| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1394715761:1745392222:R2bdeI8YFp9Th0WIRERWV442qHS2XJeJNGCA2-0xGm4/934bcea99ea2b505/2APu3_OgOBTgqhcmzjSB7f7Os1mr0wcwqsorz0Nh0EA-1745395017-1.1.1.1-emFnVB8peH5XmRk_9evPnwKMilGJkKH16D0cVnKmVkEcJGIFFYfmF2.koyx2bRA8 |  104.18.94.41 | 200 OK | 28 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1394715761:1745392222:R2bdeI8YFp9Th0WIRERWV442qHS2XJeJNGCA2-0xGm4/934bcea99ea2b505/2APu3_OgOBTgqhcmzjSB7f7Os1mr0wcwqsorz0Nh0EA-1745395017-1.1.1.1-emFnVB8peH5XmRk_9evPnwKMilGJkKH16D0cVnKmVkEcJGIFFYfmF2.koyx2bRA8 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (28184), with no line terminators Hash5ec07533584cff017a0f8f979f13c6b4 72c817748655c447d191b039c9245e86d3aa73d9 5f0b4645bbf67b2aae3374fb970ad3f2a3533c0197931a6a26f157215be75f06
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1394715761:1745392222:R2bdeI8YFp9Th0WIRERWV442qHS2XJeJNGCA2-0xGm4/934bcea99ea2b505/2APu3_OgOBTgqhcmzjSB7f7Os1mr0wcwqsorz0Nh0EA-1745395017-1.1.1.1-emFnVB8peH5XmRk_9evPnwKMilGJkKH16D0cVnKmVkEcJGIFFYfmF2.koyx2bRA8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
cf-chl: 2APu3_OgOBTgqhcmzjSB7f7Os1mr0wcwqsorz0Nh0EA-1745395017-1.1.1.1-emFnVB8peH5XmRk_9evPnwKMilGJkKH16D0cVnKmVkEcJGIFFYfmF2.koyx2bRA8
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 33853
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Apr 2025 07:57:06 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: SonUhSwLSgDn26lebxUwYDiBNkFHj68WN5XtGzLjb47WqF6z8Psy6wYlreQHMz6x$IYrk1mDRSWCScPBO+PJXcw==
priority: u=3,i=?0
server: cloudflare
cf-ray: 934bcee418b0b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| lurekaped.ragaz.co.za/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=934bcea22a19b4f9 | 104.21.47.157 | 200 OK | 104 kB |
URL GET lurekaped.ragaz.co.za/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=934bcea22a19b4f9 IP104.21.47.157:80
Requested byhttp://lurekaped.ragaz.co.za/
File typeASCII text, with very long lines (65536), with no line terminators Size104 kB (104293 bytes) Hash77ab80d0fab942ab62dc53811da4c079 a165e3e4b2aa422e37aba9c03124a0a2bb72eeff 593ff228f1fcf912f05fe9dc600b20e1fdbfc7a05f9cc177efc9eb64fc3afd94
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=934bcea22a19b4f9 HTTP/1.1
Host: lurekaped.ragaz.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lurekaped.ragaz.co.za/?__cf_chl_rt_tk=VawiRVtoouL9RkfAHwskOHvetr9zpOwkRE0S1EXsjas-1745395016-1.0.1.1-tHjhCP9GGRJlHrpl7RBqySNiCuJ7RVbmkFLr049P1sA
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Apr 2025 07:56:56 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7y0GazZbxPUATu1%2F8as4aM978tmSZQhJ3DFBmb%2F3h0%2FCJ3G8YjDgT4S15IdRcM4b72haWvdRft6kKtN9NKTyhfBnOrIvH%2FWLgMMdg%2FfzgdMj7Jxp%2BGwtTrOq7bYdvWBQ5zsAszKdZc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 934bcea58ad7b4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=445&min_rtt=445&rtt_var=222&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=531&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| challenges.cloudflare.com/turnstile/v0/g/44e6f86df4dc/api.js?onload=boSsq5&render=explicit | 104.18.94.41 | 200 OK | 48 kB |
