go.redirectingat.com/?id=803X112721&xcust=06-3696717-11-0000000&sref=https://www.techadvisor.co.uk/new-product/mobile-phone/oneplus-7-3696717/&xs=1&url=https://briannaexpresstravels.com/holdd/3mqbxh/byltxb////Y29udGFjdEB1bmZjdWZvdW5kYXRpb24ub3Jn
0 B URL go.redirectingat.com/?id=803X112721&xcust=06-3696717-11-0000000&sref=https://www.techadvisor.co.uk/new-product/mobile-phone/oneplus-7-3696717/&xs=1&url=https://briannaexpresstravels.com/holdd/3mqbxh/byltxb////Y29udGFjdEB1bmZjdWZvdW5kYXRpb24ub3Jn
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?id=803X112721&xcust=06-3696717-11-0000000&sref=https://www.techadvisor.co.uk/new-product/mobile-phone/oneplus-7-3696717/&xs=1&url=https://briannaexpresstravels.com/holdd/3mqbxh/byltxb////Y29udGFjdEB1bmZjdWZvdW5kYXRpb24ub3Jn HTTP/1.1
Host: go.redirectingat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty/1.19.9.1
date: Tue, 28 Nov 2023 13:13:50 GMT
content-type: text/plain
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-skimhost: cookie-dealer-waypoint-56d7795867-rbgfm
location: https://briannaexpresstravels.com/holdd/3mqbxh/byltxb////Y29udGFjdEB1bmZjdWZvdW5kYXRpb24ub3Jn
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
briannaexpresstravels.com/holdd/3mqbxh/byltxb////Y29udGFjdEB1bmZjdWZvdW5kYXRpb24ub3Jn
0 B URL briannaexpresstravels.com/holdd/3mqbxh/byltxb////Y29udGFjdEB1bmZjdWZvdW5kYXRpb24ub3Jn
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /holdd/3mqbxh/byltxb////Y29udGFjdEB1bmZjdWZvdW5kYXRpb24ub3Jn HTTP/1.1
Host: briannaexpresstravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 13:13:50 GMT
Server: Apache
refresh: 0;url= https://2519zxpw3i6lhju.qjsl35i.su/9dth#contact@unfcufoundation.org
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
200 OK 25 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
IP
Requested by https://2519zxpw3i6lhju.qjsl35i.su/9dth/#contact@unfcufoundation.org
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash abe91756d18b7cd60871a2f47c1e8192
7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2519zxpw3i6lhju.qjsl35i.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
accept-ranges: bytes
date: Tue, 28 Nov 2023 13:13:53 GMT
age: 14700476
x-served-by: cache-fra-eddf8230097-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
X-Firefox-Spdy: h2
2519zxpw3i6lhju.qjsl35i.su/9dth/
200 OK 5.2 kB URL User Request GET HTTP/2 2519zxpw3i6lhju.qjsl35i.su/9dth/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectqjsl35i.su
Fingerprint3A:EB:6B:28:E1:57:96:7B:0E:CE:2F:17:0F:4F:C4:58:80:DA:47:D2
ValidityWed, 18 Oct 2023 16:20:04 GMT - Tue, 16 Jan 2024 16:20:03 GMT
File type ASCII text, with very long lines (5237), with no line terminators
Hash 873adc1933215ed5816436fcdd904c2b
df47367b5c224bde96202f113b35b148acaa16dc
640cee4cc839c85fa9d9222fd74b4c89577f9fcc058b0dfe79d214478233e7d3
GET /9dth/ HTTP/1.1
Host: 2519zxpw3i6lhju.qjsl35i.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 13:13:53 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: PHPSESSID=nilcka3atihk887di5dl3iov3v; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s862gBHmSS5ELFYs6HyXHT8ddEgrmQMdmFCxCyrav976Xp%2F5MXrmhg1LggD%2FhZYUc8RXZCNblyJyT6WhRddhPnxanL7wFTcPCTzRXQRtTGN2ehHSeSCw2RyXa9v8DgFg%2BG1tyD%2B%2Fqk8MUdDQQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2dee4fe52b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
