alawaelafrica.com/.ojnew/tmp/YXZhbmJ1cmVuQHBvaW50c29mbGlnaHQub3Jn
65.108.234.151302 Found 115 B URL User Request GET HTTP/1.1 alawaelafrica.com/.ojnew/tmp/YXZhbmJ1cmVuQHBvaW50c29mbGlnaHQub3Jn
IP 65.108.234.151:443
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.alawaelafrica.com
Fingerprint0C:96:6B:AB:EF:3F:05:6B:41:01:84:52:29:4C:B1:C2:93:64:EB:89
ValidityThu, 18 May 2023 17:04:53 GMT - Wed, 16 Aug 2023 17:04:52 GMT
File type ASCII text, with no line terminators
Hash 9540b63e6c1da3d9654dbb824092efd6
21757e22168e8b23588ad67c04298b30de9f4352
22eb7aa9738047933e0b6ad5b0b09090689ed83c3663f35703b00bed13fb833e
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /.ojnew/tmp/YXZhbmJ1cmVuQHBvaW50c29mbGlnaHQub3Jn HTTP/1.1
Host: alawaelafrica.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Mon, 05 Jun 2023 06:52:50 GMT
Server: Apache
Location: https://0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org
104.21.88.100403 Forbidden 3.6 kB URL User Request GET HTTP/2 0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org
IP 104.21.88.100:443
Certificate IssuerGoogle Trust Services LLC
Subjectocupac.ru
Fingerprint55:23:8F:A1:07:E8:A6:35:20:AA:B3:68:A6:24:AE:D8:92:FD:5C:0C
ValidityWed, 10 May 2023 04:25:15 GMT - Tue, 08 Aug 2023 04:25:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1790), with CRLF, LF line terminators
Hash 65904afa6171edbe707d141cba464b9b
0d94860e24ca1fd05552b4189dae7717f7715f26
55d4be4976babde8afb96f0cc3d7c478dacf4cd8a0177df4662a9b0c3ccad44b
GET /Mavanburen@pointsoflight.org HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Mon, 05 Jun 2023 06:52:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BPULbBJKMSyEVWNxjOdKnSXZ8f1kI3mEBmeuT1a7KiFsHApPbYJ9mk0lExvvs0dZxsIV%2B8CNMjsL710H5eJJzP1AxjH41tV5trYPIs814nnqZ3OKpK9yrM8FkJZ3POFMOuwvhUjxgoNPZ3GPWi1D8Z4YA8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d267ec18c1dfab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d267ec18c1dfab8
172.67.176.78200 OK 42 B URL GET HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d267ec18c1dfab8
IP 172.67.176.78:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d267ec18c1dfab8 HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 06:52:50 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 15:20:42 GMT
ETag: "6476144a-2a"
Server: cloudflare
CF-RAY: 7d267ec29da60b55-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Mon, 05 Jun 2023 08:52:50 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7d267ec18c1dfab8
172.67.176.78200 OK 59 kB URL GET HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7d267ec18c1dfab8
IP 172.67.176.78:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org
File type ASCII text, with very long lines (65536), with no line terminators
Hash ea734716a04db456b1ed766e214adcc1
33282534f12fa0236383ea3e32a62e2e187c69fb
e9608d3fe3bf2da80a1396be44770a45a842e488bb7bfcca83f09923723fd805
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7d267ec18c1dfab8 HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org?__cf_chl_rt_tk=ghNXug5jKK6q7pIc1gf1exftzhFYT3MdNHufgdG5EbA-1685947970-0-gaNycGzNBtA
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 06:52:50 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOCcmAwuoHqRvjaSLvcOvNqbTnLyR4ZleWpVB9dRXANs69HUT2LuDfUJH7MawngdXQtMrabOckcacCMH8KYPKF6mW0avj1huWA%2BvRGs8E4KXtLjzjYGUFv3AZX2fE8RgBK1%2BsMlKpFsnqR99Y0%2BJLlHC20E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d267ec29c34b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
0gpilhhtlb646b2a32a499c.ocupac.ru/favicon.ico
172.67.176.78403 Forbidden 3.7 kB URL GET HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/favicon.ico
IP 172.67.176.78:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1833), with CRLF, LF line terminators
Hash 0293f936f7b5616034525fa9f10cca02
903512df435648ca46c9c7c25f5dde8af815a6f7
cde5911bea41d2cecc9e2167a709159b954825b90700c42147cc3b85efe400fb
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org?__cf_chl_rt_tk=ghNXug5jKK6q7pIc1gf1exftzhFYT3MdNHufgdG5EbA-1685947970-0-gaNycGzNBtA
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Mon, 05 Jun 2023 06:52:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FCr4kHLC20ojs1%2Ff4y7dk6lXfVR845U1v5URBROVtq5aXXZHF9S1lu4Od4bNSe8JYwdn4%2F1u2KZVJhTwaqIXMLYMb3wxqYLc3fMU3KJgUuITuoSOA%2BkJG5XMam57GrsEawtLZd7d62skn5aWOlXGwT9SpI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d267ec2cc5eb50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 12 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:443
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (19175)
Hash 21a964474a4841c3e62893476cfec550
af06eb1e31d451fe557b7581e707cd88a3107491
fb479d9c5db685793fd57b4cacb188d2aa9ab40d660d54e1cf35d0f54b390c12
GET /turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://0gpilhhtlb646b2a32a499c.ocupac.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 06:52:51 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d267ec38d43b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1935437789:1685945398:YO5cWvQZ8zDy-MEaccFCuZFoE_BZBgpQtzOXPkddCBA/7d267ec18c1dfab8/c0a666d281249e7
172.67.176.78200 OK 7.4 kB URL POST HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1935437789:1685945398:YO5cWvQZ8zDy-MEaccFCuZFoE_BZBgpQtzOXPkddCBA/7d267ec18c1dfab8/c0a666d281249e7
IP 172.67.176.78:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org
File type ASCII text, with very long lines (7416), with no line terminators
Hash bafd2ad184f6145012e86f7c568e525c
27ab3a4f89167fd1e2ff81f8b3ccbab3d7fe1f36
842bb73d5d757d3f11b2acc8fb973d3dae3af6aa78ff318cb4ca4b055f1f9c92
Analyzer Verdict Alert quad9 Sinkholed
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1935437789:1685945398:YO5cWvQZ8zDy-MEaccFCuZFoE_BZBgpQtzOXPkddCBA/7d267ec18c1dfab8/c0a666d281249e7 HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org
Content-type: application/x-www-form-urlencoded
CF-Challenge: c0a666d281249e7
Content-Length: 1826
Origin: http://0gpilhhtlb646b2a32a499c.ocupac.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 06:52:51 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: b8RIrG9S9JTfBwJPOX0kXd+s4ltbmz3sshxTYHff63qS74tkt/RDuODPSQQrj1wd$j2s1IbE+Onz4AlgHAdl+tw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZp3SrFZeaCQ6Pt53aZoXPVYCqTe4GSwb%2BmxvdyBXX6m40Gd5ZJrujq7%2BTXHHim%2F1JACgEacGJH%2Fol5JNVcC%2Feg2z6fK0%2FzCPpw9B7z3Qdk4qMt2T29%2FbJGWGtkkHnKaBxrS6qm3NFZzNdq319gkkV6HKXc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d267ec40f9c0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/12o3f/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
104.18.6.185200 OK 24 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/12o3f/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP 104.18.6.185:443
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mavanburen@pointsoflight.org
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10899)
Hash f54567a6090ad94dce3b85176213f4f1
afa77fa51f64774113aba9e1c4515cae38cfb3cb
9b9e4847e9f2689bc69c7741e6c31b30ea56f7554ae5703b90db0b481322a0ad
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/12o3f/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 06:52:51 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7d267ec48ca1b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d267ec48ca1b51b
104.18.6.185200 OK 172 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d267ec48ca1b51b
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/12o3f/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 172 kB (172057 bytes)
Hash cbccbf507bea895bbab1087ec30bc955
975510cc7c2ddc9cfe51a0a67438eba3d1be2947
fdbc64bf09dce67e948660ccb3bf4cbaa58c403e10d1a210b12ec0020d23a556
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d267ec48ca1b51b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/12o3f/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 06:52:51 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7d267ec4fd0cb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7d267ec48ca1b51b/1685947971558/eEwrsTS6yhVePCg
104.18.6.185200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7d267ec48ca1b51b/1685947971558/eEwrsTS6yhVePCg
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/12o3f/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type PNG image data, 36 x 71, 8-bit/color RGB, non-interlaced\012- data
Hash 97c4a17ce0f880ee9f57344d700403aa
9052c546b24ccacd8dd9d203739e4b62bef7d71b
259efd95b3d346c94efca543bd902d8fef5b9580302a10b8eb5213a347706dc0
GET /cdn-cgi/challenge-platform/h/g/img/7d267ec48ca1b51b/1685947971558/eEwrsTS6yhVePCg HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/12o3f/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 06:52:51 GMT
content-type: image/png
server: cloudflare
cf-ray: 7d267ec8a9a9b51b-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1144101922:1685945382:SFhjAUlcHA_Iv6SaFzNatLJqofYRU17AQDyaxl1DTJQ/7d267ec48ca1b51b/089bfd3be27d3c8
104.18.6.185200 OK 54 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1144101922:1685945382:SFhjAUlcHA_Iv6SaFzNatLJqofYRU17AQDyaxl1DTJQ/7d267ec48ca1b51b/089bfd3be27d3c8
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/12o3f/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (54440), with no line terminators
Hash 89e929db3db6bab296654a27a8f55deb
2dc891cdb97216c5d1253dcb2fac52c5aab5c547
871a850e18a3c6a550355c27912f22b0f350b6f69ff6c951028257b18f46d4f4
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1144101922:1685945382:SFhjAUlcHA_Iv6SaFzNatLJqofYRU17AQDyaxl1DTJQ/7d267ec48ca1b51b/089bfd3be27d3c8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/12o3f/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 089bfd3be27d3c8
Content-Length: 2788
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 06:52:51 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: RXMMRBwMid/zkvEyv7y9lgUOxLwaR7vK66LCmNw1ejb01pEUf2kKGUjYwU7LJ5AiMYoN556ZujjaC9P1xI9GfPL3BvPCd35zkzroVHakB3QMDM6zdws2G274arH7w1cAAQbnNwUjGGnxlZouNmY7iojnvmr47vjuwcEveSroUo/H0qYWdGTO6YzXGorn6iQf01eo6CNAUsSiH3pLJ3GSR614sL72p6VrwQy+fdHWbP8v0oxvJwgZCkUaduB5OYS+KHyvB5msziQQk3FukYfDHpm8agrekNgVlfeob/xyGJKWPteOY24e7LKDOtnslT4USMRjN2MpoaRf0FuBuGvr8PZQFSo6mKp1dsVKqbPpaWk=$EuQor9OPUKS7R+0R5J8tuA==
server: cloudflare
cf-ray: 7d267ec62e81b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1144101922:1685945382:SFhjAUlcHA_Iv6SaFzNatLJqofYRU17AQDyaxl1DTJQ/7d267ec48ca1b51b/089bfd3be27d3c8
104.18.6.185200 OK 13 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1144101922:1685945382:SFhjAUlcHA_Iv6SaFzNatLJqofYRU17AQDyaxl1DTJQ/7d267ec48ca1b51b/089bfd3be27d3c8
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/12o3f/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (13232), with no line terminators
Hash f81624a4ce35cc330587a1a36d51177a
bdeef4d763e57463ffc846eaa67fa86754af7ce5
c6b0163af349fb066d7301f20fced6066aaa9bc0ea8949e61a321d4238e1211d
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1144101922:1685945382:SFhjAUlcHA_Iv6SaFzNatLJqofYRU17AQDyaxl1DTJQ/7d267ec48ca1b51b/089bfd3be27d3c8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/12o3f/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 089bfd3be27d3c8
Content-Length: 21175
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 06:52:54 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: QV5LjjMApAyBuKwHyVy19gHtqh2ThLKPdnpp3SQXvjVWFViVS5LcM+MxgbYLFAHP$kj/yJftQZJpbZSG9u5gvKg==
server: cloudflare
cf-ray: 7d267ed5b9ddb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400