URL GET challenges.cloudflare.com/turnstile/v0/g/44e6f86df4dc/api.js?onload=boSsq5&render=explicit IP104.18.94.41:443
Requested byhttp://lurekaped.ragaz.co.za/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeJavaScript source, ASCII text, with very long lines (48122) Hash3ed4ab6463fdabe2783a7a7828e94177 c80f67f86421dd2c071d5abc70337877db648266 91ce8bcef253fa49b7bbec10fa3c456261336414caa9da52e94988b6a44d1780
GET /turnstile/v0/g/44e6f86df4dc/api.js?onload=boSsq5&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lurekaped.ragaz.co.za
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Apr 2025 07:56:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Apr 2025 10:23:44 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 934bcea69a8e0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ | 104.18.94.41 | 200 OK | 28 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ IP104.18.94.41:443
Requested byhttp://lurekaped.ragaz.co.za/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeHTML document, ASCII text, with very long lines (22054) Hash807da84bfc809d862ece4654242e50dd 2f9efeaf86f6e14d1969c636a25d45dcfe393483 376e8e127bdacf285f796c9f0550586b416d47073bb0953ab186ab784dcecc4b
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Apr 2025 07:56:57 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-q3hnkFMCaQr7o69i' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 934bcea99ea2b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=934bcea99ea2b505&lang=auto | 104.18.94.41 | 200 OK | 112 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=934bcea99ea2b505&lang=auto IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size112 kB (112237 bytes) Hash6d8edb8d2ac83eaf6e92156030e57c92 7ca17f68e16a9db9e16dad21cde61dfba9990ec2 2dfb14a91d7a9af4baf3878d5262d4ba594ce6671aeb823ceb5e470cf664d08d
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=934bcea99ea2b505&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Apr 2025 07:56:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 934bceaaf872b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 | 104.18.94.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Apr 2025 07:56:57 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
priority: u=4,i=?0
server: cloudflare
cf-ray: 934bceaaf865b505-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1394715761:1745392222:R2bdeI8YFp9Th0WIRERWV442qHS2XJeJNGCA2-0xGm4/934bcea99ea2b505/2APu3_OgOBTgqhcmzjSB7f7Os1mr0wcwqsorz0Nh0EA-1745395017-1.1.1.1-emFnVB8peH5XmRk_9evPnwKMilGJkKH16D0cVnKmVkEcJGIFFYfmF2.koyx2bRA8 | 104.18.94.41 | 200 OK | 227 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1394715761:1745392222:R2bdeI8YFp9Th0WIRERWV442qHS2XJeJNGCA2-0xGm4/934bcea99ea2b505/2APu3_OgOBTgqhcmzjSB7f7Os1mr0wcwqsorz0Nh0EA-1745395017-1.1.1.1-emFnVB8peH5XmRk_9evPnwKMilGJkKH16D0cVnKmVkEcJGIFFYfmF2.koyx2bRA8 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size227 kB (227276 bytes) Hashc6f376b1fb4842577f645c9b6eca1a37 ea9492ced2afb81c2ec57dc2eb7d150a62c918cd bac680da12f9dadc3ac4688f41d1a0d479391a883518308c0f6b596f65cb2a7c
