| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 17 Apr 2024 03:04:59 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
access-control-allow-origin: *
location: /turnstile/v0/b/bcc5fb0a8815/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 875930dafcd556ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.74.138 | 200 OK | 31 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.138:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 76246
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mozartbulls.top/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.193.115 | | 0 B |
URL mozartbulls.top/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.193.115:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 03:04:59 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vW7PXNW87BZnlIhQjavtsBFdUO6KRlO%2B%2BmvwTY7B6PXWzq6bs6X7SR12E8mb52jMejwo0RMWNXRJLWMyEWGlQckLuWpcWcMTQIlp6CTuDKjXGL9sPOzRsptFNDPAia2LoCo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875930dc6b755685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ | 172.67.193.115 | 200 OK | 82 kB |
URL User Request GET HTTP/3mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ IP172.67.193.115:443
CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeJavaScript source, ASCII text, with very long lines (1866), with CRLF line terminators Hash1969bd4011bfb9fdcc2e25f48aec9c7d 15f1cc1015fd0a07b36a01cab60a920b72e32966 03977a371baf0b8338f99fff71f39b48927e3feb963443d48791e241f7fe5ad8
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook | Quad9 DNS | malicious | Sinkholed |
GET /_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 03:04:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9WTwYQ5qscPRQE%2BFz2YffYtRuhkw%2FhZ%2F0AM8R8m7m8WDQZahqcpmLRkJxzI8Qzs2nU7IKCoTeff8JYq6O0%2F%2BOApSVg1ZDetYjNAyMUtseKV5Inii5Bt1Cejh9D8SQFzy64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875930d76a9c56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 03:05:02 GMT
content-length: 0
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/bcc5fb0a8815/api.js
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 875930edf807568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.74.138 | 200 OK | 31 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.138:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 76249
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 03:05:04 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /turnstile/v0/b/bcc5fb0a8815/api.js
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 875930fdadb7568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1987808210:1713321803:Lq878beJ7_xgdarf_xCGaKSOIxFZOnDs2wei-BWYcs0/875930ee882f568b/3f97764a2af3278 | 104.17.3.184 | | 98 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1987808210:1713321803:Lq878beJ7_xgdarf_xCGaKSOIxFZOnDs2wei-BWYcs0/875930ee882f568b/3f97764a2af3278 IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash7a097d4bdfce7cc4e66c745602846e26 ab0386384115259d63098b9c2c1d624491bced94 5cc6ce5bb99de70beb559d16369aeda9881c3cb3ca3d8d61e21160be2cdad92c
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1987808210:1713321803:Lq878beJ7_xgdarf_xCGaKSOIxFZOnDs2wei-BWYcs0/875930ee882f568b/3f97764a2af3278 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pi42z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3f97764a2af3278
Content-Length: 2753
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:05:02 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: gqJyF47/Anw7C9myqo8SfVcKwjZfBL48SXMF0ttp63o/loEg00Anc5zgvBatg0HIbsobRhL2p/y+q/XngCbKBnKqXJthumnoTa8r5JN01wXTyfkiYYfoIRpgRChA509b42nFGVkF6Ei9ewZGtPygRC76i1Wr4AgUCZ3ez6/o0kPzdDiII9QCYzUbAvorimN1hDLtTHfQqzMIS/R14g/UhLg0UdpNydqGPE7CobZtEH1zMb5uXc9b/FHmvHC7oHO9WRCy0l9uzC6RXcTLc1co2pvGipUG6bPYKgwOt3RcOyXVB0nJRtWQViCTXtM+POoINP7Ronx3S1qNWzVi5Hd6k/lqqqx2Vh4qdRZEKNjWsE2UZxvWQ16D0U2TQWn+2GM7$uqVpS7+NY3QhouTOMBD+Xg==
server: cloudflare
cf-ray: 875930f1096f568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 03:05:07 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
location: /turnstile/v0/b/bcc5fb0a8815/api.js
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 875931103b7e568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/favicon.ico | 172.67.193.115 | 404 Not Found | 169 kB |
URL GET HTTP/3mozartbulls.top/favicon.ico IP172.67.193.115:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeHTML document, ASCII text Size169 kB (169044 bytes) Hashdbd79678d3008c4ec65ccc65845cdf67 a1eefb4d65ad644047d2e10a8b870e320bbc5b6e 310fa9e7ff4ad96571fb67f33adc2a0c63b4c059a1b4ce1ba6d219111305ab87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/
Cookie: cf_clearance=bARxoj.WoP2F3rVYTghkKNa_5kUhbNSD6TxvzUBpOLk-1713323102-1.0.1.1-7COydNa56qPeFGchurNwX0AEsmvvxZL4ijC5spMiHs3_KnAv_WVmo00gr0WpnPTGY9qCN_Fd62AWi7fJKYgVTg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 17 Apr 2024 03:05:02 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9vW0fCoVnBiLXOC3DrWZozMFzyl22teH5OTq%2FntiHfZ9ouGZoPY6mJElz%2BJVYuLLVu%2FYBwWcemI0Vg0DYSxWj7zZCAxCHbD5nkoqn%2FyMkesQ%2F8FJjrWbrQqYasNO%2FteSGE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875930ee6ae95685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=875931113baa568b | 104.17.3.184 | | 126 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=875931113baa568b IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size126 kB (126429 bytes) Hash2141d83c89d4bf3648cb488a0a00a98b 1be578647e4979e82bb056248e796241f6725cb4 456cbf30a534a89b770a3983ee59b1bd82df44388731b3f612cb80ece2de6325
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=875931113baa568b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7ser/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:05:08 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 875931120bfe568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 03:05:10 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
location: /turnstile/v0/b/bcc5fb0a8815/api.js
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759312168c2568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.74.138 | 200 OK | 31 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.138:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 76257
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| mozartbulls.top/_cyborg_meta/functions/validate.php | 172.67.193.115 | | 21 kB |
URL mozartbulls.top/_cyborg_meta/functions/validate.php IP172.67.193.115:0
Hash915ceb3bed2e398e3f43a04c6bf80f54 c4efc42d17f64965971b6228548ccaf31584bfa6 d48ca92aaa60519d39c3e08260c7ccd5a19c26e3ff29ac19393c21b5cf8d2e40
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_cyborg_meta/functions/validate.php HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/
Cookie: cf_clearance=bARxoj.WoP2F3rVYTghkKNa_5kUhbNSD6TxvzUBpOLk-1713323102-1.0.1.1-7COydNa56qPeFGchurNwX0AEsmvvxZL4ijC5spMiHs3_KnAv_WVmo00gr0WpnPTGY9qCN_Fd62AWi7fJKYgVTg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:05:02 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jIYKG5EUIWP3TvuICSgNONvyIHguNWRc2%2FtlFJZH26Chg%2BnMi%2BFocmVo8Fb4ruaX3ABCBrqECrcScdKruZNWCKATMueqzGosuzPoDnPw1SOa%2F9VbL3F3H05R1lzrwiNLeuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875930ec09e65685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 03:05:14 GMT
content-length: 0
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/bcc5fb0a8815/api.js
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 875931367f78568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | 200 OK | 35 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59i4z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hasha6494f96ab2a8c57c68a165d9911c796 d20a3c519e5a3004e266ccf618d989637620f111 06150975d82d820f923e27ea7cd3ad40b52930484d394631a265e11099bee3f5
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pi42z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:05:02 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 875930ef3875568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87593122790a568b/1713323111336/4c6f6f7d8cbe6459c93a161e3cabf74fb535261333a0be196bab45d40e40ac5c/qyJk7BGIeI-JiyG | 104.17.3.184 | | 97 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87593122790a568b/1713323111336/4c6f6f7d8cbe6459c93a161e3cabf74fb535261333a0be196bab45d40e40ac5c/qyJk7BGIeI-JiyG IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hash487a8f5782306201cfe2d0c1451ab707 6e235b1c793e5f927f4636ff8fdcdb2b8f5f2959 b4599c7c9a333d59dd0a3f7883afd86db93e6e43f5369a9c76edf854b04e6233
GET /cdn-cgi/challenge-platform/h/b/pat/87593122790a568b/1713323111336/4c6f6f7d8cbe6459c93a161e3cabf74fb535261333a0be196bab45d40e40ac5c/qyJk7BGIeI-JiyG HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rvknx/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Wed, 17 Apr 2024 03:05:12 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gTG9vfYy-ZFnJOhYePKv3T7U1JhMzoL4Za6tF1A5ArFwAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIExvb32MvmRZyToWHjyr90-1NSYTM6C-GWurRdQOQKxcABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8759312bfbbe568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ | 172.67.193.115 | 200 OK | 32 kB |
URL User Request GET HTTP/3mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ IP172.67.193.115:443
CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeJavaScript source, ASCII text, with very long lines (748), with CRLF line terminators Hash177ff223721bdfb9253aa08b1ddd62af c81d7c6b4679b7b782f3bde8e5f75d0507e726ca 501be5540cf290fb4a10193dac5ed4acdd7f0807125caedfdeaa43d7f9d177e5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook | Quad9 DNS | malicious | Sinkholed |
GET /_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=shIDPUHMd0NI9V8BNh2Lcg_qpgrWSxAQdlhwBntUna8-1713323116-1.0.1.1-SNRBwoRAHHwoXfC2h.iOokRHTVQFX6e0dXpaA2_FYI2x_IhR40RDb1xtwNVXnogyC9nvVZvS094SS7UZsNsFfg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:05:16 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jaB8Zw0vlDND8Y7RlFjS2l%2BvCXOSMeuPGDnOcJ0KvxNa%2BGmwCct2q1DA%2FHUDSaqRlrGncYt00JWyHFAI%2FU4fmCtqFYRPnBzHVPW6kQysVO0fPvJARt%2BBk9fmjCu5bBHTEoU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875931484df65685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_cyborg_meta/functions/validate.php | 172.67.193.115 | | 1 B |
URL mozartbulls.top/_cyborg_meta/functions/validate.php IP172.67.193.115:0
File typevery short file (no magic) Hasheccbc87e4b5ce2fe28308fd9f2a7baf3 77de68daecd823babbb58edb1c8e14d7106e83bb 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_cyborg_meta/functions/validate.php HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/
Cookie: cf_clearance=uuyGrZPcHatvSOp.zg2pwBLb_iv9Y8992GtjFa2dCCQ-1713323119-1.0.1.1-1hfxLy2VLHSTfQJVSOe_sdq8qJdsNI_izc0Rbg2SZvEF577keh7BST8Q3SnBKj.JRl6uLLhhjdkDk9Pmqw0FqQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:05:19 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MorpJZjkdAvEOGAbFwTmdxBxB2IawpGckPxY2h06vTy%2FWh2shHfbXE9Dz%2FY5bl1cQArQFLfi3kWjRKFq47nELkwzDVkQpCdOeBm71R7QgSnkyeBx2iKXLi3s1xs9BGz96A8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8759315afd3b5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js | 104.17.3.184 | 200 OK | 148 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (40613) Size148 kB (147531 bytes) Hashd1048a66fc11ea28c3cb1488fac82c62 f055707cf91f637ec19bf5e65bf378857e798469 8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370
GET /turnstile/v0/b/bcc5fb0a8815/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mozartbulls.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:05:02 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 875930ee1811568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 03:05:23 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
location: /turnstile/v0/b/bcc5fb0a8815/api.js
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 87593170a807568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.74.138 | 200 OK | 31 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.138:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 76270
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8759315dfacb568b/1713323120810/34MjnpsMS_vlrje | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8759315dfacb568b/1713323120810/34MjnpsMS_vlrje IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59i4z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 94 x 9, 8-bit/color RGB, non-interlaced Hash5fabaaea2eaa3bad41f4f182f98ab393 e9962d67931bcbcfb97f8220a08266e3aed12290 a675cac7b6350fdd18acf3397af8a5db06211c94c33372ed0617d9eb114f99ee
GET /cdn-cgi/challenge-platform/h/b/i/8759315dfacb568b/1713323120810/34MjnpsMS_vlrje HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59i4z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:05:21 GMT
content-type: image/png
server: cloudflare
cf-ray: 875931663d25568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8759315dfacb568b | 104.17.3.184 | 200 OK | 439 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8759315dfacb568b IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59i4z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size439 kB (439370 bytes) Hash69fe88e42e7cc5056422ea7c9947f556 6c1a3bb0c4635497847bc300e52aaad7725f49d1 7979aeb7613dfff29c03eb35740e1802f31a2a090763e0206d620038bb1e3ffe
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8759315dfacb568b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59i4z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:05:20 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8759315eeb21568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59i4z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal | 104.17.3.184 | 200 OK | 78 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59i4z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_cyborg_meta/zone/b3b32a2d422265cd25c3323ed0157f81/_excl/loading.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&pcnt=3&pmax=null/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41919) Hashc516689a54b6112e52d01d7f94918000 dcf220b55f8e20e01a559450e08797bd59c6a7e0 5ba5fb9701e8986a0c668c0952aefcc3b0d8a3380274800dd9e2cf6878f1f538
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59i4z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:05:20 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 8759315dfacb568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/56542010:1713321898:ahYQ936umX9hrE53cNBalkq0hJOB478RJNPTPcaDWI4/8759315dfacb568b/4e381835d9d68af | 104.17.3.184 | 200 OK | 125 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/56542010:1713321898:ahYQ936umX9hrE53cNBalkq0hJOB478RJNPTPcaDWI4/8759315dfacb568b/4e381835d9d68af IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59i4z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size125 kB (125436 bytes) Hash9c3a7b2928779e71c2d479126976a45c 0504d82a10a0b467024f3fa633cce16f5cf0bdc4 a81c043ec918d9eb32fe26be30faeae61892d2b3677a1311a8e57e21c3b836e6
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/56542010:1713321898:ahYQ936umX9hrE53cNBalkq0hJOB478RJNPTPcaDWI4/8759315dfacb568b/4e381835d9d68af HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59i4z/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4e381835d9d68af
Content-Length: 2724
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:05:20 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: g6wrYH6243iz758wrHDEZV2wqt6zYMS1oWOB/J+PftusDRmjye86DHcplOcSkWmTtlE1PMgoB1f4y2Rsg9Dw64yGcCzh2wd5/zmE+huwp3LtDahOOp/eciuXUnm7jwx4145HNN0I9QFka01MJKRcHUcwy4T9le7DZobH4bF8v4Nt7bYkZ4lR0soSXyVwNtKc3rMjA75JBT1E/RqThjp2nd1oT3a/CpA5o9o5hlnDiRLe+IH3+X60yNHixrIDhCofnhS5ImH73Gsg6RYkA9LJ6Kcto+AlU4IorS1npCcPvh2uxXOCfvnYI+krGwdpH59/cC/UC+kphBenUbeN7Bf1WzCPh/OQQlc5M0vgHp5IEx8DYSTLdZJ1PAXupUb+a37f1D6D4kKmr9kAFnk6rygAIKGhSU8Ur6V98ZiH1hwFDZMmaNaYmaSk3tzb53b6HO5yHRycSQBhg4xwHBq1ibbhWypPxgJZfVufBhLpxN14DTwKN8Zf+LCdQm9t7+ADOCy/DFnLysSW24qb5+DgHvR9Pk5Hfwx5AbywbFYHj4OARu3mg8v3ttZw5YbW44Md3n6B$zlcVFVdUiybc//aLcenM+g==
server: cloudflare
cf-ray: 87593160fbb9568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|