| challenges.cloudflare.com/turnstile/v0/api.js |  104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 17 Apr 2024 02:40:58 GMT
content-length: 0
location: /turnstile/v0/b/bcc5fb0a8815/api.js
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 87590dabb946568a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js |  142.250.74.138 | 200 OK | 31 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.138:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 74805
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js | 104.17.3.184 | 200 OK | 38 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (40613) Hashd1048a66fc11ea28c3cb1488fac82c62 f055707cf91f637ec19bf5e65bf378857e798469 8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370
GET /turnstile/v0/b/bcc5fb0a8815/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mozartbulls.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:40:58 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87590dabebea5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.193.115 | | 0 B |
URL mozartbulls.top/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.193.115:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 02:40:58 GMT
content-length: 0
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4XyQ3w6iN%2BuiA4YMHqu96WJVwoxrXavKregYl%2BYlPCcRBg51fa8qcQdJI970umQ8xowYiUcThyYZ2cJbkW3vsjxyoB8TXE2MxyDS%2FkO8ZRv1nA9WWEFnhFXJ5aduw7CMnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87590dad3ba67130-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js | 172.67.193.115 | | 14 kB |
URL mozartbulls.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js IP172.67.193.115:0
File typeJavaScript source, ASCII text, with very long lines (7822), with no line terminators Hash55f6cc3732681ae5e3e683e453826a92 7f6e41c166a6a4e67faf96f1d9bcbdf45261ccb2 d0b4781ef206e680a6b1dd0d3fe0d7e05ed53074bc4f2d62fa9eee9266ce9af9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:40:58 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VTSq3yGW3tOqKKREKCcIEz7cRRjWCT4%2BRqF4rz9521CYSk0bdOvIHPge6I%2FRtv8CDgxrZhGSyFvl7Jwz0c8PUO5aK5yGN7tjIbEs1ClNiCWUGO94f3JXs7UIknf5CGpNcYY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87590dad5bb07130-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87590dad5c455695 | 104.17.3.184 | | 130 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87590dad5c455695 IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size130 kB (129487 bytes) Hashfeae858608d09efe8706ee4a3de9d2bc 3f9d5b2c0c3dcd0599924ffc4566f2dff6e9acc1 e281ee52f215f908b07d33285fc2972ac1386c8f58638619510cc9eb753e06f9
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87590dad5c455695 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4oxeu/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:40:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 87590dae4c865695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 02:41:00 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=300, public
location: /turnstile/v0/b/bcc5fb0a8815/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 87590dbaf8995695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.74.138 | 200 OK | 31 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.138:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 74807
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| mozartbulls.top/_mountgrand_meta/functions/validate.php | 172.67.193.115 | | 1 B |
URL mozartbulls.top/_mountgrand_meta/functions/validate.php IP172.67.193.115:0
File typevery short file (no magic) Hasheccbc87e4b5ce2fe28308fd9f2a7baf3 77de68daecd823babbb58edb1c8e14d7106e83bb 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /_mountgrand_meta/functions/validate.php HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/
