Report - ruv80zbas1.execute-api.us-east-1.amazonaws.com/prod/jump?redirect_url=https://xs523936.xsrv.jp/qO5ODwxjId684HQ7YgS4/d6602ef23441284bb93600a56418b38d/cm1vd2xlc0BhYXJ0ZWNoLmNh&creative_id=601&tag_name=Rob_A_Facebook&operative

Report Overview

Submitted URL
ruv80zbas1.execute-api.us-east-1.amazonaws.com/prod/jump?redirect_url=https://xs523936.xsrv.jp/qO5ODwxjId684HQ7YgS4/d6602ef23441284bb93600a56418b38d/cm1vd2xlc0BhYXJ0ZWNoLmNh&creative_id=601&tag_name=Rob_A_Facebook&operative_id=33090
IP
54.230.111.107
ASN
#16509 AMAZON-02
Submitted
2024-04-16 18:31:52
Access
public
Website Title
Redirecting...
Final URL
mx4ko.cfd/main/
Tags
suspicious
urlquery detections
Suspicious - Anti-debugging code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ruv80zbas1.execute-api.us-east-1.amazonaws.com	207699	2005-08-18	2020-05-12	2024-04-16	686 B	761 B	54.230.111.107
xs523936.xsrv.jp	unknown	2006-02-23	2024-03-31	2024-04-16	549 B	223 B	103.141.97.7
mx4ko.cfd	unknown	2024-04-12	2024-04-15	2024-04-16	1.5 kB	4.8 kB	209.141.55.9
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-16	5.5 kB	724 kB	104.17.3.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (40)

	URL	Size	First Seen	Last Seen
	unknown	790 B	2024-02-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-07 04:49:48 Last Seen2024-04-19 15:49:11 Times Seen119 Hash a706fbb0bc40bf8c6f1abc82d05efb3b 8b77b60a079fd7bc231b089668ce9a36974a30a7 202d6608974ba82ed57a51038ca52d1697eead72d8be0729715002d6b6f9cdd6 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8756411b880cb4f3	428 kB	2024-04-16	2024-04-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8756411b880cb4f3 IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:54 Times Seen2 Hash 918da52012015f5c57b870003436bbd6 701df04b44c0a3977ccb88df5ab1d14203c6b9d6 c355e900e9c5994c926723697d598cee54cceb960019e468689a9de873f605ba Loading...

	mx4ko.cfd/main/	0 B	2023-03-07	2024-04-29
Pretty URL mx4ko.cfd/main/ IP 209.141.55.9 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-29 22:20:18 Times Seen37190912 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mx4ko.cfd/main/	0 B	2023-03-07	2024-04-29
Pretty URL mx4ko.cfd/main/ IP 209.141.55.9 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-29 22:20:18 Times Seen37190912 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal	3.3 kB	2024-04-16	2024-04-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 61a910e055d47bc586a5a907bdf0fc76 605f33b310b44e83b8af3639314ce595d844c62c bfa06261cc7968163cdf91ab80f52d28172799123c6762d54668cb3bc076852f Loading...

	mx4ko.cfd/main/	0 B	2023-03-07	2024-04-29
Pretty URL mx4ko.cfd/main/ IP 209.141.55.9 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-29 22:20:18 Times Seen37190912 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	41 kB	2024-04-04	2024-04-17
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-04 12:45:54 Last Seen2024-04-17 16:04:31 Times Seen3430 Hash d1048a66fc11ea28c3cb1488fac82c62 f055707cf91f637ec19bf5e65bf378857e798469 8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 64899b452e9eacabd494dd99f3b843e9	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 64899b452e9eacabd494dd99f3b843e9 f23f57b2cec12402f717eeea330dc5d752245c76 3b0dce38be83d186284d51d98411d1ec8947f267fbc664bdd8f454552be7e237 Loading...

	#2 Eval - 1e86b325d00d8bc5a39f0d385932ab19	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 1e86b325d00d8bc5a39f0d385932ab19 b3563badcb9ebd63655970b05817a29e61bd508d 61036642a38909705033a8d4c78fdcfd46207dc3e8c578e0cd37f73fe0b21b23 Loading...

	#3 Eval - 0ed8d774a662c464bd73b1933cac95ba	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 0ed8d774a662c464bd73b1933cac95ba 5555313980401daad4e34064e98440d782d6f34b 5074b9e1515ec365b6d800233c50551e8b0612498a95bceb63e69261ab834f16 Loading...