2519zxpw3i6lhju.qjsl35i.su/favicon.ico
404 Not Found 1.2 kB URL GET HTTP/3 2519zxpw3i6lhju.qjsl35i.su/favicon.ico
IP
Requested by https://2519zxpw3i6lhju.qjsl35i.su/9dth/#contact@unfcufoundation.org
Certificate IssuerGoogle Trust Services LLC
Subjectqjsl35i.su
Fingerprint3A:EB:6B:28:E1:57:96:7B:0E:CE:2F:17:0F:4F:C4:58:80:DA:47:D2
ValidityWed, 18 Oct 2023 16:20:04 GMT - Tue, 16 Jan 2024 16:20:03 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1274), with no line terminators
Hash 8c16945397b2ea2fa974494c910f6d08
87289c714f1955cc0a4b8d0f5319bf0dcf771141
16782bd72a33f1963efb1d59aa17f964a604235a255e51dd4aafe0e0587040c6
GET /favicon.ico HTTP/1.1
Host: 2519zxpw3i6lhju.qjsl35i.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2519zxpw3i6lhju.qjsl35i.su/9dth/
Cookie: PHPSESSID=nilcka3atihk887di5dl3iov3v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 28 Nov 2023 13:13:54 GMT
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5Y4rWWf0Dc2S71IFAkzMtYtM%2FIz6tuVI2yIrea7HAtx2J%2Bl53DQ%2Fd%2BEWDAQzJFxxC8KAr35N5d24XMo%2B%2BD20k3Ku3BJeU7NQYANb5YMugMJy8ClR0hAOlVNhO%2F6gr%2FS23LfWqs0dZqJd1P5fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2def0ef97b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/82d2def11af7b4fa/1701177234418/1286e22ab1f64f4aa2255e465b56d6ee60f521dec2d273259f60dd9623606971/3uMnQyxVe_ILnlX
401 Unauthorized 1 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/82d2def11af7b4fa/1701177234418/1286e22ab1f64f4aa2255e465b56d6ee60f521dec2d273259f60dd9623606971/3uMnQyxVe_ILnlX
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type very short file (no magic)
Hash ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/82d2def11af7b4fa/1701177234418/1286e22ab1f64f4aa2255e465b56d6ee60f521dec2d273259f60dd9623606971/3uMnQyxVe_ILnlX HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Tue, 28 Nov 2023 13:13:55 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gEobiKrH2T0qiJV5GW1bW7mD1Id7C0nMln2DdliNgaXEAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArjj4OCPqC_9zFDWITlUxZ5LRsK0PcJIXzFOb00p1XMALOR40f9NYlZaf3JfpIJBXZieOidH_m6ZCw5QLbRvENScegp1rTWHfBbPVlpts9gJm7t_chJV3RdYUMmnMl1O1O2yX9Uqr0cIuT-3toP5igIphx29eLWKVNAigNcdXcfp5I9zdvJR39BzYb2bgt0Gn_3kxIw-iPzUglxHQVW_C9xye-dLySuirMXDPmwR1npfpgZD6QsZHlMG0-8mm3GVZZxHMXROdykz9fOug3TdPirwj8xsDTtt0rjGjUNShhu0vn7mGlAIVmtEXx0VfmxNAaveIZBaqvwYI3vKS1WkeBQIDAQAB, max-age=20, PrivateToken challenge=AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIBKG4iqx9k9KoiVeRltW1u5g9SHewtJzJZ9g3ZYjYGlxABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyAcIyqXWj0XAym0z5V844rFA0WOzLVwj0uCwmVj6zC4qOH40oBiGHrMNMBnDyk95jvnBAuHeEs855e7nA4l4DPJ4jUWKZbua8BxGAzjn74A1BV81a52F1zvBPUm-VEJXPAPXQehXphSv51uR7HKtfcM5oaS33TGDSy-6xv0r84xjMuTBvwPgXGehxpi1MCGGE5yWkzKN5Zzllk7m6Nkiv6learV-Uz7tzaoPbdZkBk1bFXxm2q07jWavoBZ-JEuEJyjQ00PSTz2Zjpbct6AlR3eCS9sbmXtb5XxSs7JMsvoa8uojD7a5m2SEJIwaf8xKL6wtxkaPonUfvsLj4JoJZQIDAQAB, max-age=20
server: cloudflare
cf-ray: 82d2def789edb4fa-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js
200 OK 34 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js
IP
Requested by https://2519zxpw3i6lhju.qjsl35i.su/9dth/#contact@unfcufoundation.org
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (34253)
Hash 6142a5f5c66e2c1be52ee9506a565962
c3b39e8352efd1e0619b6dd62af8b2a917622868
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
GET /turnstile/v0/g/9914b343/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2519zxpw3i6lhju.qjsl35i.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 13:13:53 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d2def03e6a712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
200 OK 73 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
IP
Requested by https://2519zxpw3i6lhju.qjsl35i.su/9dth/#contact@unfcufoundation.org
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (40091)
Hash 5076a1707771f499a62f9193ba3f052b
0870a46b6d9a9fee2237312c2753eb8610f3f5bd
47dffa2953bb2a61aa3c389df5b5d3eb37ada98fea74650eba779cd4aeb8e1bc
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2519zxpw3i6lhju.qjsl35i.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:13:54 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 82d2def11af7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D
200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Hash 9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:13:54 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 82d2def1aba8b4fa-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/api.js
302 Found 34 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js
IP
Requested by https://2519zxpw3i6lhju.qjsl35i.su/9dth/#contact@unfcufoundation.org
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2519zxpw3i6lhju.qjsl35i.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 28 Nov 2023 13:13:53 GMT
vary: accept-encoding
location: /turnstile/v0/g/9914b343/api.js
cache-control: max-age=300, public
access-control-allow-origin: *
server: cloudflare
cf-ray: 82d2def01e5a712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82d2def11af7b4fa
200 OK 179 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82d2def11af7b4fa
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 179 kB (178962 bytes)
Hash 1f9ef18c2aeb1a72ef339d58303a6974
e39ad2b21dc0670fbf933765e0cebaba830acc5e
11693df87bba967694b58197beb966d76c7b47b3b7d21d79952a46e1b80eb046
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82d2def11af7b4fa HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:13:54 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 82d2def1abadb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/82d2def11af7b4fa/1701177234419/DPvYzC-MkkWkMg5
200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/82d2def11af7b4fa/1701177234419/DPvYzC-MkkWkMg5
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 92 x 71, 8-bit/color RGB, non-interlaced\012- data
Hash ee3cd5a72d2b9ca70c21bac9535c935c
aa5ab084c5f78c0028482eb375b85c192e593389
bdd0c4aea631ce4113c2885b15e1592496a33566abee7e38db162cbd4e079cf1
GET /cdn-cgi/challenge-platform/h/g/i/82d2def11af7b4fa/1701177234419/DPvYzC-MkkWkMg5 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:13:55 GMT
content-type: image/png
server: cloudflare
cf-ray: 82d2def7ca17b4fa-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1852167530:1701174506:0NmcnBJXGTtuNX8qV-p1z7zcC2YiPUWQtH6OAHAqaIQ/82d2def11af7b4fa/b44d1bcfe0a2b67
200 OK 18 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1852167530:1701174506:0NmcnBJXGTtuNX8qV-p1z7zcC2YiPUWQtH6OAHAqaIQ/82d2def11af7b4fa/b44d1bcfe0a2b67
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (17788), with no line terminators
Hash d3282837b64bb2f26fd0424f0733edba
cf118a64a56d025463b452cd35caa135b15f2d2d
e37b851d4ffd6d46df523f9267efd6728aba13b4087618be45228a1e74adc025
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1852167530:1701174506:0NmcnBJXGTtuNX8qV-p1z7zcC2YiPUWQtH6OAHAqaIQ/82d2def11af7b4fa/b44d1bcfe0a2b67 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b44d1bcfe0a2b67
Content-Length: 25448
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:13:56 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: /stHW9beEbSnQ5iz4V5HAjLJOwb8cYAYLx5Vq2Q/SBZ18R8ITqt4tokFcDdguPBn$2s/EoqpP+/o5areSi0ICsQ==
server: cloudflare
cf-ray: 82d2defd5fffb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
2519zxpw3i6lhju.qjsl35i.su/9dth
301 Moved Permanently 5.2 kB URL User Request GET HTTP/2 2519zxpw3i6lhju.qjsl35i.su/9dth
IP
Certificate IssuerGoogle Trust Services LLC
Subjectqjsl35i.su
Fingerprint3A:EB:6B:28:E1:57:96:7B:0E:CE:2F:17:0F:4F:C4:58:80:DA:47:D2
ValidityWed, 18 Oct 2023 16:20:04 GMT - Tue, 16 Jan 2024 16:20:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9dth HTTP/1.1
Host: 2519zxpw3i6lhju.qjsl35i.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 28 Nov 2023 13:13:52 GMT
content-type: text/html
location: https://2519zxpw3i6lhju.qjsl35i.su/9dth/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRFj6cTXjiPe126mBcg3b5ENh3DEZQJv%2BK%2FM%2BU64waq3Gu%2Fs5368TLrifZZkhnIBlNAHkLSCfrxLvK1NSS6qReMiCtylwPLSbiWBbvLWjZiu%2FeBYuNoHkBSVaD75E3yrmFquJYDr1hufLxvklw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2dee3fd45b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1852167530:1701174506:0NmcnBJXGTtuNX8qV-p1z7zcC2YiPUWQtH6OAHAqaIQ/82d2def11af7b4fa/b44d1bcfe0a2b67
200 OK 87 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1852167530:1701174506:0NmcnBJXGTtuNX8qV-p1z7zcC2YiPUWQtH6OAHAqaIQ/82d2def11af7b4fa/b44d1bcfe0a2b67
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5e197943482ff08b7b51700aea3c1ef6
eaa2c8c9c9a9af327aade30a6b187ff585ee7a6b
2e5fee956470470c545affdcdd9e4d94d35e38e711001e9e66052925fd1652f3
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1852167530:1701174506:0NmcnBJXGTtuNX8qV-p1z7zcC2YiPUWQtH6OAHAqaIQ/82d2def11af7b4fa/b44d1bcfe0a2b67 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5qenj/0x4AAAAAAAL4KPNafgCKE4fu/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b44d1bcfe0a2b67
Content-Length: 2870
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:13:54 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: KzwiEgdcIc+juXyyFc2y7cutIkm1e9oschVfHyrRk49MV2SxSrG28kJnxXP2UxG2WwilpiyqmwBqTNY3Wim+/CyBjsTd+OAlBvVNoZ9hGW56z/E7hBGqeTFHkjVxO1pmqYr9lBBdPZVh0EByLm2zlYtMS8BKuQS8eYFU4jcDLi5XkpzYs1egsZlkyxsf/IddMNzAniUuN6qplc1SNjlR9dyKyTdVbc1WgOTe9QWr6R0IgaOhTN95eXYio51faDqASVYvpcIaRMOL1Xp0Sx9PTUQFlHKRsWG+kHDsi9M2SezMHhseqVG+XpnBdirupGVomJbrYuJbYFceOcaingNTsnhAWiChd+2FxFqWxMXRVXed4HJAsGmnGurfi3S0OSi6V3j2jv/47DgsPK5N68wIFok8KHHxK3JS/JCdxFkvpmlsByEs4yHFCVp+v/YcPTbq$6Ca0Cf0O9JiCx1XF2dA+Ww==
server: cloudflare
cf-ray: 82d2def30d4fb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
35.190.25.30
188.114.96.1
104.17.3.184
0.0.0.0