| diaguard.wtf/downloads/Diamorphine.exe | 104.21.81.122 | 403 Forbidden | 7.6 kB |
URL User Request GET HTTP/3diaguard.wtf/downloads/Diamorphine.exe IP104.21.81.122:443
CertificateIssuerGoogle Trust Services LLC Subjectdiaguard.wtf Fingerprint85:BC:3B:93:98:BA:24:87:6B:60:2B:64:E2:5E:89:11:BB:FC:BA:BC ValiditySat, 17 Feb 2024 03:58:34 GMT - Fri, 17 May 2024 03:58:33 GMT
File typeHTML document, ASCII text, with very long lines (16597), with no line terminators Hashe02362b36fd2ffad98b613396f4fc576 2237ff764982489862be9ab6ddfb03ed82a723c3 22f782992bafcb2b2de5b2a83d491ff61245d91420e06397ced62f483a29bfd2
GET /downloads/Diamorphine.exe HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 16 Apr 2024 04:13:46 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 5cT4zq6xq19J5qIfMxe7ehx5YWUzcHRK7fU+GCeaVyFVFRpBI4ZyujkQYe0XrjbRMKxpN4UDaG78ZUO4HzqKAyS+OyIjXlyvY2IJ6GN+mDVZQ4UIoxWHtasOegE57FVX5cySC3Qfiv9jGvWZtEA8fg==$V1uGS79NlL8FH45hNMsP/g==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s6PwD2lXq%2FhUDJ14R1h08AZ715yAkBBHphbd3tfsiTz8F%2FXhjsXBHF4FnwcrqoupC%2B89j60qXEts7YHiO00nsGyDAqYwSHpUtDpvHicN5ThDpLLbAAuyNRpHGj2Nnu4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8751583d4a50b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/281222881:1713238341:hNK0pb1M0cabxp4n7DhGBwnCkW9qktgzUj8l03aYWSw/875158411f0f569c/06b66dc1862558f | 104.17.2.184 | | 69 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/281222881:1713238341:hNK0pb1M0cabxp4n7DhGBwnCkW9qktgzUj8l03aYWSw/875158411f0f569c/06b66dc1862558f IP104.17.2.184:0
File typeASCII text, with very long lines (65536), with no line terminators Hashf9308a29367b44f3e15cb943b3e5e5cf 57f14c38373cbee5732fbbc9ab7685b303236417 0e997f4098bd4b5bafd5fd062caa8ee18c7d8e6e3b331ed9385049987c41f014
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/281222881:1713238341:hNK0pb1M0cabxp4n7DhGBwnCkW9qktgzUj8l03aYWSw/875158411f0f569c/06b66dc1862558f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mf0yh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 06b66dc1862558f
Content-Length: 3367
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:13:47 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 0Yn7BOVk4fJJPUcWIIeyh8qPmcF8kYW2QWP8j0qoA3Cp2Hihu7ldk3sGQQenxh+bI7aWpmdhOPemH75QEtow2QyAXiPfYaCr5aBbe8oalNOciNyer20NEa73J4KJFd4fd3vN0H7TlGuWCHgx9ynvFrL+D5oqlwY1x7m9xcmjSgGlk73EomvZj/48t8Y61wS024eFss+39OUSP1WfEqqeoKpvGU/zrGyWi8d2N9r8UquyauKcLsXFd/Hgx4n/DK1uTBUlTfX3qhLsBauyH1eoyeT5eg9nwVVFMrtmF0d9LHYIJWNAQQSU1Lk6CN7G1CVLvpjqTvCufhLcipfba3PX3ELXubyZa3UnkZvwMuYGGtLXUSfdj7qOISLMW2s6QamAuIQAB0Eo++IT6LpU+wIsefy2eG72UaGvnMuS23kp/Tw=$ekGsJI1+UiDNe1Qhcrfsqg==
server: cloudflare
cf-ray: 87515842e84d569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mf0yh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.2.184 | 200 OK | 22 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mf0yh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.2.184:443
Requested byhttps://diaguard.wtf/downloads/Diamorphine.exe CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41919) Hashb6cc2a93d237c5b3d8390f3c272a03ce 6fbb96d54ac9d8f198eefd42470b96d8515fb7ee c8cfe2425e0e07ebea4cb4663cfddca7259d326f3c1d8a6cf6c6171ea4258363
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mf0yh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:13:47 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 875158411f0f569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| diaguard.wtf/downloads/Diamorphine.exe | 104.21.81.122 | 403 Forbidden | 25 kB |
URL User Request GET HTTP/3diaguard.wtf/downloads/Diamorphine.exe IP104.21.81.122:443
CertificateIssuerGoogle Trust Services LLC Subjectdiaguard.wtf Fingerprint85:BC:3B:93:98:BA:24:87:6B:60:2B:64:E2:5E:89:11:BB:FC:BA:BC ValiditySat, 17 Feb 2024 03:58:34 GMT - Fri, 17 May 2024 03:58:33 GMT
File typePE32+ executable (GUI) x86-64, for MS Windows, 6 sections Hash26c6a43ee8f11a554656a87024dd66f3 4bf185de5ed8b61fa1d402a51111bde1df680b20 88517cbd9621043c6470ad17a91270b84708be86454728422554c1e4d2bce004
Analyzer | Verdict | Alert | VirusTotal | malicious | |
POST /downloads/Diamorphine.exe HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe?__cf_chl_tk=1PHJsan7qNTEAHL0qE15VODR5BbE4sga1pIgLvKatYQ-1713240826-0.0.1.1-1621
Content-Type: application/x-www-form-urlencoded
Content-Length: 4412
Origin: https://diaguard.wtf
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=339d09e4d6a9a49
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:13:52 GMT
content-type: application/x-msdos-program
content-length: 24576
set-cookie: cf_chl_3=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.diaguard.wtf; Secure
cf_clearance=p.C5t_LQnN9F4BFpTI0YKYHqjM7jexPIkWWGIPWFbc4-1713240826-1.0.1.1-H4Qso5FWnY0V3Z16mxjE4SySASK4uvR3DkGM.vbe2v_sfyG7s2iHiy._DsyBVOR4JXZKvHdeWPKcMRNccQ2r9A; path=/; expires=Wed, 16-Apr-25 04:13:52 GMT; domain=.diaguard.wtf; HttpOnly; Secure; SameSite=None
last-modified: Fri, 15 Mar 2024 11:26:22 GMT
etag: "6000-613b14712f8f2"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZ%2FTSaDbV%2BUHfyEB%2FdWBOySsTIrQRFpvwR0Yf1UmH7KBRC%2BC94JwXtZe1w6VcdFYIOz2fMBzcvXCrWtCZAUgHj51pfW1xJSldPk%2FugAhcg3YJxJkhjRRkcwpct2zcvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87515860f8d0b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/875158411f0f569c/1713240827360/5fe0c3e9a44f03dbe719a1590fe4b6e29477f25045a430053b8f372ea15e79ed/qFtnfjzi9kHn_Hc | 104.17.2.184 | | 7.6 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/875158411f0f569c/1713240827360/5fe0c3e9a44f03dbe719a1590fe4b6e29477f25045a430053b8f372ea15e79ed/qFtnfjzi9kHn_Hc IP104.17.2.184:0
Hash44ef62250688c183d666e66ff34e259d 87eb7e8af80c88710ec1b8abf1213356a200bd79 eecef8161f11fee307c5963d0057051d7dcdd5611b6d3107213845bdd1729725
GET /cdn-cgi/challenge-platform/h/b/pat/875158411f0f569c/1713240827360/5fe0c3e9a44f03dbe719a1590fe4b6e29477f25045a430053b8f372ea15e79ed/qFtnfjzi9kHn_Hc HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mf0yh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Tue, 16 Apr 2024 04:13:47 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gX-DD6aRPA9vnGaFZD-S24pR38lBFpDAFO483LqFeee0AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1QvuFhVj8-HIEpd2829MedEvnrcAHahftJq4lCTdordKDtEpBDr1tC6_z1kq102Fe8SVbT4nRFRPCH_vL6Pwcc16C8jLMMvXraoC-BiyzAX3Yyr6lZj9UCQ7aK3JEr-tlD2wmLRtqyXfZQu9FdZsCMm0LU5LDAKE1uUBeAV-vLkP_1imLjHgbFE2lJH52yahbxiIjoqT_3PjB45ow3W9ciKiR89cUoS7X-sc6I2Lo7P_Y_FH4aGxC4fBDbjKZDO7UYOs3i1xJCHhgRA2dPWk0tZTjV7-jJE-oyRiReJNq7shr4jYws0e9BzlY1UCMa-U_JWdRb9So4JnoGPmfvSU_QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIF_gw-mkTwPb5xmhWQ_ktuKUd_JQRaQwBTuPNy6hXnntABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8751584569c6569c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/875158411f0f569c/1713240827360/fk4fNi8_2ES83SM | 104.17.2.184 | | 4.2 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/875158411f0f569c/1713240827360/fk4fNi8_2ES83SM IP104.17.2.184:0
File typePNG image data, 31 x 62, 8-bit/color RGB, non-interlaced Hashe449cd8fc4063f3f6ed2086da0b7f549 d1d4ec55247b3874f9ed5a3f977e79499ebd6c89 0619bf87cebc20e19465766a86f87984c97ae20e8940103d995ed0c85b9eca28
GET /cdn-cgi/challenge-platform/h/b/i/875158411f0f569c/1713240827360/fk4fNi8_2ES83SM HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mf0yh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:13:48 GMT
content-type: image/png
server: cloudflare
cf-ray: 875158496b49569c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| diaguard.wtf/favicon.ico | 104.21.81.122 | 403 Forbidden | 16 kB |
IP104.21.81.122:443
Requested byhttps://diaguard.wtf/downloads/Diamorphine.exe CertificateIssuerGoogle Trust Services LLC Subjectdiaguard.wtf Fingerprint85:BC:3B:93:98:BA:24:87:6B:60:2B:64:E2:5E:89:11:BB:FC:BA:BC ValiditySat, 17 Feb 2024 03:58:34 GMT - Fri, 17 May 2024 03:58:33 GMT
File typeHTML document, ASCII text, with very long lines (15551), with no line terminators Hashe5258bbdfed2ca7a81ff5b7d0aed6742 3ed8a765b8b91d4aa52dd2e26d93373b9d36183c abbb5a5988085a694cd35a586f6991df293c10a8d18611469b0d931fa145a1b8
GET /favicon.ico HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=339d09e4d6a9a49
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Tue, 16 Apr 2024 04:13:46 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: MDb1BOatJp9b1pIVrQy3hEgpw/jotbJ8/HOa2aEL9gBHMKu8yxMgCzoYmiXu9dcHbeJptEJ1sFUb+KjFZ2klHanHX/leYEw/RkqJPhLUtROhUDnYGOdLjc7RlVOkJrWK5kY/TW8s7LncvLf3+EBmWQ==$kLaEQrhqwMZO9qkAU/fkKQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qtBp%2BhILOXBNG8hvaBXDN%2FX3J0TvseO%2BGgdb4jPbG9xaEQQBjemWYXlUEpFTiTombwiYXpxSriqdr5i9fiobL9QHNJJjOzLTjIgVd4vvXxyvqpzPK7FDQJGNKYNcIOk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8751583f8d91b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| diaguard.wtf/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8751583e4c6ab50f | 104.21.81.122 | 200 OK | 397 kB |
URL GET HTTP/3diaguard.wtf/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8751583e4c6ab50f IP104.21.81.122:443
Requested byhttps://diaguard.wtf/downloads/Diamorphine.exe CertificateIssuerGoogle Trust Services LLC Subjectdiaguard.wtf Fingerprint85:BC:3B:93:98:BA:24:87:6B:60:2B:64:E2:5E:89:11:BB:FC:BA:BC ValiditySat, 17 Feb 2024 03:58:34 GMT - Fri, 17 May 2024 03:58:33 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size397 kB (396920 bytes) Hash22dbd596d1891dcfffcd6503326f94b8 9cc2d532f7fc986c74aa392a78774bec2adedb01 2bdfb2e9ce586dd15f8609cc250ac0f33d23a9a93ce31424d49f9175e5f53967
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8751583e4c6ab50f HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe?__cf_chl_rt_tk=1PHJsan7qNTEAHL0qE15VODR5BbE4sga1pIgLvKatYQ-1713240826-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:13:46 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhGJLipHSzAaFvTJEfz%2FaH3wDbM%2F6451DzddjNgw1xqC%2FRHB0QKEvoChz7XB6fLARFr%2Fb7byN42pOpJ5hpvcmvtFrB66MEd3efnzDCtgeplQ%2FGl93FujcmbfkhGuCh8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8751583f0d5db50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| diaguard.wtf/favicon.ico | 104.21.81.122 | 403 Forbidden | 16 kB |
IP104.21.81.122:443
Requested byhttps://diaguard.wtf/downloads/Diamorphine.exe CertificateIssuerGoogle Trust Services LLC Subjectdiaguard.wtf Fingerprint85:BC:3B:93:98:BA:24:87:6B:60:2B:64:E2:5E:89:11:BB:FC:BA:BC ValiditySat, 17 Feb 2024 03:58:34 GMT - Fri, 17 May 2024 03:58:33 GMT
File typeHTML document, ASCII text, with very long lines (15615), with no line terminators Hash16265982658838fb308542ae8a716344 93c98aa8941e7067ffb2451ebf11eb3cb3beec45 2cb84eae9e10bcebcd131125cbf85837cddd783dc8f286b7ffecd352116d7b96
GET /favicon.ico HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe?__cf_chl_rt_tk=1PHJsan7qNTEAHL0qE15VODR5BbE4sga1pIgLvKatYQ-1713240826-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Tue, 16 Apr 2024 04:13:46 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: g/KQZceLIFB43i6Ba1KDtd5DtcE+yM4jkzF9pzglq8xhNDyAkJ5eIX6YC+0ahzzs8rHNImCzVZlVwnu1n+mzYptOoN90ovfrJg3hFHpJH7IJcTUVIK5xy1QhF3Gtf0lHumwHUNi8OSBqoAZDZdOAQg==$yv6EBPtQeWfRbn0448Uz8w==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=waYf7tC2d%2BLgUieNiNGpeS1U7NWThZZLxctc3CkcBeqSYpaF%2FjKoKAiQIALQ62T7YElQVHkuDj4qEp47MKYAerKUgMUy12qBpSLFksWIMI%2B5vdJGyOziId5r4%2FwZpz0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8751583f3d6fb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=HrjuF1&render=explicit | 104.17.2.184 | 200 OK | 41 kB |
URL GET HTTP/2challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=HrjuF1&render=explicit IP104.17.2.184:443
Requested byhttps://diaguard.wtf/downloads/Diamorphine.exe CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (40613) Hashd1048a66fc11ea28c3cb1488fac82c62 f055707cf91f637ec19bf5e65bf378857e798469 8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370
GET /turnstile/v0/b/bcc5fb0a8815/api.js?onload=HrjuF1&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://diaguard.wtf
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 04:13:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8751583fabe87129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| diaguard.wtf/cdn-cgi/challenge-platform/h/b/flow/ov1/1802871597:1713238149:HozGyxM-QvnY4OTqJGvE7piTarONAuT9AioQiGZh_n0/8751583e4c6ab50f/339d09e4d6a9a49 | 104.21.81.122 | 200 OK | 3.6 kB |
URL POST HTTP/3diaguard.wtf/cdn-cgi/challenge-platform/h/b/flow/ov1/1802871597:1713238149:HozGyxM-QvnY4OTqJGvE7piTarONAuT9AioQiGZh_n0/8751583e4c6ab50f/339d09e4d6a9a49 IP104.21.81.122:443
Requested byhttps://diaguard.wtf/downloads/Diamorphine.exe CertificateIssuerGoogle Trust Services LLC Subjectdiaguard.wtf Fingerprint85:BC:3B:93:98:BA:24:87:6B:60:2B:64:E2:5E:89:11:BB:FC:BA:BC ValiditySat, 17 Feb 2024 03:58:34 GMT - Fri, 17 May 2024 03:58:33 GMT
File typeASCII text, with very long lines (3552), with no line terminators Hash6918595f013cb093699c8b6c308dbee2 b1ee8d868a9655cc7682874bb22ed31ee239be9a ded0d9acb0410c9ede9b0b43bb8fe7224f1cece1f51e9d2755fad6eb6adecef6
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1802871597:1713238149:HozGyxM-QvnY4OTqJGvE7piTarONAuT9AioQiGZh_n0/8751583e4c6ab50f/339d09e4d6a9a49 HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe
Content-type: application/x-www-form-urlencoded
CF-Challenge: 339d09e4d6a9a49
Content-Length: 3337
Origin: https://diaguard.wtf
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=339d09e4d6a9a49
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:13:52 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_chl_rc_m=;Expires=Mon, 15 Apr 2024 04:13:52 GMT;SameSite=Strict
cf-chl-out: XIm9AS2DJXntKdj0jVrJFLSI2+EYQD+aGbmmU38u+mT+82p0ryc9eZoj+CNKlCc3nol0r4tyBr993yV8cHfLBw==$ixfeXHJCLnqIBLUIOPT2rQ==
cf-chl-out-s: o3a3MMJQcUvGGlX7sR2KW+GteDtX5U8iaSxDBupcgeBb+3/g4Tx2K8Bg+506ZhctrpRrUTjS+bo7bTQBcntfNBp1QZX7uVlV4vbGfmCUZC5E26E2g53qBYMO/EQkq/2qe5H80BElvcjWziwy74oPhS3BTTPDnhhL3jD7O9aDvfL4ZwXj8DpVzcWlX1XYhH/eoZn52NMn7iPG7nAaihXjvq1wap+vh1Lj2DTPIEFx5GC+yCQIsGdm/YoMysk5cdJ6jmRr7RhlpE6EOVuU/ZUqGVwd7Ofu4eIiF67MBluG4vkZZWv9Nc2tx4hdKPhfF0ednqiDmHvzq5IRTsJuW0J+uX0UXcDGZknmxp1sWuH1/c1Khw9s4fme/ZeECKGgzZLSpghglzAwVDE7sYNoCt0qOoKs/qGxcPLpZ4ZfKBwEc84wVgw8xiVcQMnhTRE6fPVN2p6ZXVSdL5gFI47fywommQ==$W5OYMqecC+4IxDNq4crX3w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2BYAhD5OOoEBleZbtN9Cy9L2G7hQLYZZySNbsegNfJy6WTDuRrOePcaYCog4UoTyYyL3F3HBZpNe1RDVwJU%2F%2BjaoAdAqaC%2Bq6YkHyhpqffNfSFZkmkIzSiZKjdIdEp0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875158600843b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| diaguard.wtf/cdn-cgi/challenge-platform/h/b/flow/ov1/1802871597:1713238149:HozGyxM-QvnY4OTqJGvE7piTarONAuT9AioQiGZh_n0/8751583e4c6ab50f/339d09e4d6a9a49 | 104.21.81.122 | 200 OK | 16 kB |
URL POST HTTP/3diaguard.wtf/cdn-cgi/challenge-platform/h/b/flow/ov1/1802871597:1713238149:HozGyxM-QvnY4OTqJGvE7piTarONAuT9AioQiGZh_n0/8751583e4c6ab50f/339d09e4d6a9a49 IP104.21.81.122:443
Requested byhttps://diaguard.wtf/downloads/Diamorphine.exe CertificateIssuerGoogle Trust Services LLC Subjectdiaguard.wtf Fingerprint85:BC:3B:93:98:BA:24:87:6B:60:2B:64:E2:5E:89:11:BB:FC:BA:BC ValiditySat, 17 Feb 2024 03:58:34 GMT - Fri, 17 May 2024 03:58:33 GMT
File typeASCII text, with very long lines (15960), with no line terminators Hash1b8e3877d66ad2da0752e5eddb09e013 847136902a08481c80278eb39596e416cb82b343 648cff605ca70c0fecbc946e3045473c7eb4218429dfcef47111f54842418164
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1802871597:1713238149:HozGyxM-QvnY4OTqJGvE7piTarONAuT9AioQiGZh_n0/8751583e4c6ab50f/339d09e4d6a9a49 HTTP/1.1
Host: diaguard.wtf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diaguard.wtf/downloads/Diamorphine.exe
Content-type: application/x-www-form-urlencoded
CF-Challenge: 339d09e4d6a9a49
Content-Length: 1959
Origin: https://diaguard.wtf
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=339d09e4d6a9a49
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:13:46 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: M0uSP9BjvdBrD6eo6RmM2Jb2iXCKrBKfjYQEZVN44LW69zAbzXrEEhzjC0V3RiPg$sUOjlelilMS8bpnvSnJGSQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RlpyDp5SybicXftqDZ0Y6NSpbe14Lr76kX5udgx4i6gsLLAkKCZmjthxfB4%2BSwTBIbFq9yDiSEk1zs8Jh%2FA5PumieFkaN%2FcBqIFB3QcJYVyV8SkTbSS3okgUxIfeSFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875158405dedb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|