Report - atazanavir.org/wdka/smale/Argentum/amJhbGRhQGFyZ2VudHVtLm9yZw==

Report Overview

Submitted URL
atazanavir.org/wdka/smale/Argentum/amJhbGRhQGFyZ2VudHVtLm9yZw==
IP
162.241.126.34
ASN
#19871 NETWORK-SOLUTIONS-HOSTING
Submitted
2024-04-25 17:12:33
Access
public
Website Title
Just a moment...
Final URL
a1a57284.b7109115dcf087f0e7eb8004.workers.dev/?qrc=jbalda@argentum.org
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
3
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
atazanavir.org	unknown	2024-02-13	2021-02-03	2024-03-14	517 B	275 B	162.241.126.34
mrbatatacolombia.com	unknown	2020-10-16	2020-10-17	2024-03-13	510 B	2.0 kB	192.211.56.74
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-25	7.0 kB	760 kB	104.17.3.184
a1a57284.b7109115dcf087f0e7eb8004.workers.dev	unknown	unknown	No data	No data	1.1 kB	7.7 kB	172.67.184.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-25 17:12:10	low	Client IP	172.67.184.1	ET INFO Observed Cloudflare workers.dev Domain in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (44)

	URL	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ff538dd86712a	433 kB	2024-04-25	2024-04-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ff538dd86712a IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:48:43 Last Seen2024-04-25 19:12:41 Times Seen3 Hash 6249536a6efa94dc37422971de4bf869 afbd3bfc63d587fc0b702718018dff36ad68274b 0f8dedb55dffe709d3a9e1ae306d688e99b9e666ce195c12584b1b4c54b21073 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal	3.6 kB	2024-04-25	2024-04-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 65f393540fbace63544e8548adabd71b 711669eae5f32a096bec28cddc6c4c7e1e33f3ed 285a4b65aea2329ad33291d6d7d722d8beb1ee1e8d0bf636d3fc7f1356cba708 Loading...

	a1a57284.b7109115dcf087f0e7eb8004.workers.dev/?qrc=jbalda@argentum.org	311 B	2024-04-25	2024-04-27
Pretty URL a1a57284.b7109115dcf087f0e7eb8004.workers.dev/?qrc=jbalda@argentum.org IP 172.67.184.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 17:02:19 Last Seen2024-04-27 02:06:12 Times Seen109 Hash e049500ed018486cbd8c9bd8e543f811 face49d410c4c9ec458a3afd2236e91be93a7a1a 1f0e2ba449c521933b5be40de0858e672adfae72286c6de9196c6132f099d553 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	42 kB	2024-04-18	2024-04-29
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:08:49 Last Seen2024-04-29 16:17:51 Times Seen2594 Hash f94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6700aa6f1ea06bb8f88381f29e67d477	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 6700aa6f1ea06bb8f88381f29e67d477 6f62017fe36ca8b19ea402f2b4e712dd542c60fb bd7ad503f8b6f6edd20a59a32be2109b9510ce73a4e5ea76c0da510b2e848bfe Loading...

	#2 Eval - c4fca55dd9aa95ed56e627ecce024314	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash c4fca55dd9aa95ed56e627ecce024314 90a1341e2b6120c92991e68f961273ee22963912 ef9ac4df2ca9bb096d616e5a8d71ab196440d08fd7b2fad97b340271af0669a4 Loading...

	#3 Eval - c24f5a7bd2f2f7b950232af7c13171b5	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash c24f5a7bd2f2f7b950232af7c13171b5 38b5321722fdf7d28a4619d97c3e0d6adadeb67b f295e0e4c64eb40c0b403af27d2226155e72433041f6142fca1f16e22671a2e6 Loading...

	#4 Eval - 70fc0a735e06a148cccce88adbcb6e6a	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 70fc0a735e06a148cccce88adbcb6e6a 5423e39f7d2d7fab23b292b576e4dd73dbe542f0 47c2c61e9dfc08dd78a20b8f769bff7df5cdd892e463805e87109ba213030468 Loading...