	#4 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-29
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-29 22:04:12 Times Seen350646 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#5 Eval - 1d49413838c1a1143d6f423c923a1dc7	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 1d49413838c1a1143d6f423c923a1dc7 9fe09f0da5bc30ea326865f97f300f4eab782455 372db58c62e7f8e487d8968fecadf21c119309bb6e4e3ba7191572484ea5988a Loading...

	#6 Eval - a4f84344fab163ced4906e9b20462698	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash a4f84344fab163ced4906e9b20462698 05871e64db704d219d57198939d079a1c5618e84 6b5fce090616d6ce95f01b6cd622c0deb103429e5510b4d9280102ce62053e78 Loading...

	#7 Eval - 90f777585950568a7e4d16a272ed440e	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 90f777585950568a7e4d16a272ed440e 493d09f0b8826885b5a555b182aa4b58b4a4b10d 72500ca631117eda48a1b89de37cb484bd6ac714b3d1a624d2422ab5bbbca5a1 Loading...

	#8 Eval - 8d03d3293aafaa86ebab54f65ba3ffac	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 8d03d3293aafaa86ebab54f65ba3ffac 315e63030970b7ebb5abd525bb538f97a9b3a5f2 f816810ae15b3f1e5f888bd776745cc2443ff5eb9b43b0ab1a5efdc90bb59d73 Loading...

	#9 Eval - 11d4f60c40776d53fede7dfcc0a8ad43	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 11d4f60c40776d53fede7dfcc0a8ad43 4700bb55de430590e7efc2cb5b27cf1a3000eb1e c33152a7e023dfe72da5b4e7548173d50e9b390142610d05bf3c8ad849281b3c Loading...

	#10 Eval - 6d6719a1d736b088e78cbe42f7e265c3	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 6d6719a1d736b088e78cbe42f7e265c3 7ce741f52ae441b670933dd5f7d1152e65622b30 2c235b41b18cc21dee8ae90a29ce375137076cf3cb09153a697428ab283ac872 Loading...

	#11 Eval - 8a194ebfeab9b8808d15656a6a58b740	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 8a194ebfeab9b8808d15656a6a58b740 e09263a762911fb629b5c8e1f03fda27858316a1 d901c24b11e985354f8e6bc11e9757ef8eb83d51e532dcc29fe1804704b1f4b3 Loading...

	#12 Eval - 14bf402725933f13cd955689b1bbf983	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 14bf402725933f13cd955689b1bbf983 606ffff44781add9d276a828531029d7d1dc34aa 0148d43491a88bea1e8bd605d40fba379ae44ab9fc3ef908b10155c49dac58e1 Loading...

	#13 Eval - ac6d43b49aec2f87daf340337b6a7882	60 B	2024-04-04	2024-04-17
Pretty Observations First Seen2024-04-04 12:28:09 Last Seen2024-04-17 16:04:31 Times Seen3428 Hash ac6d43b49aec2f87daf340337b6a7882 d3874a31a6b7fe11121edc3ed80fdc8b66f6589a 1af55b64e0b39e0f5f760a8050b284a66fe404ddff945697590f8240798311b2 Loading...

	#14 Eval - b45525857ad62c24986f51ea3675d3d0	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash b45525857ad62c24986f51ea3675d3d0 867bde84fd698eb3bad3032c335179ffffea4856 5ca48d8673ea3d8599ae9f135b9e6d7d0a82d596e6ef475cd8f1142fe53c5352 Loading...

	#15 Eval - 84417dd8742ba91c8d9ed4ccb1d1f4cd	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 84417dd8742ba91c8d9ed4ccb1d1f4cd c7ecc6ff941bb0d2790033dad0146eda6a293b84 4c204aa808d826ff39a3aa78a290d21682dfc7f1490abb681b1d2c25b8aa9562 Loading...

	#16 Eval - 8dd440d4e68df9d520dc7c529f383cd3	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 8dd440d4e68df9d520dc7c529f383cd3 7f57c303563dcd2fe9f051315eb76a0b77d56150 3ae94137184982d0b4980d9464ad8556178a8cb5d8b5a495741ab1ddd47c7fad Loading...

	#17 Eval - 0ebaf3b1fc3db444882c2aa4774bcea5	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 0ebaf3b1fc3db444882c2aa4774bcea5 4d7c93db37029caac37a17cac797f42b3a442705 9ff28b1312e5e64bd7d6165221094761094dd4576f620a9a6be2ba33fb287566 Loading...

	#18 Eval - 878fce28c77418d0e345e65ccefa6b67	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 878fce28c77418d0e345e65ccefa6b67 28a782c8fe0c70a7f03e1b6d04a54eb295c426fb 9e124aedc57b42c818262bcd9b747f79ed881e5a2cb34e0ee96ad569c722771f Loading...

	#19 Eval - 1675ac6dbbc570f62db34d72fc87ce76	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 1675ac6dbbc570f62db34d72fc87ce76 8dc8a453641b1a1f87295ced2f2d36d103387f0b 4a1ffdfa8165441153975579ed6c6320c50196ba9d4f75abdb9ae66a06c02563 Loading...

	#20 Eval - 21e1bb241e8ab6c53372c529117300dd	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 21e1bb241e8ab6c53372c529117300dd eff82becc6fb45342380802baca84e88bef6a660 4de11fb20340f9a6c71832691d60e18399f5a9a3f4699607c3dd0909cfd6e085 Loading...

	#21 Eval - 79f51bf036dd6e00ce23b7cc0cd6f622	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 79f51bf036dd6e00ce23b7cc0cd6f622 085f549cc16e27b987286445ef5b5fbcd1f59e6e ce427ea0a7d2cd936331d34289d1263b28304c5fe647248cff24246c8eac518d Loading...

	#22 Eval - 18da5fff3101b4b6864ae4e4ca9d8e76	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 18da5fff3101b4b6864ae4e4ca9d8e76 821ce6ca6518ee147acaf4ca470df9cb4fb2f957 a979b01be4e1de76cebd1ddcbfb4ae00e2cde42ae5e626bb6e771d2e35f2b677 Loading...

	#23 Eval - 8d6f7ac99abfb7bc4524322603ef2155	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:53 Last Seen2024-04-16 20:31:53 Times Seen1 Hash 8d6f7ac99abfb7bc4524322603ef2155 7bd4c281b4c56f9b5bd86c34a0af8f09ff47efef 1d78709cfbd7b139d15516dc1793b41d68c12ba13adf298acd98015e2b777f22 Loading...

	#24 Eval - 69b85f1f76c2842fccac615ed3f0881b	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:54 Last Seen2024-04-16 20:31:54 Times Seen1 Hash 69b85f1f76c2842fccac615ed3f0881b 56a4e063a4b756948ce9b2f012bd9877fc30bac2 abbe7b37b49a467443b122b5fc88dce8b5cbcec991f7d711a61202c797153c99 Loading...

	#25 Eval - a3a2bcb0ad1108fee92d89b5f13ea7db	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:54 Last Seen2024-04-16 20:31:54 Times Seen1 Hash a3a2bcb0ad1108fee92d89b5f13ea7db f13070280ebbede1750530aeb1f4aecf9b923343 10c712f188978611f2a86d1caae85fd138846b1e604760381068dd7b0e29394e Loading...

	#26 Eval - 001b09dd800a987a7ce817a6ebd852b3	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:54 Last Seen2024-04-16 20:31:54 Times Seen1 Hash 001b09dd800a987a7ce817a6ebd852b3 2df7f9a9491a0f23c6dbcd331fb368920110381c 0b6c993eade1dfca475defc690095e250fa4751ea1d711a29b545263dd1efbdd Loading...

	#27 Eval - 8fddfd08a46c5e5320d1d732e3fda78d	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:54 Last Seen2024-04-16 20:31:54 Times Seen1 Hash 8fddfd08a46c5e5320d1d732e3fda78d 781d4b89fd5489a847f07ac943532f38272c1f99 cf78765ae469df6c062f006ec2bc5d6d7274f2e97c7ee3bd0c6f49fd7bc99576 Loading...

	#28 Eval - 758c24d7cdff76969ef20fa7ed86af0a	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:54 Last Seen2024-04-16 20:31:54 Times Seen1 Hash 758c24d7cdff76969ef20fa7ed86af0a 3d117f32f180e02bc37241eb1be596c4c965acb1 ecb0a8383cf9a4f305d8d303df90f43a1ee072d0fbcceacbb108a72bb0fabc27 Loading...

