d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/
188.114.97.1403 Forbidden 3.6 kB URL User Request GET HTTP/2 d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectellissu.ru
Fingerprint47:62:A3:41:92:2C:8F:EC:54:DE:B4:E9:18:31:16:4A:48:5C:D4:21
ValidityFri, 12 May 2023 12:29:12 GMT - Thu, 10 Aug 2023 12:29:11 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1747), with CRLF, LF line terminators
Hash 945d8afab361493f5d448fa338d1341e
72b12f888fdcaac1663db52222c81f821089fbd1
54737f54067255f9f8ce11015f88a84ab97560eb9ef7fee15a22f0e8255cde7e
Analyzer Verdict Alert fortinet Phishing
GET /Mjchiasson@triparishinc.com/ HTTP/1.1
Host: d3qvh4.ellissu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 May 2023 14:49:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F33%2BzW1Q4LUuf%2F1NKsc2m9LgRc1khFd9yjVFH0NZJ76SSpVpsfAspKHXiIRDDNLaSe5wNRuLZn4O6mZcTB95tVWtU8qKZsshAt1OzG14G%2BY3XZWawajb5W9erudduk8Rei3dLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cd6d30949e4b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
d3qvh4.ellissu.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cd6d30949e4b50f
188.114.96.1200 OK 42 B URL GET HTTP/1.1 d3qvh4.ellissu.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cd6d30949e4b50f
IP 188.114.96.1:80
Requested by http://d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cd6d30949e4b50f HTTP/1.1
Host: d3qvh4.ellissu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 14:49:22 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 25 May 2023 08:39:03 GMT
ETag: "646f1ea7-2a"
Server: cloudflare
CF-RAY: 7cd6d30ae950b505-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 26 May 2023 16:49:22 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
d3qvh4.ellissu.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd6d30949e4b50f
188.114.96.1200 OK 55 kB URL GET HTTP/1.1 d3qvh4.ellissu.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd6d30949e4b50f
IP 188.114.96.1:80
Requested by http://d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/
File type ASCII text, with very long lines (65536), with no line terminators
Hash e38d5ddff979ed43e45f0ef5e5bb0831
11e0cf4908a93b4c09083dc6b3b1b5c656b81fad
4611daf006cd8f4f157ba5aa4d7bf4e75f61b04827282c024610af7718372a91
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd6d30949e4b50f HTTP/1.1
Host: d3qvh4.ellissu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/?__cf_chl_rt_tk=8ulREkzzJjGOF3x5i5tXLVnkXhTo0fssQrtimGsrAko-1685112562-0-gaNycGzNBqU
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 14:49:22 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjXDBEP%2BeaxAHiAI9LnUGvQySc43%2FmB5VVMp2mhgqaO5eoLpwNnxv13kwkQLXeyFDflmZZAihf1YEPS79Eh21vaJR1cPFmACR9qtihIdy%2BJjMW5kPXb8Q4n0lmM9YLQnwuflPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cd6d30ae94eb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
d3qvh4.ellissu.ru/favicon.ico
188.114.96.1403 Forbidden 3.6 kB URL GET HTTP/1.1 d3qvh4.ellissu.ru/favicon.ico
IP 188.114.96.1:80
Requested by http://d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1811), with CRLF, LF line terminators
Hash 41951a4171010ae294a0a7e21e8ebe88
52652e74025ba2349eca49648f917c0a8a0ab45c
b8870163e292d6dca246f4e1d66d0b280cb1e956c042c1908db049a48b5cb57c
GET /favicon.ico HTTP/1.1
Host: d3qvh4.ellissu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/?__cf_chl_rt_tk=8ulREkzzJjGOF3x5i5tXLVnkXhTo0fssQrtimGsrAko-1685112562-0-gaNycGzNBqU
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 May 2023 14:49:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adEpxVEIfC%2FdTiPSUUStDy%2BNP75xPxAQyYqdQqD%2FSe90Oll1FK6zTK1aWtm2SbUlozyhxujWYwInLunK%2BqAVgAPMfM%2FEpBXE0%2FlWfFOoTp7ts%2FpD36AXspLmDfE4H8aI8xb5pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cd6d30b2990b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 11 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:443
