Report - t1.a.editions-legislatives.fr/r/?id=hfe20c57a,3602a3f1,7f94ba88&p1=//indigitalnow.com/late/dayo/c5e8247b0c7676a6e13ac17c4db5ef4e/YmNvbGxpc29uQGtlYXJuZXltby51cw==&..=c&ago=212&ao=817&aca=-11&si=-11&ci=-11&pi=-11&ad=-11&sv1=-11&advt=-11&chnl=-11&vndr=1363&sz=539&u=eTLPPreWarranty|Consumer&red=www.lampsplus.com/?sourceid

Report Overview

Visited public
2024-12-16 17:33:00
Tags
suspicious
URL
t1.a.editions-legislatives.fr/r/?id=hfe20c57a,3602a3f1,7f94ba88&p1=//indigitalnow.com/late/dayo/c5e8247b0c7676a6e13ac17c4db5ef4e/YmNvbGxpc29uQGtlYXJuZXltby51cw==&..=c&ago=212&ao=817&aca=-11&si=-11&ci=-11&pi=-11&ad=-11&sv1=-11&advt=-11&chnl=-11&vndr=1363&sz=539&u=eTLPPreWarranty|Consumer&red=www.lampsplus.com/?sourceid
Finishing URL
huf.tartmoro.ru/u4wDxV/#Dbcollison@kearneymo.us
IP / ASN
52.16.219.193
#16509 AMAZON-02
Title
Suspicious - Anti-debugging code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
t1.a.editions-legislatives.fr	738165	1996-11-07	2020-12-02	2024-12-12	773 B	872 B	52.16.219.193
indigitalnow.com	unknown	2017-03-21	2019-02-28	2022-06-18	704 B	257 B	122.201.80.143
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-12-11	2.7 kB	196 kB	104.18.94.41
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2024-12-11	437 B	15 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21	2024-12-11	409 B	32 kB	151.101.130.137
huf.tartmoro.ru	unknown	2024-11-14	2024-12-16	2024-12-16	1.6 kB	23 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	1.5 kB	2024-12-16	2024-12-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-16 17:33 Last Seen2024-12-16 17:33 Times Seen1 Hash ed025082baa43edb3e56b2228dfede7f 8a9415f979ce5e082c049c123ead7ca4d1048492 d78e15ad146017a29e8e8ef19e058d44605a349d2f08740e99d59725acfafc64 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8f3069ef88000b3d&lang=auto	ScriptElement	119 kB	2024-12-16	2024-12-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8f3069ef88000b3d&lang=auto IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-16 17:33 Last Seen2024-12-16 17:33 Times Seen1 Hash e69eebb7fd23a52fb36b970559ffe961 8c0abf96d6fbbfde81676f30e64422ef00701547 b6619824380bb666aad4da70514b7c7381f938ddf1d9189407e9bddf7d279370 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	ScriptElement	48 kB	2024-12-05	2024-12-17
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 14:49 Last Seen2024-12-17 09:29 Times Seen3946 Hash b0b3774e70e752266b4cf190e6d95053 03823d33d8c374dd69b66f1d75a5fc93d29967e1 a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141 Loading...

	unknown	ScriptElement	1.6 kB	2024-12-16	2024-12-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-16 17:33 Last Seen2024-12-16 17:33 Times Seen1 Hash dfc5950ff77eaf20cf6e89e927fd88e9 06db916bf4e1c75d90f1c07bc4cb3b0e5b782b8c 9352416087d46ceaf8ac8e6cca78ab63f57292995573fb0cd8eaaed0473fd695 Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	ScriptElement	48 kB	2023-03-07	2025-06-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-06-07 10:00 Times Seen95882 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/65aee/0x4AAAAAAA0HsJ_ah3VUjZkD/auto/fbE/normal/auto/	ScriptElement	3.7 kB	2024-12-16	2024-12-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/65aee/0x4AAAAAAA0HsJ_ah3VUjZkD/auto/fbE/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-16 17:33 Last Seen2024-12-16 17:33 Times Seen1 Hash 12d93e8c3bc2231766d5fb6bf905c625 3b57b539a0bdfb5557bb8a8ac484ed3ef9e90b12 f0ad07d6cabc26d8af3358ba18f7ef4d61ad1b639f7ea8d21b96b2aa67c85017 Loading...

	huf.tartmoro.ru/u4wDxV/#Dbcollison@kearneymo.us	ScriptElement	19 kB	2024-12-16	2024-12-16
Pretty URL huf.tartmoro.ru/u4wDxV/#Dbcollison@kearneymo.us IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-16 17:33 Last Seen2024-12-16 17:33 Times Seen1 Hash 1f7629d86dd6bbab2fb0c5b44189b7a0 50e2f89c44c8f4a54cab6426a7bfb25b7472f9f3 8e1976c62fd814a2e7726af2d93994e88ae2694a6dac596f537cb2b756471d4b Loading...

	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-06-07
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-07 10:16 Times Seen211810 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-06-07 10:08
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-06-07 10:08 Times Seen375587 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

		Size	First Seen	Last Seen
	#1 Write - 76c1a13d180f22542f826961bf279c9b	5.5 kB	2024-12-16 17:33	2024-12-16 17:33
Pretty Observations First Seen2024-12-16 17:33 Last Seen2024-12-16 17:33 Times Seen1 Hash 76c1a13d180f22542f826961bf279c9b 35f231242fd012b7e0c33fb885eddc7cae076e53 af3014a3865c69fbb405382d3f8ec41db96e0181f963120a424881054516d1d5 Loading...

HTTP Transactions (11)

	URL	IP	Response	Size
	t1.a.editions-legislatives.fr/r/?id=hfe20c57a,3602a3f1,7f94ba88&p1=//indigitalnow.com/late/dayo/c5e8247b0c7676a6e13ac17c4db5ef4e/YmNvbGxpc29uQGtlYXJuZXltby51cw==&..=c&ago=212&ao=817&aca=-11&si=-11&ci=-11&pi=-11&ad=-11&sv1=-11&advt=-11&chnl=-11&vndr=1363&sz=539&u=eTLPPreWarranty\|Consumer&red=www.lampsplus.com/?sourceid	52.16.219.193	302 Found	17 B
URL t1.a.editions-legislatives.fr/r/?id=hfe20c57a,3602a3f1,7f94ba88&p1=//indigitalnow.com/late/dayo/c5e8247b0c7676a6e13ac17c4db5ef4e/YmNvbGxpc29uQGtlYXJuZXltby51cw==&..=c&ago=212&ao=817&aca=-11&si=-11&ci=-11&pi=-11&ad=-11&sv1=-11&advt=-11&chnl=-11&vndr=1363&sz=539&u=eTLPPreWarranty\|Consumer&red=www.lampsplus.com/?sourceid IP 52.16.219.193:0 ASN #16509 AMAZON-02 File type ASCII text, with no line terminators Size 17 B (17 bytes) Hash edf537e37d4549950774190c58f93b76 4e2078632eccec8993f151be9338bbcb88ce6f58 afff9c63cfeacd26e5d4000edf576f1386d6729dca783eb45004f484a73a3514 HTTP Headers GET /r/?id=hfe20c57a,3602a3f1,7f94ba88&p1=//indigitalnow.com/late/dayo/c5e8247b0c7676a6e13ac17c4db5ef4e/YmNvbGxpc29uQGtlYXJuZXltby51cw==&..=c&ago=212&ao=817&aca=-11&si=-11&ci=-11&pi=-11&ad=-11&sv1=-11&advt=-11&chnl=-11&vndr=1363&sz=539&u=eTLPPreWarranty\|Consumer&red=www.lampsplus.com/?sourceid HTTP/1.1 Host: t1.a.editions-legislatives.fr User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Mon, 16 Dec 2024 17:32:35 GMT content-type: text/plain; charset=utf-8 content-length: 17 location: https:////indigitalnow.com/late/dayo/c5e8247b0c7676a6e13ac17c4db5ef4e/YmNvbGxpc29uQGtlYXJuZXltby51cw==?..=c&ago=212&ao=817&aca=-11&si=-11&ci=-11&pi=-11&ad=-11&sv1=-11&advt=-11&chnl=-11&vndr=1363&sz=539&u=eTLPPreWarranty\|Consumer&red=www.lampsplus.com/?sourceid server: Apache x-robots-tag: noindex p3p: CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV" set-cookie: AMCV_EDB0539A5733225A7F000101%40AdobeOrg=MCMID%7C27353716160274104311555914230467657727; Domain=editions-legislatives.fr; Path=/; Expires=Sat, 10-Jan-2026 17:32:35 GMT nlid=fe20c57a\|3602a3f1; Domain=editions-legislatives.fr; Path=/ nllastdelid=3602a3f1; Domain=editions-legislatives.fr; Path=/; Expires=Sat, 10-Jan-2026 17:32:35 GMT X-Firefox-Spdy: h2

	indigitalnow.com/late/dayo/c5e8247b0c7676a6e13ac17c4db5ef4e/YmNvbGxpc29uQGtlYXJuZXltby51cw==?..=c&ago=212&ao=817&aca=-11&si=-11&ci=-11&pi=-11&ad=-11&sv1=-11&advt=-11&chnl=-11&vndr=1363&sz=539&u=eTLPPreWarranty\|Consumer&red=www.lampsplus.com/?sourceid	122.201.80.143	200 OK	0 B
URL indigitalnow.com/late/dayo/c5e8247b0c7676a6e13ac17c4db5ef4e/YmNvbGxpc29uQGtlYXJuZXltby51cw==?..=c&ago=212&ao=817&aca=-11&si=-11&ci=-11&pi=-11&ad=-11&sv1=-11&advt=-11&chnl=-11&vndr=1363&sz=539&u=eTLPPreWarranty\|Consumer&red=www.lampsplus.com/?sourceid IP 122.201.80.143:0 ASN #38719 Dreamscape Networks Limited File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /late/dayo/c5e8247b0c7676a6e13ac17c4db5ef4e/YmNvbGxpc29uQGtlYXJuZXltby51cw==?..=c&ago=212&ao=817&aca=-11&si=-11&ci=-11&pi=-11&ad=-11&sv1=-11&advt=-11&chnl=-11&vndr=1363&sz=539&u=eTLPPreWarranty\|Consumer&red=www.lampsplus.com/?sourceid HTTP/1.1 Host: indigitalnow.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Mon, 16 Dec 2024 17:32:35 GMT Server: Apache refresh: 0;url=https://hUf.tartmoro.ru/u4wDxV/#Dbcollison@kearneymo.us Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8`

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	104.18.94.41	302 Found	0 B
URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://huf.tartmoro.ru/u4wDxV/#Dbcollison@kearneymo.us Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /turnstile/v0/api.js?render=explicit HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://huf.tartmoro.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Mon, 16 Dec 2024 17:32:37 GMT content-length: 0 access-control-allow-origin: * cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public cross-origin-resource-policy: cross-origin location: /turnstile/v0/g/f9063374b04d/api.js vary: Accept-Encoding server: cloudflare cf-ray: 8f3069edde2c56bd-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	104.17.25.14	200 OK	14 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://huf.tartmoro.ru/u4wDxV/#Dbcollison@kearneymo.us Certificate IssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02 ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT File type JavaScript source, ASCII text, with very long lines (48316), with no line terminators Size 14 kB (13972 bytes) Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 HTTP Headers `GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://huf.tartmoro.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 16 Dec 2024 17:32:37 GMT content-type: application/javascript; charset=utf-8 content-length: 13972 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "61182885-3694" last-modified: Sat, 14 Aug 2021 20:33:09 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 410248 expires: Sat, 06 Dec 2025 17:32:37 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbB0w37miXKYjFOfvVgkDV4nHPX3U9m1W19udCj8%2BfUADzL6lPn0YGjapieMJ2mBKbKVFaYXa%2Bx%2FfyexabIKddn9TgnrVpO7rO8MbJzhDbqgWziVyooBLaI4N2n596tuayQVeRL%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 8f3069edfa8c56be-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	code.jquery.com/jquery-3.6.0.min.js	151.101.130.137	200 OK	31 kB
URL GET HTTP/2 code.jquery.com/jquery-3.6.0.min.js IP 151.101.130.137:443 ASN #54113 FASTLY Requested by https://huf.tartmoro.ru/u4wDxV/#Dbcollison@kearneymo.us Certificate IssuerSectigo Limited Subject.jquery.com FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5 ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65447) Size 31 kB (30875 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /jquery-3.6.0.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://huf.tartmoro.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-15d9d" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * cross-origin-resource-policy: cross-origin content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Mon, 16 Dec 2024 17:32:37 GMT age: 2893648 x-served-by: cache-lga21931-LGA, cache-hel1410024-HEL x-cache: HIT, HIT x-cache-hits: 71, 607892 x-timer: S1734370357.442493,VS0,VE0 vary: Accept-Encoding content-length: 30875 X-Firefox-Spdy: h2

