www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
172.67.175.210403 Forbidden 3.8 kB URL User Request GET HTTP/1.1 www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
IP 172.67.175.210:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1775)
Hash e4391d7dfdb9b54a83bfe3d75f81afbb
2728b1b8e646a7f1948e2a6db792b1f109608b77
a7be4d89b325fac3bd5a8a39d6fa0800a9f77b8927ad12e3a56165541af55974
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd HTTP/1.1
Host: www.surveyworld.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 07 Jun 2023 05:12:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GX2L%2BmDJ4O%2F%2ButW%2F3dR6gSFKCkZsfDOrfs67JY%2FzWidNutY43%2FZksdzlamb%2FqdwQT45ldab%2FJMD4zfZGPPUxGvgNdTmrETQuR7Ezbhnvgy81f1YZi0RUrqs%2FvCKItfuyQoXSN6nV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d3666d56fc8b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.surveyworld.top/cdn-cgi/styles/challenges.css
104.21.83.120200 OK 2.6 kB URL GET HTTP/1.1 www.surveyworld.top/cdn-cgi/styles/challenges.css
IP 104.21.83.120:80
Requested by http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
File type ASCII text, with very long lines (6600), with no line terminators
Hash 2c78b7f8fa496092bf41d5edd51611e7
8b0b1b276e8194b0a5497db478ec2ea9b4f83c42
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: www.surveyworld.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:12:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 15:20:42 GMT
ETag: W/"6476144a-19c8"
Server: cloudflare
CF-RAY: 7d3666d668f10b55-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Wed, 07 Jun 2023 07:12:43 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
www.surveyworld.top/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7d3666d56fc8b518
104.21.83.120200 OK 42 B URL GET HTTP/1.1 www.surveyworld.top/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7d3666d56fc8b518
IP 104.21.83.120:80
Requested by http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7d3666d56fc8b518 HTTP/1.1
Host: www.surveyworld.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:12:43 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 15:20:42 GMT
ETag: "6476144a-2a"
Server: cloudflare
CF-RAY: 7d3666d689100b55-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Wed, 07 Jun 2023 07:12:43 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
www.surveyworld.top/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7d3666d56fc8b518
104.21.83.120200 OK 58 kB URL GET HTTP/1.1 www.surveyworld.top/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7d3666d56fc8b518
IP 104.21.83.120:80
Requested by http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
File type ASCII text, with very long lines (65536), with no line terminators
Hash a6f7d7ff11638dd2080856ee7da7fda7
ed8cbb3d83b0dddac14e0daa4f7e163905d76e6b
cfc7e9920e86ab5d612d9cc903ff63507088029af7854da42c8756906047a885
GET /cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7d3666d56fc8b518 HTTP/1.1
Host: www.surveyworld.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd?__cf_chl_rt_tk=qYBgEnREbxoMKWoHUmh.QX_EQGQ3kRSdmNdx1Rk2vFc-1686114763-0-gaNycGzNBrs
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:12:43 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFx720kbYEfTyDou%2BTj6ZtepU977KN8jZTXQxenbqgkuhq9rATGKAcbgX5F6bfBdmkbLbk9SxIpRaybvMd16bWMJN%2FB2QhqUbFkm6NNCK8RPKfzAum57ClX4i2oyXd6yTt8bP8Hs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d3666d689170b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.surveyworld.top/favicon.ico
104.21.83.120403 Forbidden 3.5 kB URL GET HTTP/1.1 www.surveyworld.top/favicon.ico
IP 104.21.83.120:80
Requested by http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1625)
Hash 1f6e02d7e64f7f14828745aa21fe8cda
4826073ae470682f1405d587cc1b5a6f5f509282
cddf97224e29cbac18a122df2605c79aae9343583dd9812f34a5c1c419afa185
GET /favicon.ico HTTP/1.1
Host: www.surveyworld.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 07 Jun 2023 05:12:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtqR0h4WoqIqIoEORPR8DEfzL71BOUfAPfIqNeamDHsXfwS6ZJKY2Y%2FagIsGlnlxXJ5TC43cEhKW%2BN6Y%2Bks2QkrJKRKsvJhzI%2ByUQ890Ec6MndvfbN6Xd0wz8PHM1RiBA4XpNerg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d3666d6a94d0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.surveyworld.top/favicon.ico
104.21.83.120403 Forbidden 3.5 kB URL GET HTTP/1.1 www.surveyworld.top/favicon.ico
IP 104.21.83.120:80
Requested by http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1668)
Hash 77a78bc03f8c662987014ba7464c1545
85aec5b32cbe5edf9414e345f4948aa052430f61
0716eb887ed8c04b894639a50836de73896c06f2288f631ee8976dfd8c85d6d1
GET /favicon.ico HTTP/1.1
Host: www.surveyworld.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
DNT: 1
Connection: keep-alive
Cookie: cf_chl_2=0c587acc2644716
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 07 Jun 2023 05:12:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXeS40epKj4SJMNajNgX2FM%2F1tV1idhrSvjc3ALAejFYnAHlWIBhg11E%2BG0xqQ8caD4u5J2oQyI%2BXXHv82An0wfpxVblEMWTSesca8anQtR9lvUKg0r8epxUDF8x1NrJUePJHabg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d3666d72f41fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.surveyworld.top/cdn-cgi/challenge-platform/h/g/flow/ov1/2113694512:1686111885:XAuzIU563fNIZYNlixiWDlSdtZBK0-e1pmd8CWDSWTQ/7d3666d56fc8b518/0c587acc2644716
104.21.83.120200 OK 5.7 kB URL POST HTTP/1.1 www.surveyworld.top/cdn-cgi/challenge-platform/h/g/flow/ov1/2113694512:1686111885:XAuzIU563fNIZYNlixiWDlSdtZBK0-e1pmd8CWDSWTQ/7d3666d56fc8b518/0c587acc2644716
IP 104.21.83.120:80
Requested by http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
File type ASCII text, with very long lines (7464), with no line terminators
Hash 009e39480f86d1d9d25b40b7b3ac3321
1f9eac3cf00348496057657705346ef26c914e27
03d5ec5ae9fd5015ced905e5b66f6d2fa92095ffb27d0310195d764bde9e500e
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2113694512:1686111885:XAuzIU563fNIZYNlixiWDlSdtZBK0-e1pmd8CWDSWTQ/7d3666d56fc8b518/0c587acc2644716 HTTP/1.1
Host: www.surveyworld.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0c587acc2644716
Content-Length: 1938
Origin: http://www.surveyworld.top
DNT: 1
Connection: keep-alive
Cookie: cf_chl_2=0c587acc2644716
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:12:43 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: oxjvBWT1C2FpD1WQpFdRo9i5J326PgkR6OQ3UHbrdPIYIJx1FHABqWIZgRgj7L0o$0730WYee3sPLEup+ujbEDA==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgM%2BijjEB1uh1Do0nNMCuqJjQPSWaSO3nTDX8xyVuYtYUHcZ3tAXj3qoSTYqPdHdp38VHc0ZTgYrbX%2Fj%2B1XdBWfg1bRxqxmWE1U9rd3Y%2BHgxOvqZ9aTP1nl0yPFKHkU8FARXjzEE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d3666d83f12b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 19 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:443
Requested by http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (19175)
Hash 21a964474a4841c3e62893476cfec550
af06eb1e31d451fe557b7581e707cd88a3107491
fb479d9c5db685793fd57b4cacb188d2aa9ab40d660d54e1cf35d0f54b390c12
GET /turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.surveyworld.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 05:12:43 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d3666d74db5b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1539576259:1686111866:PjI16eGCdfdBq4j_8dhc0s_SSehWEkWO0jQ53tgCfhQ/7d3666d89ff7b4fa/454c458939b0cfb
104.18.6.185200 OK 80 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1539576259:1686111866:PjI16eGCdfdBq4j_8dhc0s_SSehWEkWO0jQ53tgCfhQ/7d3666d89ff7b4fa/454c458939b0cfb
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yoeng/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash b56dc3508253f7a7793eeb1c0032817b
97e1ac85d653246e64e6384d420897e2dd248a0f
37cf9b0d05ed3c315b919562d356d48436a182d80d9738e04c1fa17963ace2d5
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1539576259:1686111866:PjI16eGCdfdBq4j_8dhc0s_SSehWEkWO0jQ53tgCfhQ/7d3666d89ff7b4fa/454c458939b0cfb HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yoeng/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 454c458939b0cfb
Content-Length: 2907
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:12:43 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: lF7sC2c6gFmVHFdMB0jPiuTymI5PGixIn/Z+RkFgMJKiCPrdOM3iqm0aybGWqLTC1E6uUCU4pv2j2quYrysi0PSpdXNXXdWsBgr3a+x9skGsjL70ixYwTq+nZe89hFKXRdEF2mEjSiVcI0KlY8QVbdLm7JtolxGt7pZgv4akj9ytGOaa1DDSjdFCoMT2wwYv+eM2Cg9ynO5eC6GvMX+Cw1pU/vMbvP8pjlxSSYEsXqcQkMHbPg0kxHDqwiwKBWjeGvq36Pd8RNWsJcBjQ5Q1kJqAb2evkFdZIRb/dTEva20/PP2tGVvFzc+Zb78LuAZMhiq/HtQ2qgZCE9+8Xdet1h7g3RB31FHZ/FwierGRFRjoyRB0wgY6Mm/tG9kYqC+U$Kk9LNw+Sl4zEYkfqGicy+g==
server: cloudflare
cf-ray: 7d3666da5992b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1539576259:1686111866:PjI16eGCdfdBq4j_8dhc0s_SSehWEkWO0jQ53tgCfhQ/7d3666d89ff7b4fa/454c458939b0cfb
104.18.6.185200 OK 13 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1539576259:1686111866:PjI16eGCdfdBq4j_8dhc0s_SSehWEkWO0jQ53tgCfhQ/7d3666d89ff7b4fa/454c458939b0cfb
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yoeng/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (13232), with no line terminators
Hash 47b8e96316d472f8abdd58dce6f883d2
a6a336787af850b279d34f3b1a711d975832fe27
6a7fd0125c57c27d25d648bfc3f4203d208816b6e38ac4313d12baaafae9d1f4
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1539576259:1686111866:PjI16eGCdfdBq4j_8dhc0s_SSehWEkWO0jQ53tgCfhQ/7d3666d89ff7b4fa/454c458939b0cfb HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yoeng/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 454c458939b0cfb
Content-Length: 21816
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:12:46 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: yNQ73JR7gq9WvwxQshjGJ1enz9iAMr7Sg8+daPW8rvTu/RpXJmyBjHY0k6wv3d5l$1jIf7WOPOs4I+w92TsptTQ==
server: cloudflare
cf-ray: 7d3666e79ebcb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7d3666d89ff7b4fa/1686114763904/RfJiffMpnpas54o
104.18.6.185200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7d3666d89ff7b4fa/1686114763904/RfJiffMpnpas54o
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yoeng/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type PNG image data, 13 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 0e6263cd724ee01c5862a7e4a96f7580
6898abd94244c1f48328c85361f876046724b382
42403d7f4cc23c1db24673a9f0d7f4e4708d7dcca01bfd8336464c088f13593f
GET /cdn-cgi/challenge-platform/h/g/img/7d3666d89ff7b4fa/1686114763904/RfJiffMpnpas54o HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yoeng/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:12:44 GMT
content-type: image/png
server: cloudflare
cf-ray: 7d3666db1a67b4fa-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yoeng/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
104.18.6.185200 OK 24 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yoeng/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP 104.18.6.185:443
Requested by http://www.surveyworld.top/subsist-destined/e9a6g2n3W95z86oq11SMX12raL56n27mFDFIxxIEGDwI8fHIDrGDvIEGsi9bdXnmRo2e6WR1OA08CkcPlUYd
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10899)
Hash 50d87f1c2ae7fd1614a3bded6a93d925
cbe484b6b807f6035ca763959d32b1ea52bb088a
868539073cc82f2ec9edb9f014c7915fcd57b2acb1ac160504db5f4eb88ad228
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yoeng/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:12:43 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7d3666d89ff7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d3666d89ff7b4fa
104.18.6.185200 OK 178 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d3666d89ff7b4fa
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yoeng/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 178 kB (178008 bytes)
Hash 28da7878a062323815ba1a1204dfc258
080a848530d956c593578e8eed3ef4b27b05c845
aa4aff09bbb7edf4b009a17832ddeadfbba6441a34e71efa68e94f718a33d207
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d3666d89ff7b4fa HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yoeng/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:12:43 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7d3666d9186ab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400