	#5 Eval - 48516c93488b0c24ccc1902e491416cc	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 48516c93488b0c24ccc1902e491416cc 20ceef36a6349c90720b3efa4ca75842bd5d9306 49efa5bd43161e9c11577b2c63d29d416269bc918a892d84d4e1d7c4431f22e4 Loading...

	#6 Eval - 1ff80edeac747c2c042de1a1fb885922	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 1ff80edeac747c2c042de1a1fb885922 ace05bb9224c3b18b313268f070787dd12c36820 5e0651359c1f4039522bca7cf7a17dfef3dd06fb750008fc3b02197679849be4 Loading...

	#7 Eval - 89fc36a0d191c19ad03fa3d587e7adec	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 89fc36a0d191c19ad03fa3d587e7adec f2fe6bcae87a4fa35f68426d6f9aefc6b6020f32 247261be9353b8332b20416ba16bc6a370cb8542fae8640f5b100595c70d6fa6 Loading...

	#8 Eval - ee0869331661798d57f2fd2d97783211	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash ee0869331661798d57f2fd2d97783211 7759970d9436cea2fde3b13c714c8af386f85aa5 a5298385e5736da96ee3ad28d3698d45ac1778591a0fe48e94cf754462d9ce61 Loading...

	#9 Eval - b2817aaa56b55769edff208ad08a7123	144 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 21:08:52 Last Seen2024-04-29 16:17:39 Times Seen510 Hash b2817aaa56b55769edff208ad08a7123 88a1d4427808a4d4d76512850999ced991ca50bf 8651c9316df355c619ceb82b13aa160dc82103cc86994c3444d5d78bb20a5292 Loading...

	#10 Eval - 4af1d2a886c6bd5bd4a5c16ee2dac528	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 4af1d2a886c6bd5bd4a5c16ee2dac528 0ba0dbda1e44584ebe2bc0cc05560d0f4fb4b8c9 a9d4dee2f445c82efc9bdab871bcc95ef79a2bfaf8dd2bd008a139d5a1e13ac5 Loading...

	#11 Eval - 66bb91cbd27faf429c626618ef07e91c	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 66bb91cbd27faf429c626618ef07e91c db00dc7f51afa578734046973841e4e19f0fcbe1 a704c775a43f3ee0bfde0e5fb002595d82948c92fe3ba6f3fd6bb2a6b2831435 Loading...

	#12 Eval - 43c81e43a6e7d9140033055ff3e04983	62 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 21:08:51 Last Seen2024-04-29 16:17:50 Times Seen2736 Hash 43c81e43a6e7d9140033055ff3e04983 b0eca03913678cb38c488c7c79cc4f9d2755ea17 3f7ef931c657c4333a401c40e8b0b8d1ff3b164542af45e14242314c0ec39f34 Loading...

	#13 Eval - d1d1906219e9029e8b39857cd5bfa215	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash d1d1906219e9029e8b39857cd5bfa215 8e1c4d79a02af615d8a94ba8a76b494ad3015a4d 35d61db72ae6ad2b24a8502712d85c24f7548f78ef94cd35bfb7d35058ba0fed Loading...

	#14 Eval - 7345ece1c81b7825846fba6d6c4f63bb	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 7345ece1c81b7825846fba6d6c4f63bb 5a89677f27c95bf46bfa75cfe89eb13e20321945 17d95c10868006efbba205aeb9965abfbdb5f39e2d70fbef08891951fba85199 Loading...

	#15 Eval - 1d424ed132aea94e4c5737ee2f1a6fe8	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 1d424ed132aea94e4c5737ee2f1a6fe8 f4c8ed05be19a7532a92f092a5cdd340b4bfc34b 2980a4d157df730bc04562c7a3e64fb793c4461bc310e15d30b453bd53a18c01 Loading...

	#16 Eval - b48ae99b44535da88028afa05d19a798	163 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 22:05:46 Last Seen2024-04-29 15:42:01 Times Seen553 Hash b48ae99b44535da88028afa05d19a798 9ef82c7e71b5f9ffa9dd44391fa8167182b23e85 9d28ad479ce95584fc50fde66d331410b33603a51f3477badac173d4f16fd2b9 Loading...

	#17 Eval - 1818840c3e68509230d697ee5ac4120b	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 1818840c3e68509230d697ee5ac4120b ebc3c2988a1f21363196024d54d1b4ceaa009fba da3a6df7cf60439818808d07ad179a6c3d6b51d84cf8cc39bf3c2e61aa62d620 Loading...

	#18 Eval - 3c647b00d202201e59324748c0b5c459	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 3c647b00d202201e59324748c0b5c459 d6562f4c9dc3c7861505b6d3aaaf101080267412 ab6baf888d80742060b8f189d171d076b2b60f2b92742b7f264eecc110da3d15 Loading...

	#19 Eval - 2116989e04261177d1049eb93c7821d6	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 2116989e04261177d1049eb93c7821d6 d453cfab3e89666a56dee8545d7a2ca5fe7295bb 112ae000f31fbf96fb86d91a72130b759fa4e5595f284d6b0931605e211437ac Loading...

	#20 Eval - a183064f345627e2962789f5c39ebe93	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash a183064f345627e2962789f5c39ebe93 c27595d7a691f81ce4dd6c98d96f09591ea6cd77 b110819618e245556522a7f5ce077beb0238d33ac02647a55eeab39cf4060b7a Loading...

	#21 Eval - fa82efcbfe0b4abe0470f491e3f55f41	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash fa82efcbfe0b4abe0470f491e3f55f41 5ef1ad54996ceef7474feaedb3e8d2298c8ab57a 5060cadff8be76d7906af3f9d47e69bc6bc0b0c2f8dba9ffe81d626a5364e5f4 Loading...

	#22 Eval - 4f0adb9e735aef9c19b7162e4c8766e4	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 4f0adb9e735aef9c19b7162e4c8766e4 a426e831171eabf725d778d21cd1ce00461fdfae 9e7b11ac8ea5a4c38b3e1215d357ac90f9ee06b465124956859de17229732ae7 Loading...

	#23 Eval - 6f4d2e969d188cad37191dc5e6dabeb6	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 6f4d2e969d188cad37191dc5e6dabeb6 1054e68e1805a37be93d34436d53d5d79fcd8f9e ea7d2c9d5a4d51e70e00aa378229385e7bc7b850c3ae52414430877b3b12731f Loading...

	#24 Eval - 05c31b03a3769b58ae3a84ff71c1b138	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash 05c31b03a3769b58ae3a84ff71c1b138 f13c775b8b54b88b6af4d2ca4af5256d78517ff4 31c5b435bf6e4ff641bdf9ec708870107c0319d57854c665c32b4667cd2cd18f Loading...

	#25 Eval - a5e5b190f5e8a32eda47905700bacb78	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash a5e5b190f5e8a32eda47905700bacb78 186542418e52dcb029a0793cfd8f8dc2d638bcd0 43f6d9ad12f686fb2a44e90dff916406c9ca154971ce3177b54a990b845423b3 Loading...

	#26 Eval - f6088b12f0a66af9292eff4931533b08	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:40 Times Seen1 Hash f6088b12f0a66af9292eff4931533b08 7892c4ae9d9cd917bae1f1a4ef83bc12beda0100 1562a88d4ccf194da897d7a34c3e87d2ae1f0a2426fe7ae0c4d10c7ea123086b Loading...

	#27 Eval - 7cae1529591498ecca82c548a80ca6e2	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:40 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 7cae1529591498ecca82c548a80ca6e2 8d1b581882d84d3fde3c760ad2e38dd33a0911a3 24b4edc57a66cb32ae73a023bbeb0c3a4e6e5697598083bb276c05102ff37975 Loading...

	#28 Eval - a5f91dfc09f4c5116330f27e1d971c46	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash a5f91dfc09f4c5116330f27e1d971c46 612df00585f83c281b4747b9f05aa23110775a89 d667eeae001d65a7f575b96552a35099b20ef166622f55e5aa85b7113b205713 Loading...

	#29 Eval - 97738bef119257e7da363be14370691b	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 97738bef119257e7da363be14370691b fd937cd960a8124b9d0c5b6b75ce9787c5135d01 ba2be017048574f4fc99eddc812ad4054d25fbb8ed05125b57859be9a3a32ce8 Loading...

	#30 Eval - 1435d8dc7c49550cde79874cdbd4666e	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 1435d8dc7c49550cde79874cdbd4666e 440fefe04cd6b113d29743db1de30a91536d60f6 52208c771c9e316f9a30cfa29f08e529bd60948c8038723860a09a01bbbd5105 Loading...

	#31 Eval - 7b5fc371797cf4ff240d2f89a6fa53cd	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 7b5fc371797cf4ff240d2f89a6fa53cd bdabb40029f19381919e9c377ef96d1e104472ad 77da697f058c980703015c0bde3b86591a199cde4b1c8bba2f8f74d446d01588 Loading...

	#32 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-05
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-05 14:03:55 Times Seen351499 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#33 Eval - 70ba0d6295b540b6ccb396f4ee9656a2	528 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 70ba0d6295b540b6ccb396f4ee9656a2 50cf963fef2e7b54105c854e5dbfcbab39a343fd 5074689e8fd2192bae26fb6d7dc4a9305c3df426da0d0180f316984bc999f962 Loading...

	#34 Eval - 343014b781d8b575a91d81601b9e359c	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 343014b781d8b575a91d81601b9e359c 72afc123adc888a73766b25da11b303731608bd7 1076400befa516eb7144679bff246ffb5780a377b56a49e5db37722a5620c79a Loading...

	#35 Eval - 9c75712dff0f505c9e831b24d4fdda6b	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 9c75712dff0f505c9e831b24d4fdda6b 31b23648abba4438629a34938d136268e6450e11 0b8323db7c9f0c9c3a0b967ac2bec8683cffa4d2a00707edb6439824defc0e4f Loading...

	#36 Eval - 1e5b976997de2939e22f87bef262ff14	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 1e5b976997de2939e22f87bef262ff14 64be6df803c76e62d3d39b19bbd8c72e75c1e413 69437f86b1ad2d585a40f1e733cc945384ee3e6b199493ab4ce1a3ec81e78e17 Loading...

	#37 Eval - 318b310b684bb0823a399ffd749cf2f7	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 318b310b684bb0823a399ffd749cf2f7 b22d18a20f5d2cbb49e9ac937a524ef58188dbc8 298311c1184610aa6702e9920e960508a6b24fc6910128f5683f2a3eb7fe76f0 Loading...

	#38 Eval - 7fd43157353756ab9866e35b75efc1ec	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 7fd43157353756ab9866e35b75efc1ec 53c08edea911034caf969a2389c19f7ac5654a16 4abad288d819b7ad7749daa6c6639f456ecc200694c0dec3540a7a1d928c739e Loading...

	#39 Eval - 090a33a0ec5e11ce4cfad22c00703140	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 090a33a0ec5e11ce4cfad22c00703140 8d5c27d2a4295bf0f5a8fae9bbc1dc73564a5e3a 9da79f9dd7da8024f32e1b7a5aeadb8ca79f5832307043362148530d6f004a74 Loading...

	#40 Eval - 9dbb1b054586ccfb650176028ce6d35c	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 19:12:41 Last Seen2024-04-25 19:12:41 Times Seen1 Hash 9dbb1b054586ccfb650176028ce6d35c 63ef889f3a41b76657ecac7de02711e8d38d6843 734103fa9e50fc618eb0b961b9b3e0353889da45134ceafab64127c8a1e32433 Loading...

HTTP Transactions (15)

URL IP Response Size

atazanavir.org/wdka/smale/Argentum/amJhbGRhQGFyZ2VudHVtLm9yZw==

162.241.126.34

0 B

URL
atazanavir.org/wdka/smale/Argentum/amJhbGRhQGFyZ2VudHVtLm9yZw==
IP
162.241.126.34:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /wdka/smale/Argentum/amJhbGRhQGFyZ2VudHVtLm9yZw== HTTP/1.1
Host: atazanavir.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 17:12:07 GMT
Server: Apache
refresh: 0;url=https://mrbatatacolombia.com/REDIRECT/9KHWFL/jbalda@argentum.org
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

mrbatatacolombia.com/REDIRECT/9KHWFL/jbalda@argentum.org

192.211.56.74

1.7 kB

URL
mrbatatacolombia.com/REDIRECT/9KHWFL/jbalda@argentum.org
IP
192.211.56.74:0
ASN
#29802 HVC-AS

File type
HTML document, Unicode text, UTF-8 text, with very long lines (794)
Size
1.7 kB (1719 bytes)
Hash
bb6cbd9474eea75b41681d4ff53ee436
571a703f82a416e2dbb6e352f10c6408942790a8
7ef2589bb30f8eab2c860c14445aefd2c12d5826e3b36f7258e1010a2df6aac8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /REDIRECT/9KHWFL/jbalda@argentum.org HTTP/1.1
Host: mrbatatacolombia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 17:12:08 GMT
Server: Apache
X-Powered-By: PHP/8.1.28
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8

challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

104.17.3.184

302 Found

0 B

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://a1a57284.b7109115dcf087f0e7eb8004.workers.dev/?qrc=jbalda@argentum.org
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a1a57284.b7109115dcf087f0e7eb8004.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 25 Apr 2024 17:12:10 GMT
content-length: 0
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ff4da9a3e56ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback

104.17.3.184

200 OK

40 kB

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://a1a57284.b7109115dcf087f0e7eb8004.workers.dev/?qrc=jbalda@argentum.org
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
40 kB (39934 bytes)
Hash
f94a2211ce789a95a7c67e8c660d63e8
f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f
926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b

HTTP Headers

GET /turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a1a57284.b7109115dcf087f0e7eb8004.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:12:10 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ff4daaa5956ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879ff4db5a35712a/1714065131145/25ad474ffea4eb648f4f397e51ff34f1af5e66897eb8a23a78f2e12b41e7fa4f/jCWpc2hW4A2mExP

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879ff4db5a35712a/1714065131145/25ad474ffea4eb648f4f397e51ff34f1af5e66897eb8a23a78f2e12b41e7fa4f/jCWpc2hW4A2mExP
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/879ff4db5a35712a/1714065131145/25ad474ffea4eb648f4f397e51ff34f1af5e66897eb8a23a78f2e12b41e7fa4f/jCWpc2hW4A2mExP HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 25 Apr 2024 17:12:11 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gJa1HT_6k62SPTzl-Uf808a9eZol-uKI6ePLhK0Hn-k8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tICWtR0_-pOtkj085flH_NPGvXmaJfriiOnjy4StB5_pPABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 879ff4e2eb42712a-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879ff4db5a35712a/1714065131149/j2eT5AjAx1MSMT7

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879ff4db5a35712a/1714065131149/j2eT5AjAx1MSMT7
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 51 x 50, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
d7d608b29738b421d18a9bf97aa9e891
f9f912a96bd778c94fcb25acf38c301b5ad69c98
3599b61ca117f0711af8ed6a14a9a27b4307e93e7d2bd9bbd0bcc841889df823

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/879ff4db5a35712a/1714065131149/j2eT5AjAx1MSMT7 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:12:12 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879ff4e34b9c712a-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:12:25 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 879ff5391dd4712a-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1252794540:1714062401:zjzZmCMPaaohqsn6qSy2SNw288PSLjmpP9fifhjFgxM/879ff538dd86712a/670e47c8404c5fc

104.17.3.184

200 OK

118 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1252794540:1714062401:zjzZmCMPaaohqsn6qSy2SNw288PSLjmpP9fifhjFgxM/879ff538dd86712a/670e47c8404c5fc
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
118 kB (117847 bytes)
Hash
fe83fbd8cc1cfb6cca92b344059621da
9cdcdc54be9225a886d46c5314df5e84f85469bc
41ae749bfc629a8c6cbbbafd169cb78a1200427037ef2a542f9ebda546852a6c

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1252794540:1714062401:zjzZmCMPaaohqsn6qSy2SNw288PSLjmpP9fifhjFgxM/879ff538dd86712a/670e47c8404c5fc HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 670e47c8404c5fc
Content-Length: 2678
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:12:26 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: r/dYPxZ/VvaIdVE659GNe4lzgbT7dzcc+p30/eOkTHrwWo/jldPcAP7sq/b6zucEraE9t+zGPSm8/QEX7UR6Q5j362br72W0y0u0jktC/jGJvTqBRlSh38kqtawyJX9RYT+cRgpdlJHm5WQE9zGJQtCrQ9S5Fz2qD4gNlxx25dFNOpkFLZDRrrVhVm5smER60e/DXVoIxbjwgkbEAe5/JFZMqusff5tQSG4TPPq+guDU+rDHZ99FmLy2DsVj+IKH0r4mdaD5ue0oaO0ZZxrjiIZMEFbFM7ACxQ6/cUl+jQiAttwgANbMancAiTWisbbbDZLITOw1UpKVm1KVE+WY4A3t7PgTVGYe4pNR/oavUnX3Px6OKvsZJBJVNyf9sgo6N18H2v/8PnqOdUdR7CVAchg/cFLMLj4oR/fZafjqlySW+dwnOrfHVUFuQ4NfdoOaqVIx0/xKdA/2wx+jg9RZ+KkPULY5w7WXmG0vccUtRGETVrhZpITY5qgavon2OUqE5WAOwTp05yYFRaO4ye1ixEZ222zUgMmhnisacRkxlno=$ffnaodbVYUxLzsah1kDDlA==
vary: accept-encoding
server: cloudflare
cf-ray: 879ff53abff8712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879ff538dd86712a/1714065146050/W9ftZahHIOtwTVd

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879ff538dd86712a/1714065146050/W9ftZahHIOtwTVd
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 24 x 7, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
7739e4b360038d46113b49756c0c13bc
715e726a833d9d8fbd82ae502561025178afc8ba
c66b4327f0e2de9250bc41d880f0e141847511a0945a77556417130e30d28d06

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/879ff538dd86712a/1714065146050/W9ftZahHIOtwTVd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:12:26 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879ff53ead6a712a-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ff538dd86712a

104.17.3.184

200 OK

433 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ff538dd86712a
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
433 kB (433082 bytes)
Hash
6249536a6efa94dc37422971de4bf869
afbd3bfc63d587fc0b702718018dff36ad68274b
0f8dedb55dffe709d3a9e1ae306d688e99b9e666ce195c12584b1b4c54b21073

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ff538dd86712a HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:12:25 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 879ff5391ddb712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879ff538dd86712a/1714065146050/0414b43677dea465571cda4253d9b9d659fb015343e6df6826f15bda12f5ffc5/jNoRNGh72S3fwst

104.17.3.184

401 Unauthorized

1 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879ff538dd86712a/1714065146050/0414b43677dea465571cda4253d9b9d659fb015343e6df6826f15bda12f5ffc5/jNoRNGh72S3fwst
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/879ff538dd86712a/1714065146050/0414b43677dea465571cda4253d9b9d659fb015343e6df6826f15bda12f5ffc5/jNoRNGh72S3fwst HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 401 Unauthorized
date: Thu, 25 Apr 2024 17:12:26 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gBBS0NnfepGVXHNpCU9m51ln7AVND5t9oJvFb2hL1_8UAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIAQUtDZ33qRlVxzaQlPZudZZ-wFTQ-bfaCbxW9oS9f_FABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 879ff53e4cfb712a-OSL
alt-svc: h3=":443"; ma=86400

a1a57284.b7109115dcf087f0e7eb8004.workers.dev/favicon.ico

172.67.184.1

200 OK

3.3 kB

URL GET HTTP/3
a1a57284.b7109115dcf087f0e7eb8004.workers.dev/favicon.ico
IP
172.67.184.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://a1a57284.b7109115dcf087f0e7eb8004.workers.dev/?qrc=jbalda@argentum.org
Certificate
IssuerLet's Encrypt
Subjectb7109115dcf087f0e7eb8004.workers.dev
Fingerprint68:22:5F:D9:60:A3:7B:FE:8C:23:97:4E:B9:74:56:0E:DA:ED:1B:24
ValidityFri, 05 Apr 2024 11:49:59 GMT - Thu, 04 Jul 2024 11:49:58 GMT

File type
HTML document, ASCII text, with very long lines (3271), with no line terminators
Size
3.3 kB (3255 bytes)
Hash
a616e6b5f9fc37f8b0d0e7d5445aee9b
87f00ed983c9d5a318e923d2d7947e162fc78623
32746ab13942b0445439d604720b4a2c4cb76843ffd28cb972f0059ce03fc4ac

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: a1a57284.b7109115dcf087f0e7eb8004.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a1a57284.b7109115dcf087f0e7eb8004.workers.dev/?qrc=jbalda@argentum.org
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:12:10 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T1cPLX6nxw%2BCPlqXpKYNYs2uPrb3KjnDReE5WsDbuTm9omHyZE7MAtyjsEciLYol%2B8EsqYxNFnuxlCMfgl0jfbQU0Z8GKoTfFu4QtTq5KtAIBYDRZPbF3pBJAOe51xSN9cO8wXevqpKo2bWYljC349KgPWvZe9cUA47MIkbwne0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ff4db38fc5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a1a57284.b7109115dcf087f0e7eb8004.workers.dev/?qrc=jbalda@argentum.org

172.67.184.1

200 OK

3.3 kB

URL User Request GET HTTP/2
a1a57284.b7109115dcf087f0e7eb8004.workers.dev/?qrc=jbalda@argentum.org
IP
172.67.184.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectb7109115dcf087f0e7eb8004.workers.dev
Fingerprint68:22:5F:D9:60:A3:7B:FE:8C:23:97:4E:B9:74:56:0E:DA:ED:1B:24
ValidityFri, 05 Apr 2024 11:49:59 GMT - Thu, 04 Jul 2024 11:49:58 GMT

File type
HTML document, ASCII text, with very long lines (3271), with no line terminators
Size
3.3 kB (3255 bytes)
Hash
a616e6b5f9fc37f8b0d0e7d5445aee9b
87f00ed983c9d5a318e923d2d7947e162fc78623
32746ab13942b0445439d604720b4a2c4cb76843ffd28cb972f0059ce03fc4ac

HTTP Headers

GET /?qrc=jbalda@argentum.org HTTP/1.1
Host: a1a57284.b7109115dcf087f0e7eb8004.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mrbatatacolombia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:12:10 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bhi16mCHqtyqNeO02Dn8cmgAad%2BlXg8nLDDp2UVKeET5cGl1qHh6egydErwje2G%2B2Rh1LUgC4wgiSSo65BI1SxWo7MhWpUZEyA6Y3N00oIdWLQ%2FA2CtWzL1NPCABCHnvd8m8SX8k%2FTOqX7ouFFcKHjoGgbWFp7BgmH4pCfHOj7c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ff4d9ec4bb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal

104.17.3.184

200 OK

80 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://a1a57284.b7109115dcf087f0e7eb8004.workers.dev/?qrc=jbalda@argentum.org
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
80 kB (80014 bytes)
Hash
3aeae7dd9e7f21f510d5eed678e05dc4
069f0e50876052427d2c08ca4b2f5f3e6c75813d
5077ce19562c3e50a750d13d6a2eeaaa42ac5ad9b819911342ea94d48a526d7a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a1a57284.b7109115dcf087f0e7eb8004.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:12:10 GMT
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
document-policy: js-profiling
cross-origin-embedder-policy: require-corp
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-resource-policy: cross-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 879ff4db5a35712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal

104.17.3.184

200 OK

80 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://a1a57284.b7109115dcf087f0e7eb8004.workers.dev/?qrc=jbalda@argentum.org
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
80 kB (80034 bytes)
Hash
8429f4a54267080089c7888b2187cd5a
9247569f7d7a2ccd40d7b7de2c403b2e9b74b851
2deb48686f016c0603b059ff040980ea476a750bf514af7e460ca878dc5983ac

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/Sp_xOU08DjqDdFe/us1ld/0x4AAAAAAAX80MqSa7RLZ8nn/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a1a57284.b7109115dcf087f0e7eb8004.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:12:25 GMT
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
document-policy: js-profiling
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-resource-policy: cross-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 879ff538dd86712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash