Report - www.google.ae/url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/psytech.myvnc.com/amins321/yessir321/0sO3FRnxEQoo5vVnVyN0I/cHJlY29uc3RydWN0aW9uQG11Y2tsZXJveWZhbGxzLmNvbQ==

Report Overview

Visitedpublic

2024-10-29 19:33:27

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-10-23	6.1 kB	255 kB	104.18.94.41
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-10-23	438 B	15 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21	2024-10-23	410 B	32 kB	151.101.194.137
tf.lablesups.com	unknown	2024-10-10	2024-10-29	2024-10-29	1.6 kB	21 kB	172.67.137.62
www.google.ae	23447	unknown	2012-05-22	2024-10-28	1.7 kB	2.6 kB	142.250.74.163
psytech.myvnc.com	unknown	2001-06-01	2024-10-29	2024-10-29	477 B	296 B	192.185.13.186

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-10-29 19:33:02	medium	Client IP	192.185.13.186	ET INFO HTTP Connection To DDNS Domain Myvnc.com

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-29	medium	lablesups.com	Sinkholed
2024-10-29	medium	lablesups.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (48)

	URL	From	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-08-02
URL code.jquery.com/jquery-3.6.0.min.js IP / ASN 151.101.194.137 #54113 FASTLY Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 263444 Size 90 kB (89501 bytes) MD5 8fb8fee4fcc3cc86ff6c724154c49c42 SHA1 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 SHA256 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Format Code Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	ScriptElement	48 kB	2023-03-07	2025-08-02
URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP / ASN 104.17.25.14 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 133029 Size 48 kB (48316 bytes) MD5 2ca03ad87885ab983541092b87adb299 SHA1 1a17f60bf776a8c468a185c1e8e985c41a50dc27 SHA256 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Format Code Loading...

	unknown	ScriptElement	190 B	2024-10-04	2024-11-17
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-10-04 Last Seen 2024-11-17 Times Seen 1374 Size 190 B (190 bytes) MD5 996895bb9e2f1fbaa2b6f7fcaa42606f SHA1 9490d23d3608eaad635e7fc6c37d47bdbe703edb SHA256 1cde1f1ca57dabf8053813d2d9ce9ead9ab7d0182feae260d57fd491d2cfe556 Format Code Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	ScriptElement	48 kB	2024-10-21	2024-10-30
URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-10-21 Last Seen 2024-10-30 Times Seen 2700 Size 48 kB (47532 bytes) MD5 808a57cae0b6fee71f46efdded44b348 SHA1 dd570a24c8bda1b391aa1ddea6004125818e579a SHA256 5b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8da5985cca7156be&lang=auto	ScriptElement	119 kB	2024-10-29	2024-10-29
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8da5985cca7156be&lang=auto IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-10-29 Last Seen 2024-10-29 Times Seen 1 Size 119 kB (119278 bytes) MD5 3c7bf75c238420b5520d3294cd9b8240 SHA1 53a2e5fd67305bb2faa1d4e35757de5c13cd6dfa SHA256 7687faaf2b68abc91e76fd872eb88a5161b113448b9be691e2af63b241cebc1f Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/	ScriptElement	3.5 kB	2024-10-29	2024-10-29
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-10-29 Last Seen 2024-10-29 Times Seen 1 Size 3.5 kB (3524 bytes) MD5 7b214edaa9d81cc9ae05990c3f0d129d SHA1 4e91bf471e999c85eaea39807dead9dc3cf63f94 SHA256 6472662d3c49fd6778b9ddeec8a2be3fb7271b4fa6fee8478eabd40c0adaa6f5 Format Code Loading...

	tf.lablesups.com/AiMuWX/#Xpreconstruction@muckleroyfalls.com	ScriptElement	18 kB	2024-10-29	2024-10-29
URL tf.lablesups.com/AiMuWX/#Xpreconstruction@muckleroyfalls.com IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded true Resource Info First Seen 2024-10-29 Last Seen 2024-10-29 Times Seen 1 Size 18 kB (17632 bytes) MD5 14486c55923be7273142a88ccd3ac9c1 SHA1 ff2d8d7986acb85bce6b20f789ccc4d3b97bc67d SHA256 195565277cef7357582d411251be14e07be9a80695d2e9f27a35239e79232c41 Format Code Loading...

	unknown	ScriptElement	1.4 kB	2024-10-29	2024-10-29
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-10-29 Last Seen 2024-10-29 Times Seen 1 Size 1.4 kB (1406 bytes) MD5 362eae681edc0ff18c35da1d8687381d SHA1 f46efc904468ece47e3f332336c5deb32240f7ad SHA256 ccf79f97548e71e0a8c6b0c3c9f51a8f63ed50676c0e5ba634d3efaa5498464e Format Code Loading...

	HASH	FROM	Size	First Seen	Last Seen
	a866b3a75d2612a5204baf213e854d83	DocumentWrite	4.9 kB	2024-10-29	2024-10-29
Introduced by DocumentWrite First Seen 2024-10-29 Last Seen 2024-10-29 Times Seen 1 Size 4.9 kB (4880 bytes) MD5 a866b3a75d2612a5204baf213e854d83 SHA1 84242ee289251c60258b74986e1bc694d6cb0eee SHA256 6ea6f3f493bdd429b28c00ce1fd0c895a16d44e9505eedd96f24316239d5a804 Format Code Loading...

HTTP Transactions (16)

URL IP Response Size

142.250.74.163

302 Found

330 B

URL

IP / ASN

142.250.74.163

#15169 GOOGLE

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with CRLF, LF line terminators

First Seen2024-10-29

Last Seen2024-10-29

Times Seen1

Size330 B (330 bytes)

MD555d899016cec77833925a92891935a50

SHA14dc569480626ed46fe88975f5eb9f4f51c3a89d6

SHA256b575dcaf36df548c08959db87c8ae74fe5385133ee2e0cb6fffcfd95a10ad310

HTTP Headers

GET /url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/psytech.myvnc.com/amins321/yessir321/0sO3FRnxEQoo5vVnVyN0I/cHJlY29uc3RydWN0aW9uQG11Y2tsZXJveWZhbGxzLmNvbQ== HTTP/1.1
Host: www.google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://www.google.ae/amp/psytech.myvnc.com/amins321/yessir321/0sO3FRnxEQoo5vVnVyN0I/cHJlY29uc3RydWN0aW9uQG11Y2tsZXJveWZhbGxzLmNvbQ==
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-JHccGFqi4UnZLSURwkCfKA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Tue, 29 Oct 2024 19:33:02 GMT
server: gws
content-length: 330
x-xss-protection: 0
set-cookie: __Secure-ENID=23.SE=G_TQGksT_QXhbBT2zjWW-eQlG61wRxeFlmT49A-UOQEvnm5kC8PhHbP18SZzj2Rxg4gNHVsaiSQQl_jTi7jbqu3GwgYkUTPrKEBQKQtNF4CkUFJQ-i3bg2tum8ssbz4UzugT6HLsxV2PoPkWPDuIPpZepUVSJTeWvN2d8gkZbLof2iUKZWTFMlJj1QfuGZlL3ueJ6T4u56l5HRLymlXmTkyYR51IhyJBgTrZRjjL; expires=Sat, 29-Nov-2025 11:51:20 GMT; path=/; domain=.google.ae; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.ae/amp/psytech.myvnc.com/amins321/yessir321/0sO3FRnxEQoo5vVnVyN0I/cHJlY29uc3RydWN0aW9uQG11Y2tsZXJveWZhbGxzLmNvbQ==

142.250.74.163

302 Found

311 B

URL

www.google.ae/amp/psytech.myvnc.com/amins321/yessir321/0sO3FRnxEQoo5vVnVyN0I/cHJlY29uc3RydWN0aW9uQG11Y2tsZXJveWZhbGxzLmNvbQ==

