| plaintediousidowsko.shop/api~dP |  104.21.53.146 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1plaintediousidowsko.shop/api~dP IP104.21.53.146:80
File typeHTML document, ASCII text, with very long lines (14177), with no line terminators Hashe07a9faff0e69470df0e9c2481d1f90b 7ba420bf614953feac221f2bcc0f09f4314bef86 ce9477915b311d0649e3e9362bee99826b5e6d7260d1a326277b581060661ee9
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /api~dP HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 23:38:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: tICy3yVw2Dezo2/EJ3Ffdm6Q1PwC0NmYCP54ipzqgvMqi8/gtSyEP8qWwGzldK6P3Wri2YkpnWeF0qvzbuzBddvFRyF+KIQc5mrcvYhLftjQU4OITrtuoiY2NVz8KfQw/fiEWfmJMIGTQ2hztsBnKw==$tEAp9VDjiWkQbfO/1cGd1w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V5Pb%2FUioF9y8kTAUsFMXtJWYIHMgqfehrEDf75rSM5aVQJhI0aoghCap9jRtDY1JuEayEO%2FnKBijRXT1kvuiGkc8P1w02OVsyzWgVh3SKDDZRNxhg8sJrEPoWsljrVojEIHgQ7G6j0roY%2BU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880d491bddd956b1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d491bddd956b1 | 104.21.53.146 | | 112 kB |
URL plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d491bddd956b1 IP104.21.53.146:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (112054 bytes) Hash85f340688aa306057ae9b4cf71c59561 3d2dabc97129a4a52750ca89e1113608a6363662 2d93e47f3ef59637bb810005e39eca26104fb5fb6322c7c82b48fd9e1d1fe0da
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d491bddd956b1 HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/api~dP?__cf_chl_rt_tk=LDVaGQNZFcszX9uRHTWWGgPWEonq9xqTHoMu1Lq34_Q-1715211529-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 23:38:49 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfLRfeaH2f6ICSgB%2BPxYv0vW7d1ZdR%2Bmmyooa4EfSj1th%2FmXJBOCuJH0kFzMED%2FcerMWbGPLfh8Q7dk3TiYow9FXL%2F8meW%2BZI2upG1eWZjLOO5hCKrjQrA7r3QkW0XFGANSOkSedxPGmp%2FU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880d491dabb656a5-OSL
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/favicon.ico | 104.21.53.146 | 403 Forbidden | 5.8 kB |
URL GET HTTP/1.1plaintediousidowsko.shop/favicon.ico IP104.21.53.146:80
Requested byhttp://plaintediousidowsko.shop/api~dP
File typeHTML document, ASCII text, with very long lines (14199), with no line terminators Hashd110de9415755ea51bb7e2e031e0b0b1 bc8c48fa28145c0040b129ffcef418449cc270a3 17ba699ab1fa1e49b672e3ad102472e6d16a4439ddf63ba6a3b3d1b20527a7a1
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/api~dP
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 23:38:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Ywmo1dLcvh7sqRB8Cm59i1HdYV6bR56BPN8XBoLU+Lr4y15OrD/6wPd8xrjZUPZRzZ0VCsZyVc3i5e706/bhz7mdmSFY5E44PmF8OO+CYWY9lwjDELAEhUPIfoMSlb4Hxzahw4U5qWiGT6JR9Srd4w==$J6aK+/ddQdTezTmmVBkCvw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fzt0hYneeAwF0fIynGAz83PScNihSyFQ5uI6eBGxdnqEIwREFEdfC3U40pI5YwLLm37LnvPG8xQhfQ8hZAeTy7XZJvjO1oGl2re8OU9UtUZYQAr5Gy6eDAyR4ATkf8uiabdZMH651%2BZI%2FzA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880d491e9ad156c6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/205921390:1715207365:RIkfQ44UQhdKcnqz7_lbC1EyBZtKnBmLT_p0nugsWHE/880d491bddd956b1/8454d1efea7bc35 | 104.21.53.146 | | 12 kB |
URL plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/205921390:1715207365:RIkfQ44UQhdKcnqz7_lbC1EyBZtKnBmLT_p0nugsWHE/880d491bddd956b1/8454d1efea7bc35 IP104.21.53.146:0
File typeASCII text, with very long lines (16368), with no line terminators Hashc47626177718081f5ca81c8ef16c3068 3cf7d455140fe741ff320d4f5d4aaa1cb4e8c9fd 9e9d6af7fd57cd775c3ca690d2149bd0628287b8172b99b9a519189ad537d508
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/205921390:1715207365:RIkfQ44UQhdKcnqz7_lbC1EyBZtKnBmLT_p0nugsWHE/880d491bddd956b1/8454d1efea7bc35 HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/api~dP
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8454d1efea7bc35
Content-Length: 1873
Origin: http://plaintediousidowsko.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 23:38:50 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 0KU+910bBqzAk4U92/pz9wYKYR8oBjhXBGB6k4D2bM95T8yNWfe5S8bHaAzv33mF$f1hHcfNBc3+JJmAVu2KwiQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iix88aRtShpyys%2F4r5SgQcx1VnCAJa7Sedz8Gj0Bp3iOVUooCfmvI65L4KmyNmAPP2xSSJY2e9N90J3fU7aucgIJTo1ezQQy5yHR1RxWHow9YRUojkkCRTTgjIUJnrWLJy%2FTDp2aCZKJ1us%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880d491f4cb356a5-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dr4i4/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:38:50 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880d4920f8ff712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880d49204896712a | 104.17.2.184 | | 171 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880d49204896712a IP104.17.2.184:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size171 kB (171027 bytes) Hash53c44e164147d0159888d1b21683617a a62ce7fa9f062711bfbb005bbd222caf3a71d8cd 793b3d12500f194625170445741dbfcf12e0862d97ff463eefeff3a6e0b49353
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880d49204896712a HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dr4i4/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:38:50 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 880d4920f900712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1674982287:1715207632:LOI0vIfhqiJG19jNNB_NN1KnXm79KSGtsEs2-_hB5kY/880d49204896712a/47a3420d55d4135 | 104.17.2.184 | | 106 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1674982287:1715207632:LOI0vIfhqiJG19jNNB_NN1KnXm79KSGtsEs2-_hB5kY/880d49204896712a/47a3420d55d4135 IP104.17.2.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size106 kB (106544 bytes) Hash660a344602fa21f6e9df1126aabf2d07 9871bbc564972d2353059d5599093b910232b54b a436e246a101d79c1365ea5999b121cb3008a9cc4eb0dc13bebee2a618d383d7
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1674982287:1715207632:LOI0vIfhqiJG19jNNB_NN1KnXm79KSGtsEs2-_hB5kY/880d49204896712a/47a3420d55d4135 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dr4i4/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 47a3420d55d4135
Content-Length: 3540
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:38:50 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: FdfH3ZtRZrC+Bh1uRTHqpw28gNs3G0QiOmMgl6NOHKfu/xf6JvZxlx/jdWRp6VvlptcTNqu20wZAhH++j4JiVGZggsV50+x+x0XUuFFo3xpN7e4ZsrnJRJhAx737LFTfuRfNcMDCtEMysOUZuppEzqJltvTI+foIZIpGHagjji+2RG3amRIb1311z92Fq/xX65dF+ZgmdEF7FOnEFHN9W53BpL1m61DW9mPHM2V5Gt5grdk0WFUNSNMI2WbdqAzc6Ow6ankXsiJaXtXQouiXIpM4QOWy4YePEqDm+0o/MZS8QawD1736xXvKKV8njfzZ1SXYLj1o6iMbhGK7Ea+DRw9PTlmQHSIFsU7uliXokCeDty6Vhr1VyCOBSbQr8PcwvA1KjJI3CRT7I1H5QBJ29zxEiRHyb/UpUU8TGdpjtPs=$c5rqicwSvu6Jpxh/KOHQLA==
vary: accept-encoding
server: cloudflare
cf-ray: 880d49230a1b712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880d49204896712a/1715211530735/qZNhkf50F2jLiPu | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880d49204896712a/1715211530735/qZNhkf50F2jLiPu IP104.17.2.184:0
File typePNG image data, 53 x 36, 8-bit/color RGB, non-interlaced Hash5ad26b544f39c716b8b8828098c3f928 2bf57a7bdfe4d7cea151b9effd3a2b12cfc9fcc0 a3c67a8283005c749fb1b5733279a06f9b2641b95a1f7d427f68033a3f8b5311
GET /cdn-cgi/challenge-platform/h/b/i/880d49204896712a/1715211530735/qZNhkf50F2jLiPu HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dr4i4/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:38:52 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880d492f49f7712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/205921390:1715207365:RIkfQ44UQhdKcnqz7_lbC1EyBZtKnBmLT_p0nugsWHE/880d491bddd956b1/8454d1efea7bc35 | 104.21.53.146 | | 1.8 kB |
URL plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/205921390:1715207365:RIkfQ44UQhdKcnqz7_lbC1EyBZtKnBmLT_p0nugsWHE/880d491bddd956b1/8454d1efea7bc35 IP104.21.53.146:0
File typeASCII text, with very long lines (2328), with no line terminators Hash1a0820b89d61e777b4c5d6e8eb24e258 4739ea80d8a4291568d636ebb5a830c3232e4eda ca508eedd37c49b84a1f5d052e84926a8132fe31c1855a0cc1e669fdd9396b30
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/205921390:1715207365:RIkfQ44UQhdKcnqz7_lbC1EyBZtKnBmLT_p0nugsWHE/880d491bddd956b1/8454d1efea7bc35 HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/api~dP
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8454d1efea7bc35
Content-Length: 2547
Origin: http://plaintediousidowsko.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 23:38:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: nLJezae5YvvyVXmHD7bn+A==$RRxbPPU7nIlWvs8tcs4yyA==
cf-chl-out: NROic3vndIgZfMZ5VBOqmr87MjuL6WeoLIJni5jUbq8ATlZ8IKMJ7Wnp4LnfJedgEIFE3mhMNj8M1XfFb/2EOOBshm48QReVO8TvA0U99hg=$x/tZ8YQVyfJh+KtmzNXpLA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t5wpURpWHTDGAcW5FQc8e24ncnilfN30quCccWnu6HzryJ%2BISbsEvT7p4Mvpg6xZzZPWHfA%2FL0J2B8FY1UvFVXJmJeN1gjqZxu%2BpPg1ofHEbGAN3AR3o8qGmlYLnUatuCoQYD4QakU1b7UU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880d49553ad456a5-OSL
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/api~dP | 104.21.53.146 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1plaintediousidowsko.shop/api~dP IP104.21.53.146:80
File typeHTML document, ASCII text, with very long lines (14198), with no line terminators Hash2d07260090af84d889847fdb1e5ec9da c201618e8380d1148d0dffad0995250dce6cd1c2 8183d5c154ca1f3183424b07b36c6e0d07de0d75f8ca825369e416e90b8f8074
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /api~dP HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 23:39:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 7rdBzsLIqpwuuFYMS9hlvHMZ5MFbI2z4WbckSCcuT7M3HsydrBxZuawTCFZNtk3A44R57RV5GTCXisigDxKvopxxz17z3EWdq+LkCHvgQDy9PTVvDWAPxjLMoXtq3T0eDDx5qR35o8MEjVY4mMAfUg==$xMouGPXAsh5z1v6zLQ52wg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zytG3%2Ft7B8U3LhH5h1HzKIajT93j9Ob%2BtzunTC0WKGM%2Bu%2BIwRAu2pSsOU0IpnGf4VepgJ6dHhnpAkYs66rpiR%2BGQZYlqy6JX4lcXkZzSlrIyiNqqaI9klOGDtYwU%2BdL%2FyQgPfYEjQUH%2BXIU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880d49621ca556a5-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d49621ca556a5 | 104.21.53.146 | 200 OK | 109 kB |
URL GET HTTP/1.1plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d49621ca556a5 IP104.21.53.146:80
Requested byhttp://plaintediousidowsko.shop/api~dP
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size109 kB (109414 bytes) Hash4aab023a0ae94235598d042ee95b3c13 71f588610eeaf26b5f2549209cedf78827feae89 f86ae3354432492d6ce11ea3c3d2c44df4e52e6f20245d8356506b959fba458f
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d49621ca556a5 HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/api~dP?__cf_chl_rt_tk=ZCVMS7mRi00PJm9SUKofLIjAt7.NowZ3P5CQh3gGy0Y-1715211540-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 23:39:00 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJH8HVAoSErdp9R38ZMUAWwBe2cYr3VQPHmj58K%2Fs3jH39X8yuRfJK7F72BhxN4KH%2Frm%2FQ2qCs4Dp5kEIzGJdkjJ3uA3Y0oLJIA9Vgc%2F3U59ddHYLw%2FojooZirK513kHohAMFS0TgjtYYh4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880d49627d6a56c3-OSL
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/favicon.ico | 104.21.53.146 | 403 Forbidden | 5.8 kB |
URL GET HTTP/1.1plaintediousidowsko.shop/favicon.ico IP104.21.53.146:80
Requested byhttp://plaintediousidowsko.shop/api~dP
File typeHTML document, ASCII text, with very long lines (14221), with no line terminators Hash736b11f41d6ca3387a60f8a39b623e92 6920d4f1f91ff798e74e0420cc8c3aa28ee36783 90ddf06be5ad389213ef0389f92c1e0817be18e6eaee941b2943765b13f642d3
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/api~dP
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 23:39:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ISwVaNxdO0cCOl9WRPH+p+pzJ0miOzk1hqa/DKjAAqaXvilSleKHFRQjjURWlmFLS8aMosCiVpoy7ySCAo+oW+FOgR1M3NSTMLIUZ7pAfXYG0NwpiQyklYOVSeJlfQIe2fhB3GHXkpCODFzVHdgqSw==$Oh44NCaeIVUZrkkHxsH91A==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9SXI1N5R2%2FTLVi6NDqI0svnQCZFXKLGuVfXtbygaQYavKb4CdYIT7c%2FtzdYCo8gzzxAFvPPfXZQqE5kqh%2BnDqpKnCQLozPM0r5TSgTPdg31B5sW2eTr%2BpiaRoic3DAqD9Pm4MkfH6POJ98%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880d49634e297128-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/987891863:1715207519:u_NKCUTuSH3QoDHKneYEKlhTxXsZlV8Df08PQG5lVOM/880d49621ca556a5/08dcaa0eb628dc3 | 104.21.53.146 | 200 OK | 12 kB |
URL POST HTTP/1.1plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/987891863:1715207519:u_NKCUTuSH3QoDHKneYEKlhTxXsZlV8Df08PQG5lVOM/880d49621ca556a5/08dcaa0eb628dc3 IP104.21.53.146:80
Requested byhttp://plaintediousidowsko.shop/api~dP
File typeASCII text, with very long lines (16360), with no line terminators Hash1533b976b0ad2b008d960114521e749f 5558723fab72070d39056ded4458df065888a168 7d5ed2c7861a39d35f275fcb24c2bdef4c72f10ec27152dc5cfbcde3f6b45709
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/987891863:1715207519:u_NKCUTuSH3QoDHKneYEKlhTxXsZlV8Df08PQG5lVOM/880d49621ca556a5/08dcaa0eb628dc3 HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/api~dP
Content-type: application/x-www-form-urlencoded
CF-Challenge: 08dcaa0eb628dc3
Content-Length: 1846
Origin: http://plaintediousidowsko.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 23:39:01 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: S/Ru6//vYjz0fFixNc37t/M2mdKNJVLqfY2dO3VEY45LTU0Of+C3MwwjExTZhuS7$iESBr4NPdLdu4Q1oDSHYVg==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7g2D8sxdEfkVhMmtn8ieZ4PNhqPpgmShIYpSVe14ys0jJ0F2PZySQoKTSn4UJ3RKYT%2BZLLiZtk0JmR%2BkW7ejpMMY%2FXn%2Fau8Ute%2FFrhFxMyLHN%2F734fRQ8CALCxMcAQn%2FDuQsolfngE2qvXE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880d49640b30712a-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fechf/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | 200 OK | 26 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fechf/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:443
Requested byhttp://plaintediousidowsko.shop/api~dP CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hashcf01d1fd6f865a6726b28986d5532833 86db4be2b64f1144d07bf737389231d53e13e8b8 cbed4a2472d051964f249fe77317c8297a959d162b83bba743899579d0592743
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fechf/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:39:01 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 880d49650bb9712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1683669568:1715207560:mw5mWRM2r1d10DNn6L_m6KtHz4fMn4yJmLcsdxtoMy8/880d49650bb9712a/92c9b4c04488e3a | 104.17.2.184 | | 100 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1683669568:1715207560:mw5mWRM2r1d10DNn6L_m6KtHz4fMn4yJmLcsdxtoMy8/880d49650bb9712a/92c9b4c04488e3a IP104.17.2.184:0
File typeASCII text, with very long lines (65536), with no line terminators Hashb210141faaec94dfba16c2048a667a00 9517aa03c52550da23e5619c812299a75ab77bed 9aa311c0a8d212f1f7d7c0e897397341ffd98d7a27be33723af2374f139e5c71
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1683669568:1715207560:mw5mWRM2r1d10DNn6L_m6KtHz4fMn4yJmLcsdxtoMy8/880d49650bb9712a/92c9b4c04488e3a HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fechf/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 92c9b4c04488e3a
Content-Length: 3548
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:39:01 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: PBImnnPXR4l9DKGwnQsQ1UR3j+UYRn7Qvc+CeXx36HCyBlcWXERtrbdk432O2ExJyOeFDMp0JFy05CFklauD86pPL1iLSFCehM49yeLp3sWpm9+7PDramZRj30UnlzUyZltElQbYL42qJw2x6tKOwxrAe+SIqhNMttdKfXNiONZkjsmXAt+QfhSeHJaY0KJ5+7xUhnuF+lIpXzKG2GM2Re5K5xmipeAJ7JFyPeEAK+q8f80lE38Bpq0R3n2J8mI2cyV9pL+FfRPv7398F/qcZvkhCMJGEajdClWnb5IpjRsTae8NZYaZgd/IeE0OLXLp03gLiIaElC9id6EEgZj5b9j4+5zu0VQkBuEcPE7nhxY1TmDmumuqO0J0haVQcrLgU+FwrWYAf+bBmPsJ6QnzTfFAZ/aFMU7KJUPlB7HPL5w=$cIXhRfLYG4PLeQhlIaiuiw==
vary: accept-encoding
server: cloudflare
cf-ray: 880d4967fd58712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1674982287:1715207632:LOI0vIfhqiJG19jNNB_NN1KnXm79KSGtsEs2-_hB5kY/880d49204896712a/47a3420d55d4135 | 104.17.2.184 | | 8.0 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1674982287:1715207632:LOI0vIfhqiJG19jNNB_NN1KnXm79KSGtsEs2-_hB5kY/880d49204896712a/47a3420d55d4135 IP104.17.2.184:0
File typeASCII text, with very long lines (960), with no line terminators Hasha555ad0e963c9bd98f5fa62356ff20df 61f66d98dc52ed143c09f92f574184ffd1d54f39 114a4d1347e7cbc763c2683af7dea37f9ba95ca276f0ca5d9b917ef6297bb2af
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1674982287:1715207632:LOI0vIfhqiJG19jNNB_NN1KnXm79KSGtsEs2-_hB5kY/880d49204896712a/47a3420d55d4135 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dr4i4/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 47a3420d55d4135
Content-Length: 40397
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:38:58 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: sD5txDH1jHtosyo1ad8pLMkJ+s3cGH79dXPpMuRNxN1+/4IfFPn6d7hvRCkqMFSKVmTJ22DDoWFl46h8q72tV9Rbqy6WxFuJkMvbT9VmGow=$L7r0s/h/dtrha+94PU43gw==
cf-chl-out-s: lY0CQpCdxzOqFJah8oZyjQ==$QZh2hXATxWOUSKd70DbfDg==
vary: accept-encoding
server: cloudflare
cf-ray: 880d4954b998712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| plaintediousidowsko.shop/api~dP | 104.21.53.146 | 403 Forbidden | 3.4 kB |
URL User Request GET HTTP/1.1plaintediousidowsko.shop/api~dP IP104.21.53.146:80
File typeHTML document, ASCII text, with very long lines (394) Hasha4db1022a1d9c15d85746c896b8bc07f b9200ceef1013cea42c658d1e60c034f84fef79e 3b09b682b841a2a0a452488d848d9d11781915e94b0a92d6b024ca850764e5a8
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /api~dP HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Wed, 08 May 2024 23:38:49 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Wed, 08 May 2024 23:39:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FgwWvvxJO1Phum%2BZCePZQT%2BYWHsKZ3UIjP7181%2FjTB1deCWAzqZLmGnPkgSeBBteEASppox4lZajhvWzANf12NVGM63fe5k%2BHa0mjJNOP2458ue3FojHHo7j1C6VTU0vgQ%2FoYbSJshaUx28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880d491afc025695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit | 104.17.2.184 | 200 OK | 43 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP104.17.2.184:443
Requested byhttp://plaintediousidowsko.shop/api~dP CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://plaintediousidowsko.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 23:39:01 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 880d49634a96712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
172.67.213.139