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1394715761:1745392222:R2bdeI8YFp9Th0WIRERWV442qHS2XJeJNGCA2-0xGm4/934bcea99ea2b505/2APu3_OgOBTgqhcmzjSB7f7Os1mr0wcwqsorz0Nh0EA-1745395017-1.1.1.1-emFnVB8peH5XmRk_9evPnwKMilGJkKH16D0cVnKmVkEcJGIFFYfmF2.koyx2bRA8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
cf-chl: 2APu3_OgOBTgqhcmzjSB7f7Os1mr0wcwqsorz0Nh0EA-1745395017-1.1.1.1-emFnVB8peH5XmRk_9evPnwKMilGJkKH16D0cVnKmVkEcJGIFFYfmF2.koyx2bRA8
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3758
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Apr 2025 07:56:58 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: nC2YHIO1P1CzriqNb5gaH3kZfN1cB45xuyIaCBCmwt1Ty+NmTVq6Hy3Aq37gBzr0gbk+7csMgC5ljCLTNlu98CeLs76RrXpwgoQRGzL8lrenWTx09PN1ZSAaexhE8RQLRlT28qGK2epmK5O4RoKtPSpN+WzOLBpqElTJfP9okYo7a45HtyT5Fx4M5apSgnd+n+YCvJN0uwWRzwRpRfFRkjIAqWwbXC/9cPIGk3nRbjpB+Z8kFH5ves1g4nv14AshxdH488wwN9eOB74RidpjzVGkwzE1SX/VtWohblZi0GKyNuXVeSu+/kYb1guBCooqlkMEux2lybzEKOqwr0xWdaOg2z+BUuDUi5g0Vkh5ev4QMnapDNmGQl3QsHl1T4BZm1GXUE4+4+V24dzvzOvY2yUmbnaL5Hn/pvGKKVzqh55rXg0OnFntE0CHwMVnym9BHM3tOv7PTSNFF9uHWMEoibutX+47nwLzDTqFcMJtZi+gNrU4ErW8/J/qqbVv9XxQdWTmZuQ9NOUQqd2tIJaATNJ1UbUVH53yOONGMR7piwXXvKsAJTDQHqp1dyACwVMQoQoSTB5Glfy/PqNkNnOefjCG+ETXjCg+0dfx88hMYoVI0qKaS3HE4374KNEWnl+hcfhLpPD04iFhejwJD6R98CubPq73ahEPCc3KR50hmCk1XRtKJUcbDe2rWbkCVG8cfDdb33Sq6f1llJ9Rn5SvYfEfWf5BnvbNF8BMommp5bi8QwX0YHB5a1BrXVthd5CbdEsRFPGEn6QND/u0lv/CZg==$HPTToB+Col+Av3/+ZB+73A==
priority: u=3,i=?0
server: cloudflare
cf-ray: 934bceae4cf5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/934bcea99ea2b505/1745395018003/IaBwVcJ8oQGAell | 104.18.94.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/934bcea99ea2b505/1745395018003/IaBwVcJ8oQGAell IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typePNG image data, 98 x 77, 8-bit/color RGB, non-interlaced Hash0c5d96eb35fbfe08ef8f7cd5b610d743 3114c628e7d03a1a38b98e0432d255a29bed1448 a8f9391577fbc5c15fa501939e772e4bbc9337a67113902f052073b62dd6b428
GET /cdn-cgi/challenge-platform/h/g/d/934bcea99ea2b505/1745395018003/IaBwVcJ8oQGAell HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/a0sc9/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Apr 2025 07:57:02 GMT
content-type: image/png
content-length: 61
priority: u=4,i=?0
server: cloudflare
cf-ray: 934bcecaca26b505-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| | 104.21.47.157 | 403 Forbidden | 7.2 kB |
IP104.21.47.157:443
CertificateIssuerGoogle Trust Services Subjectragaz.co.za Fingerprint90:45:6A:3A:55:22:17:FB:B8:F9:7B:21:35:67:3B:D5:E4:10:48:47 ValiditySun, 23 Mar 2025 01:48:58 GMT - Sat, 21 Jun 2025 02:47:28 GMT
File typeHTML document, ASCII text, with very long lines (7167), with no line terminators Hash665d5ec28c3763fb287af62a67f914bd c72ae67ac532dfaa14352e7dd14f149e99cce740 f06e8e3da5698323b5e71434fa7f6ba929c64b5d18a37a379963a86f6594c7c8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: lurekaped.ragaz.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Wed, 23 Apr 2025 07:56:55 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 934bcea03d12b50b-OSL
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAymECVTDpSqhuJ66Vo%2BLtM40p3CNvz3l0IuqdbL0MFf58ioaHBGwtTeuhcfJhwM%2B5jeF%2FxtdHEuMHyb94jQMro5x1UGlCDGHW7PTNUGDnKIczOXhyAscPDqJ6VcgCz7dg1TMe6Y3tM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: chlray;desc="934bcea03d12b50b", cfL4;desc="?proto=TCP&rtt=613&min_rtt=588&rtt_var=131&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3202&recv_bytes=1130&delivery_rate=6734883&cwnd=253&unsent_bytes=0&cid=eed50c98991c746f&ts=58&x=0"
X-Firefox-Spdy: h2
|
|
| | 172.67.148.223 | 403 Forbidden | 5.4 kB |
IP172.67.148.223:80
File typeHTML document, ASCII text, with very long lines (5375), with no line terminators Hash3bb284e8f308df2724290b64e6939295 47ceddf8a7ee32926b98a6b09eb1ee4edaa89c61 df4d144d5e91bb39d30b3361c351aeb0d667676da9e043cf8723580559278971
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: lurekaped.ragaz.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 23 Apr 2025 07:56:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lAQv%2F%2F9spqKZafN1ifs0xyMGw00jq%2BTIta%2BW43WAPromCTHVMF6RX2pix7eocoUL%2F1iMfjoCZB2xBZxT1opeDxCoakbpXM%2F1ci2mr6xar5eZS2AdDYCWIUBm9j53dpqmOqI8DbXrMq4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 934bcea22a19b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="934bcea22a19b4f9", cfL4;desc="?proto=TCP&rtt=520&min_rtt=520&rtt_var=260&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=406&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| lurekaped.ragaz.co.za/favicon.ico | 104.21.47.157 | 403 Forbidden | 5.6 kB |
URL GET lurekaped.ragaz.co.za/favicon.ico IP104.21.47.157:80
Requested byhttp://lurekaped.ragaz.co.za/
File typeHTML document, ASCII text, with very long lines (5557), with no line terminators Hash4be2b6033b8a2ba3a75d672120c33e02 10fc477be8b48da48cddb7e60d9b0f01e301a6be a73654a4ae0c213330a66ce757a4cc8aba34f5a3624ae1f5ab118e1fb7ad7136
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: lurekaped.ragaz.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lurekaped.ragaz.co.za/?__cf_chl_rt_tk=VawiRVtoouL9RkfAHwskOHvetr9zpOwkRE0S1EXsjas-1745395016-1.0.1.1-tHjhCP9GGRJlHrpl7RBqySNiCuJ7RVbmkFLr049P1sA
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 23 Apr 2025 07:56:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9VqH0coE534FnIHSHK737Zc8u5Irvqb2QKQ9dkXczBc0UPXZpKJDmSKseluvRLMohvHH9SYNP4L33mSoBzdddZnPxJJFhFPlys%2BPJNlvoTSHG%2FYVg3cBZcGRYe4va2UZF23MbNVtFiE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 934bcea5cb46b4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="934bcea5cb46b4ed", cfL4;desc="?proto=TCP&rtt=747&min_rtt=445&rtt_var=389&sent=32&recv=23&lost=0&retrans=0&sent_bytes=39957&recv_bytes=1020&delivery_rate=20597439&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| lurekaped.ragaz.co.za/favicon.ico | 104.21.47.157 | 403 Forbidden | 5.4 kB |
URL GET lurekaped.ragaz.co.za/favicon.ico IP104.21.47.157:80
Requested byhttp://lurekaped.ragaz.co.za/