Requested by http://d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (15748)
Hash 2a1262ba5cd32899831d483322a28dd7
3805876db8773ed5820043e1f39b0b6c049f61b2
2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0
GET /turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://d3qvh4.ellissu.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 May 2023 14:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cd6d30b7dd0067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
d3qvh4.ellissu.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1118774366:1685110128:Yiejw4pzBr5MWlJ2Y8X5d1hbcF4MTxh0Ypz734jRFt0/7cd6d30949e4b50f/d8b7524c4fd625b
188.114.96.1200 OK 7.4 kB URL POST HTTP/1.1 d3qvh4.ellissu.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1118774366:1685110128:Yiejw4pzBr5MWlJ2Y8X5d1hbcF4MTxh0Ypz734jRFt0/7cd6d30949e4b50f/d8b7524c4fd625b
IP 188.114.96.1:80
Requested by http://d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/
File type ASCII text, with very long lines (7400), with no line terminators
Hash 28c80b8690f299c0036049ce5d042fde
1c4ab982408bffb163deb33c5a8d4e42ab15eb59
120f394336a06224ec3a4c3881b4f9ccc5ff20c45a107b220fe00d6d257241a8
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1118774366:1685110128:Yiejw4pzBr5MWlJ2Y8X5d1hbcF4MTxh0Ypz734jRFt0/7cd6d30949e4b50f/d8b7524c4fd625b HTTP/1.1
Host: d3qvh4.ellissu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/
Content-type: application/x-www-form-urlencoded
CF-Challenge: d8b7524c4fd625b
Content-Length: 1783
Origin: http://d3qvh4.ellissu.ru
DNT: 1
Connection: keep-alive
Cookie: cf_chl_2=d8b7524c4fd625b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 14:49:22 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: /silIZ3UiasycZwgBDXwOvmtbgPz+FvbOgSDcfzoFVHF1+lCMEUJghKJ1wNb68pz$JD7dqKm4lOjGC3dM9PF74w==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJEKQGmjBo%2BTanpuZ9sf61WOSvXykfr6P3KZ4MH1Fg45883VE4Z5F5xw9v8wE1nKM8EanxLS6rlS51%2Btj1%2Bi6PWRWc77dBQ7GtkFI5%2FIRVI6fDSoI50IL8qcU6iNZQhdJbYjkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cd6d30c1aa5b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/883541410:1685110177:Lpc0iM-PQnE3rSvLR2YpcwENIvj8ptcOo_caSsNGpKI/7cd6d30c5802b4fd/d8d29f16712afcc
104.18.6.185200 OK 123 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/883541410:1685110177:Lpc0iM-PQnE3rSvLR2YpcwENIvj8ptcOo_caSsNGpKI/7cd6d30c5802b4fd/d8d29f16712afcc
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/v4mro/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 123 kB (122920 bytes)
Hash 94ac9e77044e25405789ca68181999c9
d733468c8047ac5d5f4a9fb89e419223aaa8df11
667e56b54158de0370336779837c424df643b99929fcfbe5d330d94c8ea6518d
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/883541410:1685110177:Lpc0iM-PQnE3rSvLR2YpcwENIvj8ptcOo_caSsNGpKI/7cd6d30c5802b4fd/d8d29f16712afcc HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/v4mro/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: d8d29f16712afcc
Content-Length: 2744
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 14:49:23 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: OLuPxXV21fNn63Dd1xrZ4X4fGX4FW1M3kBp1dk3nMazXGz9KDdgGJAru2h0NkHMyxW+dHYgccR9eW+D+h08Pdr3Hd4lLNPKRsU5i/Wp6ckUrkGMMomRzB4fA6h+35CqTST0SRsqD33Ok/4jQuXsNgeve1DhQc8NA5zP93Wd4+o5LexMld3/h4iC9w7zXr/z43liqTSKNqIGJRJgFgKGgbPcCbgd77qqh2AmlsnsuycJOW9B37CMPbwwKGhC1DMgfIs2L2pJm/FH0XNUhkmasJMqMtkzKwBZ9Ug9tmFu2M0ZlCjgqpRlIGRqLLpzVc7iUbV2/+Xe0kvnW4byL6QJOihTzlyCLotW2GNo/Sq2qzkU0QD21Z/M5Bhmh2LZMmvVhjP0DetYlJH/UG1+QLcnEWsD6vuvqeSyaefx+MKnccRgFxB+JFBCg1SZpcllL6URd$jde8OYk2orrOyMBNJt8qgg==
server: cloudflare
cf-ray: 7cd6d30eeb4fb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cd6d30c5802b4fd/1685112563042/WzZ4oLwUNYs9M0C
104.18.6.185200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cd6d30c5802b4fd/1685112563042/WzZ4oLwUNYs9M0C
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/v4mro/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type PNG image data, 7 x 66, 8-bit/color RGB, non-interlaced\012- data
Hash 5900b6e3c75d9f83be9f810a0d7f7c38
9b8dd917be29249e092e3f7ab6fd2e54bd1d19dc
9146479073fb5495c4127b9e69990a4a32c0a005ebb347abe593119ae38dd294
GET /cdn-cgi/challenge-platform/h/b/img/7cd6d30c5802b4fd/1685112563042/WzZ4oLwUNYs9M0C HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/v4mro/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 14:49:23 GMT
content-type: image/png
server: cloudflare
cf-ray: 7cd6d3119fd3b4fd-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/v4mro/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
104.18.6.185200 OK 24 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/v4mro/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP 104.18.6.185:443
Requested by http://d3qvh4.ellissu.ru/Mjchiasson@triparishinc.com/
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10899)
Hash efbaa3e6b7047263264978028c4ca3a4
bc8cfc019828907b0082e03c24bd821c789db480
6f9dd47eecf707b29a1247df1b0b07d0ebc88dcab15f7d8ef5b02da69637dcb2
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/v4mro/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 14:49:22 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7cd6d30c5802b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd6d30c5802b4fd
104.18.6.185200 OK 162 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd6d30c5802b4fd
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/v4mro/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 162 kB (161572 bytes)
Hash e3e141321d7ae471044d3e9bad72a42b
ffa266f1331cde73c3295d972c7c404242cc370e
8ccfd220507824376ddd23a628f915496875624bf97716dbd6e2dab89b888961
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd6d30c5802b4fd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/v4mro/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 14:49:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7cd6d30da9acb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/883541410:1685110177:Lpc0iM-PQnE3rSvLR2YpcwENIvj8ptcOo_caSsNGpKI/7cd6d30c5802b4fd/d8d29f16712afcc
104.18.6.185200 OK 13 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/883541410:1685110177:Lpc0iM-PQnE3rSvLR2YpcwENIvj8ptcOo_caSsNGpKI/7cd6d30c5802b4fd/d8d29f16712afcc
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/v4mro/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (13232), with no line terminators
Hash 4e0ef72d8a27876ba677dc9356f76fc3
0d183f2b933de97e2b66b9669cc95da42708d2c0
94b9ed9d7d573f3336b5af3be8921f5d93ac59e327f8e50628e1b4808208bc95
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/883541410:1685110177:Lpc0iM-PQnE3rSvLR2YpcwENIvj8ptcOo_caSsNGpKI/7cd6d30c5802b4fd/d8d29f16712afcc HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/v4mro/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: d8d29f16712afcc
Content-Length: 17824
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 May 2023 14:49:23 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: QDI0e2BhE3LZfpQraUkRD5j0TAqd9fFFIFNRP074gZ65KrErkD2wYN5vN3HGBEja$BF/xy9UrVpkO/W8GRwwCvg==
server: cloudflare
cf-ray: 7cd6d3141b3bb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400