| plaintediousidowsko.shop/PsMA | 104.21.53.146 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1plaintediousidowsko.shop/PsMA IP104.21.53.146:80
File typeHTML document, ASCII text, with very long lines (14167), with no line terminators Hash2217d0eb9fc5ea971936f101aa11437a 2711e6c6945a6fe6109a9fc0163d3289cf949c1c 191505318d8e582f2993db3557a9a030ca8f8a23473e35ab6e7a4980c97a11c4
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /PsMA HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 23:38:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: tVZu18i4x+QUau2XGpoDJrkDbwvMJhR44qdcz8G/SrPE5xC1c+jf1YVNlIesSw/Z2b0pykMk5rUWJVe8q1AhKDovfxn7Ai2q2/AZcnm42HDQPuBC4fg+BbgwZR79pRDfsIBsJWJI7EgYKhrsT3l2+A==$8kCENuk9ZKOHxJWHZ+bWhQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7E8G0G7hBWxGUhlk9z81ohMq%2B%2F3uyEqrKNC2I47TVgyF6Aiisk1NwKQSkYjZtXNMoURyKa6WfaCcmole2pqx%2FIjd5%2BdlPpEfEMMIhaorDp4OIlOxaUjn%2F73S50aCtxa1hHY2sUpmDFhzmg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880d4916ce37b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d4916ce37b517 | 172.67.213.139 | | 115 kB |
URL plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d4916ce37b517 IP172.67.213.139:0
File typeASCII text, with very long lines (65536), with no line terminators Size115 kB (114640 bytes) Hashe59b726f2e00256ccee5085b38b50a85 3fb7d733acc183a9a4c01ffba9c6810aa99f404a 5aa04070818f5e442b0df7eb53f4ff2bb6fbee88ad51d9f4f893a9016c88d2b2
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d4916ce37b517 HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/PsMA?__cf_chl_rt_tk=4sH5TrCHi_Eun2_dJId672JVKysST_BM3xGrS5RnirA-1715211528-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 23:38:49 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zmnxrMIu%2FOmnl4VzzwHpb%2Fy32cBS0qOWB%2FlJU6FWSoBpF5cTLlXeIRBJjFp13qKmwZOwJeFgZhbwn5oQhPjq7eGgR0%2FPOG0ujzRQUbjCeUuAc3FozCONF0C2bDkXahzu%2Bm8JxYQAeCybhk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880d49189bb80afe-OSL
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/favicon.ico | 172.67.213.139 | 403 Forbidden | 5.8 kB |
URL GET HTTP/1.1plaintediousidowsko.shop/favicon.ico IP172.67.213.139:80
Requested byhttp://plaintediousidowsko.shop/PsMA
File typeHTML document, ASCII text, with very long lines (14199), with no line terminators Hashee6ca8cbb8d57234432ec6418165e771 ce874f82e11173ffda7fa795bdd43fa29071c1b0 6cdc05df003668fc5f35d91514c86ad27fd72c7f5b3c42c8f16ab96f9bea6e0f
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/PsMA
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 23:38:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: WMKCCR/ec4l2c7O/xxi74lbOF4Y87M0gkO6hOloDnxLJH0vhd7cEtD+FOxK9jeLj9x8XQfPEGgOOPuVpGiKJ4KiE9R/Jva4Yz+1MrpX1kRNa1OWYch6hUOzKSog9hi/d22T4UweRNYAr5+Uovh2G0Q==$WCBU2Gn4nq2ikR7oBTcDSg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EaUW5gJyPZr99TblcwCI13x8vQdZHE%2BNBNnCxFxVwDcMHTT%2F7SlUiivL2czX%2BYAyN4AHf4RS8FfJUqHrETRk2TxUyLq8G7MyEBc4VbVmv9FLA7NQIEC6cNd3Az49bpV%2BTvjCvPPbmI4PKuk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880d491999b25684-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/412322525:1715207488:TruX7LEywbzgv3skFKxGjZu7PiBQ9krXdYyZjbL9C2U/880d4916ce37b517/d5ba1781572115f | 172.67.213.139 | | 12 kB |
URL plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/412322525:1715207488:TruX7LEywbzgv3skFKxGjZu7PiBQ9krXdYyZjbL9C2U/880d4916ce37b517/d5ba1781572115f IP172.67.213.139:0
File typeASCII text, with very long lines (16364), with no line terminators Hash36af6dd64cde3bc78f1fc7981d1801a5 0d256226cb49026eaca94fe0070567dcdd451219 cb106bd502cf3de486e9fa469868108c105e61aa2f423c686abc23e1a7333ce2
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/412322525:1715207488:TruX7LEywbzgv3skFKxGjZu7PiBQ9krXdYyZjbL9C2U/880d4916ce37b517/d5ba1781572115f HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/PsMA
Content-type: application/x-www-form-urlencoded
CF-Challenge: d5ba1781572115f
Content-Length: 1868
Origin: http://plaintediousidowsko.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 23:38:49 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: or2/U6QipAgU1r5Yk5EbiJ+FDmDRzFQhUSWYcughxyWFd03fpyaIxh5fvTQt1LEl$AjTl7GeGIbkLn2eAdfqv/Q==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hAiX4WxZmf%2FVrzmzaAut%2FO8kaHyBlh883UtFWnC1r9P9TWveKabuMqk2COYAMsR0tOr8HatBOLRmnM805G2jK4V6eSiIpWSWdB7EDmzdgBN81ZLDWMYk4XY4kAI48AgSfqqTJYPK3jk7Co0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880d491a4e28b511-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/f90rq/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/f90rq/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hash70e054349148620cb69de398c4f98059 54569a3a9e454c4ef55b484770cc086f0ca7196c c02b1e60038daa78a973ae86595d3cd14fe13454490828568df24fc911e90328
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/f90rq/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:38:49 GMT
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 880d491b39110b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| plaintediousidowsko.shop/favicon.ico | 172.67.213.139 | 403 Forbidden | 24 kB |
URL GET HTTP/1.1plaintediousidowsko.shop/favicon.ico IP172.67.213.139:80
Requested byhttp://plaintediousidowsko.shop/PsMA
Hash1616fc3ae77e05ffed673035d6d079b2 fc75b0363b7f1c954c1f61655079974162668bbc 0049950d59eded223e1cd8256682d20788718f06384c1af5cb049f96075b5771
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/PsMA?__cf_chl_rt_tk=4sH5TrCHi_Eun2_dJId672JVKysST_BM3xGrS5RnirA-1715211528-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 23:38:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 4IvhnCV9wsFPkhs4w2kADVYQRnFACR2LVYWptJv3FRlR32YW0p/dwgwGMszlnNEsMSuSjRM1j5d68rm0FTxMvc6m2UsqGXrmr/tMH3qo2tOWrK7/GCXucJRbGRRO/Q2rI6fCQ9XUXvQmCdlm3YC5WA==$0TOV2o9rulINvH2emUYAOg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqZSV6XaN9r424bNfWfu8xx4tMXHY53W8%2B737ZThbQlz6omUgZve1Q6bowsO6ZLDEZZxKm24QpZwGBQ0BZcUKpOPN8ITroasq18S7Y6D%2BWy9ls5O432Q88YIHghhsif3k96HpecoRViDOpM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880d4918ec0b0afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880d491b39110b49/1715211529930/VRz3lH8xSdcXUKz | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880d491b39110b49/1715211529930/VRz3lH8xSdcXUKz IP104.17.2.184:0
File typePNG image data, 42 x 33, 8-bit/color RGB, non-interlaced Hash24449f34506093e9725e69021a528e45 e4557ec3de0fc0d7e9704e803e93fb968bbcc032 b5d5a2facdac5c224e18aa25da4e977c135e77b37e91fd5906e097c6e25e6fd3
GET /cdn-cgi/challenge-platform/h/b/i/880d491b39110b49/1715211529930/VRz3lH8xSdcXUKz HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/f90rq/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:38:51 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880d4926be2e0b49-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/689607155:1715207449:aSZcVj1vhL2U9YSXy_FAUg-UoSe4DObURxmHcLhhwTE/880d491b39110b49/554674cd3483850 | 104.17.2.184 | | 122 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/689607155:1715207449:aSZcVj1vhL2U9YSXy_FAUg-UoSe4DObURxmHcLhhwTE/880d491b39110b49/554674cd3483850 IP104.17.2.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size122 kB (122155 bytes) Hash00288d645cb1af4be1f317d740a0a6ff d6b02ecae4f8c3616f1c36e17ca096765a7617cf d43cca82acef11814cc27b2309838ed04883afb677e08d61828fea40bf86d86e
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/689607155:1715207449:aSZcVj1vhL2U9YSXy_FAUg-UoSe4DObURxmHcLhhwTE/880d491b39110b49/554674cd3483850 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/f90rq/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 554674cd3483850
Content-Length: 3567
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:38:49 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: bfayj2uClvjZsqY8dq69dc0yxTYuX76nOLa5ur3IcguDJQ+dp88Q4/3Vnse0ss2kRXrkvtBn4CkwJBAdZw1k88/HueUaP5E4vFCyGdITnPcjtUnIkl3JtMqLeXYHvvgQvhza47s5uLC/ZTR2xPbWntu/PXRI7UcpyZAIGPqed9K77BAbPl+q+1q5ILpGzSztsNDY57SkhYMJSgTGu8CJKzcuay3HF/4hA2gMYwV50OdUWKzTAeQg+O7vyy2EY8OJ/CD8dDMWirrvmKVo4sfsjjzwARniv/Bzuv+pqHOfLBVaH8vmuHXbnIiek8XgvgeKMXLcMvtYonQgHjHhUY6zc7+gaqDCLMIXgEYYJOY64rD5K8i0tfByvBJ6fazHUWPV3yRokeMckrxXr6MUVJErtgfrHq3vSGj5T0NbGPv8zRzGb+zpRHo/KrQ8dZKpYsZgI+98He+wkI1gE3JvNJAqbw==$vQfEVoSVYZGjUQAaI/c9zw==
vary: accept-encoding
server: cloudflare
cf-ray: 880d491dfa2b0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| plaintediousidowsko.shop/PsMA | 172.67.213.139 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1plaintediousidowsko.shop/PsMA IP172.67.213.139:80
File typeHTML document, ASCII text, with very long lines (14188), with no line terminators Hash0a021c03b1ce4a83317ce25c8ea2c634 8bfce464f10493fea49ba1d47aa7c1970a380795 17cc105e16f7bcd3738663dcecf810200866c5574ff0fcd0a2f14d6e64b43d87
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /PsMA HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 23:39:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: aAD2Z2HvkKK5zpLmU1hU7zfpZ4prxSmAV0NoiMw1h73bwdfnbZzQX6reNrtBKpgpXCjXTdyZBqDYoB247+SQvUBByiBMNTooKpeZTpLKLX+ygaaLj/suNLwHEp1kUttzZ4gjCeANpVeZVZZGZAvfBA==$PtVx/O6err4SI9NVfgiUfw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H3JlLqzCjNVDoJynigkNWX%2Bpxd9mohypH93X2XBKnC2gtlfngeoMUjikt1PRcKZ8zXwOfkBZKrp%2BcgRt2e2ctGdovxpMsmO21Bn%2FbeQW8kuwUv1pRAt13x3NlijiqULX3knYmBgyzKP67oI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880d495d5c3ab511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d495d5c3ab511 | 172.67.213.139 | 200 OK | 113 kB |
URL GET HTTP/1.1plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d495d5c3ab511 IP172.67.213.139:80
Requested byhttp://plaintediousidowsko.shop/PsMA
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size113 kB (112648 bytes) Hasha0a9372517ea07dea122115628525f37 1d4182d357d939b7f97998925636f17c31e8a7b5 037c16287432ba11836a0c664b816b365f5dcbb941c07d033ce1de4daa2ef18d
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880d495d5c3ab511 HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/PsMA?__cf_chl_rt_tk=ZCVMS7mRi00PJm9SUKofLIjAt7.NowZ3P5CQh3gGy0Y-1715211540-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 23:39:00 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RP9IVczwp%2BYifEVq2aStHLFiUkEXh3atVPt7PTj78mS8snPn3mT%2BtLovhr%2BO0lVqOmye%2F%2FepHerA%2BVplEHo3YhoknTS%2BHZosFRkpz9ck9usDYyiXsCUiJzFf0WxLLUB%2B8CbNYOg%2BGbKyWxs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880d495dcc707129-OSL
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/favicon.ico | 172.67.213.139 | 403 Forbidden | 5.8 kB |
URL GET HTTP/1.1plaintediousidowsko.shop/favicon.ico IP172.67.213.139:80
Requested byhttp://plaintediousidowsko.shop/PsMA
File typeHTML document, ASCII text, with very long lines (14221), with no line terminators Hashc1e4d72cb79a6fd88d1efb7502690438 d20167cbd72b1cea6b65ac8e456bb2040803ae7c c7812c4d8b15d476b4fe75da6716e7283e9283af54c23aaaa6376abcc4b03f53
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/PsMA
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 23:39:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: EvYmo4Ql+eeBjBHn8bquNj/x/qqMaPC1VkQPFTZVIXZje7GZoF1BsMFy7mHNc/dJiiIzvToZC67x1NI2uMV9M36z1zgTUPvmDBIUtGtwEPkUwoHktNK42eMndGgUbO1Hn7S+4aXXRMDj+37lZBgKVQ==$9gNPurHLC3Ah0yCHd22zog==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6b5l1bk0k2WOg7IhMICFAJ6eD6D8eQETqOI1H2UFn%2FekGhm4WlEzyw26ep3%2BOe461FzOUFw8nmUfFSzGc6Wokrs107%2BRkY%2BXwf%2FAPN4nooT2qTvtHVphlUYQGVtKq0xgoM66wkzUjD3MAyQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880d495e7d75712b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/394508631:1715207400:mFUozL5UYQQr0J7xIszO59QB2Crp4rbuXhepAq_yv5A/880d495d5c3ab511/74f367e0b5e8388 | 172.67.213.139 | 200 OK | 12 kB |
URL POST HTTP/1.1plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/394508631:1715207400:mFUozL5UYQQr0J7xIszO59QB2Crp4rbuXhepAq_yv5A/880d495d5c3ab511/74f367e0b5e8388 IP172.67.213.139:80
Requested byhttp://plaintediousidowsko.shop/PsMA
File typeASCII text, with very long lines (16352), with no line terminators Hashed423bd2506614e41d2b4ed25324fe68 729cf9fcd838b42f824f4f836e22f9fbe981711e f760aacd04e75502f2be7a5c28c2f86b523387912da7e1502cefefbbb49f0cee
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/394508631:1715207400:mFUozL5UYQQr0J7xIszO59QB2Crp4rbuXhepAq_yv5A/880d495d5c3ab511/74f367e0b5e8388 HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/PsMA
Content-type: application/x-www-form-urlencoded
CF-Challenge: 74f367e0b5e8388
Content-Length: 1859
Origin: http://plaintediousidowsko.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 23:39:00 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 10Dbm1jFoLV35kslV+8zgFzqrzESDFmtmyPHzH8zc8ZQF1CpdPLdhNPr9muLT5ig$PaxBffwJqZvk6PwvaBHhdw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QVRGK8DwDANTZWyq%2BhC2EK%2BpVrKRJW04F0pGlMl71GE%2BC9uwpWMNd7v0tWAo98JUTc8R58WouHFTmRkLoNCPcp8bMB3st6YYL951Z3A460QxSOJfBuIVJd1AGYFME%2BKPmN4vtE8u3UH72zw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880d495f2d005690-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | 200 OK | 26 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:443
Requested byhttp://plaintediousidowsko.shop/PsMA CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hash37b203912a1fec06f8b015591dfe4250 d77460821ded3c65167e133eb01866f8cb09a924 e9913ec2ef6ec8701e889c5d000befd38cb18a6d5899e6e2bcce5b496b5dc061
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:39:00 GMT
content-type: text/html; charset=UTF-8
document-policy: js-profiling
cross-origin-embedder-policy: require-corp
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 880d4960091a0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880d4960091a0b49/1715211540979/TdJbGdSWMgzgs_y | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880d4960091a0b49/1715211540979/TdJbGdSWMgzgs_y IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 3 x 58, 8-bit/color RGB, non-interlaced Hash6d8912fd0bad439b36c1691e649408c9 fca2930b2313b6a5a0c653125beaced2fe34b615 f232e2d031cf547443dd056cf443b384f673872b66c9317db0a3b9ea57d06aff
GET /cdn-cgi/challenge-platform/h/b/i/880d4960091a0b49/1715211540979/TdJbGdSWMgzgs_y HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:39:03 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880d4975a9520b49-OSL
alt-svc: h3=":443"; ma=86400
|
|
| plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/394508631:1715207400:mFUozL5UYQQr0J7xIszO59QB2Crp4rbuXhepAq_yv5A/880d495d5c3ab511/74f367e0b5e8388 | 172.67.213.139 | 200 OK | 1.8 kB |
URL POST HTTP/1.1plaintediousidowsko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/394508631:1715207400:mFUozL5UYQQr0J7xIszO59QB2Crp4rbuXhepAq_yv5A/880d495d5c3ab511/74f367e0b5e8388 IP172.67.213.139:80
Requested byhttp://plaintediousidowsko.shop/PsMA
File typeASCII text, with very long lines (2328), with no line terminators Hash8d97e87c1dfdacbdf87f01cefed981e0 54c54df63974f67541fa8f31c771cd5695d9bffe 19972cd98b2973252a9f8ac1e7881edca91b9f23792d7ba1640b5f1e6715bd33
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/394508631:1715207400:mFUozL5UYQQr0J7xIszO59QB2Crp4rbuXhepAq_yv5A/880d495d5c3ab511/74f367e0b5e8388 HTTP/1.1
Host: plaintediousidowsko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://plaintediousidowsko.shop/PsMA
Content-type: application/x-www-form-urlencoded
CF-Challenge: 74f367e0b5e8388
Content-Length: 2529
Origin: http://plaintediousidowsko.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 23:39:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: 8X21HVoE67F75fAzGRXQD+TY5AGKCZ7gZm38mPwx+NfCG5kNkz3BPJuGrFNg2QpS1GjLrktiEgl2maplxp5HDfQXa0BbH4DwbzODYZV+fU0=$tCkvRCZEYhRj0ipOpGVphA==
cf-chl-out-s: f65lRWEwRsDj2O7tpvMi3A==$hBurZYfstCN7udbNz400Qw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRSFjEZVPpxKTDV8xseqMLRCkUd0IxJA55%2FLyJDgwG61VJ4EPVnH0IjDHhtCNhLjkjFUtm6hIfoprOoMUS2aQ8dQ52niUBslxRxbeoQVNAyTkGutDOmY5in2WSxQ%2F9PeI5ZJzbCyUmyEoPo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880d49ab6c7b5690-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit | 104.17.2.184 | 200 OK | 43 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit IP104.17.2.184:443
Requested byhttp://plaintediousidowsko.shop/PsMA CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js?onload=Ialy2&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://plaintediousidowsko.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 23:39:00 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 880d495e78a90b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/959342513:1715207414:8uJUUwi04p3RxNzFIQKKxyiU6BRJjFQV0Rla_yDKTtM/880d4960091a0b49/60960e75fda06f7 | 104.17.2.184 | 200 OK | 113 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/959342513:1715207414:8uJUUwi04p3RxNzFIQKKxyiU6BRJjFQV0Rla_yDKTtM/880d4960091a0b49/60960e75fda06f7 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeMotorola S-Record; binary data in text format Size113 kB (112920 bytes) Hashb32cc8e704b2648d0a6f52139561e41b 242dd572ee98b560667706d109e55b74d31fc590 5ec44b7d221aca9adf277e3ab6f92eca8d971717f7ed01c3eaad5122edc9b84c
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/959342513:1715207414:8uJUUwi04p3RxNzFIQKKxyiU6BRJjFQV0Rla_yDKTtM/880d4960091a0b49/60960e75fda06f7 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 60960e75fda06f7
Content-Length: 3573
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 23:39:01 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: yXl8ewqNjLShS1aGqZFFv6NN+x8ctOUQMpPnCSvgTxxhKkA3YAPxZCm0veiFHCQ6lQ1XRGRfXLeEAedysMUHFdfsaLRIHy4W/vN81cIGAST+PflBYPzUweCRLZ0Uuwr8+snobaQ9Zk13HmL45dO1oUmToLJLA+HnDtn60VmDLvYBL/j+373jRdPsuFVSyL+pZVdJOQjlCjZ+agtqqe9I9Up4pufPhhrxKJQSrZj02OrwK0CMJRTm8qZqJhW/aITrZ7gIC4FAzUKGQto0D+KxW+OzRGh/TZL3R2ld0y+9f4JRsfU6Rpmkx0AhiyLa2B9NsVwTR7lnyNPNAbeSVJQ0UhfNOC6KHLWwao1pqlLLlN8QIGhGGb+C3VNZGp6r3u7xJUZAD98j4x5LYHHPLZn4ukE0MRkDjYgHTmvZNXUFOA34gj31Ozl3waid+imV7aXK$Yki1PCKhPgoPdid7v0W1ZA==
vary: accept-encoding
server: cloudflare
cf-ray: 880d49630a0e0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880d4960091a0b49 | 104.17.2.184 | 200 OK | 428 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880d4960091a0b49 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size428 kB (428438 bytes) Hash7e4ed83b90b982abb1cd84bc6fc1978c 5a990272973b91ce1ad0819a0d1b61173d98e9a4 bc688b449e541308ebe5801aa484c668703a072a9c2f6f961e38d03c77f5508f
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880d4960091a0b49 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 23:39:00 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 880d4961097a0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/959342513:1715207414:8uJUUwi04p3RxNzFIQKKxyiU6BRJjFQV0Rla_yDKTtM/880d4960091a0b49/60960e75fda06f7 | 104.17.2.184 | 200 OK | 22 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/959342513:1715207414:8uJUUwi04p3RxNzFIQKKxyiU6BRJjFQV0Rla_yDKTtM/880d4960091a0b49/60960e75fda06f7 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeMotorola S-Record; binary data in text format Hashfaaeb3d494bb02eda51bc6ba96928b51 e68408dec5d25aee4f6cf6ffaea1254d67c9756e b81d0732b672a4e4b05c58e952dcac9d733593cd3a09cd738cf512afd02bf2f8
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/959342513:1715207414:8uJUUwi04p3RxNzFIQKKxyiU6BRJjFQV0Rla_yDKTtM/880d4960091a0b49/60960e75fda06f7 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 60960e75fda06f7
Content-Length: 28114
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 23:39:06 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: T6XVOoa/jqf1N3iva1XBJ7LKqy3/ytSxuRA6JlKgfYHWCACXpPon50q10tk//luZ$hWGXrGDYUyIakASBNwPQXg==
vary: accept-encoding
server: cloudflare
cf-ray: 880d49831f6d0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8odi9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 23:39:00 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880d4960f9780b49-OSL
alt-svc: h3=":443"; ma=86400
|
|