Report - gate.sc/?url=https://urllio.com/2tvofb&token=893ccf-1-1685598991199

Report Overview

Submitted URL
gate.sc/?url=https://urllio.com/2tvofb&token=893ccf-1-1685598991199
IP
54.230.111.50
ASN
#16509 AMAZON-02
Submitted
2023-06-01 06:03:12
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bibtu.com	unknown	2023-05-11	2020-07-06	2023-05-31	1.0 kB	96 kB	188.114.97.1
hcaptcha.com	5458	2018-01-12	2018-04-03	2023-05-31	1.2 kB	12 kB	104.16.168.131
urllio.com	unknown	2018-08-31	2018-09-11	2023-05-19	475 B	2.3 kB	172.67.212.85
www.hcaptcha.com	91052	2018-01-12	2019-09-05	2023-05-31	397 B	316 kB	104.16.168.131
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-31	680 B	1.9 kB	54.230.80.227
gate.sc	555388	2019-04-02	2019-04-29	2023-05-31	863 B	1.2 kB	54.230.111.48
newassets.hcaptcha.com	11055	2018-01-12	2021-03-22	2023-05-31	3.6 kB	613 kB	104.16.168.131
imgs.hcaptcha.com	22116	2018-01-12	2019-07-26	2023-05-31	14 kB	103 kB	104.16.168.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	bibtu.com
2023-06-01	medium	bibtu.com

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	bibtu.com/ef0803aae96c71948bbffece7b6976d0jItzXq/Pkl41DX4U9wSi9pJ1qGDcVSzggTD9eQk2gzFrGM	0 B	2023-03-07	2024-04-24
Pretty URL bibtu.com/ef0803aae96c71948bbffece7b6976d0jItzXq/Pkl41DX4U9wSi9pJ1qGDcVSzggTD9eQk2gzFrGM IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 22:24:09 Times Seen37049047 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	136 kB	2023-05-22	2023-06-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-22 17:29:45 Last Seen2023-06-09 22:16:47 Times Seen264 Hash 50117a69cbff946d9c370d575e889d48 6efe1f65de9e3ec3231cdd7710263f90036de181 f6338fb17f52399d0368d3686b5d22d70f9053be3432382d91f15b5695754352 Loading...

	unknown	48 B	2023-04-11	2024-04-24
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:45:29 Last Seen2024-04-24 17:44:36 Times Seen18885 Hash 43d643e449b4ea13394fe737b1d6a447 1c03d56d955fd266d7659379e63d5711bd5382db 4817661f6ac7d2e1691bc3aeb9966e66012891ccda569ff872dc0932010c540d Loading...

	newassets.hcaptcha.com/captcha/challenge/image_label_binary/c574e53/challenge.js	52 kB	2023-05-31	2023-06-01
Pretty URL newassets.hcaptcha.com/captcha/challenge/image_label_binary/c574e53/challenge.js IP 104.16.168.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 15:01:17 Last Seen2023-06-01 08:03:14 Times Seen16 Hash 16a1591570c9a166825806c296bf6f76 82d568d7d0b09cbca0cdf56eb9daf029e6114a11 89abd3514006c94e8ed8b812fa1470c64c822e3fde35915ea63cfd2ec193ecbf Loading...

	www.hcaptcha.com/1/api.js	315 kB	2023-05-31	2023-06-01
Pretty URL www.hcaptcha.com/1/api.js IP 104.16.168.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 15:01:17 Last Seen2023-06-01 08:03:13 Times Seen24 Hash f9d77758428e84f9ac569371d0b62747 3d612c68eec179e81eafb4edd56d71679e5b558f fac8f887d822c9932ae6c233c829e03eac3eb245589057dd9fe31da4faf8c34d Loading...

	newassets.hcaptcha.com/c/0d2aecf/hsw.js	467 kB	2023-05-22	2023-06-09
Pretty URL newassets.hcaptcha.com/c/0d2aecf/hsw.js IP 104.16.168.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 17:29:45 Last Seen2023-06-09 22:16:47 Times Seen526 Hash 27081fb320c1f7d7b2af58b9dd40ea16 28f5eba6023cd8819b5ec2a6c6dd394498114082 b7c3c885c8ccdb372b310bdc5784e773a1e3ca530202ea9fb2877102e4d36ec1 Loading...

HTTP Transactions (38)

URL IP Response Size

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a9e33693322fe77a9a007e3db6802825
fd7d44b547c7e516b893e0c6baa9f60c43e7507e
39319fe7b35cc2a39c94f7044b95e5f053c7b88461080cb013f8a5ff6a934a4e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 06:02:54 GMT
Last-Modified: Thu, 01 Jun 2023 04:19:35 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2EJT05xgYIwwT9QmXCIyRsajoprtejGR76St1xXVbz_KOMKRR8Dh-A==
Age: 6199

gate.sc/?url=https://urllio.com/2tvofb&token=893ccf-1-1685598991199

54.230.111.48

302 Found

0 B

URL User Request GET HTTP/2
gate.sc/?url=https://urllio.com/2tvofb&token=893ccf-1-1685598991199
IP
54.230.111.48:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectgate.sc
Fingerprint3A:91:8F:C6:25:61:2E:2B:92:DF:83:E4:8B:12:DB:37:17:C2:25:31
ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?url=https://urllio.com/2tvofb&token=893ccf-1-1685598991199 HTTP/1.1
Host: gate.sc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/plain; charset=utf-8
content-length: 0
location: https://urllio.com/2tvofb
date: Thu, 01 Jun 2023 06:02:54 GMT
x-robots-tag: noindex
cache-control: private, max-age=0
referrer-policy: no-referrer
x-frame-options: DENY
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: am/2
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OeTdwHwegKlbrs7lF2_AlcslB57z4V8YAj34HZBRN-f85sSZb4TAow==
X-Firefox-Spdy: h2

newassets.hcaptcha.com/captcha/v1/c574e53/hcaptcha.js

104.16.168.131

200 OK

224 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/c574e53/hcaptcha.js
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (41625)
Size
224 kB (224433 bytes)
Hash
f9d77758428e84f9ac569371d0b62747
3d612c68eec179e81eafb4edd56d71679e5b558f
fac8f887d822c9932ae6c233c829e03eac3eb245589057dd9fe31da4faf8c34d

HTTP Headers

GET /captcha/v1/c574e53/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:55 GMT
content-type: application/javascript
cf-ray: 7d05401eee6cb50f-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 2203
cache-control: max-age=1209600
etag: W/"807c0ee2036a6d663c54cd09a43ecf4e"
last-modified: Wed, 31 May 2023 12:28:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8bdae94273544c8186e20a3c31375f98.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: KzemClZ_uetSOJPpWmCqDW5-MuiE_mRA_sC71bD7HD4YGwvBp7SlCQ==
x-amz-cf-pop: ARN1-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 6znip0tm7mCjkCPcutwU7OTDM9kxUnhZ
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/a5tvfvSPGEX9sOYXufojQLQSVql4mOD5OrPyU20u6GroxbIRJZGONs3JdMCr5vmR6vTxC3AQTkLN20XXbBvHqUETfP7kNJIxY1MVc08nb64vU1VINqkeWk+nhmzzAnLsEjX+CarN3vSnkoXj7ChRkMNo1EcIq4+smnkpp/9dgy3rY8VioPOnD53cKVfPHdcX1n4HDUWGKA05Slz/t91SUflXtf5duFDtKp07ly2BLu+Chi6BMYlEpKtBBn5U9USZWw2p

104.16.168.131

200 OK

4.1 kB

URL GET HTTP/3
imgs.hcaptcha.com/a5tvfvSPGEX9sOYXufojQLQSVql4mOD5OrPyU20u6GroxbIRJZGONs3JdMCr5vmR6vTxC3AQTkLN20XXbBvHqUETfP7kNJIxY1MVc08nb64vU1VINqkeWk+nhmzzAnLsEjX+CarN3vSnkoXj7ChRkMNo1EcIq4+smnkpp/9dgy3rY8VioPOnD53cKVfPHdcX1n4HDUWGKA05Slz/t91SUflXtf5duFDtKp07ly2BLu+Chi6BMYlEpKtBBn5U9USZWw2p
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.1 kB (4132 bytes)
Hash
ba2e31686119e41ba0015e5b2921029c
2c928ac742d2223bd26c93b22e185920bc1d908f
62eb8a6d06c89179040d9fde901d1bb4e9435d426b689993a91b757715a17738

HTTP Headers

GET /a5tvfvSPGEX9sOYXufojQLQSVql4mOD5OrPyU20u6GroxbIRJZGONs3JdMCr5vmR6vTxC3AQTkLN20XXbBvHqUETfP7kNJIxY1MVc08nb64vU1VINqkeWk+nhmzzAnLsEjX+CarN3vSnkoXj7ChRkMNo1EcIq4+smnkpp/9dgy3rY8VioPOnD53cKVfPHdcX1n4HDUWGKA05Slz/t91SUflXtf5duFDtKp07ly2BLu+Chi6BMYlEpKtBBn5U9USZWw2p HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 4132
cf-ray: 7d054025ff1cb50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400,s-maxage=86400
etag: "ba2e31686119e41ba0015e5b2921029c"
last-modified: Thu, 01 Jun 2023 05:34:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 17sBWmk5qagRsLa16xbKtyi6N215dcB5yGvvUR9mul0LjYILywOJLQ==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: l0j_9qHyWiEVA6ZAFOWociwpvV3t.Zz.
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/0QOfI+buyNN6BwosPgqDwxKjikyg9CqRE6/zeJuarzAx6iYc6VWDvlMObR6ZAJyQMl/uG8++lKVpBtjELgLaTnTMSQeen9aqhqU9Lt+gUA2gSoU6wIVGcUGIVEkEsMCzaNK/wyolMjNAPBM1n/ae/5P7tKTEcd/JuGxcBZjWKQ5SdpcDkxQDdRiIva1xxXogCueKY5qunQ1odDi30SSpI1MCqgxOodUKtb2oDQ==WIjfaUV5tcIMl+3o

104.16.168.131

200 OK

4.0 kB

URL GET HTTP/3
imgs.hcaptcha.com/0QOfI+buyNN6BwosPgqDwxKjikyg9CqRE6/zeJuarzAx6iYc6VWDvlMObR6ZAJyQMl/uG8++lKVpBtjELgLaTnTMSQeen9aqhqU9Lt+gUA2gSoU6wIVGcUGIVEkEsMCzaNK/wyolMjNAPBM1n/ae/5P7tKTEcd/JuGxcBZjWKQ5SdpcDkxQDdRiIva1xxXogCueKY5qunQ1odDi30SSpI1MCqgxOodUKtb2oDQ==WIjfaUV5tcIMl+3o
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.0 kB (3982 bytes)
Hash
b7dfb1e679bd48ba5da6e9251cf741ed
482299309610203e14b2767c158ee898d8e45a5d
5422763bea742948c2b631aa3481ec6476a501d0998a82a1ff1e80f65998d6a5

HTTP Headers

GET /0QOfI+buyNN6BwosPgqDwxKjikyg9CqRE6/zeJuarzAx6iYc6VWDvlMObR6ZAJyQMl/uG8++lKVpBtjELgLaTnTMSQeen9aqhqU9Lt+gUA2gSoU6wIVGcUGIVEkEsMCzaNK/wyolMjNAPBM1n/ae/5P7tKTEcd/JuGxcBZjWKQ5SdpcDkxQDdRiIva1xxXogCueKY5qunQ1odDi30SSpI1MCqgxOodUKtb2oDQ==WIjfaUV5tcIMl+3o HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3982
cf-ray: 7d054025ef0ab50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 714
cache-control: max-age=86400,s-maxage=86400
etag: "b7dfb1e679bd48ba5da6e9251cf741ed"
last-modified: Thu, 01 Jun 2023 05:34:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb71d06ef6b006f750bfcf682863ded0.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: PddLUxSESD_oKdS42Q_FEqkzlPzJAtx1xzn_ESywBCt2m_ia8OJ-uA==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: yN.AjD4niFi7_UmsbVIB6.7rItkeKkS7
x-cache: Miss from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

newassets.hcaptcha.com/c/0d2aecf/hsw.js

104.16.168.131

200 OK

187 kB

URL GET HTTP/3
newassets.hcaptcha.com/c/0d2aecf/hsw.js
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
187 kB (187133 bytes)
Hash
27081fb320c1f7d7b2af58b9dd40ea16
28f5eba6023cd8819b5ec2a6c6dd394498114082
b7c3c885c8ccdb372b310bdc5784e773a1e3ca530202ea9fb2877102e4d36ec1

HTTP Headers

GET /c/0d2aecf/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:55 GMT
content-type: application/javascript
cf-ray: 7d0540208847b50f-OSL
cf-cache-status: HIT
access-control-allow-origin: *
cache-control: max-age=3024000
etag: W/"27081fb320c1f7d7b2af58b9dd40ea16"
last-modified: Mon, 22 May 2023 09:06:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8c6057fa6de6f566cdf8dbf994c18e80.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: eoI0CPTENtE0V6GUcur3-E9qwyd0SiGdNDFwqQMBSUJqw7VtFfvs5g==
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: 4FMKIW.qhGqOQEE7HYvBFrGpKia.745s
x-cache: Miss from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/TSswlu/yOdJbqlEjZs07/gAwelQmSFIJ7gPJoF2e4Vg6mobcg5h3LOyMLGU3mI8gHS1qZZw6R7T4pQKn5Tchqj+qbPV3WtT5R1Sds4nyfL2V5tKn0hrmzr3TNv+3LJT+2RufJhI0FILlu+Aq49yuc2ZrwdDpH4pD3goHlTLpEqyh7EKD9KHeFFigjaj1W2iRDbbRnUbNJlktW4YeC9wZhf65VoE9D8r2FYWXOBVkhBW9uZ97FWtD

104.16.168.131

200 OK

4.1 kB

URL GET HTTP/3
imgs.hcaptcha.com/TSswlu/yOdJbqlEjZs07/gAwelQmSFIJ7gPJoF2e4Vg6mobcg5h3LOyMLGU3mI8gHS1qZZw6R7T4pQKn5Tchqj+qbPV3WtT5R1Sds4nyfL2V5tKn0hrmzr3TNv+3LJT+2RufJhI0FILlu+Aq49yuc2ZrwdDpH4pD3goHlTLpEqyh7EKD9KHeFFigjaj1W2iRDbbRnUbNJlktW4YeC9wZhf65VoE9D8r2FYWXOBVkhBW9uZ97FWtD
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.1 kB (4058 bytes)
Hash
d957a05612b58d504bbe468a1fdf114b
d67023941b34d2f2769f7b36f431199afbed822f
8df582c33743959c7891717ed785bd118dbe17458786ae64fe6b137feff4c387

HTTP Headers

GET /TSswlu/yOdJbqlEjZs07/gAwelQmSFIJ7gPJoF2e4Vg6mobcg5h3LOyMLGU3mI8gHS1qZZw6R7T4pQKn5Tchqj+qbPV3WtT5R1Sds4nyfL2V5tKn0hrmzr3TNv+3LJT+2RufJhI0FILlu+Aq49yuc2ZrwdDpH4pD3goHlTLpEqyh7EKD9KHeFFigjaj1W2iRDbbRnUbNJlktW4YeC9wZhf65VoE9D8r2FYWXOBVkhBW9uZ97FWtD HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 4058
cf-ray: 7d054025ff25b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 1166
cache-control: max-age=86400,s-maxage=86400
etag: "d957a05612b58d504bbe468a1fdf114b"
last-modified: Thu, 01 Jun 2023 05:34:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: iRWGRL7b6QExQtLhNmz_CuEqOP5GUPcZjAbDIsrVBNqHaq3G8RKf0A==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: Nh78pVra9VShS.c3NH06fr7WSqdE9PuG
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/4KV3K6pgJpzmpNycilZC1+NXoWCkK8gz17tQ5xt9Xu0XHJmxKofXgOzkW43gSLcr2QdEfFLOhO8FumqLWIqgHDCRCkCnKc3zM4bfOPrzgkpQkG+B0MZwsdKPRP1RNGaexTOLRPTxqsEFFDFrZxNal/wBqPV2ozvWNML5p5bYp51x8TETUHjq29xUkP4OGbWxe4IgVzsWNUes2fjiay81xPYzO4y8AoXEpiK9khN3PqJ6u9uw3llxN4+6U8kBGz5iQwyG

104.16.168.131

200 OK

4.0 kB

URL GET HTTP/3
imgs.hcaptcha.com/4KV3K6pgJpzmpNycilZC1+NXoWCkK8gz17tQ5xt9Xu0XHJmxKofXgOzkW43gSLcr2QdEfFLOhO8FumqLWIqgHDCRCkCnKc3zM4bfOPrzgkpQkG+B0MZwsdKPRP1RNGaexTOLRPTxqsEFFDFrZxNal/wBqPV2ozvWNML5p5bYp51x8TETUHjq29xUkP4OGbWxe4IgVzsWNUes2fjiay81xPYzO4y8AoXEpiK9khN3PqJ6u9uw3llxN4+6U8kBGz5iQwyG
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.0 kB (3958 bytes)
Hash
cfe5fb052cdedf71178a1b7d72c1a955
c59c77ac2720923a4a54e2b5641e48e8bb184c18
d6f0d34d348a4e1dd332032c9e28dea91e295b29cc9270449bdff0455dfcf226

HTTP Headers

GET /4KV3K6pgJpzmpNycilZC1+NXoWCkK8gz17tQ5xt9Xu0XHJmxKofXgOzkW43gSLcr2QdEfFLOhO8FumqLWIqgHDCRCkCnKc3zM4bfOPrzgkpQkG+B0MZwsdKPRP1RNGaexTOLRPTxqsEFFDFrZxNal/wBqPV2ozvWNML5p5bYp51x8TETUHjq29xUkP4OGbWxe4IgVzsWNUes2fjiay81xPYzO4y8AoXEpiK9khN3PqJ6u9uw3llxN4+6U8kBGz5iQwyG HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3958
cf-ray: 7d054025ef01b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400,s-maxage=86400
etag: "cfe5fb052cdedf71178a1b7d72c1a955"
last-modified: Thu, 01 Jun 2023 05:33:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 58uxneGgnzjP6cjz9Ds9kPuG4DRmU6tU0SfKi33hBkC7vdbadcUgaw==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: 3cXl_iToifccK5Y_OY.BVR4zVKcpqyTr
x-cache: Miss from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/mmhTG1NYwVwUUYEGEm2imla2Bnr4D/GVwnugnSoaJQFt86X18DNEfnqzqG8ua8E/9nfqK/ZgPpI8HpNWFfLA2D5TdgAef1xS00U3ZUGvdlnymciSldqXb95FuMOEimGKi4UyaJPmEu/uDNlNSbhllLOvL1vycR1xiIH96LidIa4e9zKLyVQKlJd7PKm91tri5ieALj9YahxnCwz35KPOs3ySa70Glm1oW4MErCkAythsjjazD+GgxYVOC/VobwnAdQ0P

104.16.168.131

200 OK

4.1 kB

URL GET HTTP/3
imgs.hcaptcha.com/mmhTG1NYwVwUUYEGEm2imla2Bnr4D/GVwnugnSoaJQFt86X18DNEfnqzqG8ua8E/9nfqK/ZgPpI8HpNWFfLA2D5TdgAef1xS00U3ZUGvdlnymciSldqXb95FuMOEimGKi4UyaJPmEu/uDNlNSbhllLOvL1vycR1xiIH96LidIa4e9zKLyVQKlJd7PKm91tri5ieALj9YahxnCwz35KPOs3ySa70Glm1oW4MErCkAythsjjazD+GgxYVOC/VobwnAdQ0P
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.1 kB (4083 bytes)
Hash
5950541054b131d478cb736ba911aa9b
56c69498ddbf557901b9f4598392f93f3dce7992
5d204a66e7674d1b917a576eb82efb33d0f80efb3e4d822176e5feabb517e2cb

HTTP Headers

GET /mmhTG1NYwVwUUYEGEm2imla2Bnr4D/GVwnugnSoaJQFt86X18DNEfnqzqG8ua8E/9nfqK/ZgPpI8HpNWFfLA2D5TdgAef1xS00U3ZUGvdlnymciSldqXb95FuMOEimGKi4UyaJPmEu/uDNlNSbhllLOvL1vycR1xiIH96LidIa4e9zKLyVQKlJd7PKm91tri5ieALj9YahxnCwz35KPOs3ySa70Glm1oW4MErCkAythsjjazD+GgxYVOC/VobwnAdQ0P HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 4083
cf-ray: 7d0540260f39b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 506
cache-control: max-age=86400,s-maxage=86400
etag: "5950541054b131d478cb736ba911aa9b"
last-modified: Thu, 01 Jun 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: u1ZMRV441JMFTYnwKFni5gkA8DqluDZustFFvrnbSy4RcZXeTyRElQ==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: nvV_HGpYWOYLax10hjfGEmRMie7mBPuc
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/lM+GtYvxTBfPm74S3MLdcuXb5hC8Zg6rEHhiN9pE3nUIHHQsYK5zZKXep+qH1TwsUX7+iek/5p7WVIAshZSkhwFQqHmW43+TcOQ6xB33GK9BeKAZyPxc2d6A5XPLxSVCFgzz24H1Jjz3iw/9NTBrV4a8pOIq0UtSHCquwXzXYwoWwqBN8kXaJFvht9feLGXjJS5MnFFTnGLq5mTyYjvmptMr/ttBtJ2fhK+1kF0OAnTTCQb1YsgnHCH8

104.16.168.131

200 OK

3.4 kB

URL GET HTTP/3
imgs.hcaptcha.com/lM+GtYvxTBfPm74S3MLdcuXb5hC8Zg6rEHhiN9pE3nUIHHQsYK5zZKXep+qH1TwsUX7+iek/5p7WVIAshZSkhwFQqHmW43+TcOQ6xB33GK9BeKAZyPxc2d6A5XPLxSVCFgzz24H1Jjz3iw/9NTBrV4a8pOIq0UtSHCquwXzXYwoWwqBN8kXaJFvht9feLGXjJS5MnFFTnGLq5mTyYjvmptMr/ttBtJ2fhK+1kF0OAnTTCQb1YsgnHCH8
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.4 kB (3368 bytes)
Hash
9948c33be6d06cc69ad214ca0ebdcbef
9d147231dfbe7717aad768db6f4496bfe61f0dbe
5bb29fd6277a6d0db95f326f9188839d8350430fdc6be753687f6ee48308e4f2

HTTP Headers

GET /lM+GtYvxTBfPm74S3MLdcuXb5hC8Zg6rEHhiN9pE3nUIHHQsYK5zZKXep+qH1TwsUX7+iek/5p7WVIAshZSkhwFQqHmW43+TcOQ6xB33GK9BeKAZyPxc2d6A5XPLxSVCFgzz24H1Jjz3iw/9NTBrV4a8pOIq0UtSHCquwXzXYwoWwqBN8kXaJFvht9feLGXjJS5MnFFTnGLq5mTyYjvmptMr/ttBtJ2fhK+1kF0OAnTTCQb1YsgnHCH8 HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3368
cf-ray: 7d054025ef09b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400,s-maxage=86400
etag: "9948c33be6d06cc69ad214ca0ebdcbef"
last-modified: Thu, 01 Jun 2023 05:33:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ab5e2ae728dfa6338273a7f7bcdc636c.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: zwV_Mr2OCkX164e552lGrXBC8_i13onuCHiB8FiZ2Xk1kLNiO4P6lQ==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: NXqyeDoJn6JSj_2zmn9qU3NSkMUt08KU
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/u4obo/ONAsipaA/DZ2LShv3JhYFPqDE6uq+9XkNajJcnHHpzBSyNekOvA0Yo8vMtrbVwWvU6FHD8YyvvTZUrNni+dvGbHakinwAtovZQeG301fNfkqf1oJ3jSo/vkbWgWFk5OYPv5+TJOz+Tux/0WVh8OuFqiH7rL6NPKRJAWBOjk1TkS/JTsGhmsdndZ0I5A31vUMIR/hmKWnmcbdQlky5RmUACyglDodr2cIAKJ61a5A==i65AT1xPAFUK4NW7

104.16.168.131

200 OK

3.2 kB

URL GET HTTP/3
imgs.hcaptcha.com/u4obo/ONAsipaA/DZ2LShv3JhYFPqDE6uq+9XkNajJcnHHpzBSyNekOvA0Yo8vMtrbVwWvU6FHD8YyvvTZUrNni+dvGbHakinwAtovZQeG301fNfkqf1oJ3jSo/vkbWgWFk5OYPv5+TJOz+Tux/0WVh8OuFqiH7rL6NPKRJAWBOjk1TkS/JTsGhmsdndZ0I5A31vUMIR/hmKWnmcbdQlky5RmUACyglDodr2cIAKJ61a5A==i65AT1xPAFUK4NW7
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.2 kB (3224 bytes)
Hash
4bf9141abd26868be06519a3f2c90f44
931649d69e4b5e702b05539dba4d003d9b597399
f61c4547b3a74cb0a73608d8477233c39738725c42f599dff53bf12443e31b69

HTTP Headers

GET /u4obo/ONAsipaA/DZ2LShv3JhYFPqDE6uq+9XkNajJcnHHpzBSyNekOvA0Yo8vMtrbVwWvU6FHD8YyvvTZUrNni+dvGbHakinwAtovZQeG301fNfkqf1oJ3jSo/vkbWgWFk5OYPv5+TJOz+Tux/0WVh8OuFqiH7rL6NPKRJAWBOjk1TkS/JTsGhmsdndZ0I5A31vUMIR/hmKWnmcbdQlky5RmUACyglDodr2cIAKJ61a5A==i65AT1xPAFUK4NW7 HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3224
cf-ray: 7d054025ef14b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400,s-maxage=86400
etag: "4bf9141abd26868be06519a3f2c90f44"
last-modified: Thu, 01 Jun 2023 05:34:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 59202edf772149f3e7805f2a4994d252.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ecYA2wW4WrSekPfb4_Jwzd7xGP2hA5iZpeFeUDsuEMQAFI1tZPBjsQ==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: 4wVHdZ7zbZXzbZYF32RLfpj1GwGWoTrv
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

bibtu.com/ef0803aae96c71948bbffece7b6976d0jItzXq/Pkl41DX4U9wSi9pJ1qGDcVSzggTD9eQk2gzFrGM

188.114.97.1

200 OK

94 kB

URL User Request GET HTTP/2
bibtu.com/ef0803aae96c71948bbffece7b6976d0jItzXq/Pkl41DX4U9wSi9pJ1qGDcVSzggTD9eQk2gzFrGM
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectbibtu.com
Fingerprint2D:FC:BE:C5:47:5D:D5:56:FD:4F:0B:1A:4E:9A:69:13:12:6B:5C:92
ValidityThu, 11 May 2023 06:49:24 GMT - Wed, 09 Aug 2023 06:49:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
94 kB (94060 bytes)
Hash
b1bba755ccae310052d3ecb475f8c7c6
8fd18dc368e2f08a49c2c02f1c88bde4ede0d548
341d7870d7bd656fde92d6943c2077719839576eb688e913697d4e08da0ae062

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ef0803aae96c71948bbffece7b6976d0jItzXq/Pkl41DX4U9wSi9pJ1qGDcVSzggTD9eQk2gzFrGM HTTP/1.1
Host: bibtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 06:02:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ST0h4%2B5DOGFtg8hUk575SWHEPUv27cO2BaGMGMYvj3WWu646sOTQYd1%2BOsRMCeN1VS6NNjgz%2BRt7LhZh9CKjgngSXr5aInnSpMOKsrDH7OptzzfY9v4j2EsUFHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d05401b4ab4b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hcaptcha.com/getcaptcha/c2adcb87-2c2c-408a-8990-d25035251688

104.16.168.131

200 OK

10 kB

URL POST HTTP/3
hcaptcha.com/getcaptcha/c2adcb87-2c2c-408a-8990-d25035251688
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (8943), with no line terminators
Size
10 kB (10017 bytes)
Hash
0e37a4c72522ce049d11d5f4f63512fd
aab4425350fa23523e9ebf0c6ceaeb25be663e73
0bb056359682abd37eb5b3b18652c8f3f3e19e9cc0cff5060bdcc4067adb20f1

HTTP Headers

POST /getcaptcha/c2adcb87-2c2c-408a-8990-d25035251688 HTTP/1.1
Host: hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 12204
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: application/json
cf-ray: 7d054024adb0b50f-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: https://newassets.hcaptcha.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
set-cookie: INGRESSCOOKIE=1685599377.198.39.740079|8ad9e52e7227a1781f7d2cc2db535011; Path=/; HttpOnly; SameSite=None
hmt_id=7b4fb471-dc15-464c-b16e-c71f537cfc18; Expires=Sat, 01 Jul 2023 06:02:56 GMT; Secure; Path=/; SameSite=None
__cflb=02DiuHLwzyAZNoSCVjnt7XQujxDoodH3WLLTChRFDvKWc; SameSite=Lax; path=/; expires=Fri, 02-Jun-23 05:02:56 GMT; HttpOnly
x-content-type-options: nosniff
x-esid: 339510303
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html

104.16.168.131

4.8 kB

URL
newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html
IP
104.16.168.131:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1357)
Size
4.8 kB (4792 bytes)
Hash
27abf48330bfb30429b6bcbd631c9af6
377ac1ffa05a61bd1fc8f62087c7f803473f15f7
295fcfdcb6108c818744c16e197ff605101a682359f9c7dd0875669253bc0124

HTTP Headers

GET /captcha/v1/c574e53/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bibtu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:55 GMT
content-type: text/html
cf-ray: 7d05401e4dc9b50f-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 2202
cache-control: max-age=1209600
last-modified: Wed, 31 May 2023 12:28:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d945a5fbc073d46145c31f513978802c.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: RyVW27F_98V_eB64GBnxwp_r-Ry9LC7DPvBR4T6i_F3IEhflkf4LFg==
x-amz-cf-pop: ARN1-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: srABWdmAC7VRf0czWg4_3WS7wYrh2mzL
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/KTzofbwELHUmFONUQv9e39Oxy4vWTb/y4l+PyMNpoJK+5oxwi1FIIwRrXacI/9qlFyMjO6koBD52LOK4bMUHk4qmFdHukeRff736NT/RO4KDH1sA1nByTgHF4ztw5YayX5oabXDxhDKqoEl+mynXSrQRkeDxCt6wskpjvMuGbTQnkzXMEHSZ7Mdl12JHzdmKBZQj28eY3jsTTjlM2G+x6ooMknqm7FDiGNSoNtgxVO6bzHCpVWTD5YJV

104.16.168.131

200 OK

3.6 kB

URL GET HTTP/3
imgs.hcaptcha.com/KTzofbwELHUmFONUQv9e39Oxy4vWTb/y4l+PyMNpoJK+5oxwi1FIIwRrXacI/9qlFyMjO6koBD52LOK4bMUHk4qmFdHukeRff736NT/RO4KDH1sA1nByTgHF4ztw5YayX5oabXDxhDKqoEl+mynXSrQRkeDxCt6wskpjvMuGbTQnkzXMEHSZ7Mdl12JHzdmKBZQj28eY3jsTTjlM2G+x6ooMknqm7FDiGNSoNtgxVO6bzHCpVWTD5YJV
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.6 kB (3612 bytes)
Hash
02915e937fe864a3efa5e189c56c51d8
73910c4a65cc5a214bb3c24c7e327f2f54128fe8
d1821b0b26cfe2cb29fc108425d08eac2c8d2c16c8cce5ea8f3d6d33086c1556

HTTP Headers

GET /KTzofbwELHUmFONUQv9e39Oxy4vWTb/y4l+PyMNpoJK+5oxwi1FIIwRrXacI/9qlFyMjO6koBD52LOK4bMUHk4qmFdHukeRff736NT/RO4KDH1sA1nByTgHF4ztw5YayX5oabXDxhDKqoEl+mynXSrQRkeDxCt6wskpjvMuGbTQnkzXMEHSZ7Mdl12JHzdmKBZQj28eY3jsTTjlM2G+x6ooMknqm7FDiGNSoNtgxVO6bzHCpVWTD5YJV HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3612
cf-ray: 7d0540260f33b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 1477
cache-control: max-age=86400,s-maxage=86400
etag: "02915e937fe864a3efa5e189c56c51d8"
last-modified: Thu, 01 Jun 2023 05:34:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 92deec7c8876604efe2f17b072bc68d6.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: a0ZwwW0HIR1dTEOJpYrO1lb6uKhAyP5Ti5zYHv8HsnHWRHY5TX9CKQ==
x-amz-cf-pop: HEL50-C1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: GEUhWfxMTo9zuZLDoWNVGQAQIOMlSPCe
x-cache: Miss from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/wyWToFFmwAnIGRY/m1ag/NKQ0/f6nHx1eApf5bprR04W6/Qv0F9jt/v4mEoHB7ntI6p8wYoJ+AFK6OXmMl9RpE0Z/ECg9bQi6yaJDbRn96itgK3FX/MyP8xLAayvDvHDrbnxbdZL6sWaJDD7Fp9SDSzDbv7vXCf5unBWyysPPrs8+ywhETYk7MY/zsPDQjdUdbmr9zXy2QJVdnuNI+eFrViQo8d00Nt7CJmCcJDRc7VlxQ7nlSFuR9aHTEp4GDwvyvNP

104.16.168.131

200 OK

3.6 kB

URL GET HTTP/3
imgs.hcaptcha.com/wyWToFFmwAnIGRY/m1ag/NKQ0/f6nHx1eApf5bprR04W6/Qv0F9jt/v4mEoHB7ntI6p8wYoJ+AFK6OXmMl9RpE0Z/ECg9bQi6yaJDbRn96itgK3FX/MyP8xLAayvDvHDrbnxbdZL6sWaJDD7Fp9SDSzDbv7vXCf5unBWyysPPrs8+ywhETYk7MY/zsPDQjdUdbmr9zXy2QJVdnuNI+eFrViQo8d00Nt7CJmCcJDRc7VlxQ7nlSFuR9aHTEp4GDwvyvNP
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.6 kB (3607 bytes)
Hash
56991d6909f788a46b1fb4db8c57718b
5681880975f83142eaf9e318bff37f32a940f807
602f8c875f0bec76b80b2e902b4b74b77d11c8b8b5a3447406dcd62217566e0b

HTTP Headers

GET /wyWToFFmwAnIGRY/m1ag/NKQ0/f6nHx1eApf5bprR04W6/Qv0F9jt/v4mEoHB7ntI6p8wYoJ+AFK6OXmMl9RpE0Z/ECg9bQi6yaJDbRn96itgK3FX/MyP8xLAayvDvHDrbnxbdZL6sWaJDD7Fp9SDSzDbv7vXCf5unBWyysPPrs8+ywhETYk7MY/zsPDQjdUdbmr9zXy2QJVdnuNI+eFrViQo8d00Nt7CJmCcJDRc7VlxQ7nlSFuR9aHTEp4GDwvyvNP HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3607
cf-ray: 7d0540262f4bb50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 1368
cache-control: max-age=86400,s-maxage=86400
etag: "56991d6909f788a46b1fb4db8c57718b"
last-modified: Thu, 01 Jun 2023 05:34:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ade5112c66aed0b9382e1d5c2fd9bde4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: qxSbK2ik0N0K_AHM7ZXc_wsgbuXLz2P-jz0q1YgSf6oDpl-B5BuWqA==
x-amz-cf-pop: HEL50-C1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: z4vIVsai6wnx.2SkqnyOBd5NuEpF2CMO
x-cache: Miss from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/pdfMKq6r6bYVnAYtcnH1hVJ1bgEhUO888ivN2Ix39QfIvhBZqFY30y5y/EKYe8P+dGn52hcM7KsQSy8j36f6W4gfPqVZj5g86XVTZjQsLvf0170PR+z6OyRzgQRidjR3VeG7RDrOjNDCmUM9l4w4fdMKuevT2wGMSpiFCK6A0et2CUG8CgYHnCvNwvKaD9Mqf/xj5Km5ljnU1lQUfud4VUy4vcop0uHszm/lGA==r0/M81VQi8zc6/9l

104.16.168.131

200 OK

3.9 kB

URL GET HTTP/3
imgs.hcaptcha.com/pdfMKq6r6bYVnAYtcnH1hVJ1bgEhUO888ivN2Ix39QfIvhBZqFY30y5y/EKYe8P+dGn52hcM7KsQSy8j36f6W4gfPqVZj5g86XVTZjQsLvf0170PR+z6OyRzgQRidjR3VeG7RDrOjNDCmUM9l4w4fdMKuevT2wGMSpiFCK6A0et2CUG8CgYHnCvNwvKaD9Mqf/xj5Km5ljnU1lQUfud4VUy4vcop0uHszm/lGA==r0/M81VQi8zc6/9l
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.9 kB (3939 bytes)
Hash
4257d4dd09ea44aefaa4d8e107b7ff8c
15ace8c4c98a4cd886af5230eacedb446aa8e7cf
6ee89a5c12e8e18f2886dddc595335d4943a6ce6787c0fe59befc9c36da5c53e

HTTP Headers

GET /pdfMKq6r6bYVnAYtcnH1hVJ1bgEhUO888ivN2Ix39QfIvhBZqFY30y5y/EKYe8P+dGn52hcM7KsQSy8j36f6W4gfPqVZj5g86XVTZjQsLvf0170PR+z6OyRzgQRidjR3VeG7RDrOjNDCmUM9l4w4fdMKuevT2wGMSpiFCK6A0et2CUG8CgYHnCvNwvKaD9Mqf/xj5Km5ljnU1lQUfud4VUy4vcop0uHszm/lGA==r0/M81VQi8zc6/9l HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3939
cf-ray: 7d0540260f3cb50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400,s-maxage=86400
etag: "4257d4dd09ea44aefaa4d8e107b7ff8c"
last-modified: Thu, 01 Jun 2023 05:33:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0ca6102b671acc9950502eeeca241bf8.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Ak7X4WN397qJSZOEFPjbgnWRO_VV5nEVnZLU8JtoaylDoDx9K7GcSA==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: B1Kv80y29dJOOh_8sBJtYgGZzF85DGEz
x-cache: Miss from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/I/51+JwOanp9SohkCThfGtlI7MsgGThEpWy0c5m2Vh3NbMgvV59EI6c5td5j4EIglbbme/ddZ98Ow+XmSLMPaJz/pMkGPc34hZ9Um4O7teX4KY5eqnudeze3DpN4v4yovJBBEq8rf67JvLP46PgMTmbOWh9INiM9+ZRUwlRledIPSBl3Z/eIeP4CDklAL2jklJ85deJnFEfMqPUIq5bKjtNV9Opu+KQb7YzCrWFSB3kW0cftjOi/svp2

104.16.168.131

200 OK

3.5 kB

URL GET HTTP/3
imgs.hcaptcha.com/I/51+JwOanp9SohkCThfGtlI7MsgGThEpWy0c5m2Vh3NbMgvV59EI6c5td5j4EIglbbme/ddZ98Ow+XmSLMPaJz/pMkGPc34hZ9Um4O7teX4KY5eqnudeze3DpN4v4yovJBBEq8rf67JvLP46PgMTmbOWh9INiM9+ZRUwlRledIPSBl3Z/eIeP4CDklAL2jklJ85deJnFEfMqPUIq5bKjtNV9Opu+KQb7YzCrWFSB3kW0cftjOi/svp2
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.5 kB (3527 bytes)
Hash
93addf26c531994391c8190801b698ac
f0cfe64b636ed2daf03f12bc432dee8d03f69004
4e629da2d483717b9a91151c1d2889d25896a26f9dd66387376e96d06aca63b6

HTTP Headers

GET /I/51+JwOanp9SohkCThfGtlI7MsgGThEpWy0c5m2Vh3NbMgvV59EI6c5td5j4EIglbbme/ddZ98Ow+XmSLMPaJz/pMkGPc34hZ9Um4O7teX4KY5eqnudeze3DpN4v4yovJBBEq8rf67JvLP46PgMTmbOWh9INiM9+ZRUwlRledIPSBl3Z/eIeP4CDklAL2jklJ85deJnFEfMqPUIq5bKjtNV9Opu+KQb7YzCrWFSB3kW0cftjOi/svp2 HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3527
cf-ray: 7d0540262f4db50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 1434
cache-control: max-age=86400,s-maxage=86400
etag: "93addf26c531994391c8190801b698ac"
last-modified: Thu, 01 Jun 2023 05:34:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: LyFCbUTFSNli-QWclQUF-UQEu0SCrgzwjUGwRhFymkIqRZZ_gynW_w==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: uCHmPyBVkG1gT420fv1qgo0avNXYN3ma
x-cache: Miss from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/c1sBRnWYQ8wOdo7Oqruxz2fMRU+dhlVY4MkOVg0JmsFXktAXq2AxyV+T+9Aj1OZi10Ssd+6s0mVopc+8xGEiGc84+lPN3HSWEGdjQ37cACJLmg3iyfVviwCESChfr2aP9Xkatp/QpSQVpe5cXxVjziA/yuNjda1uPWKZ8bRJtawaVpZNGBDRc8GDSeu9/4PoSmCg1fSmIMjBQ97IdgzvhwLjmtBJEbGnTujeE04L2DB00rXRR6ilfttE

104.16.168.131

200 OK

3.6 kB

URL GET HTTP/3
imgs.hcaptcha.com/c1sBRnWYQ8wOdo7Oqruxz2fMRU+dhlVY4MkOVg0JmsFXktAXq2AxyV+T+9Aj1OZi10Ssd+6s0mVopc+8xGEiGc84+lPN3HSWEGdjQ37cACJLmg3iyfVviwCESChfr2aP9Xkatp/QpSQVpe5cXxVjziA/yuNjda1uPWKZ8bRJtawaVpZNGBDRc8GDSeu9/4PoSmCg1fSmIMjBQ97IdgzvhwLjmtBJEbGnTujeE04L2DB00rXRR6ilfttE
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.6 kB (3575 bytes)
Hash
f35260029b3509bd3236f73a0bd4df7e
6030a4252e81a53f6bbb9aa773e3b62d650c45f9
58401c9c572362be90fd49a53b12da8372894de7a649faa7285ba3369e58bdeb

HTTP Headers

GET /c1sBRnWYQ8wOdo7Oqruxz2fMRU+dhlVY4MkOVg0JmsFXktAXq2AxyV+T+9Aj1OZi10Ssd+6s0mVopc+8xGEiGc84+lPN3HSWEGdjQ37cACJLmg3iyfVviwCESChfr2aP9Xkatp/QpSQVpe5cXxVjziA/yuNjda1uPWKZ8bRJtawaVpZNGBDRc8GDSeu9/4PoSmCg1fSmIMjBQ97IdgzvhwLjmtBJEbGnTujeE04L2DB00rXRR6ilfttE HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3575
cf-ray: 7d0540262f4fb50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 241
cache-control: max-age=86400,s-maxage=86400
etag: "f35260029b3509bd3236f73a0bd4df7e"
last-modified: Thu, 01 Jun 2023 05:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 35353b0e70b0a16ec7c928976fd19f6c.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: swWmszbRsTf-jHea8cGHDcl79uWcpx3vUOmnhw9Fdupufz64JUM3Ng==
x-amz-cf-pop: HEL50-C1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: 4ghuksjuXUc8XFSSp9EKeMAhi_AaVm_L
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/TDeY3MmtPfcrrThKqlEEfdSVvvdvL/lkATxHrWBlxy7oOArDeFK4fL9TSPZa+5n7JZUnUJc5sBFQFi57pJrspsaArQ1oAi/jzQkqiMKQOl+lnjuInai8mwIBUVE7OO36UGI0/uzEQ7R430uxxAXCaDKsy72KeAjpqjywk51nqWRW1yIToTnLSYn05Ln1yFicArzycvFN05Fg7jFEs3u3UXRLoxov6lzovs0CRw==z7xmKiCE4gXIgZoT

104.16.168.131

200 OK

3.9 kB

URL GET HTTP/3
imgs.hcaptcha.com/TDeY3MmtPfcrrThKqlEEfdSVvvdvL/lkATxHrWBlxy7oOArDeFK4fL9TSPZa+5n7JZUnUJc5sBFQFi57pJrspsaArQ1oAi/jzQkqiMKQOl+lnjuInai8mwIBUVE7OO36UGI0/uzEQ7R430uxxAXCaDKsy72KeAjpqjywk51nqWRW1yIToTnLSYn05Ln1yFicArzycvFN05Fg7jFEs3u3UXRLoxov6lzovs0CRw==z7xmKiCE4gXIgZoT
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.9 kB (3853 bytes)
Hash
6752c6e1aed72afaae1cbfc3bb89e042
7d563105ec268447031077b3545015cdd53ce2a3
47cf0bb11ec88e54cba78f6aa37e895372a000192d3fdce06c975e69f0245301

HTTP Headers

GET /TDeY3MmtPfcrrThKqlEEfdSVvvdvL/lkATxHrWBlxy7oOArDeFK4fL9TSPZa+5n7JZUnUJc5sBFQFi57pJrspsaArQ1oAi/jzQkqiMKQOl+lnjuInai8mwIBUVE7OO36UGI0/uzEQ7R430uxxAXCaDKsy72KeAjpqjywk51nqWRW1yIToTnLSYn05Ln1yFicArzycvFN05Fg7jFEs3u3UXRLoxov6lzovs0CRw==z7xmKiCE4gXIgZoT HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3853
cf-ray: 7d0540262f4cb50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400,s-maxage=86400
etag: "6752c6e1aed72afaae1cbfc3bb89e042"
last-modified: Thu, 01 Jun 2023 05:34:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: FXFgueCfV7zl0gv8UhViRXNqCPhhN8HuMbOxTKH2NOgqfTMR365lBg==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: wSLet3p63djRzFiPbijaa.lt_yL47XsC
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/SyhloMUJr6W5LKs+nhNrl8YFtTFZQUuOPgvbzS+g2uBSfjiXzya20ocihEBczL8EDzKR26OXZRRxIX9GbU8nDFaogZGVgmpLG/BSoZp2C6z2PYn/KxsuYaYTQT8wl+D+pV+XUODFbyUXTvUGcgDdC0c2NluabXOnBQxd24OwmB8U5FKpIfvp

104.16.168.131

200 OK

4.9 kB

URL GET HTTP/3
imgs.hcaptcha.com/SyhloMUJr6W5LKs+nhNrl8YFtTFZQUuOPgvbzS+g2uBSfjiXzya20ocihEBczL8EDzKR26OXZRRxIX9GbU8nDFaogZGVgmpLG/BSoZp2C6z2PYn/KxsuYaYTQT8wl+D+pV+XUODFbyUXTvUGcgDdC0c2NluabXOnBQxd24OwmB8U5FKpIfvp
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.9 kB (4919 bytes)
Hash
063bd046880379ebf045bb657b860f13
76736f621ca8a31d76010f10a744e02c45a12793
5c3acef1be25225b487fe5e6cb2ebf5dc3027163f2d41077cd0a9b3d65675c5e

HTTP Headers

GET /SyhloMUJr6W5LKs+nhNrl8YFtTFZQUuOPgvbzS+g2uBSfjiXzya20ocihEBczL8EDzKR26OXZRRxIX9GbU8nDFaogZGVgmpLG/BSoZp2C6z2PYn/KxsuYaYTQT8wl+D+pV+XUODFbyUXTvUGcgDdC0c2NluabXOnBQxd24OwmB8U5FKpIfvp HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 4919
cf-ray: 7d0540264f8cb50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 547
cache-control: max-age=86400,s-maxage=86400
etag: "063bd046880379ebf045bb657b860f13"
last-modified: Tue, 21 Feb 2023 13:45:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 2ec95fe7e41d4394d0fc48587428057e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: tnumIb4UkuL2NVsHjdD4Nea3Itu3hd3buD43zFXBiZkWLrt-h2zgbg==
x-amz-cf-pop: ARN56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare

imgs.hcaptcha.com/1HhxOL7GLudWDdgR/YHKJlH4GUmsrnwxHt1Dn2gf0ORAFKipdvkxZ8hFfhQKDrh0q+ZISqYHoE9zvuTyebvDaAY0hNK3aVxm/BDr7TNutvavVfiFENvbB7R37L8gMnhMeCHyrnedxWIGs0FfMm9E1JlDrVtjOiKfXFKLIS8GhJNqtLC4QWD1

104.16.168.131

200 OK

5.3 kB

URL GET HTTP/3
imgs.hcaptcha.com/1HhxOL7GLudWDdgR/YHKJlH4GUmsrnwxHt1Dn2gf0ORAFKipdvkxZ8hFfhQKDrh0q+ZISqYHoE9zvuTyebvDaAY0hNK3aVxm/BDr7TNutvavVfiFENvbB7R37L8gMnhMeCHyrnedxWIGs0FfMm9E1JlDrVtjOiKfXFKLIS8GhJNqtLC4QWD1
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
5.3 kB (5320 bytes)
Hash
a16f7f71667323dfad4305ea4bb16434
5fb1650c5ae586e5d6f3c726102a998c4128f645
6b13a6684432a4e2d0ffcc663d2eb447f79b014f3cc4aaf839bc5a1df35a0d1b

HTTP Headers

GET /1HhxOL7GLudWDdgR/YHKJlH4GUmsrnwxHt1Dn2gf0ORAFKipdvkxZ8hFfhQKDrh0q+ZISqYHoE9zvuTyebvDaAY0hNK3aVxm/BDr7TNutvavVfiFENvbB7R37L8gMnhMeCHyrnedxWIGs0FfMm9E1JlDrVtjOiKfXFKLIS8GhJNqtLC4QWD1 HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 5320
cf-ray: 7d0540264f87b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 547
cache-control: max-age=86400,s-maxage=86400
etag: "a16f7f71667323dfad4305ea4bb16434"
last-modified: Tue, 21 Feb 2023 13:48:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: g3V-geJbzxN1q7rZiSRm_qMz4WqbnYfmSb669_hlXoBCMujNofDy0w==
x-amz-cf-pop: ARN56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare

imgs.hcaptcha.com/ImGhHIxckP1MeNu6CmVKNo7b7+2ZVhg0WIIQyYwxPqu53mOa1Qt3jixbe1k2xG9OdSLPjhpWUezG1lUKok4eQkJNgGQbrPWWRLEwKrncEVq5RRgh1XNm0OMqHmyPRls1JYoZ0vHKli7JEyTQ18bETWF66Bi6LewUzmsEWA==AaL7m85tFGG1XpBR

104.16.168.131

200 OK

4.9 kB

URL GET HTTP/3
imgs.hcaptcha.com/ImGhHIxckP1MeNu6CmVKNo7b7+2ZVhg0WIIQyYwxPqu53mOa1Qt3jixbe1k2xG9OdSLPjhpWUezG1lUKok4eQkJNgGQbrPWWRLEwKrncEVq5RRgh1XNm0OMqHmyPRls1JYoZ0vHKli7JEyTQ18bETWF66Bi6LewUzmsEWA==AaL7m85tFGG1XpBR
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.9 kB (4914 bytes)
Hash
c2a28e4030651f6acfd6c9f7525a1f9b
fbea7240a569427fedfbc19afbce75abd6dd412b
65263122783f859c819a552cf03844becece681c359cce5d5b601e277d93ff5a

HTTP Headers

GET /ImGhHIxckP1MeNu6CmVKNo7b7+2ZVhg0WIIQyYwxPqu53mOa1Qt3jixbe1k2xG9OdSLPjhpWUezG1lUKok4eQkJNgGQbrPWWRLEwKrncEVq5RRgh1XNm0OMqHmyPRls1JYoZ0vHKli7JEyTQ18bETWF66Bi6LewUzmsEWA==AaL7m85tFGG1XpBR HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 4914
cf-ray: 7d0540264f88b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 547
cache-control: max-age=86400,s-maxage=86400
etag: "c2a28e4030651f6acfd6c9f7525a1f9b"
last-modified: Tue, 21 Feb 2023 13:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ce3c66cc97e84e18b943362365d9ba66.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: X2TcYYIIhyqib_DiMFM8-puOVQWxxtJ9rgl_mH06-QEWOKLl7NedDQ==
x-amz-cf-pop: ARN56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare

imgs.hcaptcha.com/8UAD4P+L1EC+PjWzC/dDNXyjnpcuxdCWtKaxR7flWMMWVD8nXPTCKSkuaVSUWlm6bLwe0NT3DVUPaqZITaQsm66Mw1+KEbT5EcoPvD7eMBUGDxBnh6r4JiUMCCc1D0tIkEYPvwEIjRWNxsxY1/8KdeOc8mlnW3CIh65RrHA0r4Fzk5DU+kpoUsDggRgxRIj8+MZCYz/B/Pta3IYhdhrfKhOVv6aaOBVcq1/e6qWopfAvaNSf5A==8H3cK9++KV78B7PH

104.16.168.131

200 OK

3.1 kB

URL GET HTTP/3
imgs.hcaptcha.com/8UAD4P+L1EC+PjWzC/dDNXyjnpcuxdCWtKaxR7flWMMWVD8nXPTCKSkuaVSUWlm6bLwe0NT3DVUPaqZITaQsm66Mw1+KEbT5EcoPvD7eMBUGDxBnh6r4JiUMCCc1D0tIkEYPvwEIjRWNxsxY1/8KdeOc8mlnW3CIh65RrHA0r4Fzk5DU+kpoUsDggRgxRIj8+MZCYz/B/Pta3IYhdhrfKhOVv6aaOBVcq1/e6qWopfAvaNSf5A==8H3cK9++KV78B7PH
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.1 kB (3091 bytes)
Hash
8e704d948987b5af7f8a2e1c9ff0876c
d19e44f8d093f227b188b82ef7345975c9c46907
949671f3390d4aac703967e4b95960820d570a5c5b94674aa2d01d0710b346fe

HTTP Headers

GET /8UAD4P+L1EC+PjWzC/dDNXyjnpcuxdCWtKaxR7flWMMWVD8nXPTCKSkuaVSUWlm6bLwe0NT3DVUPaqZITaQsm66Mw1+KEbT5EcoPvD7eMBUGDxBnh6r4JiUMCCc1D0tIkEYPvwEIjRWNxsxY1/8KdeOc8mlnW3CIh65RrHA0r4Fzk5DU+kpoUsDggRgxRIj8+MZCYz/B/Pta3IYhdhrfKhOVv6aaOBVcq1/e6qWopfAvaNSf5A==8H3cK9++KV78B7PH HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3091
cf-ray: 7d0540264f8ab50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 1505
cache-control: max-age=86400,s-maxage=86400
etag: "8e704d948987b5af7f8a2e1c9ff0876c"
last-modified: Thu, 01 Jun 2023 05:34:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 75db592bac77e8a29aaf9f30658e363c.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Y4iiSy1BkJLC_pgz5GYQGCgkdvio3tUhy62VQwZtCklOW_P9Hmovtw==
x-amz-cf-pop: HEL50-C1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: vJ1r9Jl63lJKyekfeRw0UpL8Uttmz1_.
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a9e33693322fe77a9a007e3db6802825
fd7d44b547c7e516b893e0c6baa9f60c43e7507e
39319fe7b35cc2a39c94f7044b95e5f053c7b88461080cb013f8a5ff6a934a4e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 06:02:57 GMT
Last-Modified: Thu, 01 Jun 2023 04:19:35 GMT
Server: ECAcc (dcb/7339)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Z0kTUbXH4vnakJu8R50xw1lCUlnHZO-ySiNewt-rhzvoa8gN-PaLoA==
Age: 6202

gate.sc/

54.230.111.79

0 B

URL
gate.sc/
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectgate.sc
Fingerprint3A:91:8F:C6:25:61:2E:2B:92:DF:83:E4:8B:12:DB:37:17:C2:25:31
ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: gate.sc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
content-type: text/plain; charset=utf-8
content-length: 0
date: Thu, 01 Jun 2023 06:02:57 GMT
x-robots-tag: noindex
cache-control: private, max-age=0
referrer-policy: no-referrer
x-frame-options: DENY
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: am/2
x-cache: Error from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CIiD5Y3cTmAZTtCdbIeSrME2rTqcXBdH7V0EZzeqAwjI3q-PTvC6mg==
X-Firefox-Spdy: h2

urllio.com/2tvofb

172.67.212.85

302 Found

1.5 kB

URL User Request GET HTTP/2
urllio.com/2tvofb
IP
172.67.212.85:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecturllio.com
Fingerprint30:D8:0C:09:E1:BE:4B:C7:BC:23:40:9F:80:DA:04:1F:CC:E7:B2:10
ValidityWed, 17 May 2023 07:33:34 GMT - Tue, 15 Aug 2023 07:33:33 GMT

File type

Size
1.5 kB (1484 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2tvofb HTTP/1.1
Host: urllio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 01 Jun 2023 06:02:54 GMT
content-type: text/html; charset=UTF-8
location: https://bibtu.com/ef0803aae96c71948bbffece7b6976d0jItzXq/Pkl41DX4U9wSi9pJ1qGDcVSzggTD9eQk2gzFrGM
expires: Tue, 03 Jul 2001 06:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 01 Jun 2023 06:02:54 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhpRvBwbTOZO4gd0hE7fJdvKFRuPW9YrLhgAusRMy5MzBWKytP4ySwPcFmM541YBwbPaPP9jgkjHAPhjzS9epjHnFlfsy7TYFekXoxn747EdxLGaiRGFN21JwG5M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d054019ba7bb4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

imgs.hcaptcha.com/2VeuvCV7eIVicqSZyjIssmcI44ghFtLrIzZicmpoR1UyPBEKl9eiHLBLpK5ayTW0bY3CtpxVjYyKfcmKawlksGRebl3VwFlwPu7vzT4Eb1bqnWVM8zvYg90Y+0A4862Col/+xEIAnF8eSG0MvqjrBhQ3rP3uC3ZiKDcBWIfI1kNRfB2+vOaToDUaIUK0Z5Ed10EALy8UuD5+TAGIQ1NZYyptU36y8uVj8fRD80MRYKjuUA==i0Vgx0cWWO8Bl1MF

104.16.168.131

200 OK

3.9 kB

URL GET HTTP/3
imgs.hcaptcha.com/2VeuvCV7eIVicqSZyjIssmcI44ghFtLrIzZicmpoR1UyPBEKl9eiHLBLpK5ayTW0bY3CtpxVjYyKfcmKawlksGRebl3VwFlwPu7vzT4Eb1bqnWVM8zvYg90Y+0A4862Col/+xEIAnF8eSG0MvqjrBhQ3rP3uC3ZiKDcBWIfI1kNRfB2+vOaToDUaIUK0Z5Ed10EALy8UuD5+TAGIQ1NZYyptU36y8uVj8fRD80MRYKjuUA==i0Vgx0cWWO8Bl1MF
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.9 kB (3948 bytes)
Hash
34d1989990769d3e80c25c7e142cf2ea
fe479d34403e5d290c6b6247f6595f7431c5805e
9c857a587dc18294bf511967b4747a4b503d07426e10ffae4ca0d0363ab8017e

HTTP Headers

GET /2VeuvCV7eIVicqSZyjIssmcI44ghFtLrIzZicmpoR1UyPBEKl9eiHLBLpK5ayTW0bY3CtpxVjYyKfcmKawlksGRebl3VwFlwPu7vzT4Eb1bqnWVM8zvYg90Y+0A4862Col/+xEIAnF8eSG0MvqjrBhQ3rP3uC3ZiKDcBWIfI1kNRfB2+vOaToDUaIUK0Z5Ed10EALy8UuD5+TAGIQ1NZYyptU36y8uVj8fRD80MRYKjuUA==i0Vgx0cWWO8Bl1MF HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 3948
cf-ray: 7d054025ff20b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400,s-maxage=86400
etag: "34d1989990769d3e80c25c7e142cf2ea"
last-modified: Thu, 01 Jun 2023 05:34:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 472198048b2177f6905d44f001875bcc.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: PhBPAO7ZbKvPLgdKjZDw_EaWhiRDL2p51NBjfJoPUG29XYHjH0-mJw==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: mpR4SKg8LSbXLmCxs66t6rJt7RXDDLsP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/fh9rmhP00xlO1Z+K0VMrziKe48/gJnADyyLBVXH6iu5m5huodyOLJkerVT3U6hHDRvaEciDw8d2zC1l4RBvm0K5YkELxxKKIQurNtvFM/GMwu/avnIrELI8xW12IqYX3sCaOX8T0BbxVJRFbNj4tDDxUXou2BhJ3INqx7a9Kv5JkoEBJLuKy8z6N2oW7ufhjtzv+9ZJmRPMZdFbliUamf1e0fQ6RpzFfUc+bKWOe1OWnTCttsZo=FLZLz9hVRxeqikUh

104.16.168.131

200 OK

4.1 kB

URL GET HTTP/3
imgs.hcaptcha.com/fh9rmhP00xlO1Z+K0VMrziKe48/gJnADyyLBVXH6iu5m5huodyOLJkerVT3U6hHDRvaEciDw8d2zC1l4RBvm0K5YkELxxKKIQurNtvFM/GMwu/avnIrELI8xW12IqYX3sCaOX8T0BbxVJRFbNj4tDDxUXou2BhJ3INqx7a9Kv5JkoEBJLuKy8z6N2oW7ufhjtzv+9ZJmRPMZdFbliUamf1e0fQ6RpzFfUc+bKWOe1OWnTCttsZo=FLZLz9hVRxeqikUh
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.1 kB (4118 bytes)
Hash
ef07e6c953bd33d5dcf55c65c7ec4e8e
5b0c93972baaeeb247db1d88e988cfa4cfd1edcc
6a7ec65ed78744ab4c10dd16e01a84bad8b2cbefdf3930c5460057da24a7d9f7

HTTP Headers

GET /fh9rmhP00xlO1Z+K0VMrziKe48/gJnADyyLBVXH6iu5m5huodyOLJkerVT3U6hHDRvaEciDw8d2zC1l4RBvm0K5YkELxxKKIQurNtvFM/GMwu/avnIrELI8xW12IqYX3sCaOX8T0BbxVJRFbNj4tDDxUXou2BhJ3INqx7a9Kv5JkoEBJLuKy8z6N2oW7ufhjtzv+9ZJmRPMZdFbliUamf1e0fQ6RpzFfUc+bKWOe1OWnTCttsZo=FLZLz9hVRxeqikUh HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 4118
cf-ray: 7d0540260f35b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 415
cache-control: max-age=86400,s-maxage=86400
etag: "ef07e6c953bd33d5dcf55c65c7ec4e8e"
last-modified: Thu, 01 Jun 2023 05:33:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: EKWBnd1hnqVom7VdhQdZ7Q0B7i9D6Q7CbnOgesofW0iAZyu-1f1jpQ==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: XBjKxxWMlKsTCGB50GS25hA1DvZUHJQN
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

www.hcaptcha.com/1/api.js

104.16.168.131

200 OK

315 kB

URL GET HTTP/2
www.hcaptcha.com/1/api.js
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bibtu.com/ef0803aae96c71948bbffece7b6976d0jItzXq/Pkl41DX4U9wSi9pJ1qGDcVSzggTD9eQk2gzFrGM
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type

Size
315 kB (314895 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/api.js HTTP/1.1
Host: www.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bibtu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 06:02:54 GMT
content-type: application/javascript
cf-ray: 7d05401d5c08b52d-OSL
cf-cache-status: HIT
age: 0
cache-control: max-age=120
etag: W/"807c0ee2036a6d663c54cd09a43ecf4e"
last-modified: Wed, 31 May 2023 12:28:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8bdae94273544c8186e20a3c31375f98.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: KzemClZ_uetSOJPpWmCqDW5-MuiE_mRA_sC71bD7HD4YGwvBp7SlCQ==
x-amz-cf-pop: ARN1-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 6znip0tm7mCjkCPcutwU7OTDM9kxUnhZ
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html

104.16.168.131

200 OK

1.9 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bibtu.com/ef0803aae96c71948bbffece7b6976d0jItzXq/Pkl41DX4U9wSi9pJ1qGDcVSzggTD9eQk2gzFrGM
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1960), with no line terminators
Size
1.9 kB (1917 bytes)
Hash
d275edee2fb8af546f5dd38ffc7925e2
28762ca6d7f710a6226850c741c033c658d13b04
081d625c2b38346eb02fc8109ebd0a262381503f4c292ec8a0d12752d892b002

HTTP Headers

GET /captcha/v1/c574e53/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bibtu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:55 GMT
content-type: text/html
cf-ray: 7d05401e4dc9b50f-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 2202
cache-control: max-age=1209600
last-modified: Wed, 31 May 2023 12:28:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d945a5fbc073d46145c31f513978802c.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: RyVW27F_98V_eB64GBnxwp_r-Ry9LC7DPvBR4T6i_F3IEhflkf4LFg==
x-amz-cf-pop: ARN1-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: srABWdmAC7VRf0czWg4_3WS7wYrh2mzL
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/0S9vzmTBd9vFvcD9C2P3Cvcos6feq0DJgEQEyocK5HtK3L3k1ZYVR/fDOn2+CDLMZRYOG07YsOza4nzX5RcYH/oO8oaSmtZeFzFO4ON2e66+S+odSLwnvz4MUWu555FxE2wnFBxYdDETMRPL+UJWnF4NM1Errp0xxSoLeOdKbhsMf2MLcGRL4dNYQ67s3ffYp/wf8pFxDoSJ+tdVjYlRV4Q0eVz28QdmrqlJt1jyLrk0UnQN/sN06vANReqlWO9HU8RI

104.16.168.131

200 OK

4.2 kB

URL GET HTTP/3
imgs.hcaptcha.com/0S9vzmTBd9vFvcD9C2P3Cvcos6feq0DJgEQEyocK5HtK3L3k1ZYVR/fDOn2+CDLMZRYOG07YsOza4nzX5RcYH/oO8oaSmtZeFzFO4ON2e66+S+odSLwnvz4MUWu555FxE2wnFBxYdDETMRPL+UJWnF4NM1Errp0xxSoLeOdKbhsMf2MLcGRL4dNYQ67s3ffYp/wf8pFxDoSJ+tdVjYlRV4Q0eVz28QdmrqlJt1jyLrk0UnQN/sN06vANReqlWO9HU8RI
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.2 kB (4229 bytes)
Hash
01ad1bae1525e45fae00022b6c75fc85
7d5d4b22ba8dd50b46e4f50868c830603b5c1f43
ebd95f684df879cd51a7203ad40243207e641645753e8044e53e88c905db18fb

HTTP Headers

GET /0S9vzmTBd9vFvcD9C2P3Cvcos6feq0DJgEQEyocK5HtK3L3k1ZYVR/fDOn2+CDLMZRYOG07YsOza4nzX5RcYH/oO8oaSmtZeFzFO4ON2e66+S+odSLwnvz4MUWu555FxE2wnFBxYdDETMRPL+UJWnF4NM1Errp0xxSoLeOdKbhsMf2MLcGRL4dNYQ67s3ffYp/wf8pFxDoSJ+tdVjYlRV4Q0eVz28QdmrqlJt1jyLrk0UnQN/sN06vANReqlWO9HU8RI HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 4229
cf-ray: 7d054025ff18b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 550
cache-control: max-age=86400,s-maxage=86400
etag: "01ad1bae1525e45fae00022b6c75fc85"
last-modified: Thu, 01 Jun 2023 05:34:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0ca6102b671acc9950502eeeca241bf8.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: yKQAaIUuHvWidWjaSokRz22neUiq3Awu5U3gH-ynkyFrgOdQLTqFAA==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: bjQmqFQvtd.Y.X33dXI8W_hUeb80SKZc
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

imgs.hcaptcha.com/vZNCwVvw5Ude111CXdVt/RdCDjsTMYwvYz5tgqbFgoRbJFLo7r+CICgDLb4DviFdouH7CCoryAGOCOvcdC4z2HGkrL7ctsc3Wwcatyntn8LQgzaKql9t3r2pkJ8jl+KGWQXrG4XhirSUaAX95PvvS+9IouNa7uVpQdpO87MWrLC8xk1romHtaC17LNHZaNustk7lVH6JtrLcPMcAkb3Mzws18h79myRmUdiu8Q==LyCHATRli8pLMjJ1

104.16.168.131

200 OK

4.1 kB

URL GET HTTP/3
imgs.hcaptcha.com/vZNCwVvw5Ude111CXdVt/RdCDjsTMYwvYz5tgqbFgoRbJFLo7r+CICgDLb4DviFdouH7CCoryAGOCOvcdC4z2HGkrL7ctsc3Wwcatyntn8LQgzaKql9t3r2pkJ8jl+KGWQXrG4XhirSUaAX95PvvS+9IouNa7uVpQdpO87MWrLC8xk1romHtaC17LNHZaNustk7lVH6JtrLcPMcAkb3Mzws18h79myRmUdiu8Q==LyCHATRli8pLMjJ1
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.1 kB (4052 bytes)
Hash
2028cc8d9eecc34298ae022b26ef29b3
891af6114cdbbeb1cc3cccb1761eae89db43f8ed
ddfd5569beaf4c011cf73a5e298ea30a9dd0388d8929d5cb75ebe2eac35afc69

HTTP Headers

GET /vZNCwVvw5Ude111CXdVt/RdCDjsTMYwvYz5tgqbFgoRbJFLo7r+CICgDLb4DviFdouH7CCoryAGOCOvcdC4z2HGkrL7ctsc3Wwcatyntn8LQgzaKql9t3r2pkJ8jl+KGWQXrG4XhirSUaAX95PvvS+9IouNa7uVpQdpO87MWrLC8xk1romHtaC17LNHZaNustk7lVH6JtrLcPMcAkb3Mzws18h79myRmUdiu8Q==LyCHATRli8pLMjJ1 HTTP/1.1
Host: imgs.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: image/jpeg
content-length: 4052
cf-ray: 7d0540261f3db50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 90
cache-control: max-age=86400,s-maxage=86400
etag: "2028cc8d9eecc34298ae022b26ef29b3"
last-modified: Thu, 01 Jun 2023 05:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 953ec33235d719831a6e6956b5e5bb7a.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: VfPL5M2ndfw6UNhsPI8ZI-peQV28Oc2WDg2-XTa3MdnUvD3Lxgi_pQ==
x-amz-cf-pop: ARN56-P1
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: Euw1P.EqPmwuiNMj5cgr0NZg8DmQbJNB
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html

104.16.168.131

200 OK

1.9 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bibtu.com/ef0803aae96c71948bbffece7b6976d0jItzXq/Pkl41DX4U9wSi9pJ1qGDcVSzggTD9eQk2gzFrGM
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1960), with no line terminators
Size
1.9 kB (1917 bytes)
Hash
d275edee2fb8af546f5dd38ffc7925e2
28762ca6d7f710a6226850c741c033c658d13b04
081d625c2b38346eb02fc8109ebd0a262381503f4c292ec8a0d12752d892b002

HTTP Headers

GET /captcha/v1/c574e53/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bibtu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:55 GMT
content-type: text/html
cf-ray: 7d05401e4dccb50f-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 2202
cache-control: max-age=1209600
last-modified: Wed, 31 May 2023 12:28:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d945a5fbc073d46145c31f513978802c.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: RyVW27F_98V_eB64GBnxwp_r-Ry9LC7DPvBR4T6i_F3IEhflkf4LFg==
x-amz-cf-pop: ARN1-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: srABWdmAC7VRf0czWg4_3WS7wYrh2mzL
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

hcaptcha.com/checksiteconfig?v=c574e53&host=bibtu.com&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&sc=1&swa=1

104.16.168.131

200 OK

853 B

URL POST HTTP/3
hcaptcha.com/checksiteconfig?v=c574e53&host=bibtu.com&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&sc=1&swa=1
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=checkbox&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (867), with no line terminators
Size
853 B (853 bytes)
Hash
2d2b07465aa60765e4019f19edaf9478
ffdd1bcfd8fe063e0d633175ca0bd7d155653032
bc0e38929901df0e8efeda18200443ac48b1765df9504459dc49933c08ab4d8a

HTTP Headers

POST /checksiteconfig?v=c574e53&host=bibtu.com&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&sc=1&swa=1 HTTP/1.1
Host: hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:55 GMT
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-chl-bypass: 2
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d0540202fcdb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bibtu.com/favicon.ico

188.114.97.1

403 Forbidden

534 B

URL GET HTTP/3
bibtu.com/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bibtu.com/ef0803aae96c71948bbffece7b6976d0jItzXq/Pkl41DX4U9wSi9pJ1qGDcVSzggTD9eQk2gzFrGM
Certificate
IssuerGoogle Trust Services LLC
Subjectbibtu.com
Fingerprint2D:FC:BE:C5:47:5D:D5:56:FD:4F:0B:1A:4E:9A:69:13:12:6B:5C:92
ValidityThu, 11 May 2023 06:49:24 GMT - Wed, 09 Aug 2023 06:49:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (546), with no line terminators
Size
534 B (534 bytes)
Hash
05e7b6e32c979518c41042c8c81d537e
34f0b0350a2a1deeafafcd43d362a25821f88033
7f4ff262932d87ef1437fe5a115535ad90182000a0ed512756b1d9e50f1a32b2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bibtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bibtu.com/ef0803aae96c71948bbffece7b6976d0jItzXq/Pkl41DX4U9wSi9pJ1qGDcVSzggTD9eQk2gzFrGM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Thu, 01 Jun 2023 06:02:55 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGY4cUwUd9y7xVan1mehr4EhRfe2zrJvPnbqrE1e5PkGkSkkEKYfkJxkQojZeDl1akGWi4i4IHcqbbwNZizdM2fBrblzW6Y%2FLYgpVNUHIZKjlxpjy2SJC7TVCuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d05401d9fce0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

newassets.hcaptcha.com/i/0d2aecf/e

104.16.168.131

200 OK

136 kB

URL GET HTTP/3
newassets.hcaptcha.com/i/0d2aecf/e
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
data
Size
136 kB (135859 bytes)
Hash
793d94dfacb23c74b4c43e0392dc1a85
4c4f45af7668c27e9c94bd75d1ca0f895cbf1390
76120facd34439c52cd6da24cce0a1907d396fbe130f8b0878a746cbf44fa74c

HTTP Headers

GET /i/0d2aecf/e HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:55 GMT
content-type: application/octet-stream
content-length: 135859
cf-ray: 7d054021193cb50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=3024000
etag: "793d94dfacb23c74b4c43e0392dc1a85"
last-modified: Mon, 22 May 2023 09:06:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 a62f7ce6b39c676fcfdde0f9a6fcf08e.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: wdxn4sxEuXtTeTY335tiW-vgbhRY0dafBrL2lFOjL_9f_UWN7-7xSg==
x-amz-cf-pop: ARN1-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: RUXVva8Sg17TYbslo1WBgLfWjxPdxk1y
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

newassets.hcaptcha.com/captcha/challenge/image_label_binary/c574e53/challenge.js

104.16.168.131

200 OK

52 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/challenge/image_label_binary/c574e53/challenge.js
IP
104.16.168.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html#frame=challenge&id=0efrjj1m6ifm&host=bibtu.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&sitekey=c2adcb87-2c2c-408a-8990-d25035251688&theme=light&origin=https%3A%2F%2Fbibtu.com
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:E8:78:82:B2:9B:0F:1B:5F:0B:B7:EF:93:24:6D:07:2D:83:BA:24
ValiditySat, 15 Apr 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (51530)
Size
52 kB (51566 bytes)
Hash
16a1591570c9a166825806c296bf6f76
82d568d7d0b09cbca0cdf56eb9daf029e6114a11
89abd3514006c94e8ed8b812fa1470c64c822e3fde35915ea63cfd2ec193ecbf

HTTP Headers

GET /captcha/challenge/image_label_binary/c574e53/challenge.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/c574e53/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:02:56 GMT
content-type: text/javascript
cf-ray: 7d0540259eb0b50f-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 2205
cache-control: max-age=1209600
etag: W/"5660b8cc0c3842a3d08ca5ae2750c43e"
last-modified: Wed, 31 May 2023 12:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 9b9ff06545217fe747384bd8b8509aa4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 5cgTQqTM1-sDrcpcGWroV_b7HbkbWEFEB91tfOuMCr0jD6LVBOrS1A==
x-amz-cf-pop: ARN1-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: H1FvnsyjAnLsGqT_77iAWW0y.6ueFvLm
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (38)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP