| |  172.67.217.150 | 403 Forbidden | 7.7 kB |
IP172.67.217.150:443
CertificateIssuerGoogle Trust Services Subjectyubit.co.za FingerprintE3:59:80:FB:CF:BE:F8:98:58:B5:4A:A4:8E:09:D5:B0:14:57:EE:EB ValidityThu, 03 Apr 2025 11:38:40 GMT - Wed, 02 Jul 2025 12:36:26 GMT
File typeHTML document, ASCII text, with very long lines (7655), with no line terminators Hash2817537df9fe10805781ece3855cf3c2 09d7e93770f84df8727082358e9e72e9820bc2a8 3b43aafab040b4ba818b0011e75593dab476756c3ee805a90827d4652db378d9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 25 Apr 2025 02:59:19 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 935a956ceb17712b-OSL
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kNBhLbrs8MUtpdxdSBgMNTSfTDv4l21AIq6CsuyckJRPG2CIQFuA714Sq1MXEkV8fYM0lh4aYxN6S4vWhr5szElp8xLUtRw7XR0j9RHMqjVW5XiHbNjem58BpkSAX55NMpEwBU3A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: chlray;desc="935a956ceb17712b", cfL4;desc="?proto=TCP&rtt=544&min_rtt=477&rtt_var=163&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3273&recv_bytes=1260&delivery_rate=6571860&cwnd=253&unsent_bytes=0&cid=a20e2dea112aa90a&ts=43&x=0"
X-Firefox-Spdy: h2
|
|
| witaral.yubit.co.za/favicon.ico | 104.21.75.85 | 403 Forbidden | 5.4 kB |
URL GET witaral.yubit.co.za/favicon.ico IP104.21.75.85:80
Requested byhttp://witaral.yubit.co.za/
File typeHTML document, ASCII text, with very long lines (5449), with no line terminators Hash014447c39265733e63d8e2ef0507c43d 5a0734fe5164686e90768e3d70166b79e412ff9b bf0b23035e5c2c8a5a1562e736a6bffbc0b09a76cf4323f626586f540fcb570d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://witaral.yubit.co.za/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 25 Apr 2025 02:59:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l2EcFO9m9VezuououIVRWB9P%2BKjgq4XkcFDF2gAk3fjjJqgLJ%2B%2Ft%2BKyypBzICBGpgf1UNHWMUT2pjo8cNrVGmRDfEwXgcFbpCl2hLiP4uFUH8VX7KKbz0sYUXvfnvux3N81ZKLGs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 935a956faf8756b4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="935a956faf8756b4", cfL4;desc="?proto=TCP&rtt=2724&min_rtt=2724&rtt_var=1362&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=363&delivery_rate=0&cwnd=235&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/461642916:1745548061:gtfAi_C5Fy5WxkQlYWJ9JHOMax_ZC-qLQx-gJptirOg/935a957198995691/BMmZtRIMR4ETwKJ_6rL.I_2Hae4Vq3.LdY0OwvOcb.A-1745549959-1.1.1.1-eShMvRbWwAsn9Q7ySFdmpLxwn8iHXt1Hk9CNqkJmeMEabRnAtadMgRcA4AQZ3Gi4 | 104.18.94.41 | 200 OK | 238 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/461642916:1745548061:gtfAi_C5Fy5WxkQlYWJ9JHOMax_ZC-qLQx-gJptirOg/935a957198995691/BMmZtRIMR4ETwKJ_6rL.I_2Hae4Vq3.LdY0OwvOcb.A-1745549959-1.1.1.1-eShMvRbWwAsn9Q7ySFdmpLxwn8iHXt1Hk9CNqkJmeMEabRnAtadMgRcA4AQZ3Gi4 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size238 kB (237864 bytes) Hasheb7b2ecc7461cae91ad985486f8d1a37 8d8a5a64cede38b5f4c4fd911da7b5d6a059ba1e 694c3bd4012c04bc790c683714cde00d1806bc0d080039f1066c8686f135988b
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/461642916:1745548061:gtfAi_C5Fy5WxkQlYWJ9JHOMax_ZC-qLQx-gJptirOg/935a957198995691/BMmZtRIMR4ETwKJ_6rL.I_2Hae4Vq3.LdY0OwvOcb.A-1745549959-1.1.1.1-eShMvRbWwAsn9Q7ySFdmpLxwn8iHXt1Hk9CNqkJmeMEabRnAtadMgRcA4AQZ3Gi4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
cf-chl: BMmZtRIMR4ETwKJ_6rL.I_2Hae4Vq3.LdY0OwvOcb.A-1745549959-1.1.1.1-eShMvRbWwAsn9Q7ySFdmpLxwn8iHXt1Hk9CNqkJmeMEabRnAtadMgRcA4AQZ3Gi4
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3742
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 25 Apr 2025 02:59:20 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: H7Xc2EVzQhk2ObL4gd3dlsrgEk9T3onKfnycZ6SVbO0EbjpnVr6c9Xim+qi+QKOvJZ5z1lMrSCOxiyAXLKmucWDHmVNcqz4xl0W4E6v7FzfIyMs7JdZlv5g7DVGYy6igOKxeg2fB1cRVeYaOcUaaw+3TG82TXPD1sbRKzS91BnEp6Wzcq/Jn8LblIOBhfRvuMoJl5+XO8XHAdo3P1/Ssr+XJ1INSdt2h9EmdODl3n57HRt9W8c/3XxHmvV9vjXLA8Ipf29F6lgqXA5C32eRvz/3jvnrWaWdHpuyTpeKcV4icjqAJXXkPy+bV6JtT1q7rISyPx3mERjrylWNH7p5x6z5thPQnzwIFCRJtAszx+A1+uijdqgOkCZB6ab9Wzh/flpNNUa/r9i9kI3JCjpJwFBrgYmX5GSUP6KyXGWOLHgXfxRwBR6a1ezUsGT7f8/tLy4+TU4mJYOJgILZ+qcd8tKc6Hb/OPlvpUvhZB7XilGHbKNUoreQw9PYNLkIzABVc/E8qvVQJf554OJ55woMQGUM/r456/JaPZ9qHeAOdcErQEX1JsiHuy8KF+hpCnef4rTTpV4SeLVaxia7PRIWJ4hAX3AjB9ekWSiN8uXKWHrrtITiuJ9fUw5jysgx44MT00PffS7y9AFv5yHZe4LlhX4lQD5f6Kk5Ilb3COETNBsBbEeoxV3HS0Ctpeh8toO1iwAyFn5OZ3p4txfL/tarWmgfNY1VLK6uM46S/NejiJXiNE8GdoaNgFKisObSLz0i9dYez8BKnrLfcOgD/6OpjFrgdpIhwqy7hDxJM3VbjQqk=$fAltI2u6ghviYtkIdJN15w==
priority: u=3,i=?0
server: cloudflare
cf-ray: 935a957479945691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| witaral.yubit.co.za/favicon.ico | 104.21.75.85 | 404 Not Found | 146 B |
URL GET witaral.yubit.co.za/favicon.ico IP104.21.75.85:80
Requested byhttp://witaral.yubit.co.za/
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://witaral.yubit.co.za/
Cookie: cf_clearance=N8.zypRQ8qDADrQ6ZO_NdnQdCu4Cb25yXU4472hUVxY-1745549970-1.2.1.1-dwFD8DK4kL4zjgmuweE7WDf3xO_MHpajcEdPBf1yRG_TpoOI5J0rEDzVVBU7ZZe8BirtJdT79uKGqqdSUGknaDV4e19wsj7SDd8GVUO9eUFTRG2bgOBvD6xb4lj.pHA1KiGm1.zwBxls0UHTDR5fU1YcT3XPVQ0L2s9LiD7pLMTiAzWCLjixJzALuseA6sOFWzP4HFDRR_F9b16Y7AeirPCQZf8iM7knERuVLP1fHNz1lLX8MwsBcwfhMigAOlOdSLPaPuKiKi6qzvG_dD7MIDgrNMCNROcxsHDytbFJk9wVhOpUyAs0vXktHFZrAI.Od7aVfKLV1aFwF0d41995AFJpoHHKJxheeXoAV1a.ESID_RIDoh5Kwj_fyY.lED1g
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 25 Apr 2025 02:59:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 935a95b72d57569b-OSL
CF-Cache-Status: MISS
Cache-Control: max-age=14400
Vary: accept-encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J7gWYinyhlr7J7pmd52iGsZ53o9tIsXbXd27wb7IcMaGYEQI982wr9UHNdyXg%2FOMe3%2BNVc2x69EYa3%2FlXS8TZokPueJ8llosPQy88M29N6eZ2JV9DX1ls63D559azOt4xloL89CO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=848&min_rtt=484&rtt_var=477&sent=25&recv=31&lost=0&retrans=0&sent_bytes=20307&recv_bytes=12074&delivery_rate=17388646&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| witaral.yubit.co.za/cdn-cgi/challenge-platform/h/g/scripts/jsd/44e6f86df4dc/main.js? | 104.21.75.85 | 200 OK | 8.5 kB |
URL GET witaral.yubit.co.za/cdn-cgi/challenge-platform/h/g/scripts/jsd/44e6f86df4dc/main.js? IP104.21.75.85:80
Requested byhttp://witaral.yubit.co.za/
File typeJavaScript source, ASCII text, with very long lines (8515), with no line terminators Hashe21333f1fcfe6ff92955e28f3a4a5551 e4476a83b50c66e0e6bee0a9b79b39013c567ea8 2cf1f1ee948f2ade0bbcfc46173034b804d5ac75dbb16c111e0d722733cca356
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/44e6f86df4dc/main.js? HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=N8.zypRQ8qDADrQ6ZO_NdnQdCu4Cb25yXU4472hUVxY-1745549970-1.2.1.1-dwFD8DK4kL4zjgmuweE7WDf3xO_MHpajcEdPBf1yRG_TpoOI5J0rEDzVVBU7ZZe8BirtJdT79uKGqqdSUGknaDV4e19wsj7SDd8GVUO9eUFTRG2bgOBvD6xb4lj.pHA1KiGm1.zwBxls0UHTDR5fU1YcT3XPVQ0L2s9LiD7pLMTiAzWCLjixJzALuseA6sOFWzP4HFDRR_F9b16Y7AeirPCQZf8iM7knERuVLP1fHNz1lLX8MwsBcwfhMigAOlOdSLPaPuKiKi6qzvG_dD7MIDgrNMCNROcxsHDytbFJk9wVhOpUyAs0vXktHFZrAI.Od7aVfKLV1aFwF0d41995AFJpoHHKJxheeXoAV1a.ESID_RIDoh5Kwj_fyY.lED1g
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Apr 2025 02:59:31 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XwXbbsuDFo2ofpZIazgbgOv42sCvkSnrY3Zjp6JlOjwc2Lq6v6WdPoCNEq%2FVfFiPGpriUhMoLke6eTZpJpKXzlaJWMHGEqzha%2BWe5pscwXbeHHeunZ0uYb%2BpF8yzFpM5D95qGo49"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 935a95b75daf5685-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=442&min_rtt=440&rtt_var=169&sent=2&recv=5&lost=0&retrans=0&sent_bytes=932&recv_bytes=1634&delivery_rate=3161572&cwnd=250&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| witaral.yubit.co.za/cdn-cgi/challenge-platform/h/g/jsd/r/0.6040900428313284:1745547916:VvHi4DvQi262k_PyF7p0kLAyM2JUfMKQCnzVIb2N7XM/935a95b5dcea569b | 104.21.75.85 | 200 OK | 0 B |
URL POST witaral.yubit.co.za/cdn-cgi/challenge-platform/h/g/jsd/r/0.6040900428313284:1745547916:VvHi4DvQi262k_PyF7p0kLAyM2JUfMKQCnzVIb2N7XM/935a95b5dcea569b IP104.21.75.85:80
Requested byhttp://witaral.yubit.co.za/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/jsd/r/0.6040900428313284:1745547916:VvHi4DvQi262k_PyF7p0kLAyM2JUfMKQCnzVIb2N7XM/935a95b5dcea569b HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 11513
Origin: http://witaral.yubit.co.za
DNT: 1
Connection: keep-alive
Referer: http://witaral.yubit.co.za/
Cookie: cf_clearance=N8.zypRQ8qDADrQ6ZO_NdnQdCu4Cb25yXU4472hUVxY-1745549970-1.2.1.1-dwFD8DK4kL4zjgmuweE7WDf3xO_MHpajcEdPBf1yRG_TpoOI5J0rEDzVVBU7ZZe8BirtJdT79uKGqqdSUGknaDV4e19wsj7SDd8GVUO9eUFTRG2bgOBvD6xb4lj.pHA1KiGm1.zwBxls0UHTDR5fU1YcT3XPVQ0L2s9LiD7pLMTiAzWCLjixJzALuseA6sOFWzP4HFDRR_F9b16Y7AeirPCQZf8iM7knERuVLP1fHNz1lLX8MwsBcwfhMigAOlOdSLPaPuKiKi6qzvG_dD7MIDgrNMCNROcxsHDytbFJk9wVhOpUyAs0vXktHFZrAI.Od7aVfKLV1aFwF0d41995AFJpoHHKJxheeXoAV1a.ESID_RIDoh5Kwj_fyY.lED1g
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Apr 2025 02:59:31 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
Connection: keep-alive
set-cookie: cf_clearance=Is7GWWBpOUQ_bY.Hk3cqYZI0cNg33igjNhSxnZmffW4-1745549971-1.2.1.1-EbJ47bvxQNl2MCLj_p71R_3NCIV7FMYcYSwd6hMbwpVeGOnyj43S8xYM6PWJZ3gqm5TEG8R1bw6Zaxy3yQQ8PCoAu7b7roEfU75Qkw2VUuAY_pHQnLY03meFZc3ULomgVgxM98T8P5g0CVsaLX3SVFmtmLyjKjFMkQuK2zBI.dooH_sNTlJI2VRjT1x_aUmOy0sI_cshK4qNYro1tP2XlNQemicPNE_j8rJMZfulIfCRLJMcV_w_gMQHRyFtikS84bfU8WA29rVWR3BQA7sfUfG8eNGohxF7wtfP0txWuddVj6ZUXonNQx1eBRM9xKKIBrwQux3NhnN6mpFr7J87yYlfFZUkFE.D6fU3vY4M1zDQ7AFcr3NqspPJiRT4LL4T; HttpOnly; SameSite=Strict; Path=/; Domain=yubit.co.za; Expires=Sat, 25 Apr 2026 02:59:31 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9lXBKlwIRek9gGM7vLzw3XMCEPahaMKiQqmBdMVTTCBw5wXKZNBviCioS%2F1VC0SkfYsARnhZ31UCX9trY3CAPwjplXZjbq%2FpY1%2BsbxjQJ3Hg7W9IvZtOkKdGXvQp3TLI6SqQ6Tda"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 935a95b7fdac569b-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=759&min_rtt=447&rtt_var=424&sent=35&recv=43&lost=0&retrans=0&sent_bytes=21296&recv_bytes=24614&delivery_rate=17388646&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| | 104.21.75.85 | 403 Forbidden | 5.4 kB |
IP104.21.75.85:80
File typeHTML document, ASCII text, with very long lines (5415), with no line terminators Hashfdba1cf725960872c29a789c718ce328 cc95b8bd4f011ac4ceb3db76c49ffb28362bdbf2 a6c3e5eed3601307aa96b785e3995a1ee10d95df76c45b4659fa892d2caea97f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 25 Apr 2025 02:59:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=staDAAmIuK51K%2Bcva9iljal8moub7FQ3%2BhngFC2iDGTTdv1JLqMTClDA1upHrlBdsxtAcmTQ8frHJ8LeukaDPFxIMdQ4BTDrkeLaoYIZwyxLdCuymLvvA8nBo07%2FB6USfA4l5Ys1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 935a956e284456bf-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="935a956e284456bf", cfL4;desc="?proto=TCP&rtt=424&min_rtt=424&rtt_var=212&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=404&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| witaral.yubit.co.za/favicon.ico | 104.21.75.85 | 403 Forbidden | 5.6 kB |
URL GET witaral.yubit.co.za/favicon.ico IP104.21.75.85:80
Requested byhttp://witaral.yubit.co.za/
File typeHTML document, ASCII text, with very long lines (5577), with no line terminators Hash2e97950211bede2f94974af5ad2038dd 1d49c1404f0780317f5c3dc4c8eaed2beb359500 9321592174303f63384f06202a23d107bd26ce75878e0acc428f908f81986f81
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://witaral.yubit.co.za/?__cf_chl_rt_tk=JiDkQuF_YD5BcJOsoe.bePpj2I4yzLXBDd2cUE3Palc-1745549959-1.0.1.1-fmrO6lAsg1eR2ybPl1RQp6DqeLcXtS9EnMtR4fCNWKI
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 25 Apr 2025 02:59:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u8%2B9INyQdbB%2Bn7qh87EijjpnTreZC0HhE6YUH2Wmc0q%2B%2F1XT0SwAdz9E484DXR2hS0ELs%2BpwkbVILzIqzfeRXoQh3wJBp6tQ6G1MTKHODSHovSC80wmz7PEL5KXXlf2ldLbA%2B57z"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 935a956f3a30b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="935a956f3a30b50c", cfL4;desc="?proto=TCP&rtt=881&min_rtt=436&rtt_var=77&sent=31&recv=23&lost=0&retrans=0&sent_bytes=39063&recv_bytes=1012&delivery_rate=32830548&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/935a957198995691/1745549960409/imfkg42X3Xj3F-1 | 104.18.94.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/935a957198995691/1745549960409/imfkg42X3Xj3F-1 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typePNG image data, 78 x 53, 8-bit/color RGB, non-interlaced Hash1d1a0c4318edf487d4320881461d8c58 1c99bf8143c1d6afc29bd1d138f50a89f9f0dd3c 1b079bf6a40b2410e77b380315c861e4eb541735264425f8d6a45d2e7eb80047
GET /cdn-cgi/challenge-platform/h/g/d/935a957198995691/1745549960409/imfkg42X3Xj3F-1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 25 Apr 2025 02:59:21 GMT
content-type: image/png
content-length: 61
priority: u=4,i=?0
server: cloudflare
cf-ray: 935a9578fba05691-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=935a957198995691&lang=auto | 104.18.94.41 | 200 OK | 121 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=935a957198995691&lang=auto IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size121 kB (120749 bytes) Hash5d5e6e17d693e96228e9c44d7faa8fda 07182685f897d929c095c5f0da92bf91014d0a4e c7080d9c4bd74f8a3e9aedf3554b728a3d0b16e04268da9235c0b59e85890c58