	#29 Eval - 2f3f53b856d02d7e8a6eae4552135c39	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:54 Last Seen2024-04-16 20:31:54 Times Seen1 Hash 2f3f53b856d02d7e8a6eae4552135c39 05a67d96ef285188536c5e0770a74ca5c64be1f2 cc4cc588614ccab048a580ea0536dee9081eb6725bfa1cf076a3416efc500014 Loading...

	#30 Eval - d0cb3bf0b8a227f849ef25353e70ecfa	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:54 Last Seen2024-04-16 20:31:54 Times Seen1 Hash d0cb3bf0b8a227f849ef25353e70ecfa 55374fc98a727743aeec0391378614173ef3f80f b5cbdc531337fcc472d591ace851329203676e02efe7b37821849434d67b6639 Loading...

	#31 Eval - 6d660809fe8a39719950e68d83ece373	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:54 Last Seen2024-04-16 20:31:54 Times Seen1 Hash 6d660809fe8a39719950e68d83ece373 c38d7fe7c78c7371ef6e2d2341d4ccc8a2062a0d 898ae2633113cd2b84d5c67e18124c903003a4c9f9787e350db82055ddeb6e50 Loading...

	#32 Eval - 33123f7a996e2bea7035a01ee70ae1c3	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 20:31:54 Last Seen2024-04-16 20:31:54 Times Seen1 Hash 33123f7a996e2bea7035a01ee70ae1c3 dc4d8858dc340da8ee6d8b95863c75c3f071cf1b 3134cb4502ead7a5b2c73f40266292c421d28ce810f297b95293beb9f37d157d Loading...

		Size	First Seen	Last Seen
	#1 Write - 8a0bed010a9fd21a560b90da24f37189	795 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 12:57:45 Last Seen2024-04-19 15:49:12 Times Seen3733 Hash 8a0bed010a9fd21a560b90da24f37189 38972fe20940c05edb4139a266dffe2e8e627b1a bc30534b563e7ba1a059a806e101b42c69104b5aacb6afe2293b575e9935dfde Loading...

HTTP Transactions (14)

	URL	IP	Response	Size
	ruv80zbas1.execute-api.us-east-1.amazonaws.com/prod/jump?redirect_url=https://xs523936.xsrv.jp/qO5ODwxjId684HQ7YgS4/d6602ef23441284bb93600a56418b38d/cm1vd2xlc0BhYXJ0ZWNoLmNh&creative_id=601&tag_name=Rob_A_Facebook&operative_id=33090	54.230.111.107		119 B
URL ruv80zbas1.execute-api.us-east-1.amazonaws.com/prod/jump?redirect_url=https://xs523936.xsrv.jp/qO5ODwxjId684HQ7YgS4/d6602ef23441284bb93600a56418b38d/cm1vd2xlc0BhYXJ0ZWNoLmNh&creative_id=601&tag_name=Rob_A_Facebook&operative_id=33090 IP 54.230.111.107:0 ASN #16509 AMAZON-02 File type JSON text data Size 119 B (119 bytes) Hash da00f53b232254891c396044bd193712 fba0f1c70c9e80611699718d10c958b61be9ac75 8139de0d571f6bc73dcde55508082ba16822805f256211080c8115e6230ebe00 HTTP Headers GET /prod/jump?redirect_url=https://xs523936.xsrv.jp/qO5ODwxjId684HQ7YgS4/d6602ef23441284bb93600a56418b38d/cm1vd2xlc0BhYXJ0ZWNoLmNh&creative_id=601&tag_name=Rob_A_Facebook&operative_id=33090 HTTP/1.1 Host: ruv80zbas1.execute-api.us-east-1.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found content-type: application/json content-length: 119 location: https://xs523936.xsrv.jp/qO5ODwxjId684HQ7YgS4/d6602ef23441284bb93600a56418b38d/cm1vd2xlc0BhYXJ0ZWNoLmNh date: Tue, 16 Apr 2024 18:31:26 GMT x-amzn-requestid: 0daa9f75-b186-43f8-8c6b-13c2168b582a x-amz-apigw-id: WVOP0G8PIAMEMPA= x-amzn-trace-id: Root=1-661ec3fe-113f881f37507b273aaea64b;Parent=45ab07f1e5412336;Sampled=0;lineage=d60879d2:0 x-cache: Miss from cloudfront via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: _7kVR_Bvx4QFOAbRCJfaRYg7ZqV7IB9N0kp8sh-1XjMM7p8x_jp2Qg== X-Firefox-Spdy: h2