IP / ASN

142.250.74.163

#15169 GOOGLE

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with CRLF, LF line terminators

First Seen2024-10-29

Last Seen2024-10-29

Times Seen2

Size311 B (311 bytes)

MD539e9ef8e0ecdb3f359379aac27f90ba3

SHA18fbc80a27c006421cfe9bcea25e8ac458a6ed35e

SHA256e694b7cca8cd12e5c139312f7459c2a99cfe8a4fa6ce655d6011ad0495411512

HTTP Headers

GET /amp/psytech.myvnc.com/amins321/yessir321/0sO3FRnxEQoo5vVnVyN0I/cHJlY29uc3RydWN0aW9uQG11Y2tsZXJveWZhbGxzLmNvbQ== HTTP/1.1
Host: www.google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=23.SE=G_TQGksT_QXhbBT2zjWW-eQlG61wRxeFlmT49A-UOQEvnm5kC8PhHbP18SZzj2Rxg4gNHVsaiSQQl_jTi7jbqu3GwgYkUTPrKEBQKQtNF4CkUFJQ-i3bg2tum8ssbz4UzugT6HLsxV2PoPkWPDuIPpZepUVSJTeWvN2d8gkZbLof2iUKZWTFMlJj1QfuGZlL3ueJ6T4u56l5HRLymlXmTkyYR51IhyJBgTrZRjjL
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
location: http://psytech.myvnc.com/amins321/yessir321/0sO3FRnxEQoo5vVnVyN0I/cHJlY29uc3RydWN0aW9uQG11Y2tsZXJveWZhbGxzLmNvbQ==
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-LQ-nxWZkLzUIu3WXoaXA8g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
date: Tue, 29 Oct 2024 19:33:02 GMT
server: gws
content-length: 311
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

psytech.myvnc.com/amins321/yessir321/0sO3FRnxEQoo5vVnVyN0I/cHJlY29uc3RydWN0aW9uQG11Y2tsZXJveWZhbGxzLmNvbQ==

192.185.13.186

200 OK

0 B

URL

psytech.myvnc.com/amins321/yessir321/0sO3FRnxEQoo5vVnVyN0I/cHJlY29uc3RydWN0aW9uQG11Y2tsZXJveWZhbGxzLmNvbQ==

IP / ASN

192.185.13.186

#19871 NETWORK-SOLUTIONS-HOSTING

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606083

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
suricata	medium	ET INFO HTTP Connection To DDNS Domain Myvnc.com

HTTP Headers

GET /amins321/yessir321/0sO3FRnxEQoo5vVnVyN0I/cHJlY29uc3RydWN0aW9uQG11Y2tsZXJveWZhbGxzLmNvbQ== HTTP/1.1
Host: psytech.myvnc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Oct 2024 19:33:02 GMT
Server: Apache
refresh: 0;url= https://TF.lablesups.com/AiMuWX/#Xpreconstruction@muckleroyfalls.com
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

GET challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

104.18.94.41

302 Found

0 B

URL

challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://tf.lablesups.com/AiMuWX/#Xpreconstruction@muckleroyfalls.com

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606083

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4

ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

HTTP Headers

GET /turnstile/v0/api.js?render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tf.lablesups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 29 Oct 2024 19:33:03 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/f2bbd6738e15/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 8da5985b692756c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.25.14

200 OK

14 kB

URL

cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

IP / ASN

104.17.25.14

#13335 CLOUDFLARENET

Requested byhttps://tf.lablesups.com/AiMuWX/#Xpreconstruction@muckleroyfalls.com

Resource Info

File typeJavaScript source, ASCII text, with very long lines (48316), with no line terminators

First Seen2023-03-07

Last Seen2025-08-02

Times Seen133029

Size14 kB (13972 bytes)

MD52ca03ad87885ab983541092b87adb299

SHA11a17f60bf776a8c468a185c1e8e985c41a50dc27

SHA2568e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Certificate Info

IssuerGoogle Trust Services

Subjectcdnjs.cloudflare.com

FingerprintE6:47:BB:06:9C:32:48:7E:A6:0A:4B:62:53:7B:F0:35:5D:A9:A3:8A

ValiditySat, 28 Sep 2024 05:35:05 GMT - Fri, 27 Dec 2024 05:35:04 GMT

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tf.lablesups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Oct 2024 19:33:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 300897
expires: Sun, 19 Oct 2025 19:33:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8OLVirOxiRdOlglYszLyBr1DWxlBoG3ntbFuskJ1sSX0ZjwcOvpx35BjiYe8eNSTcXcVqWYmVhlFzlmMtraBwHBW8OHAPaCtyzKCx95sngHAPkBSvVbMaJ5Xxpj8oEbovws8dpD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8da5985b6ba1712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.6.0.min.js

151.101.194.137

200 OK

31 kB

URL

code.jquery.com/jquery-3.6.0.min.js

IP / ASN

151.101.194.137

#54113 FASTLY

Requested byhttps://tf.lablesups.com/AiMuWX/#Xpreconstruction@muckleroyfalls.com

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65447)

First Seen2023-03-07

Last Seen2025-08-02

Times Seen263444

Size31 kB (30875 bytes)

MD58fb8fee4fcc3cc86ff6c724154c49c42

SHA1b82d238d4e31fdf618bae8ac11a6c812c03dd0d4

SHA256ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Certificate Info

IssuerSectigo Limited

Subject*.jquery.com

FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5

ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tf.lablesups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Oct 2024 19:33:03 GMT
age: 1247269
x-served-by: cache-lga21931-LGA, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 395977
x-timer: S1730230384.956635,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1

104.18.94.41

200 OK

61 B

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/

Resource Info

File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced

First Seen2023-08-25

Last Seen2025-05-14

Times Seen189286

Size61 B (61 bytes)

MD59246cca8fc3c00f50035f28e9f6b7f7d

SHA13aa538440f70873b574f40cd793060f53ec17a5d

SHA256c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4

ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 29 Oct 2024 19:33:04 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8da5985d6b6d56be-OSL
alt-svc: h3=":443"; ma=86400

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8da5985cca7156be&lang=auto

104.18.94.41

200 OK

47 kB

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8da5985cca7156be&lang=auto

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2024-10-29

Last Seen2024-10-29

Times Seen1

Size47 kB (47055 bytes)

MD53c7bf75c238420b5520d3294cd9b8240

SHA153a2e5fd67305bb2faa1d4e35757de5c13cd6dfa

SHA2567687faaf2b68abc91e76fd872eb88a5161b113448b9be691e2af63b241cebc1f

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4

ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8da5985cca7156be&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 29 Oct 2024 19:33:04 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8da5985d6b7656be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1974870668:1730227571:kIP6yKvVQsDCnvvVU5fS3m--rXM5Jd3WrD682CtHClM/8da5985cca7156be/4hp.MdaAck.vadGwBocm0Jn1WNWzfujUTw6GPFf24Uw-1730230384-1.1.1.1-QoUDGqCbv83vuh3_cq32npAEj1bYwi.FRi4XE0.iG0wVOuWLOHoSkOLU57oIs0Ho

104.18.94.41

200 OK

102 kB

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1974870668:1730227571:kIP6yKvVQsDCnvvVU5fS3m--rXM5Jd3WrD682CtHClM/8da5985cca7156be/4hp.MdaAck.vadGwBocm0Jn1WNWzfujUTw6GPFf24Uw-1730230384-1.1.1.1-QoUDGqCbv83vuh3_cq32npAEj1bYwi.FRi4XE0.iG0wVOuWLOHoSkOLU57oIs0Ho

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/

Resource Info

File typeASCII text, with very long lines (65536), with no line terminators

First Seen2024-10-29

Last Seen2024-10-29

Times Seen1

Size102 kB (102520 bytes)