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=935a957198995691&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 25 Apr 2025 02:59:20 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 935a957258da5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/461642916:1745548061:gtfAi_C5Fy5WxkQlYWJ9JHOMax_ZC-qLQx-gJptirOg/935a957198995691/BMmZtRIMR4ETwKJ_6rL.I_2Hae4Vq3.LdY0OwvOcb.A-1745549959-1.1.1.1-eShMvRbWwAsn9Q7ySFdmpLxwn8iHXt1Hk9CNqkJmeMEabRnAtadMgRcA4AQZ3Gi4 | 104.18.94.41 | 200 OK | 28 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/461642916:1745548061:gtfAi_C5Fy5WxkQlYWJ9JHOMax_ZC-qLQx-gJptirOg/935a957198995691/BMmZtRIMR4ETwKJ_6rL.I_2Hae4Vq3.LdY0OwvOcb.A-1745549959-1.1.1.1-eShMvRbWwAsn9Q7ySFdmpLxwn8iHXt1Hk9CNqkJmeMEabRnAtadMgRcA4AQZ3Gi4 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (28188), with no line terminators Hashdfc755ab67f7b596520f4220967519cb 0538ad0c96f806236c84f6a493dd75c7e08db13d 43c03779adf652fd10989fdf5d733291adf9c789feb3a9cff2e5712a7e78da5f
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/461642916:1745548061:gtfAi_C5Fy5WxkQlYWJ9JHOMax_ZC-qLQx-gJptirOg/935a957198995691/BMmZtRIMR4ETwKJ_6rL.I_2Hae4Vq3.LdY0OwvOcb.A-1745549959-1.1.1.1-eShMvRbWwAsn9Q7ySFdmpLxwn8iHXt1Hk9CNqkJmeMEabRnAtadMgRcA4AQZ3Gi4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
cf-chl: BMmZtRIMR4ETwKJ_6rL.I_2Hae4Vq3.LdY0OwvOcb.A-1745549959-1.1.1.1-eShMvRbWwAsn9Q7ySFdmpLxwn8iHXt1Hk9CNqkJmeMEabRnAtadMgRcA4AQZ3Gi4
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 34555
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 25 Apr 2025 02:59:26 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: AYdTuCXtVZC6Ul+qPgyarJpPn55WZNuG/TonKitr+unhzEydwH/qtZ8q3zTJ8wuV$2/qEvBaiTzYIW/czqyBiYw==
priority: u=3,i=?0
server: cloudflare
cf-ray: 935a9598ad775691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| | 104.21.75.85 | 404 Not Found | 1.1 kB |
IP104.21.75.85:80
File typeHTML document, ASCII text, with very long lines (945) Hasha2c2e9be6a23b6eab5c3970bc68b618a 484e57819d62cd1bf5e7b4f853294f6d61a9ccb7 b76ae9d9b3f55c4658587439e05607c9220bfe4d19064ae7219ee374897b741c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST / HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://witaral.yubit.co.za/?__cf_chl_tk=JiDkQuF_YD5BcJOsoe.bePpj2I4yzLXBDd2cUE3Palc-1745549959-1.0.1.1-fmrO6lAsg1eR2ybPl1RQp6DqeLcXtS9EnMtR4fCNWKI
Content-Type: application/x-www-form-urlencoded
Content-Length: 2392
Origin: http://witaral.yubit.co.za
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=N8.zypRQ8qDADrQ6ZO_NdnQdCu4Cb25yXU4472hUVxY-1745549970-1.2.1.1-dwFD8DK4kL4zjgmuweE7WDf3xO_MHpajcEdPBf1yRG_TpoOI5J0rEDzVVBU7ZZe8BirtJdT79uKGqqdSUGknaDV4e19wsj7SDd8GVUO9eUFTRG2bgOBvD6xb4lj.pHA1KiGm1.zwBxls0UHTDR5fU1YcT3XPVQ0L2s9LiD7pLMTiAzWCLjixJzALuseA6sOFWzP4HFDRR_F9b16Y7AeirPCQZf8iM7knERuVLP1fHNz1lLX8MwsBcwfhMigAOlOdSLPaPuKiKi6qzvG_dD7MIDgrNMCNROcxsHDytbFJk9wVhOpUyAs0vXktHFZrAI.Od7aVfKLV1aFwF0d41995AFJpoHHKJxheeXoAV1a.ESID_RIDoh5Kwj_fyY.lED1g
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 25 Apr 2025 02:59:31 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 935a95b5dcea569b-OSL
CF-Cache-Status: DYNAMIC
Cache-Control: no-cache, no-store, must-revalidate
Expires: Fri, 25 Apr 2025 02:59:30 GMT