	xs523936.xsrv.jp/qO5ODwxjId684HQ7YgS4/d6602ef23441284bb93600a56418b38d/cm1vd2xlc0BhYXJ0ZWNoLmNh	103.141.97.7		0 B
URL xs523936.xsrv.jp/qO5ODwxjId684HQ7YgS4/d6602ef23441284bb93600a56418b38d/cm1vd2xlc0BhYXJ0ZWNoLmNh IP 103.141.97.7:0 ASN #131965 Xserver Inc. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /qO5ODwxjId684HQ7YgS4/d6602ef23441284bb93600a56418b38d/cm1vd2xlc0BhYXJ0ZWNoLmNh HTTP/1.1 Host: xs523936.xsrv.jp User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Tue, 16 Apr 2024 18:31:27 GMT content-type: text/html; charset=UTF-8 content-length: 0 refresh: 0;url=https://mx4ko.cfd?e=rmowles@aartech.ca accept-ranges: bytes X-Firefox-Spdy: h2`

	mx4ko.cfd/?e=rmowles@aartech.ca	209.141.55.9	302 Found	0 B
URL User Request GET HTTP/1.1 mx4ko.cfd/?e=rmowles@aartech.ca IP 209.141.55.9:443 ASN #53667 PONYNET Certificate IssuerLet's Encrypt Subjectmx4ko.cfd Fingerprint9B:EE:C5:BA:E8:52:CE:D3:4C:DA:94:1B:9A:F3:1E:20:B2:12:C0:2D ValidityMon, 15 Apr 2024 13:40:41 GMT - Sun, 14 Jul 2024 13:40:40 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?e=rmowles@aartech.ca HTTP/1.1 Host: mx4ko.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found Server: nginx Date: Tue, 16 Apr 2024 18:31:31 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=60 X-Powered-By: PHP/5.4.16 Set-Cookie: PHPSESSID=v3g2d3e48ka08f9aca3edsd4i2; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache location: main/`

	mx4ko.cfd/main/	209.141.55.9	200 OK	3.5 kB
URL User Request GET HTTP/1.1 mx4ko.cfd/main/ IP 209.141.55.9:443 ASN #53667 PONYNET Certificate IssuerLet's Encrypt Subjectmx4ko.cfd Fingerprint9B:EE:C5:BA:E8:52:CE:D3:4C:DA:94:1B:9A:F3:1E:20:B2:12:C0:2D ValidityMon, 15 Apr 2024 13:40:41 GMT - Sun, 14 Jul 2024 13:40:40 GMT File type JavaScript source, ASCII text, with very long lines (3082) Size 3.5 kB (3534 bytes) Hash 074116358d0822c1a30d6d5e4dfe2307 273913ddcf99b6cdec0eee0de68600fee208e6fb bbec21a8ffac7bf4530e9bbf8b99908266913ebbfc540364190c5500b833d4a7 HTTP Headers `GET /main/ HTTP/1.1 Host: mx4ko.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: PHPSESSID=v3g2d3e48ka08f9aca3edsd4i2 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 18:31:31 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip`

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	104.17.3.184	302 Found	0 B
URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://mx4ko.cfd/main/ Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mx4ko.cfd/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Tue, 16 Apr 2024 18:31:32 GMT content-length: 0 cross-origin-resource-policy: cross-origin location: /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback cache-control: max-age=300, public access-control-allow-origin: * vary: Accept-Encoding server: cloudflare cf-ray: 875640ba385fb527-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	mx4ko.cfd/favicon.ico	209.141.55.9	200 OK	135 B
URL GET HTTP/1.1 mx4ko.cfd/favicon.ico IP 209.141.55.9:443 ASN #53667 PONYNET Requested by https://mx4ko.cfd/main/ Certificate IssuerLet's Encrypt Subjectmx4ko.cfd Fingerprint9B:EE:C5:BA:E8:52:CE:D3:4C:DA:94:1B:9A:F3:1E:20:B2:12:C0:2D ValidityMon, 15 Apr 2024 13:40:41 GMT - Sun, 14 Jul 2024 13:40:40 GMT File type HTML document, ASCII text Size 135 B (135 bytes) Hash 83b862bead2d480026254fb2a6eb9969 26bad9e6c1579172b0e3b6bc1c18918164ff6478 fb258cb538ca92d61c8cd4eb08cc23da70c278b8766eaa731ce11e9b2f1da4d4 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: mx4ko.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mx4ko.cfd/main/ Cookie: PHPSESSID=v3g2d3e48ka08f9aca3edsd4i2 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 18:31:32 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 135 Connection: keep-alive Keep-Alive: timeout=60 Last-Modified: Mon, 15 Apr 2024 19:31:32 GMT ETag: "87-61627ab3c2d2a" Accept-Ranges: bytes`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8756411b880cb4f3/1713292308096/0DzvlAQrIj6qf9c	104.17.3.184	200 OK	61 B
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8756411b880cb4f3/1713292308096/0DzvlAQrIj6qf9c IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type PNG image data, 66 x 37, 8-bit/color RGB, non-interlaced Size 61 B (61 bytes) Hash 0ac7f1dd2f8a71e0d6642e3a97d05fa6 739ffd91afd2a2f0db3800331ea9c27efacb4d18 179fc15f8861e2cc87f6db887c21ebf0250b95343a2eb0f4750d7a1b9ccf4f30 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/i/8756411b880cb4f3/1713292308096/0DzvlAQrIj6qf9c HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Tue, 16 Apr 2024 18:31:48 GMT content-type: image/png server: cloudflare cf-ray: 875641218fc5b4f3-OSL alt-svc: h3=":443"; ma=86400`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/125457785:1713289183:SUqkPhs7YhWRWwnGI8HVSmAiDEBMv9e2dh-KCNyIgkM/8756411b880cb4f3/acb0de21ec0b76d	104.17.3.184	200 OK	93 kB
URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/125457785:1713289183:SUqkPhs7YhWRWwnGI8HVSmAiDEBMv9e2dh-KCNyIgkM/8756411b880cb4f3/acb0de21ec0b76d IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 93 kB (93192 bytes) Hash c2317f4a5c6b04a29d36046d55e2b85b 27833477f2fb5dd08e2d73e18b334e31f478eda0 e1f872107644767f0a131788e4e1e4529d2f507ec0fa12956d29f9ace97db7bd HTTP Headers POST /cdn-cgi/challenge-platform/h/b/flow/ov1/125457785:1713289183:SUqkPhs7YhWRWwnGI8HVSmAiDEBMv9e2dh-KCNyIgkM/8756411b880cb4f3/acb0de21ec0b76d HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal Content-type: application/x-www-form-urlencoded CF-Challenge: acb0de21ec0b76d Content-Length: 2606 Origin: https://challenges.cloudflare.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 16 Apr 2024 18:31:48 GMT content-type: text/plain; charset=UTF-8 cf-chl-gen: OSMJCUKK+nVVALTieZgPpXWba8McdNEZb278lLdDzwaSV61w+urmiZHvgFJKW4ZU4ZaLrTXb/vIY6h/D/HfYKjaAO2ixy8dDB3uiXomIodXoSkzCwVC9KeqiRm0ESGNHOBNQo2tqut0NrAPGl/aCJgQ4aOs8yOf25tn5it+I+toq3l5pd+abPDIjWBXX825WQAFE97ZA+vq3KrS7DNkuzPTbd5c64hzfyjIr4fQaC7sdpELu+/MI+xX2+3erHhMQ0fguDDC0q2gpTGhn/XXIYRqC+L8Q9+SIwZybmvz7c2qGplbaOxjnqeshIF5Xq20Xk5mjSP2mfGtkB6HD4THdZkH904kk4Ltg22AHMfhKwxUSmA/94bCeAwuiRIrkhsyzYuGkwcaBjLXVj/7yf0L+XQ==$U6uiaQ77vFddSG+F2tvAfA== server: cloudflare cf-ray: 8756411d8addb4f3-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8756411b880cb4f3/1713292308094/018018e28ce9bcae857e23b05aede56e83df99b80a4b2123f669dd680bdfcdcf/lvfUZaiL9Rw9kej	104.17.3.184	401 Unauthorized	1 B
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8756411b880cb4f3/1713292308094/018018e28ce9bcae857e23b05aede56e83df99b80a4b2123f669dd680bdfcdcf/lvfUZaiL9Rw9kej IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type very short file (no magic) Size 1 B (1 bytes) Hash ff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/pat/8756411b880cb4f3/1713292308094/018018e28ce9bcae857e23b05aede56e83df99b80a4b2123f669dd680bdfcdcf/lvfUZaiL9Rw9kej HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 401 Unauthorized date: Tue, 16 Apr 2024 18:31:48 GMT content-type: text/plain; charset=UTF-8 www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gAYAY4ozpvK6FfiOwWu3lboPfmbgKSyEj9mndaAvfzc8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1QvuFhVj8-HIEpd2829MedEvnrcAHahftJq4lCTdordKDtEpBDr1tC6_z1kq102Fe8SVbT4nRFRPCH_vL6Pwcc16C8jLMMvXraoC-BiyzAX3Yyr6lZj9UCQ7aK3JEr-tlD2wmLRtqyXfZQu9FdZsCMm0LU5LDAKE1uUBeAV-vLkP_1imLjHgbFE2lJH52yahbxiIjoqT_3PjB45ow3W9ciKiR89cUoS7X-sc6I2Lo7P_Y_FH4aGxC4fBDbjKZDO7UYOs3i1xJCHhgRA2dPWk0tZTjV7-jJE-oyRiReJNq7shr4jYws0e9BzlY1UCMa-U_JWdRb9So4JnoGPmfvSU_QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIAGAGOKM6byuhX4jsFrt5W6D35m4CkshI_Zp3WgL383PABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20 server: cloudflare cf-ray: 8756411fcd9fb4f3-OSL alt-svc: h3=":443"; ma=86400

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal	104.17.3.184	200 OK	78 kB
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://mx4ko.cfd/main/ Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (41919) Size 78 kB (77742 bytes) Hash aaa2c5c960d7ec307bb419ec41aa3bab a5313c3b8c0bb099fd02c668810f00609c78e24f d525ba6b72b0d99abbd68243d0e1c4c72ea9427dcae2d94731a06b5ce9c51c2d HTTP Headers GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mx4ko.cfd/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 16 Apr 2024 18:31:32 GMT content-type: text/html; charset=UTF-8 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: cross-origin document-policy: js-profiling origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin server: cloudflare cf-ray: 875640bb0e6db4f3-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal	104.17.3.184	200 OK	78 kB
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://mx4ko.cfd/main/ Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (41919) Size 78 kB (77761 bytes) Hash 4c3dc3c48f82bcaab270e60442dc9bb0 08f60ee599e7d15c25993f1e66eaf24dc6d45661 987c165bc11a15ca44e3e06c529cde3f89aa224cc4facf3425a89712117d00e9 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mx4ko.cfd/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 16 Apr 2024 18:31:47 GMT content-type: text/html; charset=UTF-8 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: cross-origin document-policy: js-profiling origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin server: cloudflare cf-ray: 8756411b880cb4f3-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D	104.17.3.184	200 OK	61 B
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Size 61 B (61 bytes) Hash 9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Tue, 16 Apr 2024 18:31:47 GMT content-type: image/png cache-control: max-age=2629800, public server: cloudflare cf-ray: 8756411bc87ab4f3-OSL alt-svc: h3=":443"; ma=86400`

	challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback	104.17.3.184	200 OK	41 kB
URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://mx4ko.cfd/main/ Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (40613) Size 41 kB (40614 bytes) Hash d1048a66fc11ea28c3cb1488fac82c62 f055707cf91f637ec19bf5e65bf378857e798469 8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370 HTTP Headers `GET /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://mx4ko.cfd/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Tue, 16 Apr 2024 18:31:32 GMT content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * cache-control: max-age=31536000 cross-origin-resource-policy: cross-origin vary: Accept-Encoding server: cloudflare cf-ray: 875640ba689fb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8756411b880cb4f3	104.17.3.184	200 OK	428 kB
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8756411b880cb4f3 IP 104.17.3.184:443 ASN #13335 CLOUDFLARENET Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal Certificate IssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 428 kB (427915 bytes) Hash 918da52012015f5c57b870003436bbd6 701df04b44c0a3977ccb88df5ab1d14203c6b9d6 c355e900e9c5994c926723697d598cee54cceb960019e468689a9de873f605ba HTTP Headers GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8756411b880cb4f3 HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/of1mi/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Tue, 16 Apr 2024 18:31:47 GMT content-type: application/javascript; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 server: cloudflare cf-ray: 8756411bc881b4f3-OSL content-encoding: br alt-svc: h3=":443"; ma=86400`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (40)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash