| itsmedork.com/arua/areautenti/login.php | 104.21.11.12 | 403 Forbidden | 167 B |
URL User Request GET HTTP/3itsmedork.com/arua/areautenti/login.php IP104.21.11.12:443
CertificateIssuerGoogle Trust Services LLC Subjectitsmedork.com Fingerprint68:03:60:50:0C:94:97:F1:C5:BC:5F:87:BB:D4:62:42:84:50:D6:D0 ValidityWed, 10 Apr 2024 00:25:38 GMT - Tue, 09 Jul 2024 00:25:37 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /arua/areautenti/login.php HTTP/1.1
Host: itsmedork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: xm_ozo1lkwXrqd6uHHunl7pSR00=N7iaRBicadOLK4_9sPs6tqjk7xs; uYSlVXxQ7Uf8FAfpzDfYeJrz1LE=1714090091; t56WIQ7QYUesIGvu3P63lvcgrE0=1714176491; 6DCgXXqEeisRKtZUq7RuldXY0wo=wpw4MzSNweNe_gHG21r3Fv_z7dY
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 26 Apr 2024 00:08:26 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 26 Apr 2024 01:08:26 GMT
Location: https://itsmedork.com/arua/areautenti/login.php
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SGgxDlE9IFb4PkwmTh4OnnVdQ%2Bs6V4nUm5ovNFuzsc5mBiY5%2BAgxZCBQgE1XnhW%2Fz6HXlZaN5c7DsWRWL1czT01n5mPS6d2nx3nzPeonrWvRJrRHDrhimtQlZx%2BDQpCt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a2569b8f590b61-OSL
alt-svc: h2=":443"; ma=60
|
|
| itsmedork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.11.12 | 302 Found | 0 B |
URL GET HTTP/3itsmedork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.11.12:443
Requested byhttps://itsmedork.com/arua/areautenti/login.php CertificateIssuerGoogle Trust Services LLC Subjectitsmedork.com Fingerprint68:03:60:50:0C:94:97:F1:C5:BC:5F:87:BB:D4:62:42:84:50:D6:D0 ValidityWed, 10 Apr 2024 00:25:38 GMT - Tue, 09 Jul 2024 00:25:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: itsmedork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: xm_ozo1lkwXrqd6uHHunl7pSR00=N7iaRBicadOLK4_9sPs6tqjk7xs; uYSlVXxQ7Uf8FAfpzDfYeJrz1LE=1714090091; t56WIQ7QYUesIGvu3P63lvcgrE0=1714176491; 6DCgXXqEeisRKtZUq7RuldXY0wo=wpw4MzSNweNe_gHG21r3Fv_z7dY; GAX14u82gBVzFzW_PPvOxwOXynA=lkLPZiL_UVgRTxwDers97UXe5XU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Fri, 26 Apr 2024 00:08:26 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZoQ8e97DLX4pUqFJ0Iz5rmO2UWyleXV4WDMsr23Cb2vZ3T8IDXVkS4%2FY4zb%2BHphryhX2X6TeYu4LJ9NDGFD3nj5qaekWrz%2BA3g0Jw%2BLFt6m%2BAydieil%2B7%2BZxZAsXOwh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a2569e18517131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| itsmedork.com/arua/areautenti/login.php | 104.21.11.12 | 403 Forbidden | 0 B |
URL User Request GET HTTP/3itsmedork.com/arua/areautenti/login.php IP104.21.11.12:443
CertificateIssuerGoogle Trust Services LLC Subjectitsmedork.com Fingerprint68:03:60:50:0C:94:97:F1:C5:BC:5F:87:BB:D4:62:42:84:50:D6:D0 ValidityWed, 10 Apr 2024 00:25:38 GMT - Tue, 09 Jul 2024 00:25:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /arua/areautenti/login.php HTTP/1.1
Host: itsmedork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
h038nngSOYTJxZABW5k0vxIedxU: 45282449
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp:
X-Requested-TimeStamp-Expire:
X-Requested-TimeStamp-Combination:
X-Requested-Type: GET
X-Requested-Type-Combination: GET
64pC2O1vLFsNJg2-SJ0rQ5a6GF4: RSYwxyHRupWhZhVF25VIrt--DSU
Content-type: application/x-www-form-urlencoded
Content-Length: 22
Origin: https://itsmedork.com
DNT: 1
Connection: keep-alive
Referer: https://itsmedork.com/arua/areautenti/login.php
Cookie: xm_ozo1lkwXrqd6uHHunl7pSR00=N7iaRBicadOLK4_9sPs6tqjk7xs; uYSlVXxQ7Uf8FAfpzDfYeJrz1LE=1714090091; t56WIQ7QYUesIGvu3P63lvcgrE0=1714176491; 6DCgXXqEeisRKtZUq7RuldXY0wo=wpw4MzSNweNe_gHG21r3Fv_z7dY; GAX14u82gBVzFzW_PPvOxwOXynA=lkLPZiL_UVgRTxwDers97UXe5XU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 26 Apr 2024 00:08:26 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block, 1; mode=block
set-cookie: 7cEYGlpizSqRkKDbYdEGx7XVWbU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; path=/; expires=Sat, 27-Apr-24 00:08:22 GMT; Max-Age=86400;
dwZKclKt0Jt0DJn23xK2Yfy2r6Q=1714090102; path=/; expires=Sat, 27-Apr-24 00:08:22 GMT; Max-Age=86400;
dlLiSOuzGL78IxBw_VWx8awjNb0=1714176502; path=/; expires=Sat, 27-Apr-24 00:08:22 GMT; Max-Age=86400;
ksjAVjaA__4b6YviyefS342NEro=mNhmBX_GZGWJQaY9jCkDPsYxbmk; path=/; expires=Sat, 27-Apr-24 00:08:22 GMT; Max-Age=86400;
vFGWqKF6Wv1_XI5zeLJzU7EIcMk=8mtgloiyAisMlSGPrsZh-L4lR-8; path=/; expires=Sat, 27-Apr-24 00:08:22 GMT; Max-Age=86400;
x-frame-options: SAMEORIGIN
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tgWPqoPEp2hcQttfkMPNdWEL6%2FNr%2Bt493hiPvXbiyF2FUO6W3tz1d7xZ0PyMvL0dyAejJRgw66M1El0okTvb%2F5e0EmvznwFoaAKob06s1FcH6NCHZyv3irlPv8FoxUEN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a2569e084e7131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| itsmedork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.11.12 | 302 Found | 0 B |
URL GET HTTP/3itsmedork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.11.12:443
Requested byhttps://itsmedork.com/arua/areautenti/login.php CertificateIssuerGoogle Trust Services LLC Subjectitsmedork.com Fingerprint68:03:60:50:0C:94:97:F1:C5:BC:5F:87:BB:D4:62:42:84:50:D6:D0 ValidityWed, 10 Apr 2024 00:25:38 GMT - Tue, 09 Jul 2024 00:25:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: itsmedork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: xm_ozo1lkwXrqd6uHHunl7pSR00=N7iaRBicadOLK4_9sPs6tqjk7xs; uYSlVXxQ7Uf8FAfpzDfYeJrz1LE=1714090091; t56WIQ7QYUesIGvu3P63lvcgrE0=1714176491; 6DCgXXqEeisRKtZUq7RuldXY0wo=wpw4MzSNweNe_gHG21r3Fv_z7dY; GAX14u82gBVzFzW_PPvOxwOXynA=lkLPZiL_UVgRTxwDers97UXe5XU; 7cEYGlpizSqRkKDbYdEGx7XVWbU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; dwZKclKt0Jt0DJn23xK2Yfy2r6Q=1714090102; dlLiSOuzGL78IxBw_VWx8awjNb0=1714176502; ksjAVjaA__4b6YviyefS342NEro=mNhmBX_GZGWJQaY9jCkDPsYxbmk; vFGWqKF6Wv1_XI5zeLJzU7EIcMk=8mtgloiyAisMlSGPrsZh-L4lR-8; RyYTmlj1DCiiq0Qn7u2kxovy3hk=Qruj8OH6p3VwKK9bLTZBOUlx1n0; EGXzjonqjllXLsOcXbzZkn8VgAs=1714090102; irRIhtUQNGjaz0JsovJW0jTKEbA=1714176502; 7ufRTD3OAkNB_MW5Lw1853eNnwA=-ssg0rGhV6cT_zgqSzVMLicU6nI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 00:08:27 GMT
content-length: 0
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yFudVX%2FlFdvDHILcVcDmnTt5QsoGsEcG8IySNCOLTKY5uGXDaS1zgGeokC3gW%2FxNTF9w3yNJr2fNy2UQTczfnwipV%2FgFqU79Cz8ihSKgKqPbqWTTz0utVtbdk12doNqC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a256a0bdf05699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| itsmedork.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a2569fad595699 | 104.21.11.12 | 200 OK | 0 B |
URL POST HTTP/3itsmedork.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a2569fad595699 IP104.21.11.12:443
Requested byhttps://itsmedork.com/arua/areautenti/login.php CertificateIssuerGoogle Trust Services LLC Subjectitsmedork.com Fingerprint68:03:60:50:0C:94:97:F1:C5:BC:5F:87:BB:D4:62:42:84:50:D6:D0 ValidityWed, 10 Apr 2024 00:25:38 GMT - Tue, 09 Jul 2024 00:25:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a2569fad595699 HTTP/1.1
Host: itsmedork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12164
Origin: https://itsmedork.com
DNT: 1
Connection: keep-alive
Referer: https://itsmedork.com/arua/areautenti/login.php
Cookie: xm_ozo1lkwXrqd6uHHunl7pSR00=N7iaRBicadOLK4_9sPs6tqjk7xs; uYSlVXxQ7Uf8FAfpzDfYeJrz1LE=1714090091; t56WIQ7QYUesIGvu3P63lvcgrE0=1714176491; 6DCgXXqEeisRKtZUq7RuldXY0wo=wpw4MzSNweNe_gHG21r3Fv_z7dY; GAX14u82gBVzFzW_PPvOxwOXynA=lkLPZiL_UVgRTxwDers97UXe5XU; 7cEYGlpizSqRkKDbYdEGx7XVWbU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; dwZKclKt0Jt0DJn23xK2Yfy2r6Q=1714090102; dlLiSOuzGL78IxBw_VWx8awjNb0=1714176502; ksjAVjaA__4b6YviyefS342NEro=mNhmBX_GZGWJQaY9jCkDPsYxbmk; vFGWqKF6Wv1_XI5zeLJzU7EIcMk=8mtgloiyAisMlSGPrsZh-L4lR-8; RyYTmlj1DCiiq0Qn7u2kxovy3hk=Qruj8OH6p3VwKK9bLTZBOUlx1n0; EGXzjonqjllXLsOcXbzZkn8VgAs=1714090102; irRIhtUQNGjaz0JsovJW0jTKEbA=1714176502; 7ufRTD3OAkNB_MW5Lw1853eNnwA=-ssg0rGhV6cT_zgqSzVMLicU6nI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 00:08:27 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=y0zk2wa5bofSfCyLtEe9kuGsxiGtOHKx4Jmb3Iwr5CQ-1714090107-1.0.1.1-vJvzn4pH2nxNIshDOzv3o33KuDbar4hvxwJoz7SEFJBYhj6sHPNLaAFZcPVVbbJXokdPLLe0RZxF2SWHMq6ICg; path=/; expires=Sat, 26-Apr-25 00:08:27 GMT; domain=.itsmedork.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YDNz80f1zyeI%2FY%2BOchN5QElJYLUINavZeNiQ0eF3BdvqoP0YCSl2PvDt8lhNoJw7aiAMmj5nY6mu964oIw%2B%2FwPRHNkxvtA8uSVA1puwwBGQx9zKrBZSE1QuCxuTa8di7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a256a21f235699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| itsmedork.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 104.21.11.12 | 200 OK | 13 kB |
URL GET HTTP/3itsmedork.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP104.21.11.12:443
Requested byhttps://itsmedork.com/arua/areautenti/login.php CertificateIssuerGoogle Trust Services LLC Subjectitsmedork.com Fingerprint68:03:60:50:0C:94:97:F1:C5:BC:5F:87:BB:D4:62:42:84:50:D6:D0 ValidityWed, 10 Apr 2024 00:25:38 GMT - Tue, 09 Jul 2024 00:25:37 GMT
File typeJavaScript source, ASCII text, with very long lines (7919), with no line terminators Hasha9f29b5918d7ec721e23fe002eec5117 01409c0c863e59c44703728c373428797cc96eaa 4934416991ae854ad846db1899ba5fe3724af4c85d97b8d78dc847599f31cf0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: itsmedork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: xm_ozo1lkwXrqd6uHHunl7pSR00=N7iaRBicadOLK4_9sPs6tqjk7xs; uYSlVXxQ7Uf8FAfpzDfYeJrz1LE=1714090091; t56WIQ7QYUesIGvu3P63lvcgrE0=1714176491; 6DCgXXqEeisRKtZUq7RuldXY0wo=wpw4MzSNweNe_gHG21r3Fv_z7dY; GAX14u82gBVzFzW_PPvOxwOXynA=lkLPZiL_UVgRTxwDers97UXe5XU; 7cEYGlpizSqRkKDbYdEGx7XVWbU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; dwZKclKt0Jt0DJn23xK2Yfy2r6Q=1714090102; dlLiSOuzGL78IxBw_VWx8awjNb0=1714176502; ksjAVjaA__4b6YviyefS342NEro=mNhmBX_GZGWJQaY9jCkDPsYxbmk; vFGWqKF6Wv1_XI5zeLJzU7EIcMk=8mtgloiyAisMlSGPrsZh-L4lR-8; RyYTmlj1DCiiq0Qn7u2kxovy3hk=Qruj8OH6p3VwKK9bLTZBOUlx1n0; EGXzjonqjllXLsOcXbzZkn8VgAs=1714090102; irRIhtUQNGjaz0JsovJW0jTKEbA=1714176502; 7ufRTD3OAkNB_MW5Lw1853eNnwA=-ssg0rGhV6cT_zgqSzVMLicU6nI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 00:08:27 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppCI%2FG3m4jWChSONTO%2Bsoh9QVK7tJbm%2FiAwfmfLPhVDOwj1dl%2BoKeNyAVwOwy2MDBDVJwzbu6JH1kI8B3vknnGipRm5HLWeO%2FBhvm0MFC53FxIUUSxYhgkr9B1oLt04r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a256a0ee0b5699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| itsmedork.com/favicon.ico | 104.21.11.12 | 403 Forbidden | 146 B |
URL GET HTTP/3itsmedork.com/favicon.ico IP104.21.11.12:443
Requested byhttps://itsmedork.com/arua/areautenti/login.php CertificateIssuerGoogle Trust Services LLC Subjectitsmedork.com Fingerprint68:03:60:50:0C:94:97:F1:C5:BC:5F:87:BB:D4:62:42:84:50:D6:D0 ValidityWed, 10 Apr 2024 00:25:38 GMT - Tue, 09 Jul 2024 00:25:37 GMT
File typeHTML document, ASCII text, with no line terminators Hashbcfacc6f2d2ee7cd5e014be08612f93e 7bb6f49a83b5186d5f8598e852bfbeee102d8a4d ef1a3d1af87d9d441ef37f001f2ffb6900ef0a7a4884a5ef165bc2b09e224b38
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: itsmedork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itsmedork.com/arua/areautenti/login.php
Cookie: xm_ozo1lkwXrqd6uHHunl7pSR00=N7iaRBicadOLK4_9sPs6tqjk7xs; uYSlVXxQ7Uf8FAfpzDfYeJrz1LE=1714090091; t56WIQ7QYUesIGvu3P63lvcgrE0=1714176491; 6DCgXXqEeisRKtZUq7RuldXY0wo=wpw4MzSNweNe_gHG21r3Fv_z7dY; GAX14u82gBVzFzW_PPvOxwOXynA=lkLPZiL_UVgRTxwDers97UXe5XU; 7cEYGlpizSqRkKDbYdEGx7XVWbU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; dwZKclKt0Jt0DJn23xK2Yfy2r6Q=1714090102; dlLiSOuzGL78IxBw_VWx8awjNb0=1714176502; ksjAVjaA__4b6YviyefS342NEro=mNhmBX_GZGWJQaY9jCkDPsYxbmk; vFGWqKF6Wv1_XI5zeLJzU7EIcMk=8mtgloiyAisMlSGPrsZh-L4lR-8; RyYTmlj1DCiiq0Qn7u2kxovy3hk=Qruj8OH6p3VwKK9bLTZBOUlx1n0; EGXzjonqjllXLsOcXbzZkn8VgAs=1714090102; irRIhtUQNGjaz0JsovJW0jTKEbA=1714176502; 7ufRTD3OAkNB_MW5Lw1853eNnwA=-ssg0rGhV6cT_zgqSzVMLicU6nI
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Fri, 26 Apr 2024 00:08:27 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
pragma: public
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fp4MfGZMDJCPE3wFmkN1UPTwC3I0gYOR9XpuJCvmBt1JKax8fsheNcy1EXSTdPuaVRtcHFomrlK4YZ0JcByxtm7R2sXXULkAYevS3loXCjLsuzqqveDNxpp8McV4ffFp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a256a0bdec5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|