MD51526ddb1cdf90f1da065963bb9eb3f03

SHA13d7c3e741d1c64f9663c5e38de71199d0de0c402

SHA2562e8f7f391993a576a17a101838e49986d358ac642cb30d8029526c3db01c786c

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4

ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1974870668:1730227571:kIP6yKvVQsDCnvvVU5fS3m--rXM5Jd3WrD682CtHClM/8da5985cca7156be/4hp.MdaAck.vadGwBocm0Jn1WNWzfujUTw6GPFf24Uw-1730230384-1.1.1.1-QoUDGqCbv83vuh3_cq32npAEj1bYwi.FRi4XE0.iG0wVOuWLOHoSkOLU57oIs0Ho HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4hp.MdaAck.vadGwBocm0Jn1WNWzfujUTw6GPFf24Uw-1730230384-1.1.1.1-QoUDGqCbv83vuh3_cq32npAEj1bYwi.FRi4XE0.iG0wVOuWLOHoSkOLU57oIs0Ho
Content-Length: 2725
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 29 Oct 2024 19:33:04 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: sgYd02+0CTRnhtjqi09pSdOOu1pF5TwGOI6noXKsCRu4zrpnRPN2x6vyZQLuY/t3SvafVmhBEV4vxAS/v7ZfPCeZuHn/jWiSG34MEMHitiHngmaRRRvBhcP+iyPG7FhTnCMSlBHaKaGq4lC8PUtF9nf5f1cwSoRvD4/KioFSFXNpXkLpxrqYO7U4dwSGhl/kWQwmJAarMJMp4QyBrz9/nE8xTgUem/HVWqwQ6XTtAdbqQQm7eFeFxzgeHOVug1hzyiLeTuWAUxHxxsgPGwh11v59F4Z8tz5DKgxw0Taedf1sJiyBLUeY1wxQFWjvgyg49UrmTMqA5puhvePWorQkE0xmnnQjFtdhZgMh/4D5f2aJDwlqYIDQNr5CwYn29b4I/3aEdFVNyNGrMI7gLd0mAImE0ESek4zVq7C0DO4tvCvbFkILsZsjOZqZnxAwkV3tMTs5GExsuAVuKq41nQ==$Ezm6IC9Hj1YzhPG/
server: cloudflare
cf-ray: 8da5985f5ef356be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.18.94.41

200 OK

26 kB

URL

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/

Resource Info

File typeASCII text, with very long lines (26288), with no line terminators

First Seen2024-10-29

Last Seen2024-10-29

Times Seen1

Size26 kB (25586 bytes)

MD5d1568e699d79418f986b1dc38889a818

SHA18ee695b675476155038d253b0701783a71e2cd46

SHA256dfaf9f766d379de935d54ed69a910cfa93e5758962c24ca00a0e8d6728dc788a

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4

ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1974870668:1730227571:kIP6yKvVQsDCnvvVU5fS3m--rXM5Jd3WrD682CtHClM/8da5985cca7156be/4hp.MdaAck.vadGwBocm0Jn1WNWzfujUTw6GPFf24Uw-1730230384-1.1.1.1-QoUDGqCbv83vuh3_cq32npAEj1bYwi.FRi4XE0.iG0wVOuWLOHoSkOLU57oIs0Ho HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4hp.MdaAck.vadGwBocm0Jn1WNWzfujUTw6GPFf24Uw-1730230384-1.1.1.1-QoUDGqCbv83vuh3_cq32npAEj1bYwi.FRi4XE0.iG0wVOuWLOHoSkOLU57oIs0Ho
Content-Length: 28386
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 29 Oct 2024 19:33:07 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: juniqDrOISkSduTZrcKyDMvaboC7lMV4GHLnZGYLo9WC9JUIz5BYXMbjzcfdjLfexHkmDhu6GlnjSo8g$2ZzbEHP7z5fT9BS4
server: cloudflare
cf-ray: 8da5986ef98d56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8da5985cca7156be/1730230384569/6d45fc9f7e96bf1fcda48a87e6c41a8ab2bf241980e3e5e4e99fc88dd372372a/Ijf2iFLojyizfxB

104.18.94.41

401 Unauthorized

1 B

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8da5985cca7156be/1730230384569/6d45fc9f7e96bf1fcda48a87e6c41a8ab2bf241980e3e5e4e99fc88dd372372a/Ijf2iFLojyizfxB

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/

Resource Info

File typevery short file (no magic)

First Seen0001-01-01

Last Seen2025-08-02

Times Seen228370

Size1 B (1 bytes)

MD5ff44570aca8241914870afbc310cdb85

SHA158668e7669fd564d99db5d581fcdb6a5618440b5

SHA2566da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4

ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8da5985cca7156be/1730230384569/6d45fc9f7e96bf1fcda48a87e6c41a8ab2bf241980e3e5e4e99fc88dd372372a/Ijf2iFLojyizfxB HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 401 Unauthorized
date: Tue, 29 Oct 2024 19:33:06 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gbUX8n36Wvx_NpIqH5sQairK_JBmA4-Xk6Z_IjdNyNyoAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIG1F_J9-lr8fzaSKh-bEGoqyvyQZgOPl5OmfyI3TcjcqABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIG1F_J9-lr8fzaSKh-bEGoqyvyQZgOPl5OmfyI3TcjcqABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwOXxuf_YfH60WXLdHNNMi668yTzkAIuksAL2v5Hmho3odFuawAT0cyief1oGo8EaTM_mzmbWK1XdowTDWz2k8-mVmWsgyW3NdrIQwZo-pqOoSiMOVVjpDsnwZmGR_SeoYczHldSUjidO3m4djRGeWR4Iv7sZ131HRg8MZGc0BLoTAJ8WLryDVz1Kp_D_qSxsI1b5cap8Y1yGShRIAZ1O6b3zuooeDoLh9q098fsCdlZbnGh28gTNXgdkiFt_yjyaf5upGTHXcizT4TWTDdmvgSNE19n7ahXuj-_GH_XzP42QLUomcuqNEhu5wSj7XNnyRFURH19l6_sLROivytIY2wIDAQAB", max-age=20
server: cloudflare
cf-ray: 8da59868ef6356be-OSL
alt-svc: h3=":443"; ma=86400

GET challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js

104.18.94.41

200 OK

48 kB

URL

challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://tf.lablesups.com/AiMuWX/#Xpreconstruction@muckleroyfalls.com

Resource Info

File typeJavaScript source, ASCII text, with very long lines (47531)

First Seen2024-10-21

Last Seen2024-10-30

Times Seen2700

Size48 kB (47532 bytes)

MD5808a57cae0b6fee71f46efdded44b348

SHA1dd570a24c8bda1b391aa1ddea6004125818e579a

SHA2565b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4

ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

HTTP Headers

GET /turnstile/v0/g/f2bbd6738e15/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tf.lablesups.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Oct 2024 19:33:04 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 18 Oct 2024 17:38:58 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8da5985bea0c56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/

104.18.94.41

200 OK

26 kB

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://tf.lablesups.com/AiMuWX/#Xpreconstruction@muckleroyfalls.com

Resource Info

File typeHTML document, ASCII text, with very long lines (22049)

First Seen2024-10-29

Last Seen2024-10-29

Times Seen1

Size26 kB (26324 bytes)

MD573aa4ebec691891bc16fe8f1549d8f0d

SHA155a7e02d642ae2bc91b66320fba699a52d517051

SHA256a910d03d5f1cf534c30ad6dba58ada6ae2176bf9dad3d308242eb903337f246e

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4

ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tf.lablesups.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 29 Oct 2024 19:33:04 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-opener-policy: same-origin
document-policy: js-profiling
origin-agent-cluster: ?1
referrer-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server: cloudflare
cf-ray: 8da5985cca7156be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET tf.lablesups.com/AiMuWX/

172.67.137.62

200 OK

18 kB

URL

tf.lablesups.com/AiMuWX/

IP / ASN

172.67.137.62

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (6561), with CRLF line terminators

First Seen2024-10-29

Last Seen2024-10-29

Times Seen1

Size18 kB (17761 bytes)

MD544b421354254cb537f54a4319e052dff

SHA1eec3a5bf0b0cc883ca531d604ed348aa98e16804

SHA256eb767cb9ac45b2c01016bbcfeb4778c00880aea18a6e8c13f57b2d8539b20cf5

Certificate Info

IssuerGoogle Trust Services

Subjectlablesups.com

FingerprintF4:1D:B0:4A:98:C0:35:F0:30:08:39:FE:9B:3B:4B:9D:74:13:DB:6C

ValidityThu, 10 Oct 2024 22:18:08 GMT - Wed, 08 Jan 2025 22:18:07 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /AiMuWX/ HTTP/1.1
Host: tf.lablesups.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Oct 2024 19:33:03 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X0AcYFNF00380I5Mi2XumPclVN3f5UXPk06pfPo4DdE3mkaHcWH0g0P7QU46UIZELltKI9%2FOGInb6Jh4FnhYaTJVt%2FxQTbzIAG5jfghIzsLRw%2FOrLzF%2FGsfsWICEKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6Ikx3QU1MQ2srOHcvOU02cXN6eEdwUXc9PSIsInZhbHVlIjoiN2NPSVduTHhudDdSb1pCR1RSalZtRE5HY1dBd0xzcFRLdk5mNloxTUowblFGOE55RWpXNmNwS1FHT0Y0Q3NxVytTWlJJRW5rcTFNZTErLzEvVFZTVllkOFc1SWUwU0ZCYlBpUG1td3lrRXZYV1Y2UTVCOEJpRFJBRjBxSUxBeVMiLCJtYWMiOiI3OTNlNjYwNTNhMWI5ODQwNjdlYTU4OGVmYTNiNjJlZmVmNjE5MTBiNjFmZjk4MmE3Y2JmMTgwZjIzNzM5ZTFmIiwidGFnIjoiIn0%3D; expires=Tue, 29-Oct-2024 21:33:03 GMT; Max-Age=7200; path=/; secure; samesite=none
laravel_session=eyJpdiI6IlUwWnJ4TnZ6YkpOYmVKWDlHZE8wL0E9PSIsInZhbHVlIjoiZkJGTkhyUzBpZHl0bXVlaWhlc3QvbWduUjZONHpJL095enA0Z05YQmtNa0JtcUZWOHRjTWlGTWo2RzRld1FTdDY1UkE4OXYzZDNaMVkvYWV4Y1VXcnRteGUrZjUyNXkveHpYT0NZVWFHbzVUNjJKU3JSdDU1WFRuWjJUN3FVdUoiLCJtYWMiOiJiOWMzOThhZWJiNWE2MTBkMTMwM2JlY2UwMzM4NjY1OGE4N2Q1NDgyYmYxOTYxNjhiOGFkMDE5MzMxZTNhMGZiIiwidGFnIjoiIn0%3D; expires=Tue, 29-Oct-2024 21:33:03 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8da598563f0a56b9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=22685&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2824&recv_bytes=1386&delivery_rate=125767&cwnd=77&unsent_bytes=0&cid=62b38cb29839f5f3&ts=342&x=0", cfL4;desc="?proto=TCP&rtt=22474&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3276&recv_bytes=1253&delivery_rate=261718&cwnd=254&unsent_bytes=0&cid=e482624d9234f55a&ts=666&x=0"
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8da5985cca7156be/1730230384569/Lk4Z9mmVRBjpP-H

104.18.94.41

200 OK

61 B

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8da5985cca7156be/1730230384569/Lk4Z9mmVRBjpP-H

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/

Resource Info

File typePNG image data, 72 x 35, 8-bit/color RGB, non-interlaced

First Seen2023-05-05

Last Seen2025-03-27

Times Seen63

Size61 B (61 bytes)

MD597af362a27b4483da7dbac672624d222

SHA1b1b0ea4e3ac537f8172f2f572c2623e6af07f6ed

SHA2565ec8eeebd15a2185b1825e0fae725d3b96e695f01b417cf5d5d225f87aa4716f

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4

ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/8da5985cca7156be/1730230384569/Lk4Z9mmVRBjpP-H HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vkneg/0x4AAAAAAAxR3MO0jou_hTKA/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 29 Oct 2024 19:33:06 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8da598693fd456be-OSL
alt-svc: h3=":443"; ma=86400

GET tf.lablesups.com/favicon.ico

172.67.137.62

404 Not Found

0 B

URL

tf.lablesups.com/favicon.ico

IP / ASN

172.67.137.62

#13335 CLOUDFLARENET

Requested byhttps://tf.lablesups.com/AiMuWX/#Xpreconstruction@muckleroyfalls.com

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606083

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectlablesups.com

FingerprintF4:1D:B0:4A:98:C0:35:F0:30:08:39:FE:9B:3B:4B:9D:74:13:DB:6C

ValidityThu, 10 Oct 2024 22:18:08 GMT - Wed, 08 Jan 2025 22:18:07 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: tf.lablesups.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tf.lablesups.com/AiMuWX/
Cookie: XSRF-TOKEN=eyJpdiI6Ikx3QU1MQ2srOHcvOU02cXN6eEdwUXc9PSIsInZhbHVlIjoiN2NPSVduTHhudDdSb1pCR1RSalZtRE5HY1dBd0xzcFRLdk5mNloxTUowblFGOE55RWpXNmNwS1FHT0Y0Q3NxVytTWlJJRW5rcTFNZTErLzEvVFZTVllkOFc1SWUwU0ZCYlBpUG1td3lrRXZYV1Y2UTVCOEJpRFJBRjBxSUxBeVMiLCJtYWMiOiI3OTNlNjYwNTNhMWI5ODQwNjdlYTU4OGVmYTNiNjJlZmVmNjE5MTBiNjFmZjk4MmE3Y2JmMTgwZjIzNzM5ZTFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlUwWnJ4TnZ6YkpOYmVKWDlHZE8wL0E9PSIsInZhbHVlIjoiZkJGTkhyUzBpZHl0bXVlaWhlc3QvbWduUjZONHpJL095enA0Z05YQmtNa0JtcUZWOHRjTWlGTWo2RzRld1FTdDY1UkE4OXYzZDNaMVkvYWV4Y1VXcnRteGUrZjUyNXkveHpYT0NZVWFHbzVUNjJKU3JSdDU1WFRuWjJUN3FVdUoiLCJtYWMiOiJiOWMzOThhZWJiNWE2MTBkMTMwM2JlY2UwMzM4NjY1OGE4N2Q1NDgyYmYxOTYxNjhiOGFkMDE5MzMxZTNhMGZiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 29 Oct 2024 19:33:04 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8YjndpIerPZO91iVzTHpUmyLkj4K2nGeNvPPW%2BOpvcarJECJsn3c7sNVnxZ2aFtzMezZxLNSq6tcpEEBu4jWLBlckZlqPlL4Vc26%2Fh8%2BHWDUiK4weh380lXwI6erg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 3180
server: cloudflare
cf-ray: 8da5985cd98e56bf-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=22742&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2823&recv_bytes=2085&delivery_rate=124677&cwnd=232&unsent_bytes=0&cid=c8f0492c09522065&ts=337&x=0", cfL4;desc="?proto=QUIC&rtt=19872&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4043&recv_bytes=1684&delivery_rate=32619&cwnd=12000&unsent_bytes=0&cid=a559439981fbee9e&ts=422&x=1", cfHdrFlush;dur=0