4f7/e655239b8fb5400
104.18.7.185200 OK 177 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/520993267:1684962636:M0ndCA_YK8m7sVXKNGP2HbrFdiTdhhtTlXE_NOGPgSo/7cc8e624fe4fb4f7/e655239b8fb5400
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/i8z6x/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 177 kB (177424 bytes)
Hash c6442d1af929a89da9e9e61a6620e20e
511223593f5c8b28291743adcc90246f5e0b5fde
27fd2e142e7296ff9ad24aa26691368bf49c2af3220fb4f77a573d0b70dbf3fe
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/520993267:1684962636:M0ndCA_YK8m7sVXKNGP2HbrFdiTdhhtTlXE_NOGPgSo/7cc8e624fe4fb4f7/e655239b8fb5400 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/i8z6x/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: e655239b8fb5400
Content-Length: 2724
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 May 2023 22:15:44 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: v/NHq1K4XWSLGqiP/RcSmH6WQ12GHR0c+688ST7niyXjInPcyagTPI092aw7QcuPaTZTCeihiv21u2TX7JQLkJrq9RemaesBzSxsrJdz8/D3eYJx7JXI9zSeocgXQk0490rP917y5e/7QzyZ/iEvrqjWcMVo2rrvwD80/NbAMgSNy0Nms/UhH7g5SeKaBTPJoGfiez5csLNEZcTLZ7IFewrhrXSh5rObCgd+GPNgZs506DcT4XPlohd4T3NNHMj8IlnuX3667hdx8Xz7zrr1z46a56zxcl3UWMjG1Skk2Bj+JBanxfDKTYEEbqh4EZcdsM/pMDGRULtpUylCuLogbFS0IDhJ6CMrmNVFGkQSlBzrcsdDgbv6WE1STRVQSFmrShc+RAzPVNRlAMukoRYun7QPoThFuFhpM9KwsakKWOQS8XprB2cGTihUG/HF5RooTovLjeYSmXBRFOuVoUdGC/PHgLqA2Tz4mtuMsL8Y9fI=$iMUj3tFCy8ZWChnaa/FOmw==
server: cloudflare
cf-ray: 7cc8e6270906b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.7.185200 OK 16 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.7.185:443
Requested by http://pporh693jb645514274d8fc.tkdref.ru/
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (15748)
Hash 2a1262ba5cd32899831d483322a28dd7
3805876db8773ed5820043e1f39b0b6c049f61b2
2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0
GET /turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pporh693jb645514274d8fc.tkdref.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 22:15:43 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc8e6237ac20b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2