Report - civilianurinedtsraov.shop/api;f

Report Overview

Visited public
2024-05-25 19:38:02
Tags
URL
civilianurinedtsraov.shop/api;f
Finishing URL
civilianurinedtsraov.shop/api;f
IP / ASN
104.21.49.245
#13335 CLOUDFLARENET
Title
Just a moment...

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
civilianurinedtsraov.shop	unknown	unknown	No data	No data	4.8 kB	291 kB	172.67.197.146
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20 07:02:03	2024-05-25 18:41:01	6.6 kB	325 kB	104.17.3.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed
2024-05-25	medium	civilianurinedtsraov.shop	Sinkholed

ThreatFox

No alerts detected

JavaScript (67)

	URL	From	Size	First Seen	Last Seen
	civilianurinedtsraov.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8897fb65d8701c02	ScriptElement	407 kB	2024-08-19	2024-08-19
Pretty URL civilianurinedtsraov.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8897fb65d8701c02 IP 172.67.197.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash ceded6ee195f70620b58110ce7ac9cc6 e690324b54d63e32e7fc904f10f8a9d28b808c8b 753010b9a338e102e8f4af21f6896a6200afc0cf452fec30b895c5695d811c63 Loading...

	challenges.cloudflare.com/turnstile/v0/b/695da7821231/api.js?onload=gayxv3&render=explicit	ScriptElement	42 kB	2024-05-16	2024-08-19
Pretty URL challenges.cloudflare.com/turnstile/v0/b/695da7821231/api.js?onload=gayxv3&render=explicit IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-16 17:29 Last Seen2024-08-19 22:46 Times Seen2657 Hash c667700be084108f8deded9026ffbbf9 31d633a11ef13a66787ec6504e38c11842664b7b e158035a6f740b0245a027bf0d559c56782ebbeec7cab5a827083bd16aa47901 Loading...

	civilianurinedtsraov.shop/api;f	ScriptElement	4.6 kB	2024-08-19	2024-08-19
Pretty URL civilianurinedtsraov.shop/api;f IP 172.67.197.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash ebbb142d8e1194a412bf07413b1da616 20d7b7bed62d6d55ace0edb8e68a8e56dd204d57 8ef6d0f581952e42677a373fce6593548e876dd1f4add3c7ade4a67e6f91ce77 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ee3811ae414b73347751cf7affe8c355	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash ee3811ae414b73347751cf7affe8c355 da19f4d284ad4d4214d1d455d7866c4424a46f62 ba195ec1568ceafbcaa6e649d92e452c8937dbf556f45e411fa3d616c03ba960 Loading...

	#2 Eval - 1db68ac8ef5abbc3d67b6ba7b11caccf	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 1db68ac8ef5abbc3d67b6ba7b11caccf 95288161231ef7206bc270205cec24c7926e19d8 cd5b32d9afcd4dd9ef4f5fa190489345643c7bd875a5a8af93b647e05a0a8cbe Loading...

	#3 Eval - c2907af189072b46838ca08c5d93f61f	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash c2907af189072b46838ca08c5d93f61f dbe506f0cd4d5210026c310f2ddf2f59ed621768 2188ac040209d5d686b4b9939da71a588fb4c902abf96b142ac060f674da3689 Loading...

	#4 Eval - e402241072abb7975c2d959cc6b5b691	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash e402241072abb7975c2d959cc6b5b691 e3e69c4775edaf3099ec434a33a2b793f017b22d c23e9a33414e6cfa02d642340195004e357ca2ece368bdbf59460701cc269e70 Loading...

	#5 Eval - 1f3379d0fc45d0afdf19aea116e41391	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 1f3379d0fc45d0afdf19aea116e41391 314bcadad63db3eba12ca786e2a11200299396e0 ca2702d33b5c666a6ab3b9368f9a338fcfa0b2ba5818979aaaa06a55c63c7a11 Loading...

	#6 Eval - f5f275c1b5b39956c9f14b280ff3a0a4	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash f5f275c1b5b39956c9f14b280ff3a0a4 1743753310599a3be41ba0e541a6bb00cf68618f d973bc6f9bd761143db9f35c21b63eaba78eb11bd8a83e04d371dfdf97e71cca Loading...

	#7 Eval - 76b7b245d231a4d28e45b5c1cdf47468	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 76b7b245d231a4d28e45b5c1cdf47468 ece66fcab347df45a5b32b7f71f81a91a82d522a 74a571fbc90c4759a5334cf37f99071b6b769476fe8fc0df09d1fdb3fdfcf5c4 Loading...

	#8 Eval - cffea1bb9a8c7b73e136e2af8f34b529	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash cffea1bb9a8c7b73e136e2af8f34b529 12b0986399517bd98cff8fe98e9bac79a1f879b7 3bc6ec314e4a30f1c21a19dd661c68eb8e48b75c26ab420eaa475fdaf1ff0cd0 Loading...

	#9 Eval - c947156a1020eee4dd65a34bbef0e3cf	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash c947156a1020eee4dd65a34bbef0e3cf af7e2c83e309a8c29d2e39b87c93c5d0c52564c2 671a5b624f642cc27dbad5b9c6ec3288c733fc1fbc6b511e53fc83129176e568 Loading...

	#10 Eval - d95083faca707da8c0149a238d3f1aeb	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash d95083faca707da8c0149a238d3f1aeb e04371cad0e4180eca09c452be4c989880d827a0 07ac64c262c624862de89358f6413a801833cf87d0032450b6f3043fbb1dc0ac Loading...

	#11 Eval - 0c9d1995edf82fbc45b40afc8223c3bf	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 0c9d1995edf82fbc45b40afc8223c3bf ccdf73e3e2aa4ebd309681db6c6373b6a34bcf5b a99eeaa101e82a25fb12880f4696b0cc1af0677751eaea6c7504e42ecf1a493a Loading...

	#12 Eval - 6c1080686f6170f80db3b833511f3532	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 6c1080686f6170f80db3b833511f3532 9349d73c35a571a24135a2281d1aba7201dbd948 fa19a776ce7cf6f2a9b2d60873b71d1c477b94ce2731ef25e5afc630a3f412df Loading...

	#13 Eval - 9bb55f3962616e1d463fd8d6759aa36b	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 9bb55f3962616e1d463fd8d6759aa36b 5ea43e230462622a97a369b4f57cea62327fded7 1aaa6e60b8581230734ce698884620389e6143f1c51e308ac6c5508044fdeca3 Loading...

