| holicisticscrarws.shop/apil |  104.21.40.92 | | 5.9 kB |
URL holicisticscrarws.shop/apil IP104.21.40.92:0
File typeHTML document, ASCII text, with very long lines (14391), with no line terminators Hashc10828b7f3bf491815492990d534c4fc 83add4c5e8209cac40e729e313bcd44d2d7cbc72 2e3d2de5ece88dfe53e4f8636bd287db60d588e37d268725054c55b420c3440d
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed |
GET /apil HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 08:41:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: FV63kZlU3F3jPwZJN/FZV9fVJMZNdLUWQ+XUY2Eua6Fhawt9+i0uedgufF1TPb+tQkIRixQy1Y0LDDVF6U1ltrpArFDSxN2yGDyGcLOGHMnC47w1yf4Nz2ol7m+Jbs1S/hTQCr7w7G36aB7ZyIwFxg==$F98v/kVfJgC3SIWJ+RtPQA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8y%2BpYnM%2BPFSaQkil1FEUVvGaaB4QtHlQU0NJS8prUf5JIVZU1I9RWEgNBIsBfPXfIjMbBT7c69UQ5VaVkEuxxj%2F9VNvAXPkfCBvtfOR1drJOevZuEo3sY2yE%2BngPw%2BiQiBH908FXrJU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e731756ce956ca-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e731756ce956ca | 104.21.40.92 | | 113 kB |
URL holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e731756ce956ca IP104.21.40.92:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size113 kB (112924 bytes) Hash04d99eddbb1f8bb71fefef4212c2ffe0 668d066ce8e1c159204712cdfca67a6eae7853b7 901fd99442a5a713de10a268204cb92953924c80688318fafd0a7e351401704e
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e731756ce956ca HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/apil?__cf_chl_rt_tk=wvecH5yoi5Sw.HvtGS_y4VSrjAMT5n7slV7V06K7OWA-1714812101-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:41:42 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kaehNMOiZe8s2By9KYwmZdanzQWJGy3S1k1SidOLF07z0QZyUgOiPkfbYQfIcGXXHWAP0JtmagRnpLVkbuIBSLt3V7eUM4lCA07PE9vZf6t%2Fwi5GPv%2B4ETmRiAnAVOw9b1cp3Tipcsv3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e7317769e81c06-OSL
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/favicon.ico | 104.21.40.92 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1holicisticscrarws.shop/favicon.ico IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/apil
File typeHTML document, ASCII text, with very long lines (14398), with no line terminators Hash0eb135ca9cf6449780f34019c151a213 7234f1bef977f299c60769069ca755b019d2943e 055cc60aeb548234c1f5b80ddb987caba9a0157232a92a1224059c4c4039f3e3
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/apil
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 08:41:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: FEGHNptzYov5Ga2JfAFV5Gr3a+ODnr87nNlgSHUOg5X8o+B1u9Vw7wdf8bkIWX4e2LT4jBHxv14AJLeauFNNNWuNWuby1UwIORkl8/4Uf9ZeD0I/v5qVK2OrCE1IuFqF3qoF6njAnM8NxK6xxTBnHA==$yyptwILa4+YBi2sDCkepnw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5A5ukP8JyjhnM%2B%2Fwg6kFB%2FcLSI8RV551%2BDG2wTR9jmkphVmjLYVMBJzWxWVWtZ2fVbB2yczsrLnFsilBPEk8%2FaBSGqYb9kDE0tBE10Kah10CHgRB0bZByVYCoPyR%2FU%2FHPmOoySEON%2FA%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e73178390e569f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1306677413:1714807829:kXov1uu9EPwR5pbkJ5V3Vcpn1-p5jNJNwAND5Cnx-kw/87e731756ce956ca/61d3c898b04987c | 104.21.40.92 | | 12 kB |
URL holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1306677413:1714807829:kXov1uu9EPwR5pbkJ5V3Vcpn1-p5jNJNwAND5Cnx-kw/87e731756ce956ca/61d3c898b04987c IP104.21.40.92:0
File typeASCII text, with very long lines (16424), with no line terminators Hashae3fcccbfffebfee4d4100175ed85434 d92494b927dfad07c52a1202d70d915a4e08f652 4a9fd1554c2a185ec4c2d2c6d06171664b94595480c9c5d39f28bee351a30a77
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1306677413:1714807829:kXov1uu9EPwR5pbkJ5V3Vcpn1-p5jNJNwAND5Cnx-kw/87e731756ce956ca/61d3c898b04987c HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/apil
Content-type: application/x-www-form-urlencoded
CF-Challenge: 61d3c898b04987c
Content-Length: 1871
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:41:42 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: Omi3eT6xmU9EzbZZ/qbr4OfowMMuz0Ic3anC05PK3MrDSTd+y0cVCUN4QvZjlpnI$ay5LaHiC7c4hRCLmWyE3zA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2BZ5i9WKtAV9lXpi%2BIy%2FcYgAqyXv4Di795ZKIaqFSLNAyPCDyn3rt4pRDLElr2uTLcNiY5f99BstWwvG8kjWwdLY7ixZ7bWSeIyvo%2BPuP0LM%2B%2FyW5Pys2LHP6rwcLwwfEuMIF7LhU07V"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e731790f42569b-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fih86/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:42 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e7317b3d8ab50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit | 104.17.2.184 | | 15 kB |
URL challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit IP104.17.2.184:0
File typeJavaScript source, ASCII text, with very long lines (42565) Hash65b0a652c40c95d12c4ddb3b4567c1ea c654efa19d01d6553ed4e0f500d350011e023ad1 c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7
GET /turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:41:42 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e731785f44b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/510457131:1714807807:mRy7FDOSWKis_6C2YnM3S95lz9Xqbfb4CPLOUu5vC1A/87e7317a6c7cb50f/fadbf2f05cfaaba | 104.17.2.184 | | 105 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/510457131:1714807807:mRy7FDOSWKis_6C2YnM3S95lz9Xqbfb4CPLOUu5vC1A/87e7317a6c7cb50f/fadbf2f05cfaaba IP104.17.2.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size105 kB (105429 bytes) Hashaa9d64e19e147a27f86d3e25b5562fed f45c24b91f9d91177e88365f1f9e443fa5e31cde eae34a11d89b486b0ac102181e243ee543fb2d5db4859c1976e7cf4ed2242466
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/510457131:1714807807:mRy7FDOSWKis_6C2YnM3S95lz9Xqbfb4CPLOUu5vC1A/87e7317a6c7cb50f/fadbf2f05cfaaba HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fih86/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: fadbf2f05cfaaba
Content-Length: 3517
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:43 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 83hH5HrHckUj5bME1gfKFY7NH1gD2T8+QS0OdaHzLSVtOYCQ/+M8TIgMe+TMFyFGydEQhrJlee1J8ocrVewAZNpZfWbY4w+7Hmp1+GQ2+zaIkWsMVZWIxP7oeTmdfg/2RjaCb9ILdZ6M84Hw0HY0FBBzsuofwg8hsQSbmR4pMpmKJyxviOknCa00oJl2eyY4XMJQD+0LRjwLVHbgZ3pOZwHj5C0fo/Mlp3FOWh44xnsvZaw7PNrjVQSiwaZ0spxV3ga632zSeiqhkuLny9LSRHEG2w/UtkiR8F+VthT4fO3+nQvliymy2EDEutR9BczNLJ2h8atltjzSiev8BJm49dbYYxVukCZKc3S7L215OyozBEXpTCa+ZunSewoSJn6hPG7CsDt33mtoAEEqAsmA1weIO26m6y+mcwOaWSfUZ2U=$9ZWnRIJUaI2AJWIYIsTNgQ==
vary: accept-encoding
server: cloudflare
cf-ray: 87e7317d28d4b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| holicisticscrarws.shop/favicon.ico | 104.21.40.92 | 403 Forbidden | 5.1 kB |
URL GET HTTP/1.1holicisticscrarws.shop/favicon.ico IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/apil
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hash27226dd5a6d53589aa370f647dd57017 0067bb683b1dfa5b8cf04980ce370a4756f03d0c afcebda6680c559c51aceef8e8c75a35937f7927cee7431880e5c86db1e2b8d6
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/apil?__cf_chl_rt_tk=wvecH5yoi5Sw.HvtGS_y4VSrjAMT5n7slV7V06K7OWA-1714812101-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 08:41:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: RWVbGb3QC5sWDYHUAct3PJKr6F+nn8tXvBW+OIju+xqTGkMmDP96MBSg0M1PtYoXkJq+u/mSVHIvOr7nMgaAkExo/gY99z7P9x/4eqPSnE+XsUkU5MVavy3CL9oU3czxKv33LfGqgoLVwjsSQPYVgg==$wVUUpD8gXvkY3yHSYcfkdg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zjSO%2FgmDZXzVvQLdjO6jrzrEOD4nXRHeLPhxrx0L9110VOt0qBOI%2BA3POLsiF8XZLKKdUSvTv3i9%2Fyi%2FZ3gSmhbdTvaxCRrjnJ7NsDpYi5nhImidFy36CGBiLcJfxkZ%2BbwNQ%2BhjFIUMr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e73177aa121c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e7317a6c7cb50f/1714812103242/8t7TXdE-RfuvlQT | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e7317a6c7cb50f/1714812103242/8t7TXdE-RfuvlQT IP104.17.2.184:0
File typePNG image data, 22 x 77, 8-bit/color RGB, non-interlaced Hashbf13741ca637e48e280a150fa68da891 a0782da33764fbe3c39729ff088add244f614649 c2274aa3484c7f2c9600b43b5ef3c9ed86e15d81c130e31e9002c0cd298affff
GET /cdn-cgi/challenge-platform/h/g/i/87e7317a6c7cb50f/1714812103242/8t7TXdE-RfuvlQT HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fih86/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:44 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e731834876b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1306677413:1714807829:kXov1uu9EPwR5pbkJ5V3Vcpn1-p5jNJNwAND5Cnx-kw/87e731756ce956ca/61d3c898b04987c | 104.21.40.92 | | 1.8 kB |
URL holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1306677413:1714807829:kXov1uu9EPwR5pbkJ5V3Vcpn1-p5jNJNwAND5Cnx-kw/87e731756ce956ca/61d3c898b04987c IP104.21.40.92:0
File typeASCII text, with very long lines (2328), with no line terminators Hasha698e3cb2d8164eb89fbf006e7690372 3d5031fc7c41736b983fdd3795026e752ba13f3f cf7bfc6bbd576b9f668a01df82ecc64c9cf7ce55f411a34adba0df1b97305317
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1306677413:1714807829:kXov1uu9EPwR5pbkJ5V3Vcpn1-p5jNJNwAND5Cnx-kw/87e731756ce956ca/61d3c898b04987c HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/apil
Content-type: application/x-www-form-urlencoded
CF-Challenge: 61d3c898b04987c
Content-Length: 2548
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:41:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: nAsbWQL9qSzrs7LfpdFeuFg/4hqcqflqzbtRmyXGc8Nfl5jPNmi5uLK73DDmCdVDtdAq9PPjvK07LvOpW8kGOu67IAq0MMMkPH0HDdg06Is=$63bwgkyF8nWap0ldMxwjDw==
cf-chl-out-s: 0hPJzcltmWOCGPyRNqR2fg==$4b9s03+6yVkDjtpXcaV98Q==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9A8xWORHSlpka0pAAnhDddbeGxdwpdVJQmTtdthmRxScSmH1GEIOXdYNzmEeQAjwNkXPAeWc1XZoqJRCU9VGm7jwnQc0W19tJJ7KmWZDBKY0Zmv6GE5Cij%2B2z%2FNdJVk1vH4swJ8S2S3S"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e731a769da569b-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/510457131:1714807807:mRy7FDOSWKis_6C2YnM3S95lz9Xqbfb4CPLOUu5vC1A/87e7317a6c7cb50f/fadbf2f05cfaaba | 104.17.2.184 | | 6.6 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/510457131:1714807807:mRy7FDOSWKis_6C2YnM3S95lz9Xqbfb4CPLOUu5vC1A/87e7317a6c7cb50f/fadbf2f05cfaaba IP104.17.2.184:0
File typeASCII text, with very long lines (960), with no line terminators Hashff408fc078add705bb0a14cbdf06255e a8ee4be6bcab55e6bc4e1bf67d543d0ada353055 15930a96c70f24a65d9b1fc2ad4d12d9f5e12eeb0458e336221c533f1b2401f1
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/510457131:1714807807:mRy7FDOSWKis_6C2YnM3S95lz9Xqbfb4CPLOUu5vC1A/87e7317a6c7cb50f/fadbf2f05cfaaba HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fih86/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: fadbf2f05cfaaba
Content-Length: 39949
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:49 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: IYfcSGiKmOMjySWY92ZjCw==$oLMQmB0Noa9pSLA2Y7toLw==
cf-chl-out: EAC0dOub03I2LN1EEKoNtSKBe99yIueV/JJDkpEZl6CE54YWXpkO/H5PozdLLa2lcCbroxUv3bKBGCD/i0cpIJ4ToXZJXaihXy0MwrM2aVg=$yQq68tir/PyyNNcvXSk7nA==
vary: accept-encoding
server: cloudflare
cf-ray: 87e731a6cc55b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| holicisticscrarws.shop/apil | 104.21.40.92 | | 5.9 kB |
URL holicisticscrarws.shop/apil IP104.21.40.92:0
File typeHTML document, ASCII text, with very long lines (14412), with no line terminators Hash634fac4751ec140d5eaba18452f383f9 7a2e622b5821b44ea5ed2425b0b0588d0ac2418d 4b0ddcbb1d929be9ee43691b701cb0324cdc4894bac52f657d26819cca086bc0
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed |
GET /apil HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 08:41:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 7D7OIsexeYSo1NuQ0FMQEOBC3aiH6O0i6nld9Mhk9HUZePoTz1RsbNvYj2kTO65pCySqULbnagd0dGWhN7LGWlNpuKgzxvF4qhjdFQLXtTD7Z+5+ACRQ1kKgidPNcGBVZheUVoED35YG04Mk38Yleg==$XTqNtdlilPANx/ojV9uhaA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNe2TgDjMjL7mmiw6QUcsNZ3LdZAo7LzWW40JaioJgGbpPjynOoJFUTZRmflhZI1de80eJLfVIlQoGymz5ZOzrnQxv0bwbobcoMBojAeBCftxuonUc1MRYBXKmYDBGHsUqvNJeKWy4Vp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e731b4386a569b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e731b4386a569b | 104.21.40.92 | 200 OK | 114 kB |
URL GET HTTP/1.1holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e731b4386a569b IP104.21.40.92:80
Requested byhttp://holicisticscrarws.shop/apil
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size114 kB (113723 bytes) Hash5bb2be7d9fd50c9d5a949fbe2d8ec74b a3b9403f6b042c595add8af295a21578d2471be7 4b8c45fd8e97ccf18e0d9a19b198c3a8d6a69c0aaf5eb361699105fa647ff309
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e731b4386a569b HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/apil?__cf_chl_rt_tk=KLJux0.sP10Ja9zK3B1i7nzuaN1PAgI.xHTaXnk6F6o-1714812112-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:41:52 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DC9%2FGiEdRILzAG6Xxz23JEk7tYBbn8wc%2B4hscb0WtnM9ycHqEvUsHJet2PeqEIWnaUPXvQlJu%2F4FP9ItxE%2FLEtKVer5K8vLYipL4OnHKrrBcOSBnN07zEJCVqpYBN72ErpnwFYD72gjt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e731b48d7e1c06-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/510457131:1714807807:mRy7FDOSWKis_6C2YnM3S95lz9Xqbfb4CPLOUu5vC1A/87e7317a6c7cb50f/fadbf2f05cfaaba | 104.17.2.184 | | 27 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/510457131:1714807807:mRy7FDOSWKis_6C2YnM3S95lz9Xqbfb4CPLOUu5vC1A/87e7317a6c7cb50f/fadbf2f05cfaaba IP104.17.2.184:0
File typeASCII text, with very long lines (22336), with no line terminators Hashcc253119b1cf3935bba7fcaae042f687 42e2efb6c66745a073d4a6ae51d5a2e35fbb3136 2d5a5b3b5d85d6c8f380a8702f0f0a8c0dcea29999a980019edf17aa31130080
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/510457131:1714807807:mRy7FDOSWKis_6C2YnM3S95lz9Xqbfb4CPLOUu5vC1A/87e7317a6c7cb50f/fadbf2f05cfaaba HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fih86/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: fadbf2f05cfaaba
Content-Length: 27337
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:45 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 5u7S4f5IGCnvJCyiwe5BgcO1Nohy4Eqe2uUm6gEI188YzA5/yXhRTQQeanRtrqet$bWg57OJGFIKV7/WdoFc8HA==
vary: accept-encoding
server: cloudflare
cf-ray: 87e7318a99f0b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/2115102009:1714811281:lCjq0KYQmzXoBIlYlWvscIUM0GQ1vbczch50ZUzdh84/87e731b4386a569b/2d5e6f6bb72362a | 104.21.40.92 | | 12 kB |
URL holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/2115102009:1714811281:lCjq0KYQmzXoBIlYlWvscIUM0GQ1vbczch50ZUzdh84/87e731b4386a569b/2d5e6f6bb72362a IP104.21.40.92:0
File typeASCII text, with very long lines (16412), with no line terminators Hash1166ebdbbf547a6cefb74cd3c229831b b7e1eba72fe37a4e337afc825e2b58d92f3a4283 281f9d5f65e6bec7130be36909c11283edc4d0511d69cbf0a883f339a8d4dbea
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2115102009:1714811281:lCjq0KYQmzXoBIlYlWvscIUM0GQ1vbczch50ZUzdh84/87e731b4386a569b/2d5e6f6bb72362a HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/apil
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2d5e6f6bb72362a
Content-Length: 1858
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:41:52 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: gsiqXWREnvSBx8/TNUwVnYl7F8LEjR6thTl41Dhx+Jc6mFsUBCakxLiOTbIGD7/l$vdOiDhHYWJzQVEU9mooi8A==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3AE9fjBo%2BsKqK3q%2BzpK8MSRhfPJWyma7cz6p0S7WspzipERdO1fO26n0l%2F6L0n5Kmd3dAgwLZwmEfjWvztJxUowp5Iftd3hROSOvUlGihnKPaM02pWZg4YUFwXeL9OPNkqCHLIyrjxL0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e731b63bc456ae-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vcbep/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:52 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e731b7feb7b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vcbep/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | | 205 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vcbep/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Size205 kB (205300 bytes) Hashaf617b138bfaa12f870d80d5491b244f f2237348e47013f691ebd728e3a406031640ac2b 85b35e4bc99818d53edbd0d96f6c23037b3a274f9ebc9fad90f8804c44ed98e0
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vcbep/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:52 GMT
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
document-policy: js-profiling
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-embedder-policy: require-corp
vary: accept-encoding
server: cloudflare
cf-ray: 87e731b73e0eb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e731b73e0eb50f/1714812112969/cVs189h94Eat-l9 | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e731b73e0eb50f/1714812112969/cVs189h94Eat-l9 IP104.17.2.184:0
File typePNG image data, 52 x 99, 8-bit/color RGB, non-interlaced Hashce4b53cf3ee23d46b84bd4b99eb84ccc c3da4d892b99f5a3fb13ea321306a7f961f3fbb5 653ef6bb40b9699b3f8dc2e867f75f05408b61490e8264e2c69ff0724962d903
GET /cdn-cgi/challenge-platform/h/g/i/87e731b73e0eb50f/1714812112969/cVs189h94Eat-l9 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vcbep/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:41:55 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e731ca9abbb50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/2115102009:1714811281:lCjq0KYQmzXoBIlYlWvscIUM0GQ1vbczch50ZUzdh84/87e731b4386a569b/2d5e6f6bb72362a | 104.21.40.92 | | 1.8 kB |
URL holicisticscrarws.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/2115102009:1714811281:lCjq0KYQmzXoBIlYlWvscIUM0GQ1vbczch50ZUzdh84/87e731b4386a569b/2d5e6f6bb72362a IP104.21.40.92:0
File typeASCII text, with very long lines (2328), with no line terminators Hash5679aca58c84e0f720dc1c92912f4ba8 c1c660a056cfa7f0ae3aa5e36bb3c48fe4bdaaee f2bf285d8dc519b06aa7ff41b988247380a603ac8ff8b5b928ef79a9317bcc07
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2115102009:1714811281:lCjq0KYQmzXoBIlYlWvscIUM0GQ1vbczch50ZUzdh84/87e731b4386a569b/2d5e6f6bb72362a HTTP/1.1
Host: holicisticscrarws.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://holicisticscrarws.shop/apil
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2d5e6f6bb72362a
Content-Length: 2537
Origin: http://holicisticscrarws.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 08:42:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: ArTzfdeU6bK7l2J4I3vb6xH+nE7xkM+77dYJbNceUdw5tVBwmnzEUm5ezAtOdaseOu4isghQuS/G0YdFtBX55bHF5KiPpJ/urcaPUVfJyiw=$HCXN4qJfJNf+d2AFfQE3zw==
cf-chl-out-s: S1B/nKv1qim6qkACtf3MBA==$Z7hRFxYNMKBT9Pl2KeH7cw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNO3QmMitJg7Mt3uOwGEpX7I%2B9lGIE8MDL7%2BLL3S4L4mnifh%2F9a9FEh9pspcEKxMdaWdFMfHLuW7F0pk753nJ0pSSyRBw2ok9BoXoKCZ5VZB83pn%2F9Fp6HK7rwuK8APPqX%2BKy%2FWwcGZg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e731f32d5a56ae-OSL
alt-svc: h2=":443"; ma=60
|
|
172.67.183.72