Cookie: cf_clearance=vkSzBMobmVLyR6gA5q85AqhqTdasgLK1ABxV_Bq0Ks0-1713321662-1.0.1.1-ZCANvAXVVBxWocyK1arQirNRh6Sm.p06WoVXOOVC8piG_DwsQ15OUyYgFznyII7fOdLO8Na1Nzk3CVCTHpDW5g
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:02 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=34sZXzz%2Fev4PoK7zVk2t5sLP%2FXJ45WIBu38xjdJ5NNN2U0K9b1MC64OEYSDsCDH6XKHL%2BzphOsD9ghcHVoMX%2BniLcesu91oaawrFbZa7IcKgjusRC97ZCKLLJ1feWbxF63Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87590dc60c867130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1797307893:1713318036:B8I08H5BmOiccT8LjNlRZWFFn2pCDIaI1H9uCglS8ic/87590dbba8d35695/a6f484521a99587 | 104.17.3.184 | | 35 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1797307893:1713318036:B8I08H5BmOiccT8LjNlRZWFFn2pCDIaI1H9uCglS8ic/87590dbba8d35695/a6f484521a99587 IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (4408), with no line terminators Hash2739afcb90cf726b1b023542871aaa71 b214564903a5af64a1de4a4f0c9db3c5d207e5cd cdfa5c1430bc1fcd68e7417dea8213eb97f716855890396c9ef0052eb0f01f4c
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1797307893:1713318036:B8I08H5BmOiccT8LjNlRZWFFn2pCDIaI1H9uCglS8ic/87590dbba8d35695/a6f484521a99587 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/5gy02/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: a6f484521a99587
Content-Length: 25998
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:02 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: 9KGt/4ym5sFHlf/3bL4z3ig37+jBT2z2IFhh4Jd5cJ8GZ0pVWlxGqDRbhTGXVmsbVIZj2viEYxlkf6TBmW5+uS+LaHT81c6IsAcy7ELv2hyo7yyqwPICKmRy4rpt0K7n$mdd3pBaBwlZdpsl9cBYTBQ==
cf-chl-out-s: 9q4cKqLu5BX4JeFZtmoIzRZfB/XFji7umetbKhGSmjPi6H1MGwNCA4KbtaGt+y+uWHpcEe1xXDZ/hbEn1buGfljWi6nTpskgcipH9GbjdzcGtfhYJ5PW3mtnH1wx+nv7bpKXGOAVsPFINdMJ2B1OqPC/IW4DD4BSWZUiTWFRyDa/c5IP6fvjdB1IJx9sHIYU$BNW9FAbvQDSqTTSkgHNRsw==
server: cloudflare
cf-ray: 87590dc59c935695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/5gy02/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:00 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87590dbc69135695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/cdn-cgi/challenge-platform/h/b/rc/87590dbba8d35695 | 172.67.193.115 | | 150 kB |
URL mozartbulls.top/cdn-cgi/challenge-platform/h/b/rc/87590dbba8d35695 IP172.67.193.115:0
Size150 kB (150381 bytes) Hash018598ff9794435b440d1bbf293cc10f 9129b0ca1a4febdf97636946a1fe7be8abf11890 898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/rc/87590dbba8d35695 HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/
Content-Type: application/json
Content-Length: 596
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=ySc.clftoaE6ZrezL0LEGB5vykGcFAQSVrbI2pAhy6o-1713321660-1.0.1.1-yjOvr5QhlWW0g4YbRbTgswAOSJ94sIZavIW1HkONApQGtaOgquHDxBeWHOp3TRdqO7Bz7VYVN7nQtZXSE6dMUA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:02 GMT
content-type: application/json
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=vkSzBMobmVLyR6gA5q85AqhqTdasgLK1ABxV_Bq0Ks0-1713321662-1.0.1.1-ZCANvAXVVBxWocyK1arQirNRh6Sm.p06WoVXOOVC8piG_DwsQ15OUyYgFznyII7fOdLO8Na1Nzk3CVCTHpDW5g; path=/; expires=Thu, 17-Apr-25 02:41:02 GMT; domain=.mozartbulls.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vig%2BngzS8Y2pXOrWFjDaqeXzyEGxwaOiyoqRagNmuu3R1%2BKGiTFzk9NPHy5Ad68%2FdpBdMgb1jhrJNcgr1vUdrllakmsTQk8%2F6vquRrbw13ldCtt3FpOUeMBAepbxOdIsRMY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87590dc5ec757130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1222925962:1713318317:H1SC8W1EsIedsRKfadv9400HrZqCeme32R7cSnya_Ww/87590dd6394d5695/b041ea3239c97d4 | 104.17.3.184 | | 76 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1222925962:1713318317:H1SC8W1EsIedsRKfadv9400HrZqCeme32R7cSnya_Ww/87590dd6394d5695/b041ea3239c97d4 IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashc8447a1c3b732129632d712f8d1cc7ca c8f5d6aff23fd5acd840ac8bbc0dd7ecca942e67 fb7d6e4a80c5114fd072bc994db0bc9a93adbf2ec3777107f9ebc8d3aa5df0ed
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1222925962:1713318317:H1SC8W1EsIedsRKfadv9400HrZqCeme32R7cSnya_Ww/87590dd6394d5695/b041ea3239c97d4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tzhk3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b041ea3239c97d4
Content-Length: 2669
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:05 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: eX0idJmRK1wImNQD6sxUdsNO2TZ7YZGB96SmzlyyNYqoLtu1bi997wb4M9WTfU2CxwMwmU+Y2MXGoqq3q8dEZ/A8eLz0SmX7AiZvLRvndMs7KI5deT47DP14z/Nz5z/D4TFvOCTWIjKDYxjNpDDkJfsjUZC2hibJUqildzU2l01LxEv9uPhYUhukZaod1+8lf7oZ8JgSZ5RWGWkLBq/gDsVdqJkcPQ46wqmejlfPtWlCKZItvapcVFVAfU9Ij/95wkcq+LQv0tGtp/I8Us7qrgHMMYyqNUT3TACpuLBBMstpLJzVoU/lN62hgvrgSkoR2CeIGJ84rjLYgIEUIjdpYKkUsInpHVYr6eRIhYxiFm2Zj2ijy5QXt9iY+fBZgBn3qfEPvsN3u1njczUVvr5okY+sRAtBNmheUnxZO3aTUhndInARSSQLOGMubVLzH5TG$E/rbmHdoNGTvO/ryGYppCQ==
server: cloudflare
cf-ray: 87590dd859ec5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4oxeu/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal | 104.17.3.184 | | 28 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4oxeu/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41919) Hash3b16cfab23bff7d6c09965a5071781dc 5235816aca6299cc7e82c77feeb9df6f315ee964 3ee9633ed81744a4771c1898efda50418b9d8c35447920261fed6252589dbea0
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4oxeu/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:40:58 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 87590dad5c455695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 02:41:07 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
access-control-allow-origin: *
location: /turnstile/v0/b/bcc5fb0a8815/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 87590de36d795695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1909422976:1713318297:n2NK2uYwyEEPwO7HHwECqeuCil9b5a2ShqvNXpcT8Ns/87590dad5c455695/6d95bd6420984ac | 104.17.3.184 | | 34 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1909422976:1713318297:n2NK2uYwyEEPwO7HHwECqeuCil9b5a2ShqvNXpcT8Ns/87590dad5c455695/6d95bd6420984ac IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (4408), with no line terminators Hashb6c387744a9ad51ac208c4ae76411827 7b7f54018673d06d6e0f49b0c79d8762cf9730cf 42b534218ebbb1e0e73caeef91002aa26a5771a9c8d4292c07a206c1d6b01004
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1909422976:1713318297:n2NK2uYwyEEPwO7HHwECqeuCil9b5a2ShqvNXpcT8Ns/87590dad5c455695/6d95bd6420984ac HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4oxeu/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 6d95bd6420984ac
Content-Length: 25425
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:00 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: CY0q1/PdPJFMzq26isIUg6fKZKIx+f9S1ciWvewzJY/3I/wuDbirOaaIirf+Vfl207jOX6P+zLW9gLXfGKN3Uy7meqNposInSqXx2C+Q/qHnZqExkfhkhKL0pS4Ar7vY$4g4GDfmL2I5agGsKYFeT9g==
cf-chl-out-s: ORY1RQoouBrAwMOkAJUx9ntuu/LoEhCIBbHJavJ884zyuxMPwX/GLzY1YF+SYoUsIvQ9ZJW3y7ScpckdikeZbbdp8TIBQymwm4eIRd05N+0N8GhrjSBZA0ssWDnDXndVi72UAERGDNRIQ2CsBlGSyZvbmuurFb9zUBsK2Rx5dwBIGXqhPxbY5tPqEmIuhLP2$BrUkdxCsd0E/PALktUP7+Q==
server: cloudflare
cf-ray: 87590db79f665695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/5gy02/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal | 104.17.3.184 | | 29 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/5gy02/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41919) Hash288798e7a514a8293dd08e5a62c9ba21 9725b207691608e77042de0a815b7043048c3781 19378af2baf1c96185e906372e9cae523aab2cc4af2f88df8dee7f8ba648ced4
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/5gy02/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:00 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 87590dbba8d35695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | 200 OK | 4.3 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hashcc44a993daa080157b12f82cc5cfd5ea 21414bf88d9860b970eb455ede7183156102ed17 5bf1e9b73ed8ed61901b5198795b6619d3f59bc2691784078519e4c9917c4ec1
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4oxeu/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:40:58 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87590dae4c855695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 02:41:09 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=300, public
location: /turnstile/v0/b/bcc5fb0a8815/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 87590df099655695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/cdn-cgi/challenge-platform/h/b/rc/87590dd6394d5695 | 172.67.193.115 | | 31 kB |
URL mozartbulls.top/cdn-cgi/challenge-platform/h/b/rc/87590dd6394d5695 IP172.67.193.115:0
Hash018598ff9794435b440d1bbf293cc10f 9129b0ca1a4febdf97636946a1fe7be8abf11890 898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/rc/87590dd6394d5695 HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/
Content-Type: application/json
Content-Length: 596
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=VITC3NmD86AfObDiUNbfLk2GKjlSmq_FaLWhyg67YY4-1713321664-1.0.1.1-EB_aEoGnZ_N5LFAjwrUOj36DKiZvoTOtMtJXpMl47FTLj1Fb3uHo8F9cQw_Exe4yRYxpNNoX_qB2rVPBuCKo3w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:06 GMT
content-type: application/json
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=HaFTuMEpPh48YI3Yg0.a0Vqi1y4n8_CfAjvC8WGpBcA-1713321666-1.0.1.1-lp.ms4H2akQG.mKE3KMcQKnIQfDBvHKqj2P8Kj22aPnpYxi8iahseRzgcbeHByNbvYYxDhd6UUmjMoiBvunMzA; path=/; expires=Thu, 17-Apr-25 02:41:06 GMT; domain=.mozartbulls.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IczVwqzyVZg%2BEdU11QfXDphFj8Ko1w8v5Y6hG3HW0zM5dj6%2Ba5Uin2NX1KXMdfw8fVYnZQP6V2DmufADCIjVyyDSHICDw8yaJLw8CZyX01lgSLqtFY66iNL7lT4QA7gfT7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87590de14c667130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js | 104.17.3.184 | 200 OK | 158 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (40613) Size158 kB (157726 bytes) Hashd1048a66fc11ea28c3cb1488fac82c62 f055707cf91f637ec19bf5e65bf378857e798469 8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370
GET /turnstile/v0/b/bcc5fb0a8815/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mozartbulls.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:02 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87590dc82d4e5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87590dbba8d35695 | 104.17.3.184 | | 211 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87590dbba8d35695 IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size211 kB (210601 bytes) Hash3aa423b4aa4ec442db8b15a7019b0b96 839cf57f72f782d9bfb308e5db14e2df498616de 2758feb7f4dc25b31dcb63d988e6f0c96e83bf25e4fff1b6149f5e744cd7779d
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87590dbba8d35695 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/5gy02/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:00 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 87590dbc69145695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.74.138 | 200 OK | 31 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.138:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 74819
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 02:41:14 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
access-control-allow-origin: *
location: /turnstile/v0/b/bcc5fb0a8815/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 87590e0f1aee5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87590df1398a5695/1713321669655/1e263c0ba9250253ba36056bd71f9c854dc1b1aaec8051d285dc13e3ffbc8e33/EsHMjGSWLwAsn6h | 104.17.3.184 | | 31 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87590df1398a5695/1713321669655/1e263c0ba9250253ba36056bd71f9c854dc1b1aaec8051d285dc13e3ffbc8e33/EsHMjGSWLwAsn6h IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hash10f2357abbe0532834090e53c01b732e 0e3f401493b4dbe8c441e33eae823e15dc5a1251 4d2313889f70dc4904637488eb25b33aacc243af040d817dafa86215540a6c42
GET /cdn-cgi/challenge-platform/h/b/pat/87590df1398a5695/1713321669655/1e263c0ba9250253ba36056bd71f9c854dc1b1aaec8051d285dc13e3ffbc8e33/EsHMjGSWLwAsn6h HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a96nd/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Wed, 17 Apr 2024 02:41:10 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gHiY8C6klAlO6NgVr1x-chU3BsarsgFHShdwT4_-8jjMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIB4mPAupJQJTujYFa9cfnIVNwbGq7IBR0oXcE-P_vI4zABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 87590df9bc155695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87590dad5c455695/1713321658875/4a0f15cc580910d3da7a754f34ff17c64954bd335f85dc6b451d9a44d2a3fa68/bcvhV7Ct-LqoeQT | 104.17.3.184 | | 19 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87590dad5c455695/1713321658875/4a0f15cc580910d3da7a754f34ff17c64954bd335f85dc6b451d9a44d2a3fa68/bcvhV7Ct-LqoeQT IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hash3a6d68c3e8186aac103276063fd14a1a f6635e2c748f230846881bdd270d0716024be547 c589ea56937d5fb560413ed07821456ea2dd39cfc53a2ad8fd82a54d6d50647b
GET /cdn-cgi/challenge-platform/h/b/pat/87590dad5c455695/1713321658875/4a0f15cc580910d3da7a754f34ff17c64954bd335f85dc6b451d9a44d2a3fa68/bcvhV7Ct-LqoeQT HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4oxeu/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Wed, 17 Apr 2024 02:40:59 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gSg8VzFgJENPaenVPNP8XxklUvTNfhdxrRR2aRNKj-mgAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIEoPFcxYCRDT2np1TzT_F8ZJVL0zX4Xca0UdmkTSo_poABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 87590db64edb5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | 200 OK | 48 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hashb474d8379bb01ae3b05b31565fcf905a e6cb1380e1411e413f22c079bfdc5053b1018298 02053f9a55b7238efa14d02984c596aeeb1a2b924c54be853cc8f63f5efadae2
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tzhk3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:05 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87590dd6d9915695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/favicon.ico | 172.67.193.115 | 404 Not Found | 6.2 kB |
URL GET HTTP/3mozartbulls.top/favicon.ico IP172.67.193.115:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeHTML document, ASCII text Hashdbd79678d3008c4ec65ccc65845cdf67 a1eefb4d65ad644047d2e10a8b870e320bbc5b6e 310fa9e7ff4ad96571fb67f33adc2a0c63b4c059a1b4ce1ba6d219111305ab87
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/
Cookie: cf_clearance=t7Q00Rv8mgQX6t9sMp40JjVgzSblnD28RmzQkDYqMSc-1713321668-1.0.1.1-lG1wRRKbuX81C713qKmNfjz.j3l2qQ_ugyplIqT0TTKt4nV45MvkuejU5jqkoEGYYdBv4rJcjo8JRLt2_r9axw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 17 Apr 2024 02:41:09 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 11
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OHL8HDzltYyWB%2Bhc4kKfrXecfwccHVd7pCOrG63d8fRrn%2FYLqYkXK4KJ0VKrTVjg9R4R7ZH5veuPoGDIH5WKhNrEmkUYlf2mCsrxSaIFuuuqPFOPQ1ptfynGpRBsarZhH1s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87590df0f9457130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/cdn-cgi/challenge-platform/h/b/rc/87590e1d4f435695 | 172.67.193.115 | | 25 B |
URL mozartbulls.top/cdn-cgi/challenge-platform/h/b/rc/87590e1d4f435695 IP172.67.193.115:0
Hash018598ff9794435b440d1bbf293cc10f 9129b0ca1a4febdf97636946a1fe7be8abf11890 898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/rc/87590e1d4f435695 HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/
Content-Type: application/json
Content-Length: 596
Origin: https://mozartbulls.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=hkFEbHwZ2jaPVN.7AOhunqCaJP0dnKYH2uvaKT0N.LU-1713321675-1.0.1.1-gr7NrBoARkCKqfm7PxyJFkLmDfEbAicVyrtOskVp6PyscCxBHR9W4uulccOr.wA2nq8Dn7l7WxQ5HwZDw7XNOQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:18 GMT
content-type: application/json
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=grdhSm1kyO0op6FGTG9oRdYAd.DH7Xtd4.QxunF2C3I-1713321678-1.0.1.1-z0OW_wrdydvCA.z9aJTRCqjQ7IRsvwGlYBqXDUmf5Bu4oG0g7f_.JblLZLVoD19q_RmOAHwEG55svrObVQnPeA; path=/; expires=Thu, 17-Apr-25 02:41:18 GMT; domain=.mozartbulls.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BxouPvHMg5%2F31x0pKT0wK13xp9d%2FkQyCqSLQW7LfyxiduQyV0TzSTSFv3y0rvnOHAdBMj4%2FNUYI0spmzkfHQBdca2oLKhOYFPwUpDNus7cI0Q3ODrQKwamy2F9C8%2FgPYPVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87590e2acb0e7130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.74.138 | 200 OK | 31 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.138:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 74825
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87590e2d9c995695/1713321679322/uQtuj-H-4e5QSJl | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87590e2d9c995695/1713321679322/uQtuj-H-4e5QSJl IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 36 x 39, 8-bit/color RGB, non-interlaced Hashcc84d2228d4d4e7b779d63b65129a1bf a4a877c57b12dbfbd01e03cfba897278ee6a54e2 c6cd00f7e6a66b2d1a28e4fc8f735b49063dcdea010429fbc96e3029d7872cb0
GET /cdn-cgi/challenge-platform/h/b/i/87590e2d9c995695/1713321679322/uQtuj-H-4e5QSJl HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:19 GMT
content-type: image/png
server: cloudflare
cf-ray: 87590e329df35695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87590e02cea65695/1713321672528/2HgQrVG-71LSe8d | 104.17.3.184 | | 35 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87590e02cea65695/1713321672528/2HgQrVG-71LSe8d IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 84 x 75, 8-bit/color RGB, non-interlaced Hash14d355f6723e50e5d322fabb33536d85 67291e6b1a574d246ee23a51fc98e51f6b99a866 fa8154222a7ac81d5dda5fe3f48c115b527084a72ef734ebe2a87c296745ccf4
GET /cdn-cgi/challenge-platform/h/b/i/87590e02cea65695/1713321672528/2HgQrVG-71LSe8d HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/lr3ke/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:12 GMT
content-type: image/png
server: cloudflare
cf-ray: 87590e0738605695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87590e2d9c995695 | 104.17.3.184 | 200 OK | 422 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87590e2d9c995695 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size422 kB (422422 bytes) Hashcaf314d046a0e7932bbebc5fcc131a15 48ea8b9eb177040bc94c9757f8681228fab2092f 3986be25e54c296195a0bbd12b3838f7b6c8125a01a6345494ad64a59be11ce5
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87590e2d9c995695 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:19 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 87590e2e3cc75695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ | 172.67.193.115 | 200 OK | 745 B |
URL User Request GET HTTP/3mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ IP172.67.193.115:443
CertificateIssuerGoogle Trust Services LLC Subjectmozartbulls.top Fingerprint4B:35:FE:E1:60:27:F2:EE:F7:88:A8:B8:5D:01:5D:89:1E:66:E3:F3 ValiditySat, 13 Apr 2024 08:39:13 GMT - Fri, 12 Jul 2024 08:39:12 GMT
File typeHTML document, ASCII text, with very long lines (771), with no line terminators Hash0fe8b3ad93b02c17b0835a281bf67596 8f4866b64a71afbaa4f7e7d92037aad975277a0a 7acfd2a2a33253f11559dd1799023b1827e1177471e215d65144a141647cdd0a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook | | Quad9 DNS | malicious | Sinkholed |
GET /_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ HTTP/1.1
Host: mozartbulls.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=grdhSm1kyO0op6FGTG9oRdYAd.DH7Xtd4.QxunF2C3I-1713321678-1.0.1.1-z0OW_wrdydvCA.z9aJTRCqjQ7IRsvwGlYBqXDUmf5Bu4oG0g7f_.JblLZLVoD19q_RmOAHwEG55svrObVQnPeA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:18 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WaRbAdo8CqbsfrNCRyFnW9AeqQGXnN7Gtxvmuqm62uvZaHQ7tD7pcfIWIckcq9hRjV1FAMEysuCVYuew9tpI1VBc%2FFltbmTKdeECdIHe7NSrFRFn06OdJA%2BsIHRKYK9E%2FSY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87590e2beb627130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal | 104.17.3.184 | 200 OK | 78 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal IP104.17.3.184:443
Requested byhttps://mozartbulls.top/_mountgrand_meta/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=richard.ragan@wfp.org/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41919) Hash4552544c322ebdefad7da3db59c01326 eea1d6d3072e4731e46b1b469d85d54cf5455c62 9b3b6decd0dae21f753cdd75b13677beddcc8a5ee3bd634cf2a49d6cae5db6e3
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mozartbulls.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:18 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 87590e2d9c995695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87590e2d9c995695/1713321679320/92267315aa94279fd8b865a720aff0223f99036eb3ecf549ee1452854f2fb78f/ApUKxCNhuUqm-FJ | 104.17.3.184 | 401 Unauthorized | 1 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87590e2d9c995695/1713321679320/92267315aa94279fd8b865a720aff0223f99036eb3ecf549ee1452854f2fb78f/ApUKxCNhuUqm-FJ IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/87590e2d9c995695/1713321679320/92267315aa94279fd8b865a720aff0223f99036eb3ecf549ee1452854f2fb78f/ApUKxCNhuUqm-FJ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Wed, 17 Apr 2024 02:41:19 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gkiZzFaqUJ5_YuGWnIK_wIj-ZA26z7PVJ7hRShU8vt48AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIJImcxWqlCef2LhlpyCv8CI_mQNus-z1Se4UUoVPL7ePABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 87590e31edc15695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1656107527:1713318087:nS52Go5ku8wiBlDjglBesqJWscXfCC1NuIplBhIQarM/87590e2d9c995695/e8d9c04821f95f3 | 104.17.3.184 | 200 OK | 89 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1656107527:1713318087:nS52Go5ku8wiBlDjglBesqJWscXfCC1NuIplBhIQarM/87590e2d9c995695/e8d9c04821f95f3 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash59b262e073cef79afd58774f367ca51c 5d9ee7ff406cf60109753501526b2d6499ea897b d358d1d304eed4e4b625c0d8e9ad822b42442889db4dc87d385559987d5098b7
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1656107527:1713318087:nS52Go5ku8wiBlDjglBesqJWscXfCC1NuIplBhIQarM/87590e2d9c995695/e8d9c04821f95f3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/skkp3/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: e8d9c04821f95f3
Content-Length: 2676
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 02:41:19 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: S5U8ndRr4JMM2pQW7ALKZZ4E3XUHQKWs2mT7lkscQd/Uq+6iINp9mjGtgnB44QpCvDmZUbYhff7S/+KWq66j5fhmUiSkfEsIULXv4fyHjpXYhQqV5fPR8F/6NrHnWzWpD0ckgm5ae/N5+C1QBuELTJzbj9U4n+rWgvAAIrppiI/NKqli/oCzqJZfBtR4J8hy9stIfZp1tEjc3pRWbJ6znNGxsPZ9bi01prtGJhwmdigDCRtwXEFfL+z7p47GySf/SW57qCnO8EAXdzSUsLkGT3Ryeno5bzN1CrkTNFWG9Ya8XBYmq/4alJWYCaaYqkmQ0UcA7HUjqkehkxRW9KaZ4VGx/xVpNdAA1M7Nj0rljnZ6XS8Ss+FNQUskj12orH/9$dBWu+9Cesm35Yp9TfD0NDw==
server: cloudflare
cf-ray: 87590e2f9d1a5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|