File typeHTML document, ASCII text, with very long lines (5429), with no line terminators Hashcc168aa0e3965bd039b278c42e249912 f978b4183570ab73bbefb023189c98ed67556c3b 8815d2fc866ef6b013faefb969eb1e052e5cae0861551027e5fa5ae12f97c376
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: lurekaped.ragaz.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lurekaped.ragaz.co.za/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 23 Apr 2025 07:56:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i9K%2FYTteINv5PqmNPYzQQyDUhphxNO0L6ruXbZwp2PGmBtX3jRNdGxjgPCEbzXoXhPTJ1sFI4uVD8ldISRVVzgmTfSmfMx0yKvNJvG0r%2FPgAKyF8HVtYOrRqyEHEFGRUK9VBcxOa1PE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 934bcea66d6b1c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="934bcea66d6b1c02", cfL4;desc="?proto=TCP&rtt=425&min_rtt=425&rtt_var=212&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=367&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| lurekaped.ragaz.co.za/cdn-cgi/challenge-platform/h/g/flow/ov1/935870399:1745392295:Qc5ysP7UhiS36sckHZxHwczs-TwQr9-aXy9rJ-da0HY/934bcea22a19b4f9/6IHf9FFygglZfRErZllvJcDOLYa8SfhLs09f.9s02Tw-1745395016-1.2.1.1-FcfSarBy9bNGq1.5f2QzDZuhHplcGmWO7TqcGQnxUeV.u87qBIzAlhuR11dr4Nld | 104.21.47.157 | 200 OK | 17 kB |
URL POST lurekaped.ragaz.co.za/cdn-cgi/challenge-platform/h/g/flow/ov1/935870399:1745392295:Qc5ysP7UhiS36sckHZxHwczs-TwQr9-aXy9rJ-da0HY/934bcea22a19b4f9/6IHf9FFygglZfRErZllvJcDOLYa8SfhLs09f.9s02Tw-1745395016-1.2.1.1-FcfSarBy9bNGq1.5f2QzDZuhHplcGmWO7TqcGQnxUeV.u87qBIzAlhuR11dr4Nld IP104.21.47.157:80
Requested byhttp://lurekaped.ragaz.co.za/
File typeASCII text, with very long lines (17036), with no line terminators Hashef93a8fdd176eb03d51b15927254db3d 54b7a867a788deed14a60ac677c202705f14be54 f396fa58c20e01b9bbe899e1a126fbd21bd89a780a2fa477b4679b260c43b159
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/935870399:1745392295:Qc5ysP7UhiS36sckHZxHwczs-TwQr9-aXy9rJ-da0HY/934bcea22a19b4f9/6IHf9FFygglZfRErZllvJcDOLYa8SfhLs09f.9s02Tw-1745395016-1.2.1.1-FcfSarBy9bNGq1.5f2QzDZuhHplcGmWO7TqcGQnxUeV.u87qBIzAlhuR11dr4Nld HTTP/1.1
Host: lurekaped.ragaz.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lurekaped.ragaz.co.za/
cf-chl: 6IHf9FFygglZfRErZllvJcDOLYa8SfhLs09f.9s02Tw-1745395016-1.2.1.1-FcfSarBy9bNGq1.5f2QzDZuhHplcGmWO7TqcGQnxUeV.u87qBIzAlhuR11dr4Nld
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1819
Origin: http://lurekaped.ragaz.co.za
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Apr 2025 07:56:57 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 2UMRCHHRhh3Myb2ztN0nzLYeZhw08M5ZWtQ+SJmYXf8=$hIGDOlSDMeKUyePp5AF7Og==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FS3Q7b21Vs22cjH%2FqJ%2F6v86G9kmuJL4XH2mc2sLUh7u00B6LVzUHYIPWAx66aRVgU0tbE%2Bc4SCkJ8OWWyZizC2R2Q4vF590NVCUwulHA9dwkEhswqGwJ71P%2B72Qo6Yp9djr5GuXgf4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 934bcea7fdbc56a9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=474&min_rtt=474&rtt_var=237&sent=1&recv=4&lost=0&retrans=0&sent_bytes=0&recv_bytes=2654&delivery_rate=0&cwnd=242&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
0.0.0.0