	#14 Eval - e32dc13036549e6ff216ed6f9f16a327	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash e32dc13036549e6ff216ed6f9f16a327 4ba4fe32b499a99eabe72f070784b1c6ebfb899e c893fd8b04a34dacb5bba4ea78730c9d4470ca246741df6b4fce734cffc892ff Loading...

	#15 Eval - 2e8246e2a36f41619cfde512c832c6d2	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 2e8246e2a36f41619cfde512c832c6d2 0f3dd16ea30645dcdfaa578b285f5180d83a8796 274dce8813fa72c6efd64870446e3c0eeaf400845eed9b67c2430a329f72c27d Loading...

	#16 Eval - 5e76ec4a0f6c169874196715ad0039d2	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 5e76ec4a0f6c169874196715ad0039d2 04a18e77f1d44ef3179a491a4197325a01ba117a 0a0dd853c080e5cb52f7e78084fcf2b618baabd9c09726d44535a7c3a59e4a13 Loading...

	#17 Eval - 3b0e58e782c69246fef589d66b70cb12	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 3b0e58e782c69246fef589d66b70cb12 b86e7359f44ec1c17041882cc78f30b49145c498 1a452679bfc8400a2ee8058aff938a3cddfcaf33ddecf97d33173ebb5118b2bf Loading...

	#18 Eval - 374eefc08b3697dc8fc2f17caee546af	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 374eefc08b3697dc8fc2f17caee546af b5158de1c334df5c8a5e2f35bacb7f8b1624a18c 83e4d5d17c3190331b20e67d4b6b8a47eb4aa7f8b85db30492128bc9ac034a33 Loading...

	#19 Eval - e1bbe41219abe7fee6faa49371f6e0e1	2.8 kB	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash e1bbe41219abe7fee6faa49371f6e0e1 5b789b6b69a5e5cee6815c228fc7da0d3d07fad4 8a43f7f6861a0957201248ffcaa70a126e886ddd5f910088f52c3208f281c6b8 Loading...

	#20 Eval - 81564bdc70679c2f109d9677ed14447d	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 81564bdc70679c2f109d9677ed14447d d943194924b587d92518cb586eadb96f81441ce4 191e32ce5e962a089c30874a20bfc97d92e68b17c8fe9b1c904864b3053ef083 Loading...

	#21 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-05-25 03:31
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-25 03:31 Times Seen371002 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#22 Eval - e1a6802df93a042c863b5b276b0c180c	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash e1a6802df93a042c863b5b276b0c180c c5fbc10a5df410f70fc47ba8baa2b607112f74da b0bdcdf74a6005d2750baa60b1cada050ced7ee1f0f9926c14fcc1a346b238ca Loading...

	#23 Eval - 81f3f62108bbe4bd978969d57264057f	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 81f3f62108bbe4bd978969d57264057f 49979a0ef6f9a75796ceca2b15833a4c4d406b90 dcff5c40085d39fedeb347668cfcd70686e863174d66ed912cb848a0048b89f8 Loading...

	#24 Eval - 1c1a511bdaa8a0285a5f60bdbbff392c	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 1c1a511bdaa8a0285a5f60bdbbff392c 0cdbdf90a6fd5cfa5632cee18eec830c064aad49 ba6ee0133c8fe4ab4e45459bcca9f6d23683173291c1f211c6cd6a695a0353e6 Loading...

	#25 Eval - e30fb169573a577a1328a043203aead5	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash e30fb169573a577a1328a043203aead5 f01520f9af9c9e3edede918ef0c453f2033c39fa dbc7f46449c733236e52f6cde6eb76c442ab23da888570106a4fda30c7014814 Loading...

	#26 Eval - f334bdf0c1d6ee8081f004756674e270	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash f334bdf0c1d6ee8081f004756674e270 22329db7348284f0b371941b47cab9f8fb83acda 4b3bcea4d2b58a8c0be7282a1df3c3699ce22275b4493567bc22de1eb2d11ccc Loading...

	#27 Eval - f9a4bffd333ab5e062f9bfc68aaa669e	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash f9a4bffd333ab5e062f9bfc68aaa669e a42fa05a0123b5d736379aba7d0850498d2228fe 3f823c8a63c33eb813b32a057baf412621938812660be4b904ea470a5fa70210 Loading...

	#28 Eval - 4f4ea30be1952ef3c49db2f7161c0601	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 4f4ea30be1952ef3c49db2f7161c0601 8c1964e61ac6fae4aa846296468739f8ecf5cd84 563d8bd19e7ad99793b5e14f6be7ba80efed381175da059eae1fe32f658d5e6b Loading...

	#29 Eval - bb1771c4975ea9d5eaa4cf27a1f39d1a	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash bb1771c4975ea9d5eaa4cf27a1f39d1a d7023164bd524556197e18841e7e6901fc1ec7ec 42e4ff38f592fb638223438c59f448a9ede554c2fb6aabfd6630b369c2ce7916 Loading...

	#30 Eval - 459fb60a9aeebe6e3a38f5c9feb16694	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 459fb60a9aeebe6e3a38f5c9feb16694 e523bcba7f6620b2c7f08dd9e4a6c1d65385873f 44e4a48d9967a1ddd0755b97e0b73c533808bcf427d03aed739bebc8862e38ff Loading...

	#31 Eval - d945933f29646637ae7cec9dcbf6a1fd	2.8 kB	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash d945933f29646637ae7cec9dcbf6a1fd 32a2eafd5fb5ea611a8b82c25c7776800fa98889 89ecf2be4087c7efc3fc8de6b9c7d22b01b0f289d0911f6e77724ec62ffa59fb Loading...

	#32 Eval - ecce402255e939d730d329c808824422	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash ecce402255e939d730d329c808824422 35df773f6b1563049eb6e0f423dfb88440775a0f 15ae96a07c245b28120c9f721d06d61f5f5a63d76b30648ff15f1722550e5020 Loading...

	#33 Eval - 4324352098058204f4ddcdd845e8e3ba	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 4324352098058204f4ddcdd845e8e3ba fc2dcf6a2fb23ec24d11359097ed71779008d402 7490650b0bca8abbdabddab31e42114f39cdf18154864c3ef82bc810c2f471ee Loading...

	#34 Eval - 555a450a6fb1f1ba215ba6a2afecee1a	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 555a450a6fb1f1ba215ba6a2afecee1a 31e2b1581c0627ce0187f448bc497859f57321aa c484d6e1723f9d86467076ceb80b865605ee1880600aba4b0b8c09cb4b3e72c4 Loading...

	#35 Eval - da262d989202242c926c31fb79b9f0c2	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash da262d989202242c926c31fb79b9f0c2 010d57b17bff265bcc98dfcb2f942514ba9e0d13 c49e20359daf949102f8e34daa6f65cde0243c244e4b30ed1407f1e9ba0a2708 Loading...

	#36 Eval - cdb9e245c3e574be3d21c423b8cda3c3	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash cdb9e245c3e574be3d21c423b8cda3c3 b9ba8aeb850e01bfb565804f778f3e113a7a8c4d 2f026a076cd70e13417eb5a24d01e011f47811c67b5944bae48c27efe377c837 Loading...

	#37 Eval - b98887399683c8fdd16df7b7eb8785ec	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash b98887399683c8fdd16df7b7eb8785ec 6f65ed2579f237943739de730d37b96de75eb97a 6de13666a0bdabac699af116c5292de177a72ef39ac9ac2237055faa020e3312 Loading...

	#38 Eval - 5daa012d1aca6f2d49f01d2d51ac56ed	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 5daa012d1aca6f2d49f01d2d51ac56ed 70fc00616f68356eb992ec8c4e09a3be8cc2d915 5cd9d8ee889653a4bb12c9f18d0d9637103078e25279f750379c9e62d62c0e3b Loading...

	#39 Eval - ae1af929cd25a7a3ca3d80813bd15d30	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash ae1af929cd25a7a3ca3d80813bd15d30 f8a14a2bc7a720676581a1c3f815386fa43ddd5e 87d75f88449f18e7dd974da9223bcfe1c5f33f3a0ec91cafba20739bf70a40d4 Loading...

	#40 Eval - 57c549294979f0329586fc19d30bcfe3	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 57c549294979f0329586fc19d30bcfe3 f6546d67008d39463adb8a330635f4e019ae47cd 31bbae55dc11b060cfeb8c16279c5f120e4682c894e2e4b8122699ff0c8fb5eb Loading...

	#41 Eval - 0d63328f83e64813e1563abb1ff8efc1	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 0d63328f83e64813e1563abb1ff8efc1 d08e4167d8fe853133b9ac3d75dcb34238d9ab19 dffe0dead3126a7984ecd6f209f12d0cba492672748fa1c5fb0844bef5e22ca1 Loading...

	#42 Eval - 583824a6b6846eb5f6774aa3b1e5488e	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 583824a6b6846eb5f6774aa3b1e5488e c812fb71120331411e73548a6a6b17b2cb3f1de0 206c16b271bf6f98214df76e8a9be875de38c90ddb4a189403e9ab28acd9cec5 Loading...

	#43 Eval - cc1748cb3ceef3e85d74481ffb260b39	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash cc1748cb3ceef3e85d74481ffb260b39 86e2ecf698943a0e05824a50fe021afcf895f6fe 3e1c846ee3375d6759f6d06695c29ebb785dcf80470c0f6d5e18bf86ab09be5d Loading...

	#44 Eval - 91c8326716b5434bde99a04d42effe8b	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 91c8326716b5434bde99a04d42effe8b bbfb7af4b58a56fbc98b74520902036aeb82ea9a 66c074aa23df1869252c7b4b62f9ccac5cb506f45ddd6a5af3498efd16a6fe9d Loading...

	#45 Eval - 2be1df07aefe20c0e4447442559ed1e8	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 2be1df07aefe20c0e4447442559ed1e8 8ac5795ab3e5a7a559071a7c7f5ebe703b03702e cab583761eb9f1268af981f6235a914c2bece2e2f77f51d23b4fd189c8ac4c76 Loading...

	#46 Eval - 12cee627d886b6ff3cb89e621e02542d	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 12cee627d886b6ff3cb89e621e02542d 30aa33147374cc5cb6a8db528328efb20366359b 60e63454bc59dc17fa0f3d41495000a6dfcd7d4c2ef037d44d3078acd2553434 Loading...

	#47 Eval - f56b67c97d7c1ec64833bbf90afca1dd	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash f56b67c97d7c1ec64833bbf90afca1dd 94925addf62cb1adf2e85f435e162ada3053e796 dd762672b53d2f04938f4acb2c6da54491daaf1f8fc8d0ddf81bb0a772201b9a Loading...

	#48 Eval - 39526cc26adb73171ef23205a27c199f	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 39526cc26adb73171ef23205a27c199f b0c267c1f87d2479ff813b079bc027e2da838357 159d418ce0e1338c2557b260fb78b3b4ef069720e3db04c4fed004438f9de1e8 Loading...

	#49 Eval - 511909cf362b1d451eb35a7fad9b2071	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 511909cf362b1d451eb35a7fad9b2071 3fe9c56689be07c7e06f936c9f8af96c1f69549f 76aa30caeafa4dea56fd902779cd04e7b34534511f12a5812db2e5513be689bb Loading...

	#50 Eval - cf34b285ae5ffea6bb0195c0f3877d34	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash cf34b285ae5ffea6bb0195c0f3877d34 5b454a63fedbc687323d34d8013e3c863daee59b 8f7f5752486c0ef1d996da8b530e65c5ca12716c605fbc89ed38d9ea26f32016 Loading...

	#51 Eval - 60cb6e371998535fc16a1c4ad708839a	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 60cb6e371998535fc16a1c4ad708839a 6a579ba5fc0eb2e642890894a9afc8015838af17 c11d2b6b62abf404dc45249dd5856df7c7358d4af2dfe906880cad7c2c480cec Loading...

	#52 Eval - 7758cb2a93b0be1a68f25b14baf93d8b	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 7758cb2a93b0be1a68f25b14baf93d8b f8cba84f85fb39f01d042bae339f199545f54cac 010586c35f5338acebdde6f4b2b1752b2c374278dcd94f11074cc6580dccaa75 Loading...

	#53 Eval - 7926d5e3d38a6dbc2fb0100422eccc04	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 7926d5e3d38a6dbc2fb0100422eccc04 332d46a4528446deec1788f354ff299bc30353d5 40f34327746f86fa26d3ab9dde6deb9b3775b0c7ff92fc88bc789fbd764591bc Loading...

	#54 Eval - 4e33cd133870955c2501e85602508590	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 4e33cd133870955c2501e85602508590 138b80ea23d7909d75ba581a93b4f3725cdead1d d149e5822f8d3bdafe787f9e594fd9dd0680d940db87ae77bd13a714d0fd4a4d Loading...

