Report - mplz.ertanduzu.ru/gk59Agp/

Report Overview

Visitedpublic

2025-01-06 14:54:08

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2025-01-01	411 B	32 kB	151.101.194.137
mplz.ertanduzu.ru	unknown	2024-12-12	2025-01-06	2025-01-06	1.6 kB	15 kB	104.21.6.149
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-01-01	2.7 kB	184 kB	104.18.94.41
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-01-01	439 B	15 kB	104.17.24.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-08-02
URL code.jquery.com/jquery-3.6.0.min.js IP / ASN 151.101.194.137 #54113 FASTLY Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 263439 Size 90 kB (89501 bytes) MD5 8fb8fee4fcc3cc86ff6c724154c49c42 SHA1 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 SHA256 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/v84ng/0x4AAAAAAA2Jt48AqtrtyRlV/auto/fbE/normal/auto/	ScriptElement	3.7 kB	2025-01-06	2025-01-06
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/v84ng/0x4AAAAAAA2Jt48AqtrtyRlV/auto/fbE/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-01-06 Last Seen 2025-01-06 Times Seen 1 Size 3.7 kB (3673 bytes) MD5 c98cb467fbce35f1b6903af195fdf0e0 SHA1 af29f1c7ab72d6351f85efc29854244533c5c670 SHA256 b26c37a409dce93301bf3be548e6ff93a56b0ac009ab01fb55d72c22cb629989 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8fdc8a0c1d090b51&lang=auto	ScriptElement	126 kB	2025-01-06	2025-01-06
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8fdc8a0c1d090b51&lang=auto IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2025-01-06 Last Seen 2025-01-06 Times Seen 1 Size 126 kB (126479 bytes) MD5 a91d8e237c3b0f242b6e7a12e83719b6 SHA1 5ff9820c4294174c3859930e2c54b23347473817 SHA256 1cf264f2ba22fe13dcefa43cdebb38a29956ab96cffe3a21c662cb69e833c04a Format Code Loading...

	mplz.ertanduzu.ru/gk59Agp/	ScriptElement	20 kB	2025-01-06	2025-01-06
URL mplz.ertanduzu.ru/gk59Agp/ IP / ASN 104.21.6.149 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-01-06 Last Seen 2025-01-06 Times Seen 1 Size 20 kB (19733 bytes) MD5 93318ef4450e0b40a2bf57575f03a043 SHA1 730807c153defe78309e1c0d65f19119dd6860db SHA256 e69bac9aed440c97feb3936cb89b2e83f815a5ea7127d8f5825c50f8ae837e62 Format Code Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	ScriptElement	48 kB	2025-01-03	2025-01-09
URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2025-01-03 Last Seen 2025-01-09 Times Seen 3054 Size 48 kB (47521 bytes) MD5 301f68f3d8317ab22d4021e266c9a853 SHA1 b464b8b48880c53e9d203a2aceaf3fdfec517d97 SHA256 bf2059be7007cd21fdd3b5df727b89c8916142f7abadfd46408de17778699fb7 Format Code Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	ScriptElement	48 kB	2023-03-07	2025-08-02
URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP / ASN 104.17.24.14 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 133028 Size 48 kB (48316 bytes) MD5 2ca03ad87885ab983541092b87adb299 SHA1 1a17f60bf776a8c468a185c1e8e985c41a50dc27 SHA256 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Format Code Loading...

	unknown	ScriptElement	1.6 kB	2025-01-06	2025-01-06
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2025-01-06 Last Seen 2025-01-06 Times Seen 1 Size 1.6 kB (1602 bytes) MD5 146787fd6799347a0f7f5bd2684e6c56 SHA1 20ff663f30706f197d143ed4d4c323f46a5cbed9 SHA256 f9653b179f1c121e05d40c02ffbe065c4f9c3cdf7f6f5b312b894165dc3e3c75 Format Code Loading...

	unknown	ScriptElement	1.5 kB	2025-01-06	2025-01-06
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2025-01-06 Last Seen 2025-01-06 Times Seen 1 Size 1.5 kB (1503 bytes) MD5 31f3815543c59d5d6ec655db098db37f SHA1 8840b14c45e92aff3364fe3113016c8f48921ee2 SHA256 3df6725ede012e2001bf8c486c5531276d015ba14d2367ca3d7778f9d73c527c Format Code Loading...

	HASH	FROM	Size	First Seen	Last Seen
	d87e996f338686fdc6459f5c95b4b3c1	DocumentWrite	5.6 kB	2025-01-06	2025-01-06
Introduced by DocumentWrite First Seen 2025-01-06 Last Seen 2025-01-06 Times Seen 1 Size 5.6 kB (5581 bytes) MD5 d87e996f338686fdc6459f5c95b4b3c1 SHA1 2a21879b1b18f3a756c36384e65420affd8e80ee SHA256 1454b064d51ffbe1c04769369cd60a35d0a702466fbff4afb671b68c5804513a Format Code Loading...

HTTP Transactions (9)

	URL	IP	Response	Size
	GET challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	104.18.94.41	302 Found	0 B
URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Requested byhttps://mplz.ertanduzu.ru/gk59Agp/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5605999 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintEF:AE:47:10:51:72:52:24:8B:84:F7:18:BC:91:3D:8F:CC:64:29:8D ValidityWed, 01 Jan 2025 16:48:17 GMT - Tue, 01 Apr 2025 17:48:13 GMT HTTP Headers `GET /turnstile/v0/api.js?render=explicit HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mplz.ertanduzu.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Mon, 06 Jan 2025 14:53:43 GMT content-length: 0 access-control-allow-origin: * cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public cross-origin-resource-policy: cross-origin location: /turnstile/v0/g/849bfe45bf45/api.js vary: Accept-Encoding server: cloudflare cf-ray: 8fdc8a0b08fb5699-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	104.17.24.14	200 OK	14 kB
URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP / ASN 104.17.24.14 #13335 CLOUDFLARENET Requested byhttps://mplz.ertanduzu.ru/gk59Agp/ Resource Info File typeJavaScript source, ASCII text, with very long lines (48316), with no line terminators First Seen2023-03-07 Last Seen2025-08-02 Times Seen133028 Size14 kB (13972 bytes) MD52ca03ad87885ab983541092b87adb299 SHA11a17f60bf776a8c468a185c1e8e985c41a50dc27 SHA2568e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Certificate Info IssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02 ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT HTTP Headers `GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mplz.ertanduzu.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 06 Jan 2025 14:53:43 GMT content-type: application/javascript; charset=utf-8 content-length: 13972 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "61182885-3694" last-modified: Sat, 14 Aug 2021 20:33:09 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 1636430 expires: Sat, 27 Dec 2025 14:53:43 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GT5NJV11ltCl7r%2B1MlI%2BmpxDf90sRK%2BlY9xcVqIgmQit74eCrLgukuuEw4BxHFQ04FH6nD61aqzjKZHvPMKuHVxnTUodrjNshlYh2gqC0%2B%2F8yvgtIBKlK%2Bq7IWbjfQmmUuwdYEaY"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 8fdc8a0b0c600b3d-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	GET code.jquery.com/jquery-3.6.0.min.js	151.101.194.137	200 OK	31 kB
URL code.jquery.com/jquery-3.6.0.min.js IP / ASN 151.101.194.137 #54113 FASTLY Requested byhttps://mplz.ertanduzu.ru/gk59Agp/ Resource Info File typeJavaScript source, ASCII text, with very long lines (65447) First Seen2023-03-07 Last Seen2025-08-02 Times Seen263439 Size31 kB (30875 bytes) MD58fb8fee4fcc3cc86ff6c724154c49c42 SHA1b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 SHA256ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Certificate Info IssuerSectigo Limited Subject.jquery.com FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5 ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT HTTP Headers `GET /jquery-3.6.0.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mplz.ertanduzu.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-15d9d" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * cross-origin-resource-policy: cross-origin content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Mon, 06 Jan 2025 14:53:43 GMT age: 4698514 x-served-by: cache-lga21931-LGA, cache-hel1410027-HEL x-cache: HIT, HIT x-cache-hits: 71, 1344750 x-timer: S1736175224.591544,VS0,VE0 vary: Accept-Encoding content-length: 30875 X-Firefox-Spdy: h2

	GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/v84ng/0x4AAAAAAA2Jt48AqtrtyRlV/auto/fbE/normal/auto/	104.18.94.41	200 OK	6.5 kB
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/v84ng/0x4AAAAAAA2Jt48AqtrtyRlV/auto/fbE/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Requested byhttps://mplz.ertanduzu.ru/gk59Agp/ Resource Info File typeHTML document, ASCII text, with very long lines (22074) First Seen2025-01-06 Last Seen2025-01-06 Times Seen1 Size6.5 kB (6514 bytes) MD564f9f50d1ff1cb22dc234c579af393db SHA1f89df8281bf26e6d9eee37133b253bba029d9000 SHA2568deba7e15d37ba8ac7110be40e2ab183308bdc80ecf9920754be5222d8bfa1a6 Certificate Info IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintEF:AE:47:10:51:72:52:24:8B:84:F7:18:BC:91:3D:8F:CC:64:29:8D ValidityWed, 01 Jan 2025 16:48:17 GMT - Tue, 01 Apr 2025 17:48:13 GMT HTTP Headers GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/v84ng/0x4AAAAAAA2Jt48AqtrtyRlV/auto/fbE/normal/auto/ HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mplz.ertanduzu.ru/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Mon, 06 Jan 2025 14:53:43 GMT content-type: text/html; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self' cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: cross-origin origin-agent-cluster: ?1 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA referrer-policy: same-origin document-policy: js-profiling priority: u=4,i=?0 server: cloudflare cf-ray: 8fdc8a0c1d090b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	GET mplz.ertanduzu.ru/gk59Agp/	104.21.6.149	200 OK	12 kB
URL mplz.ertanduzu.ru/gk59Agp/ IP / ASN 104.21.6.149 #13335 CLOUDFLARENET Requested byN/A Resource Info File typeHTML document, ASCII text, with very long lines (7497), with CRLF line terminators First Seen2025-01-06 Last Seen2025-01-06 Times Seen1 Size12 kB (11955 bytes) MD5ded273f1ad81b57455301df37efc5b63 SHA130669abb544ce0267128d6d28723dd937160e632 SHA2560d1e0fc60e5b6b0a65cc751d497ea0316052a3b27b30242c2dd760b811156d25 Certificate Info IssuerGoogle Trust Services Subjectertanduzu.ru FingerprintE9:AE:BA:83:5A:A3:99:4B:5A:A6:0A:E2:E2:7E:B1:B6:E0:66:57:07 ValidityThu, 12 Dec 2024 20:26:02 GMT - Wed, 12 Mar 2025 21:24:42 GMT HTTP Headers `GET /gk59Agp/ HTTP/1.1 Host: mplz.ertanduzu.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 06 Jan 2025 14:53:43 GMT content-type: text/html; charset=UTF-8 cache-control: no-cache, private cf-cache-status: DYNAMIC vary: accept-encoding report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfGvxYyMtq7A%2BQn4SO45Tdubr8%2FRWQiBLXoILHhYHx9TV01KVbcMcWYbXJlIjfwHVYaM0AkdDvfMak1Kcw4houJRs2YxTETi2iVB2lj6MEkNb%2Fw8RDBrfmg%2Foog9Yw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 set-cookie: XSRF-TOKEN=eyJpdiI6IjA0VW9DVGN2b0tuOUFzZjhwTnNCWGc9PSIsInZhbHVlIjoiV0RmQjRhRm03ZkY4S1lNZkVadkVIeWdoTnZNOVlxSHk4eVNLd2J5d0U3Q2xIWWpyMVE4ZHo0RzFBOWEvVjlwbHNxRnFZaGFsbkpqMW10anMzczF3ZWJCVC9VZkZ0dFZSTVZSK2xJR1FDWmtRRWNpQy9tS1RmR0J3SlllVkl0WVAiLCJtYWMiOiJmYTY4YTI5YWIwZTVkZTRjODM1MDg1NmZkYjgyZTcxYWRmYTc3ZDA5OWE1YWVhOGIwZDVmYjRlODE5YWE0OGU0IiwidGFnIjoiIn0%3D; expires=Mon, 06-Jan-2025 16:53:43 GMT; Max-Age=7200; path=/; secure; samesite=none laravel_session=eyJpdiI6IlNxVU5Yd0FSSjJDN0tKMyt6RDZobkE9PSIsInZhbHVlIjoiY2J4S2w5OGxSNHlhZHMvRnE5U1ZUMFJUZ3FUQTJUSitxNlROOGtkMy9IMkxOaVlVRExCQzlnVmp4dGR1TlcxUktnQWppUEdyVmJlSVlLNHRIeXlnTFhQZW9FeGFUcjlDY1UzSXBSRkhZdUFYVnQ2OWpjSGpIWlFYQm40R1g3YmsiLCJtYWMiOiI3YmFiMjQyNDM2MmJlZWMxMmUzOTcwYmY0NTUzYTU3ZWQxYmUzOWE4OGFhY2Q0NzczZDUzNjk5MDI4N2IxODcwIiwidGFnIjoiIn0%3D; expires=Mon, 06-Jan-2025 16:53:43 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none server: cloudflare cf-ray: 8fdc8a05d8e0568d-OSL content-encoding: br server-timing: cfL4;desc="?proto=TCP&rtt=1337&min_rtt=1304&rtt_var=512&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2824&recv_bytes=1385&delivery_rate=2184049&cwnd=252&unsent_bytes=0&cid=b0f8681720427205&ts=247&x=0", cfL4;desc="?proto=TCP&rtt=6189&min_rtt=500&rtt_var=10589&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3202&recv_bytes=1125&delivery_rate=7098039&cwnd=239&unsent_bytes=0&cid=263d5b8264d88586&ts=633&x=0" X-Firefox-Spdy: h2

	GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1	104.18.94.41	200 OK	61 B
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/v84ng/0x4AAAAAAA2Jt48AqtrtyRlV/auto/fbE/normal/auto/ Resource Info File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced First Seen2023-08-25 Last Seen2025-05-14 Times Seen189286 Size61 B (61 bytes) MD59246cca8fc3c00f50035f28e9f6b7f7d SHA13aa538440f70873b574f40cd793060f53ec17a5d SHA256c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84 Certificate Info IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintEF:AE:47:10:51:72:52:24:8B:84:F7:18:BC:91:3D:8F:CC:64:29:8D ValidityWed, 01 Jan 2025 16:48:17 GMT - Tue, 01 Apr 2025 17:48:13 GMT HTTP Headers GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/v84ng/0x4AAAAAAA2Jt48AqtrtyRlV/auto/fbE/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Mon, 06 Jan 2025 14:53:43 GMT content-type: image/png content-length: 61 cache-control: max-age=2629800, public priority: u=4,i=?0 server: cloudflare cf-ray: 8fdc8a0c9d800b51-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

	GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8fdc8a0c1d090b51&lang=auto	104.18.94.41	200 OK	126 kB
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8fdc8a0c1d090b51&lang=auto IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/v84ng/0x4AAAAAAA2Jt48AqtrtyRlV/auto/fbE/normal/auto/ Resource Info File typeASCII text, with very long lines (65536), with no line terminators First Seen2025-01-06 Last Seen2025-01-06 Times Seen1 Size126 kB (126479 bytes) MD5a91d8e237c3b0f242b6e7a12e83719b6 SHA15ff9820c4294174c3859930e2c54b23347473817 SHA2561cf264f2ba22fe13dcefa43cdebb38a29956ab96cffe3a21c662cb69e833c04a Certificate Info IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintEF:AE:47:10:51:72:52:24:8B:84:F7:18:BC:91:3D:8F:CC:64:29:8D ValidityWed, 01 Jan 2025 16:48:17 GMT - Tue, 01 Apr 2025 17:48:13 GMT HTTP Headers GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8fdc8a0c1d090b51&lang=auto HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/v84ng/0x4AAAAAAA2Jt48AqtrtyRlV/auto/fbE/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Mon, 06 Jan 2025 14:53:43 GMT content-type: application/javascript; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 priority: u=2,i=?0 server: cloudflare cf-ray: 8fdc8a0c9d840b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

	GET challenges.cloudflare.com/turnstile/v0/g/849bfe45bf45/api.js	104.18.94.41	200 OK	48 kB
URL challenges.cloudflare.com/turnstile/v0/g/849bfe45bf45/api.js IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Requested byhttps://mplz.ertanduzu.ru/gk59Agp/ Resource Info File typeJavaScript source, ASCII text, with very long lines (47520) First Seen2025-01-03 Last Seen2025-01-09 Times Seen3054 Size48 kB (47521 bytes) MD5301f68f3d8317ab22d4021e266c9a853 SHA1b464b8b48880c53e9d203a2aceaf3fdfec517d97 SHA256bf2059be7007cd21fdd3b5df727b89c8916142f7abadfd46408de17778699fb7 Certificate Info IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintEF:AE:47:10:51:72:52:24:8B:84:F7:18:BC:91:3D:8F:CC:64:29:8D ValidityWed, 01 Jan 2025 16:48:17 GMT - Tue, 01 Apr 2025 17:48:13 GMT HTTP Headers `GET /turnstile/v0/g/849bfe45bf45/api.js HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://mplz.ertanduzu.ru/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/3 200 OK date: Mon, 06 Jan 2025 14:53:43 GMT content-type: application/javascript; charset=UTF-8 last-modified: Thu, 02 Jan 2025 13:52:36 GMT cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public access-control-allow-origin: * cross-origin-resource-policy: cross-origin priority: u=2,i=?0 vary: Accept-Encoding server: cloudflare cf-ray: 8fdc8a0b6c6c0b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

	GET mplz.ertanduzu.ru/favicon.ico	104.21.6.149	404 Not Found	0 B
URL mplz.ertanduzu.ru/favicon.ico IP / ASN 104.21.6.149 #13335 CLOUDFLARENET Requested byhttps://mplz.ertanduzu.ru/gk59Agp/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5605999 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerGoogle Trust Services Subjectertanduzu.ru FingerprintE9:AE:BA:83:5A:A3:99:4B:5A:A6:0A:E2:E2:7E:B1:B6:E0:66:57:07 ValidityThu, 12 Dec 2024 20:26:02 GMT - Wed, 12 Mar 2025 21:24:42 GMT HTTP Headers GET /favicon.ico HTTP/1.1 Host: mplz.ertanduzu.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mplz.ertanduzu.ru/gk59Agp/ Cookie: XSRF-TOKEN=eyJpdiI6IjA0VW9DVGN2b0tuOUFzZjhwTnNCWGc9PSIsInZhbHVlIjoiV0RmQjRhRm03ZkY4S1lNZkVadkVIeWdoTnZNOVlxSHk4eVNLd2J5d0U3Q2xIWWpyMVE4ZHo0RzFBOWEvVjlwbHNxRnFZaGFsbkpqMW10anMzczF3ZWJCVC9VZkZ0dFZSTVZSK2xJR1FDWmtRRWNpQy9tS1RmR0J3SlllVkl0WVAiLCJtYWMiOiJmYTY4YTI5YWIwZTVkZTRjODM1MDg1NmZkYjgyZTcxYWRmYTc3ZDA5OWE1YWVhOGIwZDVmYjRlODE5YWE0OGU0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNxVU5Yd0FSSjJDN0tKMyt6RDZobkE9PSIsInZhbHVlIjoiY2J4S2w5OGxSNHlhZHMvRnE5U1ZUMFJUZ3FUQTJUSitxNlROOGtkMy9IMkxOaVlVRExCQzlnVmp4dGR1TlcxUktnQWppUEdyVmJlSVlLNHRIeXlnTFhQZW9FeGFUcjlDY1UzSXBSRkhZdUFYVnQ2OWpjSGpIWlFYQm40R1g3YmsiLCJtYWMiOiI3YmFiMjQyNDM2MmJlZWMxMmUzOTcwYmY0NTUzYTU3ZWQxYmUzOWE4OGFhY2Q0NzczZDUzNjk5MDI4N2IxODcwIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 404 Not Found date: Mon, 06 Jan 2025 14:53:44 GMT content-type: text/html; charset=UTF-8 cache-control: max-age=14400 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5xqSkEy%2Bk61DhAnn8SLdolIm6%2F7KX99rWUlDytor%2FY9p0he8iDfhbWCC%2FDM6jXKpE3oowW8rmBGRoG4SYZjfXbWxQqZEkcmj8H9AbQgMydJbRG1KVea15lcJHNQitA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 cf-cache-status: MISS priority: u=6,i=?0 server: cloudflare cf-ray: 8fdc8a0c2e220b65-OSL content-encoding: br server-timing: cfL4;desc="?proto=TCP&rtt=1273&min_rtt=1255&rtt_var=483&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2824&recv_bytes=2088&delivery_rate=2269322&cwnd=252&unsent_bytes=0&cid=3c5f430d5c3e13ac&ts=23&x=0", cfL4;desc="?proto=QUIC&rtt=5682&min_rtt=5380&rtt_var=2233&sent=14&recv=8&lost=0&retrans=0&sent_bytes=4173&recv_bytes=1788&delivery_rate=109471&cwnd=12000&unsent_bytes=0&cid=deb4889e7982ca27&ts=788&x=1", cfExtPri, cfHdrFlush;dur=0

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (10)

HTTP Transactions (9)

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers