0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net
172.67.176.78403 Forbidden 8.5 kB URL User Request GET HTTP/2 0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net
IP 172.67.176.78:443
Certificate IssuerGoogle Trust Services LLC
Subjectocupac.ru
Fingerprint55:23:8F:A1:07:E8:A6:35:20:AA:B3:68:A6:24:AE:D8:92:FD:5C:0C
ValidityWed, 10 May 2023 04:25:15 GMT - Tue, 08 Aug 2023 04:25:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3539), with CRLF, LF line terminators
Hash b31a720a495e92e0ac79631fab37013b
9106fcb237687bed808e7108db7ca8160a5ac36b
0d6280bfc82047d22a3e401dd439a423ec126dfc755a5cbef5f973ec596f85b5
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Mldubinski@slurpmail.net HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 26 May 2023 16:38:38 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nL6U6ufYH%2BslVHKp%2BxaISvHWbKaDpsLRiuqU33m8hoS4HiSEOBlGnntE%2Bxp5hKqUt6ow4yAer7N3iLa4EwNzBNnBG1NaKDNe4jBSL3o5KBSdISvAQ2k3C%2BuBL9sunEyAQU34gWogQ%2FLHsdg0TPANwyCMEI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cd773186ab2b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cd773196c55b4ee
104.21.88.100200 OK 42 B URL GET HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cd773196c55b4ee
IP 104.21.88.100:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cd773196c55b4ee HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 16:38:38 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 25 May 2023 08:39:03 GMT
ETag: "646f1ea7-2a"
Server: cloudflare
CF-RAY: 7cd7731aaf0db51b-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 26 May 2023 18:38:38 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd773196c55b4ee
104.21.88.100200 OK 57 kB URL GET HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd773196c55b4ee
IP 104.21.88.100:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4a87779284e6079138785e4181338114
06ea372d9565dabb794577d0954accb83fc5cf93
6aa313ecb419abb8198bd45a61616e00a3849aa479d984a0c10566bbdaaab21a
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd773196c55b4ee HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net?__cf_chl_rt_tk=ngheUjzZaNkPA93WmGXGGd2RqJVdqO2fRLjchPteyiE-1685119118-0-gaNycGzNBrs
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 16:38:38 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRnEiooF4z%2FG4orUJiaWFu2qFiJ75f6h8B65tbdyC6e5Jq8aOIB6itR2XhdFCsrI2Z7BrEgCZS7qNIZGoMrpZiIGvIkFpfv2fhb7ZGjiG6CSj5SvMpLuRiF5wVTjJHMZERv8yoOy5g4oYzGnLchO%2FrYObdE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cd7731aaae4b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
0gpilhhtlb646b2a32a499c.ocupac.ru/favicon.ico
104.21.88.100403 Forbidden 3.6 kB URL GET HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/favicon.ico
IP 104.21.88.100:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1833), with CRLF, LF line terminators
Hash 4d7e8f206c43ab627de79ff76ee912a1
6c497da8e39a9c5402fab87a3b58f9e4e3ecaf30
810e050d2edcb094b28d7f1579f2aaf3445a5b4a373304d02b24e9059c13fbd0
GET /favicon.ico HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net?__cf_chl_rt_tk=ngheUjzZaNkPA93WmGXGGd2RqJVdqO2fRLjchPteyiE-1685119118-0-gaNycGzNBrs
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 May 2023 16:38:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FjJNxm%2FUw5Fh0%2BjzkeAl8JUvZhmpR1o0kxLMsbRxHlLu7eStgO5doNr9o70G39iD13xWd%2BcrSVNfoM75XwLWGLN9u1xHwyQmAUHuzV%2BcM%2FCuroRjt7fUs7IeDPFEQxmCbqKXLicNPMTn1UptXzBTA2J77I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cd7731adb20b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1484150013:1685117209:ucKaY4YFXVF7FPwAcr0aU4VATXTM-2zhOPFGvUdMzwM/7cd773196c55b4ee/699f4e032dceee3
104.21.88.100200 OK 5.6 kB URL POST HTTP/1.1 0gpilhhtlb646b2a32a499c.ocupac.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1484150013:1685117209:ucKaY4YFXVF7FPwAcr0aU4VATXTM-2zhOPFGvUdMzwM/7cd773196c55b4ee/699f4e032dceee3
IP 104.21.88.100:80
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net
File type ASCII text, with very long lines (7400), with no line terminators
Hash 7f72e6f34de3e8b04566c5e5e400bb7a
f041a5445b91142f7c97f56c7c921c4dcc59484a
a81aa6b0e3c8169d9c5461c08f1808f6edef9c66ef3396188dfefded810152df
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1484150013:1685117209:ucKaY4YFXVF7FPwAcr0aU4VATXTM-2zhOPFGvUdMzwM/7cd773196c55b4ee/699f4e032dceee3 HTTP/1.1
Host: 0gpilhhtlb646b2a32a499c.ocupac.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net
Content-type: application/x-www-form-urlencoded
CF-Challenge: 699f4e032dceee3
Content-Length: 1765
Origin: http://0gpilhhtlb646b2a32a499c.ocupac.ru
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 16:38:38 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 4r93zg6ycXlf3sV652ljbrcknziWwAaOCFQ7Ul/lpJOP4GzUbLqoFLBGJiBO7NhB$vGGsUoi1Quo911+xpPcwFQ==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7Hb2dZy64BHHIfhiNNScl2zl7gVE3xjbtGYE3qsOtTzEawWQTxhejrNMljScRKqgtR2W%2Fs7%2B0DR1liCiEyKHtgBfb5Kq1s998TqFqjjy4hW%2BTw91PqfxQ467S3ucCGQOVuS6TufeCNpO6MZeIYMi77da1g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cd7731bf8d2b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7731c4888b50f
104.18.7.185200 OK 155 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7731c4888b50f
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/k3wuq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 155 kB (154659 bytes)
Hash cb415e27e9265af24cf487fed4eba2b4
a6addca4fb2e0130fc456497f2cea11abb13f800
d815556324cbc6bc0ffc87e7212c4fe689ce66a04213025de937a03125fb3d9c
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7731c4888b50f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/k3wuq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 16:38:38 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7cd7731ca947b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/786544871:1685117209:Cn680udvruvXZW0pJ46NRgOar0MnwaTt95MLaEw6bos/7cd7731c4888b50f/132a866e7d4f03c
104.18.7.185200 OK 178 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/786544871:1685117209:Cn680udvruvXZW0pJ46NRgOar0MnwaTt95MLaEw6bos/7cd7731c4888b50f/132a866e7d4f03c
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/k3wuq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 178 kB (178192 bytes)
Hash 7188429770b6a8c67fcf785cc8a3eb73
e587a3c4fb0026fe2a319d99eb3cb363cb1d2b7e
90619e954029707f4b4446fd6fe82e75362513e58e79b7bee68cc05619441c20
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/786544871:1685117209:Cn680udvruvXZW0pJ46NRgOar0MnwaTt95MLaEw6bos/7cd7731c4888b50f/132a866e7d4f03c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/k3wuq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 132a866e7d4f03c
Content-Length: 2799
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 16:38:39 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: q+IbSvtPE97iQ6R24UWWwtJHbcn0CUTQcwAQpKkbqrO89p345TgMDbcc6gFsRkXdJLxv+voZWawE1E4qRgOgxtGAyb8VGrLvH5A4j8Maq2qpoP5+77PJD+XVx7uSq5nFuDnTS+khnEmArd2Y9kwoA1yTEbUxx5mUjxrgPusTBpHvdz2b+RoJ7fDNHGQVn2oUppSBjfxWLGSBSR1Oh20rN3I1EVkEsoWPXOtfMHorauobeOrgrJUGZne8F/4z88CBMHKLBjZWTQmegGIQkY4ze2VMk/ITe0KvesltQQGtzlPlafkhcZ0fmyM7kdbnsnR7TrDg8MkYWhcf/vepjMCAlgsyUcppcIDJ2ordlOFMUW1ArnZcBBdlRKrNXXmJXh3lhgiEGHKk7h79lcTUvlVgMRxm5DN7U5YLB+76ZWdAVtI=$WITKjY4JrqWDnGARaE0jrA==
server: cloudflare
cf-ray: 7cd7731deb39b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/k3wuq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
104.18.7.185200 OK 24 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/k3wuq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP 104.18.7.185:443
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10899)
Hash 111c9513c24f3f1b31112ee0fc24839c
66674e7b387c0295e38687876cfc505d6bb852b8
538accf16eabc01680e8665e8486d06fe56d3e9341146e830dfeab2979052661
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/k3wuq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 16:38:38 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7cd7731c4888b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.7.185200 OK 16 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.7.185:443
Requested by http://0gpilhhtlb646b2a32a499c.ocupac.ru/Mldubinski@slurpmail.net
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (15748)
Hash 2a1262ba5cd32899831d483322a28dd7
3805876db8773ed5820043e1f39b0b6c049f61b2
2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0
GET /turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://0gpilhhtlb646b2a32a499c.ocupac.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 May 2023 16:38:38 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cd7731b8bd70b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cd7731c4888b50f/1685119119039/f6AQUY0USmPZ8-j
104.18.7.185200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cd7731c4888b50f/1685119119039/f6AQUY0USmPZ8-j
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/k3wuq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type PNG image data, 57 x 36, 8-bit/color RGB, non-interlaced\012- data
Hash 2c18d4dcefecdb1c8f56de2284c3ccd8
579fb39575e87f033d846446bf03da12846f37de
8ef33766e1ba4fd628d82fabf7dd29fe996d7557f5d79edb8ed119f1cb0277f4
GET /cdn-cgi/challenge-platform/h/b/img/7cd7731c4888b50f/1685119119039/f6AQUY0USmPZ8-j HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/k3wuq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 16:38:40 GMT
content-type: image/png
server: cloudflare
cf-ray: 7cd773258e6ab50f-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/786544871:1685117209:Cn680udvruvXZW0pJ46NRgOar0MnwaTt95MLaEw6bos/7cd7731c4888b50f/132a866e7d4f03c
104.18.7.185200 OK 13 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/786544871:1685117209:Cn680udvruvXZW0pJ46NRgOar0MnwaTt95MLaEw6bos/7cd7731c4888b50f/132a866e7d4f03c
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/k3wuq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (13216), with no line terminators
Hash d5f06dda0b4d6c77a860394b16934877
efb9ea0a178d7c2150644776759ba1e31f4565f3
ae1c4386a75e469f3af3547521727f2ceead2066c5af813dff523f24945c20e6
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/786544871:1685117209:Cn680udvruvXZW0pJ46NRgOar0MnwaTt95MLaEw6bos/7cd7731c4888b50f/132a866e7d4f03c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/k3wuq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 132a866e7d4f03c
Content-Length: 18789
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 16:38:40 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: e5pIPi6zMGQ0438R9s/waWjivVIV9OAlqgPMMG0/vFnYvI0Yezsf1fqT327V9pu4$6LpkRHeXd9XmuRrts5D8lg==
server: cloudflare
cf-ray: 7cd7732718a8b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400