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CQ1f26gmW4usu7FbfSVluCx%2FkMg%2BA%2FOR%2BHh8Jdbusu4PIPrFJfJa6UBpDy2DrBPi99q868k%2BbhVK7KWZEPQizygHRZn7CTlYggfuvCDYJLRtbaGHf%2BY10cZncDjur1qDCg4HsvW7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=928&min_rtt=484&rtt_var=599&sent=22&recv=28&lost=0&retrans=0&sent_bytes=18763&recv_bytes=11241&delivery_rate=17388646&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| witaral.yubit.co.za/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.75.85 | 302 Found | 8.5 kB |
URL GET witaral.yubit.co.za/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.75.85:80
Requested byhttp://witaral.yubit.co.za/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=N8.zypRQ8qDADrQ6ZO_NdnQdCu4Cb25yXU4472hUVxY-1745549970-1.2.1.1-dwFD8DK4kL4zjgmuweE7WDf3xO_MHpajcEdPBf1yRG_TpoOI5J0rEDzVVBU7ZZe8BirtJdT79uKGqqdSUGknaDV4e19wsj7SDd8GVUO9eUFTRG2bgOBvD6xb4lj.pHA1KiGm1.zwBxls0UHTDR5fU1YcT3XPVQ0L2s9LiD7pLMTiAzWCLjixJzALuseA6sOFWzP4HFDRR_F9b16Y7AeirPCQZf8iM7knERuVLP1fHNz1lLX8MwsBcwfhMigAOlOdSLPaPuKiKi6qzvG_dD7MIDgrNMCNROcxsHDytbFJk9wVhOpUyAs0vXktHFZrAI.Od7aVfKLV1aFwF0d41995AFJpoHHKJxheeXoAV1a.ESID_RIDoh5Kwj_fyY.lED1g
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 25 Apr 2025 02:59:31 GMT
Content-Length: 0
Connection: keep-alive
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/44e6f86df4dc/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XcN6My%2Fx%2FOUgf6qw6qCQpICFqvq1Mu6UtUllkCw%2FX03rG%2FGWFzNY6VBXjpBlTRpkRTg%2BtJL9sLVBrsb4PxHmi4ytse50K5tJvsM5FEf7UNeOvnT8jawq7nQ35uN%2FKIAxTxMYMwdh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 935a95b73da85685-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=440&min_rtt=440&rtt_var=220&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=808&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| challenges.cloudflare.com/turnstile/v0/g/44e6f86df4dc/api.js?onload=boSsq5&render=explicit | 104.18.94.41 | 200 OK | 48 kB |
URL GET challenges.cloudflare.com/turnstile/v0/g/44e6f86df4dc/api.js?onload=boSsq5&render=explicit IP104.18.94.41:443
Requested byhttp://witaral.yubit.co.za/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeJavaScript source, ASCII text, with very long lines (48122) Hash3ed4ab6463fdabe2783a7a7828e94177 c80f67f86421dd2c071d5abc70337877db648266 91ce8bcef253fa49b7bbec10fa3c456261336414caa9da52e94988b6a44d1780
GET /turnstile/v0/g/44e6f86df4dc/api.js?onload=boSsq5&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://witaral.yubit.co.za
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 25 Apr 2025 02:59:19 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Apr 2025 10:23:44 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 935a95700dffb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| witaral.yubit.co.za/cdn-cgi/challenge-platform/h/g/flow/ov1/421826255:1745547940:yg2r10gBxHrO0CF3IG5e6ixjYJnLcgBv01ilVgwrXCo/935a956e284456bf/wmg.3Q1dtBTSEFfkB0va2M9lkz3RsJpbZn82lP3add0-1745549959-1.2.1.1-J.PXspWrB4yjgEjHox931jj6VlpKBlzyBDZfLFY07.1HVEgrCD8ii_D_YNBFacuN | 104.21.75.85 | 200 OK | 17 kB |
URL POST witaral.yubit.co.za/cdn-cgi/challenge-platform/h/g/flow/ov1/421826255:1745547940:yg2r10gBxHrO0CF3IG5e6ixjYJnLcgBv01ilVgwrXCo/935a956e284456bf/wmg.3Q1dtBTSEFfkB0va2M9lkz3RsJpbZn82lP3add0-1745549959-1.2.1.1-J.PXspWrB4yjgEjHox931jj6VlpKBlzyBDZfLFY07.1HVEgrCD8ii_D_YNBFacuN IP104.21.75.85:80
Requested byhttp://witaral.yubit.co.za/
File typeASCII text, with very long lines (17004), with no line terminators Hashddf5017e5ea4e5aefba4ed3e4b1186a0 47131988ebd279a80948de7c6bfc9140fe60de09 965d5510fae51cf976e80db4890c22da78215f281d77a564b065efb8286db33e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/421826255:1745547940:yg2r10gBxHrO0CF3IG5e6ixjYJnLcgBv01ilVgwrXCo/935a956e284456bf/wmg.3Q1dtBTSEFfkB0va2M9lkz3RsJpbZn82lP3add0-1745549959-1.2.1.1-J.PXspWrB4yjgEjHox931jj6VlpKBlzyBDZfLFY07.1HVEgrCD8ii_D_YNBFacuN HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://witaral.yubit.co.za/
cf-chl: wmg.3Q1dtBTSEFfkB0va2M9lkz3RsJpbZn82lP3add0-1745549959-1.2.1.1-J.PXspWrB4yjgEjHox931jj6VlpKBlzyBDZfLFY07.1HVEgrCD8ii_D_YNBFacuN
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1883
Origin: http://witaral.yubit.co.za
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Apr 2025 02:59:19 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 4BtmcEq77b4+uCzpAHW0MsbTZFE498GsQzi+bK0r8wA=$h9JxPvGnctNYt+a/UNozgw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJTYF3JO8Wil6GBPIaEGd4SiYfKe3cKrA1ASbAwPwXBlV4sV4fJOVHpMCgIdDP0YSWgmblc8GeSu5u8WYhea%2BuSKJ%2B%2FPkR8Ftahg4r6GMGrjrZQ3%2FuuSYAEp44JJKd6DijpVLq%2Be"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 935a9570bbf1569b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=2860&min_rtt=2860&rtt_var=1430&sent=2&recv=4&lost=0&retrans=0&sent_bytes=0&recv_bytes=2712&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ | 104.18.94.41 | 200 OK | 28 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ IP104.18.94.41:443
Requested byhttp://witaral.yubit.co.za/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeHTML document, ASCII text, with very long lines (22054) Hash0dfcbe80c88ae34e437633d976d92f10 77679c999f087b8acd68fbe2ff384c35c6950597 cee61274f31695320c57c794a6a577ecf6a0b06ba4e1124b52dba0bdb045c165
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 25 Apr 2025 02:59:19 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-FhMRRwkHRT7qzvTA' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 935a957198995691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| witaral.yubit.co.za/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=935a956e284456bf | 104.21.75.85 | 200 OK | 100 kB |
URL GET witaral.yubit.co.za/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=935a956e284456bf IP104.21.75.85:80
Requested byhttp://witaral.yubit.co.za/
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size100 kB (100546 bytes) Hashcb9c1431d4f620c5c491f4c9acf35268 7da75bd8819b67fa5cb5814d2a71edbbc9438f59 1a6488ed0daea1330f6e887936f7d9c2748223bf726aaada335108790cca8a34
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=935a956e284456bf HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://witaral.yubit.co.za/?__cf_chl_rt_tk=JiDkQuF_YD5BcJOsoe.bePpj2I4yzLXBDd2cUE3Palc-1745549959-1.0.1.1-fmrO6lAsg1eR2ybPl1RQp6DqeLcXtS9EnMtR4fCNWKI
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Apr 2025 02:59:19 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sGaTPqzeyebio0zetplHFoM1o3udkBGa0n485UBlp2ejmmMVEq4JPGCDOwxYavUWwvaDr5I6DDJWeIrtTZXFPtYSJ2B9VEs%2FVpo0qbWnw%2FNP0g17D2FnKBHCYEQ9J4OII1lFMiut"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 935a956efa1eb50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=436&min_rtt=436&rtt_var=218&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=527&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 | 104.18.94.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/7i46b/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 25 Apr 2025 02:59:20 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
priority: u=4,i=?0
server: cloudflare
cf-ray: 935a957228cb5691-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| witaral.yubit.co.za/cdn-cgi/challenge-platform/h/g/flow/ov1/421826255:1745547940:yg2r10gBxHrO0CF3IG5e6ixjYJnLcgBv01ilVgwrXCo/935a956e284456bf/wmg.3Q1dtBTSEFfkB0va2M9lkz3RsJpbZn82lP3add0-1745549959-1.2.1.1-J.PXspWrB4yjgEjHox931jj6VlpKBlzyBDZfLFY07.1HVEgrCD8ii_D_YNBFacuN | 104.21.75.85 | 200 OK | 4.2 kB |
URL POST witaral.yubit.co.za/cdn-cgi/challenge-platform/h/g/flow/ov1/421826255:1745547940:yg2r10gBxHrO0CF3IG5e6ixjYJnLcgBv01ilVgwrXCo/935a956e284456bf/wmg.3Q1dtBTSEFfkB0va2M9lkz3RsJpbZn82lP3add0-1745549959-1.2.1.1-J.PXspWrB4yjgEjHox931jj6VlpKBlzyBDZfLFY07.1HVEgrCD8ii_D_YNBFacuN IP104.21.75.85:80
Requested byhttp://witaral.yubit.co.za/
File typeASCII text, with very long lines (4200), with no line terminators Hash75acc36f9c2af0d8c94495da7daf4010 89c3838ae4ad8892be99cb79e98936b5f44b81ff 208a3ae47e77ed93e9453c3b396714ef8f1b14216c79453c91626a0a9dbced43
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/421826255:1745547940:yg2r10gBxHrO0CF3IG5e6ixjYJnLcgBv01ilVgwrXCo/935a956e284456bf/wmg.3Q1dtBTSEFfkB0va2M9lkz3RsJpbZn82lP3add0-1745549959-1.2.1.1-J.PXspWrB4yjgEjHox931jj6VlpKBlzyBDZfLFY07.1HVEgrCD8ii_D_YNBFacuN HTTP/1.1
Host: witaral.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://witaral.yubit.co.za/
cf-chl: wmg.3Q1dtBTSEFfkB0va2M9lkz3RsJpbZn82lP3add0-1745549959-1.2.1.1-J.PXspWrB4yjgEjHox931jj6VlpKBlzyBDZfLFY07.1HVEgrCD8ii_D_YNBFacuN
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 4169
Origin: http://witaral.yubit.co.za
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Apr 2025 02:59:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: ER3Ope5B8I7YOnvSSIqanxH6VubNs5EGUCgcN29pVRpt2/LzHVYoOQi+nXHV1ba48hDwLHZbXdEpYvj+20uYVg==$sw8l2EcQyhZtwPFsLgWOdA==
cf-chl-out-s: yjpaBCMNRWM4tXBRlc8l2HxPoYJg73SUtRFGMWI/bLouityAPp7V95BXwJrciiDkTsUgSXwPiThUT3IY577lnBq7j/4+/8f99MZYIARfDFaqPkZzfd6nBYwJyVZzPo7rkj10pobcJQQKcvGyVIPHP5iXPg3QdKlFlokx5XxjEFBwm1Mgv9Daj4qw19lO6M7GzALMHjRwBr5vEZ3gYlmxQiFQgwKOzjQ286RgZUFfePpie8kdF/5zvaYboIz3rddd$6JUKpgrb2aaGo3zNf8uVow==
set-cookie: cf_clearance=N8.zypRQ8qDADrQ6ZO_NdnQdCu4Cb25yXU4472hUVxY-1745549970-1.2.1.1-dwFD8DK4kL4zjgmuweE7WDf3xO_MHpajcEdPBf1yRG_TpoOI5J0rEDzVVBU7ZZe8BirtJdT79uKGqqdSUGknaDV4e19wsj7SDd8GVUO9eUFTRG2bgOBvD6xb4lj.pHA1KiGm1.zwBxls0UHTDR5fU1YcT3XPVQ0L2s9LiD7pLMTiAzWCLjixJzALuseA6sOFWzP4HFDRR_F9b16Y7AeirPCQZf8iM7knERuVLP1fHNz1lLX8MwsBcwfhMigAOlOdSLPaPuKiKi6qzvG_dD7MIDgrNMCNROcxsHDytbFJk9wVhOpUyAs0vXktHFZrAI.Od7aVfKLV1aFwF0d41995AFJpoHHKJxheeXoAV1a.ESID_RIDoh5Kwj_fyY.lED1g; HttpOnly; SameSite=Strict; Path=/; Domain=yubit.co.za; Expires=Sat, 25 Apr 2026 02:59:30 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bw0wpSClDmEXkWe1H82Xy4aVsXIfifKhKLbCJn5dkO795bbMmypHWaFkHOsk7oyEjE7NzydX3pVNl6C4nvJgHdvEGl9jph0bee53YSPfA%2BBrGH%2F2bWP10lTG7qYvUh%2BOU%2FAeu17y"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 935a95b4ec9f569b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1301&min_rtt=667&rtt_var=756&sent=15&recv=20&lost=0&retrans=0&sent_bytes=13738&recv_bytes=7710&delivery_rate=17388646&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
0.0.0.0