	huf.tartmoro.ru/favicon.ico	188.114.97.1	404 Not Found	64 B
URL GET HTTP/3 huf.tartmoro.ru/favicon.ico IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://huf.tartmoro.ru/u4wDxV/#Dbcollison@kearneymo.us Certificate IssuerGoogle Trust Services Subjecttartmoro.ru Fingerprint1D:6F:96:E3:C7:AD:2E:E5:01:B0:24:D4:88:A5:46:C4:B8:EA:38:6E ValidityFri, 15 Nov 2024 00:34:53 GMT - Thu, 13 Feb 2025 00:34:52 GMT File type data Size 64 B (64 bytes) Hash 2c3dd3d4a9bc9d1ffdf125e8439a3c00 a9b83cd7e27c23a420c3f56107ce51368e4662cb 0d68a8110cb0daf3c313fce8c1e3b950e49ed0d27fe4403f708734c3af15003d HTTP Headers GET /favicon.ico HTTP/1.1 Host: huf.tartmoro.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://huf.tartmoro.ru/u4wDxV/ Cookie: XSRF-TOKEN=eyJpdiI6IjFRNHJEL0c4NXF3ZzJHcUxoUHhoWUE9PSIsInZhbHVlIjoiVFgxSWFvUjFyWW41UWM4SUl2aU8wVHdUbktkek5FZnFBSUg2RTlPL2JxUVVlaDNES1B6WjRHOEJZVzJHbHRmU0liMWozVVhMTHhBZTlUakRObmdvNS9HVHpEOFdEUmlkeFRWYm83MUF6eVlTV0FONURHV1grQTVTc1BQcDAyS04iLCJtYWMiOiI5YjIwYzNiZTk0ZGUyYWY1MzdiZDBmMDAzNTRhMzI0ZTAzM2FkNWNjNWQ1ZTNkNDE5ZmExMDFkOTFlYzkzOGYwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlBVQUcxM1BGTnZmbk50ZWZqNGxyOFE9PSIsInZhbHVlIjoiZmFJeUZUMWs2eWRLZXZkaFI2Tk1hSVM5RmR1cVBjbFJ2ZjJ5L1N4NEd2eXh0RmxiTmhUZFdqMmlxUTBsck5iSUIvOGRzUmg1Q05SeXNQNzRVdTJTNW9aM1lUWGJHTjVSc2xFT0pIcFJHUVNuYitib0lobUIrK1dEd2ltUE00bloiLCJtYWMiOiIzMGMxZDAyNTdkOTgxNDQ4YWMwZTAyYWY4NzljNWFmMDk1OGM2MWMyMjY5MmM0Y2I5NTRhY2YzMzcyNGRjYjU0IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 404 Not Found date: Mon, 16 Dec 2024 17:32:37 GMT content-type: text/html; charset=UTF-8 cache-control: max-age=14400 age: 1497 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lv90rrvP3WjaKmN0f2QZXZZ11R%2FyB9WlA1q9Oj%2B2fPNX0PwlsLmRyYLIAE2zVehcRVw8HI%2BOKM9sPgi1SoSQ6P6hbELxd1wzugTL3jRSGUxpkMlvpIvgHlDFIC0xAA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 cf-cache-status: HIT priority: u=6,i=?0 server: cloudflare cf-ray: 8f3069efea277129-OSL content-encoding: br server-timing: cfL4;desc="?proto=TCP&rtt=1037&min_rtt=995&rtt_var=403&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2825&recv_bytes=2081&delivery_rate=2862311&cwnd=251&unsent_bytes=0&cid=e04bb75f20071334&ts=24&x=0", cfL4;desc="?proto=QUIC&rtt=16816&min_rtt=3802&rtt_var=10721&sent=12&recv=6&lost=0&retrans=0&sent_bytes=4064&recv_bytes=1685&delivery_rate=154910&cwnd=12000&unsent_bytes=0&cid=3a69e85f5dd51b93&ts=602&x=1", cfExtPri, cfHdrFlush;dur=0

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/65aee/0x4AAAAAAA0HsJ_ah3VUjZkD/auto/fbE/normal/auto/	104.18.94.41	200 OK	26 kB
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/65aee/0x4AAAAAAA0HsJ_ah3VUjZkD/auto/fbE/normal/auto/ IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://huf.tartmoro.ru/u4wDxV/#Dbcollison@kearneymo.us Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT File type HTML document, ASCII text, with very long lines (22073) Size 26 kB (26463 bytes) Hash eec38e12aee747c840dc85591b832a17 0da60ff809907da245d3bdafbedbddf2a761766b e3d566a96c830f33fe7403ec83fb463676a40c0a533a8ab9ea390e0caaf4a1e9 HTTP Headers GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/65aee/0x4AAAAAAA0HsJ_ah3VUjZkD/auto/fbE/normal/auto/ HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://huf.tartmoro.ru/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 16 Dec 2024 17:32:37 GMT content-type: text/html; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self' cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: cross-origin origin-agent-cluster: ?1 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA referrer-policy: same-origin document-policy: js-profiling priority: u=4,i=?0 server: cloudflare cf-ray: 8f3069ef88000b3d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	huf.tartmoro.ru/u4wDxV/	188.114.97.1	200 OK	20 kB
URL User Request GET HTTP/2 huf.tartmoro.ru/u4wDxV/ IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjecttartmoro.ru Fingerprint1D:6F:96:E3:C7:AD:2E:E5:01:B0:24:D4:88:A5:46:C4:B8:EA:38:6E ValidityFri, 15 Nov 2024 00:34:53 GMT - Thu, 13 Feb 2025 00:34:52 GMT File type HTML document, ASCII text, with very long lines (7425), with CRLF line terminators Size 20 kB (19487 bytes) Hash 4eb8242df9f5f2952cca0110431078c0 02369e002514a89b2293e897667b99e879664d33 f575bbf02f8e8114bdc5267ff836e7c551ca210a5a84beaa95abdd2492453eac HTTP Headers `GET /u4wDxV/ HTTP/1.1 Host: huf.tartmoro.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 16 Dec 2024 17:32:37 GMT content-type: text/html; charset=UTF-8 cache-control: no-cache, private cf-cache-status: DYNAMIC vary: accept-encoding report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aP9xILyAoye6j0PMWb35Tkwi9Sv5D7oDFO4q%2FAY%2Bm%2B%2Bq5isIlR1lTKC%2BLaXMJtw%2FACmsPxn5NoRkSNsYz5NB2Hq4CiCjuc8hOUT94A9bfBi0GlmYjzsgZcLbSVRx6w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 set-cookie: XSRF-TOKEN=eyJpdiI6IjFRNHJEL0c4NXF3ZzJHcUxoUHhoWUE9PSIsInZhbHVlIjoiVFgxSWFvUjFyWW41UWM4SUl2aU8wVHdUbktkek5FZnFBSUg2RTlPL2JxUVVlaDNES1B6WjRHOEJZVzJHbHRmU0liMWozVVhMTHhBZTlUakRObmdvNS9HVHpEOFdEUmlkeFRWYm83MUF6eVlTV0FONURHV1grQTVTc1BQcDAyS04iLCJtYWMiOiI5YjIwYzNiZTk0ZGUyYWY1MzdiZDBmMDAzNTRhMzI0ZTAzM2FkNWNjNWQ1ZTNkNDE5ZmExMDFkOTFlYzkzOGYwIiwidGFnIjoiIn0%3D; expires=Mon, 16-Dec-2024 19:32:36 GMT; Max-Age=7200; path=/; secure; samesite=none laravel_session=eyJpdiI6IlBVQUcxM1BGTnZmbk50ZWZqNGxyOFE9PSIsInZhbHVlIjoiZmFJeUZUMWs2eWRLZXZkaFI2Tk1hSVM5RmR1cVBjbFJ2ZjJ5L1N4NEd2eXh0RmxiTmhUZFdqMmlxUTBsck5iSUIvOGRzUmg1Q05SeXNQNzRVdTJTNW9aM1lUWGJHTjVSc2xFT0pIcFJHUVNuYitib0lobUIrK1dEd2ltUE00bloiLCJtYWMiOiIzMGMxZDAyNTdkOTgxNDQ4YWMwZTAyYWY4NzljNWFmMDk1OGM2MWMyMjY5MmM0Y2I5NTRhY2YzMzcyNGRjYjU0IiwidGFnIjoiIn0%3D; expires=Mon, 16-Dec-2024 19:32:36 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none server: cloudflare cf-ray: 8f3069e75f8156a9-OSL content-encoding: br server-timing: cfL4;desc="?proto=TCP&rtt=1060&min_rtt=1006&rtt_var=485&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2825&recv_bytes=1382&delivery_rate=1979152&cwnd=251&unsent_bytes=0&cid=196446a8500591b0&ts=434&x=0", cfL4;desc="?proto=TCP&rtt=7356&min_rtt=480&rtt_var=13519&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3272&recv_bytes=1251&delivery_rate=5092614&cwnd=254&unsent_bytes=0&cid=65db0061a98ea9ad&ts=772&x=0" X-Firefox-Spdy: h2

	challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js	104.18.94.41	200 OK	48 kB
URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://huf.tartmoro.ru/u4wDxV/#Dbcollison@kearneymo.us Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT File type JavaScript source, ASCII text, with very long lines (47691) Size 48 kB (47692 bytes) Hash b0b3774e70e752266b4cf190e6d95053 03823d33d8c374dd69b66f1d75a5fc93d29967e1 a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141 HTTP Headers `GET /turnstile/v0/g/f9063374b04d/api.js HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://huf.tartmoro.ru/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Mon, 16 Dec 2024 17:32:37 GMT content-type: application/javascript; charset=UTF-8 last-modified: Tue, 03 Dec 2024 18:31:41 GMT cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public access-control-allow-origin: * cross-origin-resource-policy: cross-origin vary: Accept-Encoding server: cloudflare cf-ray: 8f3069ee0e6856bd-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1	104.18.94.41	200 OK	61 B
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/65aee/0x4AAAAAAA0HsJ_ah3VUjZkD/auto/fbE/normal/auto/ Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Size 61 B (61 bytes) Hash 9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84 HTTP Headers GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/65aee/0x4AAAAAAA0HsJ_ah3VUjZkD/auto/fbE/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Mon, 16 Dec 2024 17:32:37 GMT content-type: image/png content-length: 61 cache-control: max-age=2629800, public priority: u=4,i=?0 server: cloudflare cf-ray: 8f3069f0c9840b3d-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8f3069ef88000b3d&lang=auto	104.18.94.41	200 OK	119 kB
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8f3069ef88000b3d&lang=auto IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/65aee/0x4AAAAAAA0HsJ_ah3VUjZkD/auto/fbE/normal/auto/ Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 119 kB (118716 bytes) Hash e69eebb7fd23a52fb36b970559ffe961 8c0abf96d6fbbfde81676f30e64422ef00701547 b6619824380bb666aad4da70514b7c7381f938ddf1d9189407e9bddf7d279370 HTTP Headers GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8f3069ef88000b3d&lang=auto HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/65aee/0x4AAAAAAA0HsJ_ah3VUjZkD/auto/fbE/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Mon, 16 Dec 2024 17:32:37 GMT content-type: application/javascript; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 priority: u=2,i=?0 server: cloudflare cf-ray: 8f3069f0c98b0b3d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (10)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (11)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash