| obsceneclassyjuwks.shop/api8J/ | 188.114.96.1 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1obsceneclassyjuwks.shop/api8J/ IP188.114.96.1:80
File typeHTML document, ASCII text, with very long lines (14405), with no line terminators Hash60ddc79c310fdd4158ffc3632c9136c5 1d0f536d1d455e6285adba5492dbcd136734c0ff 070ffa811658408dd2bcb16bd6e39bb5d66a497bf772b4a024c67bc6a1865b42
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /api8J/ HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sun, 05 May 2024 15:58:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: kZT7C2/lmPkxdm6BXRFLwdyXiqVbMSY82yYxMIeVlm5dY6BMluavuHp8N1o2MrNeYyKMrwBrYLJoTktByfph0hZYgDJIVa0VmNO+o+psA98/uiqkyWH2cLEoiH54pjA3dt5gB1Eb/brRXF+r5XpL4A==$U2vASRF+o+VR7YNZ9OayxA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fN5RvLhv5XQiD1%2BfuOt1%2FhgS8E7GCOqnRTtVZ2lXCEefbH%2Fw8oAEYiWXs8rXKjMqYTpSN6aoWYlU2VnU4cku%2Bbwsr4SQ%2BY6VPuAzY2%2FHmBkt7zDYZYZgS%2Bj24UmLyjfuc73SX9lxedwPtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87f1ee9f9f405689-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| obsceneclassyjuwks.shop/api8J/ | 188.114.96.1 | 403 Forbidden | 2.1 kB |
URL User Request GET HTTP/1.1obsceneclassyjuwks.shop/api8J/ IP188.114.96.1:80
File typeHTML document, ASCII text, with very long lines (394) Hash5c86cbbdaf5754d6ede56bacf9f0c196 1a5e9a686c38af36c48e5a38050da36b29bf3a4b f2819147f30e30c9b5bb8d2566480922952baf292e6fcf959a0bd13ccb6f52ed
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /api8J/ HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Sun, 05 May 2024 15:58:27 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Sun, 05 May 2024 15:58:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QN7jqL2NO5u7efrXeCBks8hyqYqJqgGKHCNqQT9tPa%2B9QO1e2dlHDL35QlQFMzetfYpK0v%2BmJFzSAUsGK8swqBMi4eAVXnfaYLKJlAI7VyYoj67CCrjUt9KeGem7o6tBfp9kyGI9ufYVBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f1ee9e3d7c712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87f1ee9f9f405689 | 188.114.96.1 | | 112 kB |
URL obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87f1ee9f9f405689 IP188.114.96.1:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (111871 bytes) Hash3fa29ba55996ef7694981e421e70241c 70e79637b4ac5744fef5f41e7abb3a220db5e4f9 5d6f5c71d9416066aeda66318cc3dd65becb387f1108ea87c27dcfd552bc44a6
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87f1ee9f9f405689 HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://obsceneclassyjuwks.shop/api8J/?__cf_chl_rt_tk=bSKEeE5dS0eCgq1CoysmrMFWWhKtk_XSMV_KNL4PJmY-1714924707-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 15:58:28 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DO6qn55%2FzzgRfY3WPR836%2F9kslBDAZ9vDOzxd5kz5RIS%2FfiYxMyZhe%2F%2FLbMUzQnsE8kuKVrpYjMxMi9IyVnj%2Fwbuv33vrzIbWLqeig4rn6%2FTOG0EgicBAdotez%2Bhny1o1F%2FI5zF6%2FTmCSg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87f1eea15fd55688-OSL
alt-svc: h2=":443"; ma=60
|
|
| obsceneclassyjuwks.shop/favicon.ico | 188.114.96.1 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1obsceneclassyjuwks.shop/favicon.ico IP188.114.96.1:80
Requested byhttp://obsceneclassyjuwks.shop/api8J/
File typeHTML document, ASCII text, with very long lines (14506), with no line terminators Hash5be57750e64277584343a06208711c4c 20599dcf5d072a09b19cd759f81667a9de1ac2cd d2231bdc3d0d916907502d376df05f5aa8ca21c8a2db72b0644631c9ffa713f5
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://obsceneclassyjuwks.shop/api8J/?__cf_chl_rt_tk=bSKEeE5dS0eCgq1CoysmrMFWWhKtk_XSMV_KNL4PJmY-1714924707-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sun, 05 May 2024 15:58:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: IvKOz4NTZ/JulrEF3bI27K0QfH9Pn4DaibQEp6smHG4CYrxPICYQVzGBxOCcIwsGncAiECNzbV5XsjSHbD9YbPKx6AnMxcQjy2AibSaiE+Hpn948kzT7lW2S3Z4dnAN7xWqd5+HGzOrzKYpZMiIHTg==$aaMzTsRSkrXkEeUyMdTj5A==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Un9oQMOe%2Fb9AFnjD1KUiVQ3QKh6U89QSeVVF41cF2eOqDmRg4RK3oOZ21hphWx56yO%2FF3ynpPFGaK3qGXuOajr9kWdezeSkMV%2B99L7s%2BiaIjq1OLkCAfoJlAphwA%2FZM%2Ftgt7SlvZXlmgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87f1eea208b25688-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| obsceneclassyjuwks.shop/favicon.ico | 188.114.96.1 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1obsceneclassyjuwks.shop/favicon.ico IP188.114.96.1:80
Requested byhttp://obsceneclassyjuwks.shop/api8J/
File typeHTML document, ASCII text, with very long lines (14399), with no line terminators Hashc062d4b5376b13a1a9aed38b87d335b5 26f4a47a643d864972a77ce163388c446fab65dd 47af3ca839388575d7fd2c1355dcad46560c1003190dc40a88120e177d701d27
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://obsceneclassyjuwks.shop/api8J/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sun, 05 May 2024 15:58:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ruMF+T199bwSkvcuWA45NT2ZHbkGPXrKcLkLGeNtYBfXlqhfGeVJdTfyu3ByVx/KOLzB0B6NFLfSYRlVUD2+66sfMw0kyBC+7JAkeIdjsd40+e2+4UMr7WUSu9MsLQewZXh7x78X/HX2JZhaZEiH/w==$kv2xbN8DDqdwXhG9PDbryw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0F%2BTMj6AiZPrtAdo8%2FBBoElrzGVvpkVt4pfEJITdl5XjxV4A6PnSiPmExvBuT01%2FKMrEYKnksxo0e%2BlvLSQ5tf8mM%2FyBvEm%2BpB33GLzeBFuZesID6LYFNW7DA4tQ1%2F2Fi%2FhY6oYi2GTTrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87f1eea27e35569c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1ee9f9f405689/f5b98db68439189 | 188.114.96.1 | | 12 kB |
URL obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1ee9f9f405689/f5b98db68439189 IP188.114.96.1:0
File typeASCII text, with very long lines (16380), with no line terminators Hash631a04e292d9b54836d46d75c4318511 456d39dc4d811c109937ce649f5c216897fd8867 c65e7a6207072def0b65b99cb02c5b3f9a258113fafc8ca5fb580d7f2dd1bef1
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1ee9f9f405689/f5b98db68439189 HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://obsceneclassyjuwks.shop/api8J/
Content-type: application/x-www-form-urlencoded
CF-Challenge: f5b98db68439189
Content-Length: 1882
Origin: http://obsceneclassyjuwks.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=f5b98db68439189
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 15:58:28 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 4Tyeh2JhazM6f2cZGF10KD1gNvqcKnyn98/WIN6bYh53a8xpdRKh9VXZE7wa500l$ubsIsofdTTg8sbSKxIyaBQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EC5fYTZa8jFT1PQa9%2FvkGGB%2BN4DYyepPSMoK9v50MuK%2B9iRJCDJt30vFoR92jbTW3bsI1DoMDs4j12MAasEW0xippWsW739LsPGZJY2K%2Fz4GmNinmY12dMqhavu5VnQB6Mt5sRKmBhZSJg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87f1eea38cf0568d-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lct69/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lct69/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hashf4df2b5c1e30e430b4835a32bf0a8cc1 21f0c6cb91d7a7fc50ebf2c065ce2daea373ae5f debbe20f531df26e87f4ce7fab370fe396d52908209a455f0aa24e5c458f0871
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lct69/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 15:58:28 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
cross-origin-embedder-policy: require-corp
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-opener-policy: same-origin
referrer-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 87f1eea4ad820b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87f1eea4ad820b3d/1714924709059/sxJ-A1wlwKalDOn | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87f1eea4ad820b3d/1714924709059/sxJ-A1wlwKalDOn IP104.17.2.184:0
File typePNG image data, 57 x 80, 8-bit/color RGB, non-interlaced Hash03a4424c4ffb515bd3a8a0a3340e616b 9255763e8aafd17422fa16289f2f8e95e6dad592 a626ea95ae9e776797fd9ff05a4482d231534919ba1224b721f5a6b09b693ab0
GET /cdn-cgi/challenge-platform/h/g/i/87f1eea4ad820b3d/1714924709059/sxJ-A1wlwKalDOn HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lct69/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 15:58:31 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87f1eeb86ed30b3d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eea4ad820b3d/260cd34111cea94 | 104.17.2.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eea4ad820b3d/260cd34111cea94 IP104.17.2.184:0
File typeASCII text, with very long lines (22304), with no line terminators Hashcd2e72edf15ebfb0e1218bc40e4032cf 628847bd54ded8d58b0e836520d024226496641c 3b8b9724999968d06c5518398ba62f71ad0a7c17370bdb4e133e5c4fab3ac996
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eea4ad820b3d/260cd34111cea94 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lct69/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 260cd34111cea94
Content-Length: 27341
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 15:58:33 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Xww/ADl7X1MeQOXM03pnCBeVV5OHtyrQbbEDKG6zMzReqNSC4DS5aSTe38Qtg6ZA$6+UxA9p8wu61TunnrWuDIQ==
vary: accept-encoding
server: cloudflare
cf-ray: 87f1eec12df40b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1ee9f9f405689/f5b98db68439189 | 188.114.96.1 | | 1.8 kB |
URL obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1ee9f9f405689/f5b98db68439189 IP188.114.96.1:0
File typeASCII text, with very long lines (2328), with no line terminators Hash80b311b02775207189e090b85c61d0d4 c104c8431bcd7a9bf7510c86566bf491a6aad6f8 5003f3a8f00fbddb8ea8f25baea8d21c5d7c86c2bb4706fd1ef15e7f05b38fc3
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1ee9f9f405689/f5b98db68439189 HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://obsceneclassyjuwks.shop/api8J/
Content-type: application/x-www-form-urlencoded
CF-Challenge: f5b98db68439189
Content-Length: 2558
Origin: http://obsceneclassyjuwks.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=f5b98db68439189
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 15:58:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: EBLzkJhYWEvcO9VeBc5kVKS4Y3K/2osd5KX5d07rzpLvGGr1gB90YyH8JlcTpeI9xQpjYK9WwyLdr4T1PkdLXgadCcm4wkeD2ldN+81+qkc=$QiH+JLpNyaWISOGj+V+59w==
cf-chl-out-s: smh/1logCH8OtHcancEybA==$EfJkuUAA84pb5mo6zW639g==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jpvkjbw8sfczOKLI51xkZN4McWeYLxKetdosDkkFWM0lu9D6qvAMK47gP6BND50YsTMmMQbR1Y2%2BqfDk8LqLYJyRaH5d2t8DFAhS0ryENpVBndaLYQV0aBzc3Gzxzxn8YlKibZ9C6NOyAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87f1eee24c9f568d-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eea4ad820b3d/260cd34111cea94 | 104.17.2.184 | | 8.7 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eea4ad820b3d/260cd34111cea94 IP104.17.2.184:0
File typeASCII text, with very long lines (960), with no line terminators Hashc757b6ee2dbf01bf234c578f890b8672 158141da86a48965503918f6f7795d3236360dd6 9fe013926bb22f757c88cc29d9dbf916b50d334d37e159d6d6668998d79adab2
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eea4ad820b3d/260cd34111cea94 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lct69/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 260cd34111cea94
Content-Length: 40113
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 15:58:38 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: 5fnS/sMznWEf9srgdhL1Sw==$UH3kcANxH24WZKqyHFI7xw==
cf-chl-out: BTkLQG0HLkji0SG30kJuERwsn7wd92dTPBwyd37WODjDm/Co6Ff+wdE3xzAICplue6q2Xx7fDbgXgaYLYwkIoBHuWB5oLx9O91cO21yecAI=$5VwZ4STI/9+fV6/8p939kg==
vary: accept-encoding
server: cloudflare
cf-ray: 87f1eee1bfba0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| obsceneclassyjuwks.shop/api8J/ | 188.114.96.1 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1obsceneclassyjuwks.shop/api8J/ IP188.114.96.1:80
File typeHTML document, ASCII text, with very long lines (14447), with no line terminators Hashae2b77648b6519e5d0d669281ecb89c1 a714292b0456a37a88e4076e4330127c4b82999f 8abc2261c5a79917ae7d5adda5fddab1b7afb50a96de3970351719aea0d0fd32
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /api8J/ HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=f5b98db68439189; cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sun, 05 May 2024 15:58:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: oOdj2Pj8S4MMF2c/3y+MHIeBHBR56TQyXB8sDI2Uannm6hZzY8XCIIXE0L8C0LIHQiPVV3f1o8NA5YZThumURyJ21xFyM65XyH25nxcl7fWRU1+F3BL1p3/imrQCTJAq4uemRoZALq7rwINdfdq4jg==$qWv/ZVx/75yZAcgNsHi0Cw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLfE%2B36amq6JzE4mO3lGbVP9%2FR6dBqFlNrHrjrGOpeotL09nuxv4sGDgCnN20KTWf728lnneQpPfRt2M6%2FrjcWuVSejyb%2Fz%2FCa%2BHSPQYM%2BVipYy6b%2B20CwWc6kNbY6Q%2FXVOrNZSrlRz%2B%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87f1eeef2d37568d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87f1eeef2d37568d | 188.114.96.1 | 200 OK | 112 kB |
URL GET HTTP/1.1obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87f1eeef2d37568d IP188.114.96.1:80
Requested byhttp://obsceneclassyjuwks.shop/api8J/
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (111871 bytes) Hash3fa29ba55996ef7694981e421e70241c 70e79637b4ac5744fef5f41e7abb3a220db5e4f9 5d6f5c71d9416066aeda66318cc3dd65becb387f1108ea87c27dcfd552bc44a6
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87f1eeef2d37568d HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://obsceneclassyjuwks.shop/api8J/?__cf_chl_rt_tk=eBRuog0jUaShojdK4tBzxXPaIDQKjgUMswA30NiC5WI-1714924720-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=f5b98db68439189; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 15:58:40 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jpccC3GWjN7%2B4QqkVErBpLU9J2xnxv0yZzz5SY0%2BSylHWp2TWJWIiNteejtcK5j%2FiCw3afCgNRFhEmCmSIc8pOhU1kFsSuVfGN41BLRvNWI0Xu6JgmAPQWYL%2BKXEOqTWa0Bp52ngopu19g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87f1eeefb99256c7-OSL
alt-svc: h2=":443"; ma=60
|
|
| obsceneclassyjuwks.shop/favicon.ico | 188.114.96.1 | 403 Forbidden | 6.0 kB |
URL GET HTTP/1.1obsceneclassyjuwks.shop/favicon.ico IP188.114.96.1:80
Requested byhttp://obsceneclassyjuwks.shop/api8J/
File typeHTML document, ASCII text, with very long lines (14527), with no line terminators Hash49698f9c7990058e5c8836e2573b6854 264a187b1d4f4585853280fb1c523f03286b61d9 e762011046c2e1626fc716b260442502049419e62fa032ca90cdc6c8ddfe5add
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://obsceneclassyjuwks.shop/api8J/?__cf_chl_rt_tk=eBRuog0jUaShojdK4tBzxXPaIDQKjgUMswA30NiC5WI-1714924720-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=f5b98db68439189; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sun, 05 May 2024 15:58:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: goK+AP9PY4X4Pp1Ch8+D+u8jPEhr8SsgT1HLrUiCrVPnNeha6Q7iD2p8q9n/o3BDerdXqsCCOdckPve3+mP3DZUX9QdkUqXdIJZvHbLwMFcjYfzUIVeuTJg+7VrWW9W5Lkp7qLT5eID2qqmTCOzAYg==$drW2llAjTdMNjcnFYqIA4w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fNgni40Q%2B7gRcbMPmxHa06gg0RozQu9DcossaU1FUhmAmlqRogatL0h8NRF1ZsX8EQUgIgz6FaaGTuWQ9TjxyFYeXfJIaqxh6zTpPXP%2FYNpxizbGlAYWHh1dmFYNVC7LjxjHyi4Io6QwMA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87f1eef01a1c56c7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| obsceneclassyjuwks.shop/favicon.ico | 188.114.96.1 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1obsceneclassyjuwks.shop/favicon.ico IP188.114.96.1:80
Requested byhttp://obsceneclassyjuwks.shop/api8J/
File typeHTML document, ASCII text, with very long lines (14442), with no line terminators Hash1ab8ef2c5c8d45fca987e3ab7078ec17 fea02fdf28de40a3eba694be716578dccd7cd51c f534068befc1f52c73b1b1745795e3a9960f64998f90ab7ebf117fffe1dad897
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://obsceneclassyjuwks.shop/api8J/
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=8c5271bd2c53895; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sun, 05 May 2024 15:58:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: WztOlKgzNRuEtdt5LLYQCsZmqNo/wTLXx3oSeSDUHmnJ2ConlT5NTWre37DnH3+FUBZl8askzYD+sYoiGlhAkgwVmn8Xi3oV0I8MMc9imlDeBtXXiax+OMq4cG1gmECsjiWScL80unVdxsFZ9UxbBQ==$7QWn34tva1+Zq/rsxQIW5w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ScwFJPHadDmyCRgL1kWePpPGxGB%2Bl4ZYXh%2F3ai%2By0zdTw71XW28TMgpQdn6NlWqqjcoTTc3HhVGyC2COz1D1gU%2B7Y0i1XnjA9iKb9qUbO5dFOor%2BaoMLZBaIRWIwqQP1c1lDpS0zrrFoLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87f1eef0888356c5-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1eeef2d37568d/8c5271bd2c53895 | 188.114.96.1 | 200 OK | 12 kB |
URL POST HTTP/1.1obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1eeef2d37568d/8c5271bd2c53895 IP188.114.96.1:80
Requested byhttp://obsceneclassyjuwks.shop/api8J/
File typeASCII text, with very long lines (16400), with no line terminators Hashc8b7c27a2122c3654f2fbe43061272af d63b2c39e85f040e9fb08c7bfd6f4fcbfbc96267 1f0587bc2ce1316e2a3b6e87b4a3160cfe3af25ab5542896cb1bd8b2ff683a25
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1eeef2d37568d/8c5271bd2c53895 HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://obsceneclassyjuwks.shop/api8J/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8c5271bd2c53895
Content-Length: 1873
Origin: http://obsceneclassyjuwks.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=8c5271bd2c53895; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 15:58:40 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 90hd3wiIcjMrYITwu/2x8Y01oWcY168r3j9UPwAG6o1BYVoDhiFedtzmy9cmo/op$Q/wtyO4TqAOAW8s6NXCKOA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gy9tNRiuISKTwV3HSThVUQXMKBdgLDb%2FddhCmCD7PDXvWnf5MZQTcpg582ToQnVSY16QcpxYym90AbnLbl5DK0UQhH4AuHCGUuBDRpZtNZtLFpE23qEofNeZvmIrP787vaTpu0jfX9mGiA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87f1eef15adb56c9-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit | 104.17.2.184 | 200 OK | 24 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit IP104.17.2.184:443
Requested byhttp://obsceneclassyjuwks.shop/api8J/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hash65b0a652c40c95d12c4ddb3b4567c1ea c654efa19d01d6553ed4e0f500d350011e023ad1 c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7
GET /turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://obsceneclassyjuwks.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 15:58:40 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800, public
etag: "3010735:a646:662910b6:0"
accept-ranges: bytes
vary: accept-encoding
content-encoding: br
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 87f1eef0aba50b3d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | 200 OK | 26 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:443
Requested byhttp://obsceneclassyjuwks.shop/api8J/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hash00be88d0631b797fc417a5871f93db82 e1f10b97ec2fd77f717da3b9b727fc7066a22a49 1f4f088e2d274e8a400693d4bfda1974bd956c7ef51396363d43b6a0cf1c368e
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 15:58:41 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
document-policy: js-profiling
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
vary: accept-encoding
server: cloudflare
cf-ray: 87f1eef23d160b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87f1eef23d160b3d/1714924721444/Ag9513mAuiibTB2 | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87f1eef23d160b3d/1714924721444/Ag9513mAuiibTB2 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 37 x 32, 8-bit/color RGB, non-interlaced Hash5cea261d443ef212ebc4674367a2f411 f466f0cee6ffdec66dea22efc9ad5722a34ed33a 5bbc18a24564032b459801710f653909a958e9832776ce15b1ab064c54ef916f
GET /cdn-cgi/challenge-platform/h/g/i/87f1eef23d160b3d/1714924721444/Ag9513mAuiibTB2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 15:58:45 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87f1ef0f9f850b3d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1eeef2d37568d/8c5271bd2c53895 | 188.114.96.1 | 200 OK | 1.8 kB |
URL POST HTTP/1.1obsceneclassyjuwks.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1eeef2d37568d/8c5271bd2c53895 IP188.114.96.1:80
Requested byhttp://obsceneclassyjuwks.shop/api8J/
File typeASCII text, with very long lines (2328), with no line terminators Hash276405c9db6895d2aafc4d03ac61ddef f1c2cfcf2fb7a5b0c4fd107405f82705f9d17e24 7d9f667bd74f02df3d5880e0e026e93def46530cd5a0553442f55b0464c62990
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/64246790:1714923034:6yPkS4ea1Oyy0ByR7DNuWMEmKSizxvgq_wRR6rkZ-Co/87f1eeef2d37568d/8c5271bd2c53895 HTTP/1.1
Host: obsceneclassyjuwks.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://obsceneclassyjuwks.shop/api8J/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8c5271bd2c53895
Content-Length: 2552
Origin: http://obsceneclassyjuwks.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=8c5271bd2c53895; cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 15:58:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: ykEsLV3rmmKjLP1xBS1mnzx0R3s/ZLFcQP1nZiSYCoE1De6cJGdyGx0Zz0CVetsFfihmsQQV2GBGoVi1DdVNyhx/a3Ea2GtPsfV2uh3QNns=$3kv5BMpCJq5AndFxhEr3rw==
cf-chl-out-s: QBw/1IYzKopGSvHcMJrGXg==$0oA1IuhOtXilgfRM0H7SDQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4Pq1P9ujllJ6OHeAir5l0ghf7xLxlrSFJmPXSF4nVru%2B0WyjIXsLoB86J%2FmGv3f1ys1jVzSAzIr2QAbdbrGkdlKzu4KAiy7%2FKZ5%2F06ONxqCl38Jh2smeWX7pkS5DMwtRmT5ACS7J%2BUWlg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87f1ef3e8da656c9-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eef23d160b3d/8877ad832604e8f | 104.17.2.184 | 200 OK | 22 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eef23d160b3d/8877ad832604e8f IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22296), with no line terminators Hash7b038a5c4091f9f4bfc8a61c00edc95d b4e5366f534be64a830f865ed7cf86f5a5f0d049 c7ebf5907d02881252b5e579ac4ff25e2475f7e763f8a6d64da7d29b3651ff07
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eef23d160b3d/8877ad832604e8f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8877ad832604e8f
Content-Length: 28066
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 15:58:45 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Bck0bYbH6jdLGL3eRXORVrngl98yImzghZnw+PagH1d2uqebcuYR3C07d0x5zyKK$oRm9LJDAN/gEYNc6NNsLNg==
vary: accept-encoding
server: cloudflare
cf-ray: 87f1ef1128e60b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 15:58:41 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87f1eef2dda90b3d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eef23d160b3d/8877ad832604e8f | 104.17.2.184 | 200 OK | 132 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eef23d160b3d/8877ad832604e8f IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size132 kB (132488 bytes) Hashf8ae2e6a8cc9eefe229235093090cdae 955c313d0996867c57e8e35527a5173518766723 76a25c06673d20daebccc2dd709484e9c0cbe504e4ad05d3244c079ec8f51212
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1975162854:1714923257:5ZaqSM_F24JO32EPuAieI08o59AYuZFTruV8WCQz19A/87f1eef23d160b3d/8877ad832604e8f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8877ad832604e8f
Content-Length: 3491
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 15:58:41 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: fbHk/pTVNBCXlLISktHVxj2d1vQ9fFLas0QjAFl9nSlYZW5aZf2yljks8bosfDOCzALKMNfY4JhCWcWQwgoSIPEN/3p1Lh3jJ89YWj9F+l8nx9iQzJ5kAkWrz7zUq/uyxBsqlCnJz0+QheHmB2Hv5AqxP6Sd4EdBjGQnWvyB7kVJgevyw+J6Oc2V4MErWy/J4baJMxOieh+3Dvo6yT9Kv6ck9/WrtbKYczloOy3ZhYbUPmS4WPzvLlE08rFJyYJJly1H0SHHrcIV0L/5nZD72j7JtpTH1qE/RBWKMbRytj1dLneS6xAHT7ZgE5zrXvnaO61uIXfxUo/p8YZ4LBf6QljV4HaPICVx7EfiyBY4/Xwr3M8jbg9A1vh2VgsDjUK4eK1rTpSBH14J3F6v+zDMZMK4z6jGD/CNXCwdrOUwcfGm06pdkW4/NlEJY1pYOuh1tecpOnMG6ePJ2CCfm5wLdDMCewo6BuyKJiCR+eMA5+s=$eWu7dR2uUVnr6hNYB8gETg==
vary: accept-encoding
server: cloudflare
cf-ray: 87f1eef4efa40b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87f1eef23d160b3d | 104.17.2.184 | 200 OK | 428 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87f1eef23d160b3d IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size428 kB (427524 bytes) Hash795c8b1f5768fb00547bb8d9874acb14 ccab179ca8c0ab19b0dd0966d5102f0261137931 564759f4653d20384fcf20d1e21c3cc6642a7a44138ede2e2d92cefbd38f96be
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87f1eef23d160b3d HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2nz65/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 15:58:41 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 87f1eef2ddad0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|