	#55 Eval - 481f935259e4a51e2e0cc6994652040a	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 481f935259e4a51e2e0cc6994652040a 5d81cdf79c211c23693600828103ab60d2eaf9e6 1f83bf91e64eb052fad492e1ef11e5ecd1899437d5bae0ad62d0f8dc57dd6660 Loading...

	#56 Eval - 06c7163bc8c69f46f29082356eabd0dc	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 06c7163bc8c69f46f29082356eabd0dc 2bb32f670c7e4fbcc7ab93933ff36ea87f03bd8b 000ef610c01e49eab2336ccfcc2fc7f31eb1187b7d2b2408d5f08a20e84d09ad Loading...

	#57 Eval - c4415f18691af8fa64d894a9f15c6463	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash c4415f18691af8fa64d894a9f15c6463 715f02d133a8a525325fb2c16eb785d2d7ce4c72 0cb410bbdcc87ee03abe548e9c08f9f582bc7106c59390a61574a72019f5fe4b Loading...

	#58 Eval - 3669dcc08f1ec063c94dc33a83aa034b	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 3669dcc08f1ec063c94dc33a83aa034b 9946186e2bc93a7b3b1dbaf471a181841cea7b30 657edbeaa4db5c845d525496fcb6e2e49f52b7ee4099264bcc81f54ffaa8d176 Loading...

	#59 Eval - 3fbcf651a94ff3deb12ae69c76359c19	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 3fbcf651a94ff3deb12ae69c76359c19 a0cd497bf4b2108be846c0154ed3e1ce4b5ca043 298865828fd4f93fbfc359d4f6a2f4ba779271cb978a5c7ef260d2495f709a22 Loading...

	#60 Eval - 8752532b82d66710da604fcbbf0b85e9	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 8752532b82d66710da604fcbbf0b85e9 81172043c46d43aefba6ccfb15be8d2b4fe5aac0 3c462b4771d165c37afec6df14d4b24d8f53c0032f6d5544741fec0592ff5656 Loading...

	#61 Eval - 078a9dedafe3cadf94bd36d0b62295cf	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 078a9dedafe3cadf94bd36d0b62295cf 8d660e6c5dd0a2fb6f14f37f768505f90064ee5f ab3dceefd473d55c3abe03d48dacae27c5eab91652f2231a62c36c5e86de90f9 Loading...

	#62 Eval - 63b55f4c76e085dd154ed6a38d5ab28c	61 B	2024-05-16 17:29	2024-08-19 22:46
Pretty Observations First Seen2024-05-16 17:29 Last Seen2024-08-19 22:46 Times Seen3201 Hash 63b55f4c76e085dd154ed6a38d5ab28c 52b03e860d7a03fbfeb99dfd5e33195861481de7 30fcd5021c9f9edd7b435226adfee4cdaea80dd872ef6abe1950e0b18f5323db Loading...

	#63 Eval - f6e4071f8964f993f1c66f2f7fc6dacf	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash f6e4071f8964f993f1c66f2f7fc6dacf 1e5c7d6d1d0a4fdc116849c7d5e79237750a09ca d20c00de10a025c86f72383cf1e9768d8505237759c3b5ebe9895d33a1b6062b Loading...

	#64 Eval - 6faf8e3a247f8200cac71034ce003a1d	28 B	2024-08-19 21:47	2024-08-19 21:47
Pretty Observations First Seen2024-08-19 21:47 Last Seen2024-08-19 21:47 Times Seen1 Hash 6faf8e3a247f8200cac71034ce003a1d 458b21fe8e4bb6e5c2a082d59cb9ad4fe5bf8974 d73bb7f33fa82b3d812d7cbd738ee3f1099bc1e045b811610fb1e60b33e621ad Loading...

HTTP Transactions (20)

URL IP Response Size

civilianurinedtsraov.shop/api;f

172.67.197.146

403 Forbidden

5.8 kB

URL User Request GET HTTP/1.1
civilianurinedtsraov.shop/api;f
IP
172.67.197.146:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14131), with no line terminators
Size
5.8 kB (5770 bytes)
Hash
563ca8f80421938c8f2cf04699c62493
99a0b07074472bbd4fb80dae5d7c3ccca56f3d2b
954eef6ac0a6c01e121fa4ec124bc569f1694f5db5feaf0650b44001666e1ae4

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api;f HTTP/1.1
Host: civilianurinedtsraov.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sat, 25 May 2024 19:37:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: IuH4s1J8YBnZqaAQHnfxi3r1CxnP7ZKGUhfZ2/yJQwLXYB8GQe2tuxTasdxXShmcr+UFw05sQJQOWuuoI1jBuQeCrDRhg9jwTtarsrklQvWt0HV7SmymWuaHX7deVbgQPnMbUxEa76qnkfplT2xlsQ==$ddCul8W7ujkB5naAxUNLOQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yG%2BzXF5dClHB0Zgn1nLaVpqzDC5LTZzLs4ifHr8mCQzH9Jdh%2BrnFZvmvWYqbg5XpaR6QOyykyQn1%2FD9hnFrfOoFU3luUIxVsdXgOjA1nMjtvrkJr6Q4rVJun9%2FYpeaIeajdQmhFGn5YDTSFi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8897fb268e9db511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

civilianurinedtsraov.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8897fb268e9db511

172.67.197.146

111 kB

URL
civilianurinedtsraov.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8897fb268e9db511
IP
172.67.197.146:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
111 kB (111352 bytes)
Hash
b3c77b4283e06acf36cb43e4a6591bd1
3e7da228f959e60fae6ffa66062e9497ac11a672
70f20c13ad01815a05d18f87c2c738e44701c9bec8b022ccfd316f70adb26b9d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8897fb268e9db511 HTTP/1.1
Host: civilianurinedtsraov.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://civilianurinedtsraov.shop/api;f?__cf_chl_rt_tk=Y8el0wgJwtxnr2JwT7BDcMurR1obl4WrPnRUMsz53sI-1716665857-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 May 2024 19:37:37 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1nNmUrUde3FO2U9Rkl9BJZg%2Ff2lHTWVwy3Or4O3vAJ1bbzwTKEOe%2BKKsbMmMDBA79UCOwKaEOS4DeTP8DJ2JKal1e8xi6eIiv67wO1AjT%2BYOMDVG8yX2HYkSgREUukjOjFC8QioWPk%2BepVoD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8897fb282f4856ab-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

civilianurinedtsraov.shop/favicon.ico

172.67.197.146

403 Forbidden

5.8 kB

URL GET HTTP/1.1
civilianurinedtsraov.shop/favicon.ico
IP
172.67.197.146:80
ASN
#13335 CLOUDFLARENET

Requested by
http://civilianurinedtsraov.shop/api;f

File type
HTML document, ASCII text, with very long lines (14242), with no line terminators
Size
5.8 kB (5844 bytes)
Hash
487696491d98f141d7ecf8d735615b08
62472aa82de35c11e7288fb0c497c4e2ddf3ad10
f5c637ae82563ad224dbfe6f362f73a6c196ec204b694bffd0d93a5923a1c6fd

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: civilianurinedtsraov.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://civilianurinedtsraov.shop/api;f?__cf_chl_rt_tk=Y8el0wgJwtxnr2JwT7BDcMurR1obl4WrPnRUMsz53sI-1716665857-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sat, 25 May 2024 19:37:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: pebpysPbNAchC+7QBevX0x9bmjAxVXnVI5t7FCoUJhOLmEKxYz3xrOSGxn1md9rVkhXOb7tfvRDnieVZc9cqfl23wqXZM+ldJhSwB61WsVv4ZLrdntOIoV55mn7/S+Mt3KKZfawZhDXx01T9lU7evg==$xnN2N75lOODlcBn1eE0HmA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QMSTgKyTIkxoB2Hek%2BaCQyO%2F01huYPeTtYOeMAtOdlhEltCvFDrOo1C7k5J44QqHAAtiht2llrqy9t%2FiEG27EDUrTKb4jdznezHKh0rivfE55glWbhlnfreDR5W79wry1YyCeE0986mw%2BthW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8897fb286f8756ab-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

civilianurinedtsraov.shop/favicon.ico

172.67.197.146

403 Forbidden

5.8 kB

URL GET HTTP/1.1
civilianurinedtsraov.shop/favicon.ico
IP
172.67.197.146:80
ASN
#13335 CLOUDFLARENET

Requested by
http://civilianurinedtsraov.shop/api;f

File type
HTML document, ASCII text, with very long lines (14156), with no line terminators
Size
5.8 kB (5781 bytes)
Hash
15f5006177b095feee4985796369fd6c
541f43534b4957023533322b8db5d0215dae8f34
a656247f9f252eec02b84c0a2449de7312297ece2d63ddd8f730ff4ada070d97

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: civilianurinedtsraov.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://civilianurinedtsraov.shop/api;f
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sat, 25 May 2024 19:37:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: FLDLVtLq9oEFST9TsHEsPzK4xDIV4hqiBk60+bq2WaP9Rb6phbzJtPxGZSX+WB3f7PKZqnUNqjbcY1jrz7ZcdtA960jG+YcVq3H9v1FtF8cCf7g1ZWmy6yg89Skcug8DXZ2Cd/ULJI+kHO8bAno/2A==$ngHLVq3HM3MrALlEjagdXQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rYmq%2FvUVbBJQCJVRfSlgI3CoTar0jnnYdnRVMKMUDfxfRAY8Hs%2FnO70Tiu2ToB1G0TGmDDKJ%2B6knwI14%2Bbu%2F3GD7pz2Bd2uv%2BV38fQEvoPEcVHh%2FGXJeR6EdfLikYmmwBzKplP5HZiHNZNE8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8897fb28cc557131-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

civilianurinedtsraov.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/476572979:1716664250:Y9NXlz5P6QaQSMuBDPYyJskb7xVtg3YMNczXyE5oHZM/8897fb268e9db511/0595bff3c2965b3

172.67.197.146

12 kB

URL
civilianurinedtsraov.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/476572979:1716664250:Y9NXlz5P6QaQSMuBDPYyJskb7xVtg3YMNczXyE5oHZM/8897fb268e9db511/0595bff3c2965b3
IP
172.67.197.146:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (16600), with no line terminators
Size
12 kB (12547 bytes)
Hash
2218ea167679d8e38db23de90a670573
6dce10681f6a28068fe35fe6459f778c320d358c
ee4c438ed07cd9ca77f5d410c1f408e1690d997695b8603e3c9382c06100c1b2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/476572979:1716664250:Y9NXlz5P6QaQSMuBDPYyJskb7xVtg3YMNczXyE5oHZM/8897fb268e9db511/0595bff3c2965b3 HTTP/1.1
Host: civilianurinedtsraov.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://civilianurinedtsraov.shop/api;f
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0595bff3c2965b3
Content-Length: 1812
Origin: http://civilianurinedtsraov.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 May 2024 19:37:37 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: fBBXIKFL99qdDBGgtc4wBSBKyjT2KQ25+S1y9w6Xw3P5QWxNptbz1JWb26d+TsBx$Y9Olkoy+gBoZ/VOzO/znvg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYy0B1K%2BYH9Hcp1CO6CLUO5uXVgbT7SnDVylnorbuMymSlMk7DV7bPkVfPRrii1AhlspUYQqcrDCoyOopzfzFrv1AxkvhcQHncCliiiwN0G5Ikf%2BkbdOAzxVtPBDDlsIO8rMBrq03DYZRH2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8897fb29be061c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ta1co/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 25 May 2024 19:37:37 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8897fb2b9b540b41-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ta1co/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.3.184

28 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ta1co/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (42150)
Size
28 kB (28114 bytes)
Hash
860ac1b9534462b3445bdd74d6a895d4
7741b57d80bd32db9c3c2d1960d4cb79f247403a
d1b983aeb439ac1e0c51baa503706ff0f51779b00775dad900a652ad71cfef73

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ta1co/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 25 May 2024 19:37:37 GMT
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
referrer-policy: same-origin
server: cloudflare
cf-ray: 8897fb2b1afe0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8897fb2b1afe0b41/1716665858127/Ik-8IfRjtA7pzM-

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8897fb2b1afe0b41/1716665858127/Ik-8IfRjtA7pzM-
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 41 x 28, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
f281796351ef24fc6d89b81965903d9f
19325cf6732c061863b52e1ecc8129234743e197
e48ddd6d8f2c3ad7353766baa99ca4484a33d1fb6dd3e0c7a4344ab012eacfce

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/8897fb2b1afe0b41/1716665858127/Ik-8IfRjtA7pzM- HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ta1co/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 25 May 2024 19:37:40 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8897fb3e39970b41-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/971156802:1716664328:FabNBeYz8OAgFs9420DcC0pmHkg3m8l6e9sGZOExuZI/8897fb2b1afe0b41/5c72911794b874c

104.17.3.184

3.1 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/971156802:1716664328:FabNBeYz8OAgFs9420DcC0pmHkg3m8l6e9sGZOExuZI/8897fb2b1afe0b41/5c72911794b874c
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (956), with no line terminators
Size
3.1 kB (3109 bytes)
Hash
5abc78125a3f4e876bd1f62948ae8023
789385ab84d29aaf89959af5b6ffd3e1a1dc6897
6f60522895d5949e3956a2167706dcd1e1efedc8d9511b4c25da2f092758c70c

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/971156802:1716664328:FabNBeYz8OAgFs9420DcC0pmHkg3m8l6e9sGZOExuZI/8897fb2b1afe0b41/5c72911794b874c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ta1co/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 5c72911794b874c
Content-Length: 40325
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 25 May 2024 19:37:45 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: Cg/7YZRxt3lyeFwSYEMxY4mfgkRfVHODFyqJY//u7cwQLXcVcpBM2G3gSdVlGOYBDPORdr83wFvXc2CKqgqV56YhbAhCI1FKbxbTgmTr7SQ=$ynAnLGYC2C487DX9UN/YcQ==
cf-chl-out-s: wnz6F/BKhUk8T+DyIl/wPp+nLBHSNsGVbm6MNibpCNDFL94OxKRcoMzKIm9wtalnazoy0v5bTpnWy7jsb9kIBvbdJVSAlbkMAeLyDP3+5NGqAbyZDn2a5VT9cVhY9eCFypdphFo+4IKMYCJZOS/jUItoUn24E3+XPSu5hS+3cCd21zwzSBo3kT6m8X8sosDxI28x/J54OZhs+O6niP+DONmfm5OfHg3AOHqxNo/nUIjvJzMi1X0m61fbzkXn0pM9FsYn93iA9lyDGyS/ghUEXnuHPgXkXCKPjmwa6EeiHaEIxziQU9ryYHZts1WJH4kxFd5zkIWHc/5LvpUfonyDSPC4o9JCsOADVT7GhsSlY5/33BtgQAk+Kp9T2nCpx6ZU5pht2sGGGEDnKoJmlHi+sUGrfXplzHsbj6+kAt1/2yaff04shgPuDzna83rpsOSKsvp5mQBxEB6D4JlEm/SIcaiVyxES9mOFoSIq4f8R8fzfi8yRWR81zzeHWZacJDzJZRfv/XpMTSwEHpzbuRW0MR2yH15/+vC9jxADQWIA0Xwn8RfMvd7z2fsrLh1fnsjMMaJ8x69K+llMHVvdBOTBNyva2Hr7MfYRABBpZSc4Ev1E6xTYruZ1w/v4PiLv4jdYkTHqW/LmZVEQ4C8moMA7YaIu8mopKEzc0pnmX30Y9V8kv5Z7EoblTx6hXEo9axYGFgxovxvthbGMgxI9xH4jBj2luwPqd58f+PQpKnirSSTc6nNPjq7t8+u7xftHbQpFxW9ukxWPX6sHrHn0E4VKUNGeA1sGz36Ba2Q7U+S8CMI=$dvodLeS88TE1uGIo+AGXQA==
server: cloudflare
cf-ray: 8897fb585e650b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/971156802:1716664328:FabNBeYz8OAgFs9420DcC0pmHkg3m8l6e9sGZOExuZI/8897fb2b1afe0b41/5c72911794b874c

104.17.3.184

94 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/971156802:1716664328:FabNBeYz8OAgFs9420DcC0pmHkg3m8l6e9sGZOExuZI/8897fb2b1afe0b41/5c72911794b874c
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
94 kB (94188 bytes)
Hash
46007e3355a2bf14357569b384288ff8
67873a7574600380e8aebe75f160446c9c7a08f1
63e2c517077f5ee8480edaf624bf5dfa23f50474001db5a19d378180228609ff

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/971156802:1716664328:FabNBeYz8OAgFs9420DcC0pmHkg3m8l6e9sGZOExuZI/8897fb2b1afe0b41/5c72911794b874c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ta1co/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 5c72911794b874c
Content-Length: 3434
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 25 May 2024 19:37:38 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: helg5CvAlglWY7QFRCrDT8U+w2rS6nQ/JXBlwIVKdx9NldlB1xnBrWPn7g+zyZarBjcbzw7pNZmu7j1IqkYdml9E0UBzrzd2jfqq6dQovJYSir43XcYSXfdE+cz2f/dwr3T8DbA/v6+JYPgtYRvw1hdjIru1+8oudU+ZYlNmYJ3xhbe+F1XIBWDIt2s1PMfqPhV/TXYCXNw4cqYgToDQTYGKV/CuI5d6w3CapK7D/i0qfxdH8oOIs1fM9xwYYI+jqXP3HkZcCLJwVzsgTIlqBzDJbirKlRAkjWVobBPuc1cp9EvhP5+gC/+oFnrRSOH87XmdNA3oSpe+fHY5AU3POKBmhyowoAJJk/fnvmSZBGmNGPig2TdjP15ndv6l3MPTdZHxLWzri51shsviKwlnY9zexmdgrWlIO3+mdiuHd5mo+oGKXCWdZ8lMaUvnHELOqjr/UbDZ/np2ZaPLYXHijw==$iuDtLn6uaI7jcnqkP44D3w==
server: cloudflare
cf-ray: 8897fb2d3c7f0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

civilianurinedtsraov.shop/api;f

172.67.197.146

403 Forbidden

5.8 kB

URL User Request GET HTTP/1.1
civilianurinedtsraov.shop/api;f
IP
172.67.197.146:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14152), with no line terminators
Size
5.8 kB (5794 bytes)
Hash
602c5f087ef103f637c10baa3e3977f4
0affa200df4bf4cadca4ed8b7c58a5249af4a0f1
f5a1ef2e73a1c7092041fcfed13daf040cecb6676107940ab5e62f7c6a740f4a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api;f HTTP/1.1
Host: civilianurinedtsraov.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sat, 25 May 2024 19:37:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 7An0iw1uDaGXbM0LrkITdVwUVnY6QbMID+3PK7j0hf2a+hqvWu6qt+7UV9qwVvk+OjxXy5QZOoZDElnWxLH4bN/r7MYD7ZMdb8jqShMzcJeroobPCvf5BjYnwSKYo/xMI1Irx2WNNyVK7G6x5O+afg==$3/aErdegS9bO7/PUnNx0tw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PD4bK8%2BG7%2FBO%2Bcot%2BncZHKT%2BGQ4DxEawm8HGlDm3aN615T92hjdNXSO4m9w0%2FfsBXEwdO7bULW6gbwZYDOc0CGcUGWaYr2axAnOtVIhkzEfFUJbWbH5%2FTsKjtcWJFmpgARG2I16KPKF8lHJF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8897fb65d8701c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

civilianurinedtsraov.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8897fb65d8701c02

172.67.197.146

200 OK

114 kB

URL GET HTTP/1.1
civilianurinedtsraov.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8897fb65d8701c02
IP
172.67.197.146:80
ASN
#13335 CLOUDFLARENET

Requested by
http://civilianurinedtsraov.shop/api;f

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (114024 bytes)
Hash
ceded6ee195f70620b58110ce7ac9cc6
e690324b54d63e32e7fc904f10f8a9d28b808c8b
753010b9a338e102e8f4af21f6896a6200afc0cf452fec30b895c5695d811c63

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8897fb65d8701c02 HTTP/1.1
Host: civilianurinedtsraov.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://civilianurinedtsraov.shop/api;f?__cf_chl_rt_tk=Dm6eg2qi3u_CLLBvrqre4OoaXn4ax17yw6mcEv4Jpig-1716665867-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 May 2024 19:37:47 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mg%2B77bDiL5XpLRgn9wMj6TCnsPu8UJRn8%2FEoZTetdLRjer8BwDWVjjzKEtRNNObRcLIN3b6Ubw0eF3ri1IoUyA1waUVb5P4rJyisR1vicLN2l%2FYMLtNJKSV4%2BN53ssa7l2NYkp3fUjcZmSTV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8897fb665c127128-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

civilianurinedtsraov.shop/favicon.ico

172.67.197.146

403 Forbidden

5.9 kB

URL GET HTTP/1.1
civilianurinedtsraov.shop/favicon.ico
IP
172.67.197.146:80
ASN
#13335 CLOUDFLARENET

Requested by
http://civilianurinedtsraov.shop/api;f

File type
HTML document, ASCII text, with very long lines (14263), with no line terminators
Size
5.9 kB (5871 bytes)
Hash
7b487979263b46c633e1fa546e902745
896da9c0ca1cd5efdeedb268811504ea9bd9e08c
86314cded182a1a247f347f34f83e859e5a9fcd6b7c3d7a0d00bba02eeeb279d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: civilianurinedtsraov.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://civilianurinedtsraov.shop/api;f?__cf_chl_rt_tk=Dm6eg2qi3u_CLLBvrqre4OoaXn4ax17yw6mcEv4Jpig-1716665867-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sat, 25 May 2024 19:37:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: IQg22hZNmECPf8fbYiyjKS19xtNjKUPBR001K0b4a+5F3M+KxBW8m22ONWcKvy1tAck41AtohmhRKZ9GTujVJVANVs4pdxO+jrU23rsZmVnjsJMQpeyJ0h2J3YQa07cZ4xWemJdrF85nsvm952PcyQ==$bgrzBsnIWsFkfetbpTH2hg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggQLZerZjvJMPCfpPFe0FjAh6vX2Rvf7XivGz8T3P7l4AXNq%2BTg4bJLVmZYwpetc8ZBxRCoAFPEXqlCfUX31UDFiIYsEuflfRiUIt24IYRA1un3V1kWwm7OatW2kpQtjGtkDfW4oKGroDY5D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8897fb66ccd57128-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

civilianurinedtsraov.shop/favicon.ico

172.67.197.146

403 Forbidden

5.8 kB

URL GET HTTP/1.1
civilianurinedtsraov.shop/favicon.ico
IP
172.67.197.146:80
ASN
#13335 CLOUDFLARENET

Requested by
http://civilianurinedtsraov.shop/api;f

File type
HTML document, ASCII text, with very long lines (14178), with no line terminators
Size
5.8 kB (5797 bytes)
Hash
fa9fbdd6ccd81d0d572077e883c9174b
ca055968875931745a1101cbe0acad8964fd3be6
7f5b4c8a87e0c08c515b10c7d106e14a7bc7495d0bcca3b8b730097c794e120f

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: civilianurinedtsraov.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://civilianurinedtsraov.shop/api;f
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sat, 25 May 2024 19:37:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ytuNrB159Thi2Slu1BkdVtAyGNJT5eKJR6rBo7Cu5AOJ0rVJL/lqFmux28K+tCS8//NwbP6d3EB5jnKjkXU0hzXL2IFJh4W7lrdUA9CcN4xnLNg3gwwcMB9PjtTYQCnseZseWzvkm0HyIiLjLcjYig==$GkqkOnaBYqzTVzVUE1tQkA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUPw%2Bq7ECmT0KRXevoN0iZgvqwksGCkjGOBwV%2BhSz8C1meCjK%2BBSWYmF4CmgC0f1uooWzGu%2BZ1JBUS8Aw5LpIN9XtIgCvGGmIofV%2F7LJyJDlo1zRjppTgRtjgGhvI4x3xChtduV9ZFYXMQTP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8897fb677db47127-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/turnstile/v0/b/695da7821231/api.js?onload=gayxv3&render=explicit

104.17.3.184

200 OK

27 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/695da7821231/api.js?onload=gayxv3&render=explicit
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://civilianurinedtsraov.shop/api;f
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42526)
Size
27 kB (26866 bytes)
Hash
c667700be084108f8deded9026ffbbf9
31d633a11ef13a66787ec6504e38c11842664b7b
e158035a6f740b0245a027bf0d559c56782ebbeec7cab5a827083bd16aa47901

HTTP Headers

GET /turnstile/v0/b/695da7821231/api.js?onload=gayxv3&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://civilianurinedtsraov.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 25 May 2024 19:37:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8897fb677a3e0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s4nja/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 25 May 2024 19:37:47 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8897fb69fc5b0b41-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1464038978:1716664430:ZNGcTrLOmuBr3e60tb_aUBJPj_-o07ax8km1WWIQ3LQ/8897fb694bb60b41/12e32c14da45b22

104.17.3.184

87 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1464038978:1716664430:ZNGcTrLOmuBr3e60tb_aUBJPj_-o07ax8km1WWIQ3LQ/8897fb694bb60b41/12e32c14da45b22
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
87 kB (86572 bytes)
Hash
748d8415bdd00c19e278fc402d6f40b7
7958024236679098db8082d8b6303aaa3ba2b30d
ca9e56dc62799bcaf5b2fae8f69776004d58aeb2b9235ed9fc7413d4d7dc2bc6

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1464038978:1716664430:ZNGcTrLOmuBr3e60tb_aUBJPj_-o07ax8km1WWIQ3LQ/8897fb694bb60b41/12e32c14da45b22 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s4nja/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 12e32c14da45b22
Content-Length: 3449
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 25 May 2024 19:37:48 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 9yd/iJMwX07y7xpN1O2orl09hgG2pDbZMiBbjgS5d5FCtY0UO25VZyEIjojmLMBpSlhJRZFSGvGSsDQT/Kx0PRO/7qA/fAGSGu51EgQ6cMnMS6uRX7NKK4xanmwQAhYV5jKexdquZgssl07aT2gKdPsW74I3YpvBfSocPU0ribl6BbwZvp9TzEogEhT6YV6reG8LPWfL/hn+x2DTY+J+IPF0AHXetc6wtjMzusvrdJPhbe04aSt9QeWWwh5TcOfXECHUQsM3j8ws2mp0kT5KABjvscN4br491OgWChO1fgPnfavybpPnK0R4uDtzTqRYIUFmSOL/ntK4EfgSHv/i0SF+bnItEVnt7YBCXq02bib+ej1waNgu8FRiauhRQKUfL2xn34e2LI11cXPtPWKUrWAvwLBp6oJ6oErkzoll3TLsOow/ZoVQwEk2QG/k1x5W$Pz9KK8HOyqfNKmPMLmQVFg==
server: cloudflare
cf-ray: 8897fb6bee1d0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8897fb694bb60b41/1716665868160/52HhOvlsS6Iro8E

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8897fb694bb60b41/1716665868160/52HhOvlsS6Iro8E
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 52 x 15, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
e5cab3795814d3170afa6be70ac6f86a
b7ce700485f71490ebd0d31bef161136abbc2ef8
2623bd1a1703fa072a5b73e802ee6e1e7b5c8c374d448991870307972e6757ac

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/8897fb694bb60b41/1716665868160/52HhOvlsS6Iro8E HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s4nja/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 25 May 2024 19:37:50 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8897fb7939190b41-OSL
alt-svc: h3=":443"; ma=86400

civilianurinedtsraov.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1248647653:1716664197:iVqWkzZpBJZ0HfXHeX3slUImwiC7YhkJ1BojQcFiJmA/8897fb65d8701c02/309c9e25ec19d29

172.67.197.146

200 OK

2.4 kB

URL POST HTTP/1.1
civilianurinedtsraov.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1248647653:1716664197:iVqWkzZpBJZ0HfXHeX3slUImwiC7YhkJ1BojQcFiJmA/8897fb65d8701c02/309c9e25ec19d29
IP
172.67.197.146:80
ASN
#13335 CLOUDFLARENET

Requested by
http://civilianurinedtsraov.shop/api;f

File type
ASCII text, with very long lines (3048), with no line terminators
Size
2.4 kB (2365 bytes)
Hash
584476486374ec80e5b2384f0a86285b
d52d5ff6af4ae51b643999d2e4ea24a743119d1d
646f841b8078d76ab93f477df9f4849a2831c572eac7bd87b3c774828608a09c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1248647653:1716664197:iVqWkzZpBJZ0HfXHeX3slUImwiC7YhkJ1BojQcFiJmA/8897fb65d8701c02/309c9e25ec19d29 HTTP/1.1
Host: civilianurinedtsraov.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://civilianurinedtsraov.shop/api;f
Content-type: application/x-www-form-urlencoded
CF-Challenge: 309c9e25ec19d29
Content-Length: 2462
Origin: http://civilianurinedtsraov.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 May 2024 19:37:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: hyKosp/OhvzQXGb0Om2lE0Iu9DVUQpHy36m7tvw7Ulbn1uGFC/Qv3sNuCm07ZAZ6uMQKxTdms8Tx35epUVyCl9xHH+f0MNSvgGmS+I3HU+g=$EnsywTcZWJ5ikrra5iYwwA==
cf-chl-out-s: 80Oa9c6mg1Bu6qdTKilYV9Xqy+A46pjtqQJqa6Wou7rnZotJtfiIZxJ2l4Wv/tHNBCfEUe74tq/uDcEsT/wkilccndiwsYQGLDQe6vArg81QWUq/9vR3ImCFvaj4JMXMvQB8BjdnGUvH5ccDmYMRG3vBo2n2bTbaf25Gj5HPb8PxhfDaC3bDwrWD7USI6CLWNFSMrPeMj0SQJ0hSxP8QNUFfb0X0Hh6NTkbn+c/Sm9QwL8r9QYYAVZVl9p2A1fBPbyMQ0BS8ZHIldJIgCAY6BYs8rOJ6DA5WOj4maAs1o0te31G9JWxGnU+C2nLfMKkWOKcfZbY1EEYldVL9RzaV6oIm5NpUvBFpa/VUbNmPAtCvpwTI1n3vaC3dBfhytnEtJ9CCVorhuo2ePGEFTfI6wvOx8qome3anzyn2n2Qd1YbSic603Dm+yr3CuWnjFyxWBudXOqNaSK57MMgo1uf7k7IERmRA7XvFft1/vAIMo14=$NW7zn7NNt1MDN+mee6SXYQ==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9NFEph4Oe137ItZxX%2Bbd2A6NfjxXX7f7c1wWh2YkKNnA7fvY178qA%2BVDA99RcEIxq9u7b6RkTN5ycTogHz5JKARKXjnwqtB3iM4QbD14Px2g46YZr9Hr50v6qJs9vEMavGvHQgZPnN4cvgIF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8897fba17ed05684-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s4nja/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.3.184

200 OK

79 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s4nja/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://civilianurinedtsraov.shop/api;f
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (42150)
Size
79 kB (79323 bytes)
Hash
bd9e46348f7b099cb873d4e247fc7f9c
f75111f7d140297ad4cb68532d4de9a51a268f59
1d56f96187d527e18cc4f1ffd9078b1f60ce89b809cf7ad73cd542979da59a5e

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s4nja/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 25 May 2024 19:37:47 GMT
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
server: cloudflare
cf-ray: 8897fb694bb60b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (67)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash