Report - mygas-vulner.gajnss.cn/mtgalogin/

Report Overview

Visitedpublic

2025-06-25 10:57:48

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
mygas-vulner.gajnss.cn	unknown	2025-03-30	2025-06-24	2025-06-24	2.1 kB	42 kB	104.21.69.84
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-06-18	5.4 kB	607 kB	104.18.94.41

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-25	medium	gajnss.cn	Sinkholed
2025-06-25	medium	gajnss.cn	Sinkholed
2025-06-25	medium	gajnss.cn	Sinkholed
2025-06-25	medium	gajnss.cn	Sinkholed
2025-06-25	medium	gajnss.cn	Sinkholed

ThreatFox

No alerts detected

JavaScript (32)

	URL	From	Size	First Seen	Last Seen
	challenges.cloudflare.com/turnstile/v0/api.js	ScriptElement	49 kB	2025-06-24	2025-07-02
URL challenges.cloudflare.com/turnstile/v0/api.js IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-24 Last Seen 2025-07-02 Times Seen 14261 Size 49 kB (48828 bytes) MD5 cca133e54f2791b0cc3562449fe447b5 SHA1 56b6d37ab92a7098e7a12612a2a6cee54a3c306a SHA256 c50b430d25297399159bfcf9ea12b93cd64200082534a6ee3170defa4d694657 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	ScriptElement	3.2 kB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 3.2 kB (3164 bytes) MD5 c1e0d17fe715e9e723e0fa485b8ab51b SHA1 cead85d731ab1f8970002c65cd3d7ed92b8da516 SHA256 18f796e9b8653d5f9634c8fe6d87dc8e0e3b3e24072e6dd3c062598d510362d9 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	mygas-vulner.gajnss.cn/mtgalogin/	ScriptElement	210 B	2023-03-07	2025-08-02
URL mygas-vulner.gajnss.cn/mtgalogin/ IP / ASN 104.21.69.84 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 161859 Size 210 B (210 bytes) MD5 ab1ac4cf0f484cc9f859c0a7983353e0 SHA1 2da142b1135bd10cdbed4a7353e4483acc30ebe9 SHA256 50e878a18b2b5be7071dc7c10297381bcfcb55f17c27760ee857af9e31133324 Format Code Loading...

	mygas-vulner.gajnss.cn/mtgalogin/	ScriptElement	115 B	2025-04-28	2025-08-02
URL mygas-vulner.gajnss.cn/mtgalogin/ IP / ASN 104.21.69.84 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-04-28 Last Seen 2025-08-02 Times Seen 31794 Size 115 B (115 bytes) MD5 34df99ef0602560c811e58e4711c99e3 SHA1 88dea8841635da3e1130ce19e3718ceb17a95a35 SHA256 18a52fd2cc16c86bcba28796b0e231144f219cc87e049c41d9d378b880a42fba Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 1.3 MB (1337359 bytes) MD5 04c09f4a2a073dfa571e41c3bbe25fbe SHA1 242fa408b282985c9ee2ad8d82f3b34e15241b4b SHA256 934f9092ef88e4cfb2f4c0d2208ed2345b8ef58f43fd06204fd26c483ad96b9e Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 1.3 MB (1337359 bytes) MD5 b9b4046b86d10f695a54998e3da9dd6a SHA1 3b73a187b56948f41a864ea8d80de83b84c55e37 SHA256 4876a2a6e3a58ac89e3c94d1810722fc0ff99fae4253ca4bb7b8104224f7ae73 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.0 kB	2025-03-02	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-03-02 Last Seen 2025-08-02 Times Seen 58723 Size 1.0 kB (1000 bytes) MD5 6934d9d33cd2d0c005994e7d96d2e0d9 SHA1 96d89030c1473585f16ec7a52050b410e44dd332 SHA256 08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 1.3 MB (1337359 bytes) MD5 37fcf57f5f6c34c135da26bd25f9f8b6 SHA1 21063c8557e360ef8ed112bba30598450b009541 SHA256 2b7d6b41469285b22af2e6b7eb7e2d87ff4b08df696ded579804ed1a702cb73d Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 1.3 MB (1337359 bytes) MD5 9a8afc235e6542a0d086361007864235 SHA1 5b18db15de435564c83c7a94f8532a4e3495ea4d SHA256 65013c437f10f53dfb1ed6eb97512ad20a8d61f7fb619bb227c750356b72f838 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 1.3 MB (1337359 bytes) MD5 db1dbc3ed577e035ccdf5b8eb7bcbb03 SHA1 af19785e378f707268cb820cd82180156b8e1324 SHA256 ed95a63c797e86f6c23f49e41121956e3a4538b9b793c89ee9a8aaf07d4913f0 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 1.3 MB (1337359 bytes) MD5 d15ad4b7b396423398e9d50afff141db SHA1 e76d209e17910172ed52e82ee3365e284aaa79b4 SHA256 25bdd392ce2cfeb13720030235d719134501d8712f08808df2eff98111b40887 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 1.3 MB (1337359 bytes) MD5 1f9677d48ef056ba5d1d924d9eae818e SHA1 62ae314f83756f4c69058aebb437717dea4d13c9 SHA256 c38525919f83268db8ac9f4322c6321604d64e8e7894542e2845bf859d8603dc Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	mygas-vulner.gajnss.cn/mtgalogin/	ScriptElement	375 B	2023-03-07	2025-08-02
URL mygas-vulner.gajnss.cn/mtgalogin/ IP / ASN 104.21.69.84 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 167766 Size 375 B (375 bytes) MD5 56df91490fa1984fa82b297dcb23c22d SHA1 2050f127b73f50d21eb9b0a2a3f2aea7d4372ba9 SHA256 275407540ae2d5516300e4027ce994e1c97f958d464e137d0fff116d7acf0f24 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 1.3 MB (1337359 bytes) MD5 7a50571d32032b3bebe33427406c5bb0 SHA1 da3b69f466542a3994e2f139ef9a48ecbd10cc3f SHA256 a9085406947232c6682e0dbbe8f9db1eee4dd846ca1147ac3b3e0636e4ec5c29 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 1.3 MB (1337359 bytes) MD5 a368d719d4cbfebc4f8e69093b939c0c SHA1 0fc08617f2dfdd876fe2d1ed86f6c4367d2e80d0 SHA256 8b77d2f6c9742998956cbe398bfea49b161aad3af4ecdadc44e9e7aff35a89bc Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 1.3 MB (1337359 bytes) MD5 00a66252eecefe6ca44156c2124f3ddb SHA1 620e2eb0c113ec53940866ddc806ebf7928028bd SHA256 fc9794c31f016ecdc8ceae65128229a77b88b9da49483ed21644ce6cd4c8f65f Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9553f19e7f74568b&lang=auto	ScriptElement	150 kB	2025-06-25	2025-06-25
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9553f19e7f74568b&lang=auto IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-25 Last Seen 2025-06-25 Times Seen 1 Size 150 kB (149876 bytes) MD5 4fea2e30e3ad289ab58925232aa8e79b SHA1 b5b3067b9fcdc7515bd8d15726de50079459663f SHA256 294f5e9df11f64f7f7502feb3f9c0d2b31499854e90aca644081a40fdadf082e Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 441662 Size 4 B (4 bytes) MD5 9e925e9341b490bfd3b4c4ca3b0c1ef2 SHA1 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae SHA256 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Format Code Loading...

	mygas-vulner.gajnss.cn/mtgalogin/	ScriptElement	46 B	2025-03-04	2025-08-02
URL mygas-vulner.gajnss.cn/mtgalogin/ IP / ASN 104.21.69.84 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-03-04 Last Seen 2025-08-02 Times Seen 39538 Size 46 B (46 bytes) MD5 16f6161217e242dffadf4241d174abcc SHA1 304832d02caf7b8a45ea29c321993d7eba48be67 SHA256 390eefa5af21228aaab4bb7eb68043b2468a645b3c861aaba17b226cc8c05d95 Format Code Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/	Eval	1.0 kB	2025-03-02	2025-08-02
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ IP / ASN 104.18.94.41 #13335 CLOUDFLARENET Introduced by Eval Embedded false Resource Info First Seen 2025-03-02 Last Seen 2025-08-02 Times Seen 58723 Size 1.0 kB (1000 bytes) MD5 6934d9d33cd2d0c005994e7d96d2e0d9 SHA1 96d89030c1473585f16ec7a52050b410e44dd332 SHA256 08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952 Format Code Loading...

	HASH	FROM	Size	First Seen	Last Seen
	086707e4369f60afedcafb16050a7618	DocumentWrite	39 B	2023-03-07	2025-08-02
Introduced by DocumentWrite First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 129322 Size 39 B (39 bytes) MD5 086707e4369f60afedcafb16050a7618 SHA1 8216b0cc6876cbd44f01c158e7dff3833ceccd41 SHA256 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Format Code Loading...

HTTP Transactions (13)

URL IP Response Size

GET mygas-vulner.gajnss.cn/cdn-cgi/images/icon-exclamation.png?1376755637

104.21.69.84

200 OK

452 B

URL

mygas-vulner.gajnss.cn/cdn-cgi/images/icon-exclamation.png?1376755637

IP / ASN

104.21.69.84

#13335 CLOUDFLARENET

Requested byhttp://mygas-vulner.gajnss.cn/mtgalogin/

Resource Info

File typePNG image data, 54 x 54, 8-bit colormap, non-interlaced

First Seen2023-04-12

Last Seen2025-08-02

Times Seen200617

Size452 B (452 bytes)

MD5c33de66281e933259772399d10a6afe8

SHA1b9f9d500f8814381451011d4dcf59cd2d90ad94f

SHA256f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
Host: mygas-vulner.gajnss.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mygas-vulner.gajnss.cn/cdn-cgi/styles/cf.errors.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 25 Jun 2025 10:57:24 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=5pW52u%2FzvZUhZhsDiwRGW64ADmPcJRQMlw8tcI%2F%2BJCSxia08ZD%2BBTsA7OhBHC5iupwYbVhkl%2F2dyNUzk1LTg7RbBSjn8HJEJsMJfnk3PD77E4sLU"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
CF-RAY: 9553f19d3f24568d-OSL

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/

104.18.94.41

200 OK

26 kB

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttp://mygas-vulner.gajnss.cn/mtgalogin/

Resource Info

File typeHTML document, ASCII text, with very long lines (26510), with no line terminators

First Seen2025-06-25

Last Seen2025-06-25

Times Seen1

Size26 kB (26510 bytes)

MD577552bdc7c19e1fb2d2dc769c64aaf3e

SHA1e0259a25d9ad052f0b18b8d58e9e2999c2119424

SHA25643d815a8d426a23d1629c2aa8c39e5f415a443c276d767d02c373ca08b04f5ab

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C

ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mygas-vulner.gajnss.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 25 Jun 2025 10:57:24 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-nuJQU6UaBVLsDL7j' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 9553f19e7f74568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET mygas-vulner.gajnss.cn/favicon.ico

104.21.69.84

403 Forbidden

4.5 kB

URL

mygas-vulner.gajnss.cn/favicon.ico

IP / ASN

104.21.69.84

#13335 CLOUDFLARENET

Requested byhttp://mygas-vulner.gajnss.cn/mtgalogin/

Resource Info

File typeHTML document, ASCII text, with very long lines (396)

First Seen2025-06-25

Last Seen2025-06-25

Times Seen1

Size4.5 kB (4543 bytes)

MD5fd73f4c03799efdd831bb8a6d3495cae

SHA13437a068dec868b967572e96dcc775e8e428a11d

SHA256a9a275f4a1a66ee1da5ce9bfd5cb8c9aa8f1fbaec2e8bd690407150673d2634b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mygas-vulner.gajnss.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mygas-vulner.gajnss.cn/mtgalogin/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 25 Jun 2025 10:57:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jJ3lQS2UQFsiP0F81UpYD47Ohw5%2B9ipTaZ%2BWHZjWrknYxgvaHmf37gkzckmc1a5ee1E7UDv129sPW2%2Fvd05V2oBI%2B75YvfVWl6GJhphQOQH80en%2B"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Content-Encoding: gzip
Server: cloudflare
CF-RAY: 9553f19e3842568d-OSL
alt-svc: h2=":443"; ma=60

POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1124974599:1750846834:LMHH7dMI2FMyaOYyV_xrunwac4f_q3H09PZFkx3olc8/9553f19e7f74568b/m8u_sNW5eSbh_FMbBvLjxZwmWLJXCXPxAe748topEJ0-1750849044-1.2.1.1-px.KxPJ0rU7Em5Lvn27_rViL51NmUTobMuNF3WQM.xvadyhLqtzJPqluduwVhZar

104.18.94.41

200 OK

298 kB

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1124974599:1750846834:LMHH7dMI2FMyaOYyV_xrunwac4f_q3H09PZFkx3olc8/9553f19e7f74568b/m8u_sNW5eSbh_FMbBvLjxZwmWLJXCXPxAe748topEJ0-1750849044-1.2.1.1-px.KxPJ0rU7Em5Lvn27_rViL51NmUTobMuNF3WQM.xvadyhLqtzJPqluduwVhZar

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/

Resource Info

File typeASCII text, with very long lines (65536), with no line terminators

First Seen2025-06-25

Last Seen2025-06-25

Times Seen1

Size298 kB (298348 bytes)

MD5f7115f9658e8b648ffb5508af8d032a6

SHA1d9f692020ae74f1274d23fb812954d0ca7a4e67e

SHA256e48da49ce5ced5e38d880c6464d9efd9a6e401a233392441902d08abddf3e580

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C

ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1124974599:1750846834:LMHH7dMI2FMyaOYyV_xrunwac4f_q3H09PZFkx3olc8/9553f19e7f74568b/m8u_sNW5eSbh_FMbBvLjxZwmWLJXCXPxAe748topEJ0-1750849044-1.2.1.1-px.KxPJ0rU7Em5Lvn27_rViL51NmUTobMuNF3WQM.xvadyhLqtzJPqluduwVhZar HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
cf-chl: m8u_sNW5eSbh_FMbBvLjxZwmWLJXCXPxAe748topEJ0-1750849044-1.2.1.1-px.KxPJ0rU7Em5Lvn27_rViL51NmUTobMuNF3WQM.xvadyhLqtzJPqluduwVhZar
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3340
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 25 Jun 2025 10:57:25 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 228a9xmmKVv/wB0vcfr2+1i11gOnnFhaanToHNx/Cmk07RhEOm6DWkk7OWojeIPeoJS+ZbTCCeP9PSWV0BPOoF0xEPGZB+3BqEKuW0TPDQE3CGo59G/XwfRaNTq8sSP9jUh4urF6rwl6XwkZRIqL7Huz6p5QbynW44qipgr9EXIdRx4H1tXVtrgtPohfRYlDy+A8LITf1dpSuS4f77LqQg/B1P9XSkG+aUUfob6O1jWu069M3t+Jx2QMf9QVEnP7omkMmYs6MBFpna9f1A3m5jdTxLXflKz0EbEY4IdtnyjnBLY7ImHqSXvoU6ihdnoa0beeC4hzvBT9WtkYtNXdyZcYZXpmiPQ76Rqwm8DF55RUUIRVv5oZrS7P5BGY0xlBePsaZiNQMfF9g1ofLfRvER2dN0BYrIKwIGZNtCLwlHOnckzh8s3gtCLfVsoxVKVhjXU/xJW5klRKddtAH/P8QR5F04BpLTlIzQS6n67qNWce4Gzt569rWRZr+Yy6XnCjTbIoyMY6CVW9yqdYYm4kIdVbpxrhnP3rxdfqcBb5REcqMS1MjS5dkZ2gHP/Yg2lYspj/zW6MHBW6dt+phvfizeBlnspdSgoKZSXN3pqisL53VGVM+abqipAy3ljbbuOXXPqsrlhHiFZZCD7CBj2c/6jGSa70UWt/GiF8EKyEd2BDouKT18EmuU18CbauIVx3ckBn5PcJEs6jSyFI+ShbWFncDm5mVK0sbpa0Wccul01k499pcIMiUNIPDq7MDTaLhSzxjZEB2C0Mnnd5XryTMOz715hKCTZWoEguuZ4T4Qk=$WDpgDCNcURRDM0uueHUlOg==
priority: u=3,i=?0
server: cloudflare
cf-ray: 9553f1a36ff9568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/9553f19e7f74568b/1750849045037/2j8-bhxpJMHtbGC

104.18.94.41

200 OK

335 B

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/9553f19e7f74568b/1750849045037/2j8-bhxpJMHtbGC

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/

Resource Info

File typePNG image data, 70 x 53, 8-bit/color RGBA, non-interlaced

First Seen2025-06-08

Last Seen2025-07-29

Times Seen29

Size335 B (335 bytes)

MD5afafd62dc5333d7ac5dbfbc72c07fcbf

SHA134b89bc0028d00e442d171a1df0e83019c98312e

SHA25684dbb789ae3494183245611ada410c5c4a38807ea1d776f3e4494ae73f7c536d

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C

ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/d/9553f19e7f74568b/1750849045037/2j8-bhxpJMHtbGC HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 25 Jun 2025 10:57:31 GMT
content-type: image/png
content-length: 335
priority: u=4,i=?0
server: cloudflare
cf-ray: 9553f1cabfa7568b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

104.18.94.41

200 OK

29 kB

URL

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/

Resource Info

File typeASCII text, with very long lines (29432), with no line terminators

First Seen2025-06-25

Last Seen2025-06-25

Times Seen1

Size29 kB (29432 bytes)

MD53a3d4cdc2f6b4eeef53a5fa1f3f5c250

SHA1d25c97d6d2b8223c925cd4a6464e9143d5f5e3ed

SHA2567e094b8959f2b84bf2c5fbd7d3d63938c1db038b989ac4c4fdae16b4fce3e0a4

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C

ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1124974599:1750846834:LMHH7dMI2FMyaOYyV_xrunwac4f_q3H09PZFkx3olc8/9553f19e7f74568b/m8u_sNW5eSbh_FMbBvLjxZwmWLJXCXPxAe748topEJ0-1750849044-1.2.1.1-px.KxPJ0rU7Em5Lvn27_rViL51NmUTobMuNF3WQM.xvadyhLqtzJPqluduwVhZar HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
cf-chl: m8u_sNW5eSbh_FMbBvLjxZwmWLJXCXPxAe748topEJ0-1750849044-1.2.1.1-px.KxPJ0rU7Em5Lvn27_rViL51NmUTobMuNF3WQM.xvadyhLqtzJPqluduwVhZar
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 34519
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 25 Jun 2025 10:57:37 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: RFHUS7j85JTOFVntpYebqAZxuCg6k94CtbdM1KMAvseKSo07cy9F9ZsWpl8LgF2S$i1eCa9Ybx6yLCVtJl0V3EA==
priority: u=3,i=?0
server: cloudflare
cf-ray: 9553f1ef1c38568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET mygas-vulner.gajnss.cn/mtgalogin/

104.21.69.84

403 Forbidden

5.0 kB

URL

mygas-vulner.gajnss.cn/mtgalogin/

IP / ASN

104.21.69.84

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (396)

First Seen2025-06-25

Last Seen2025-06-25

Times Seen1

Size5.0 kB (5003 bytes)

MD58ab8f91f141ca87b5d642ef93baa2e6a

SHA12820548fa0a1aea28adc047bfdb9710e382327d5

SHA256df2b0ca9b8be1847845bf52a82cc731aa6f49c9327634288dce7bd6c8a2c4547

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mtgalogin/ HTTP/1.1
Host: mygas-vulner.gajnss.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 25 Jun 2025 10:57:23 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=EIe30pYqALOX3wtOziFtKXiDe8ysotI3U4h9jcPRw44ysATN33Q3%2B0kWJzl2j54QP9lugl%2FLl6luQa3obpLhYevz5Q6yexoZ9X2%2BAZ9ZjCeJuUT1"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Content-Encoding: gzip
Server: cloudflare
CF-RAY: 9553f19b3c93568d-OSL
alt-svc: h2=":443"; ma=60

GET challenges.cloudflare.com/turnstile/v0/api.js

104.18.94.41

302 Found

49 kB

URL

challenges.cloudflare.com/turnstile/v0/api.js

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttp://mygas-vulner.gajnss.cn/mtgalogin/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5607222

Size49 kB (48828 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C

ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mygas-vulner.gajnss.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 25 Jun 2025 10:57:23 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/07af8245c728/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 9553f19cd97356b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/turnstile/v0/b/07af8245c728/api.js

104.18.94.41

200 OK

49 kB

URL

challenges.cloudflare.com/turnstile/v0/b/07af8245c728/api.js

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttp://mygas-vulner.gajnss.cn/mtgalogin/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (48827)

First Seen2025-06-24

Last Seen2025-07-02

Times Seen14261

Size49 kB (48828 bytes)

MD5cca133e54f2791b0cc3562449fe447b5

SHA156b6d37ab92a7098e7a12612a2a6cee54a3c306a

SHA256c50b430d25297399159bfcf9ea12b93cd64200082534a6ee3170defa4d694657

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C

ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

HTTP Headers

GET /turnstile/v0/b/07af8245c728/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mygas-vulner.gajnss.cn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 25 Jun 2025 10:57:24 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 19 Jun 2025 22:00:39 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
priority: u=3,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 9553f19d4db5568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1

104.18.94.41

200 OK

86 B

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/

Resource Info

File typePNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced

First Seen2025-05-13

Last Seen2025-08-02

Times Seen70912

Size86 B (86 bytes)

MD570c202196187ab3c11b4e094c20c6de1

SHA19c52b959e74aee9d79cbc9f35d1f9f65a3b8c863

SHA2566255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C

ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 25 Jun 2025 10:57:24 GMT
content-type: image/png
content-length: 86
priority: u=4,i=?0
server: cloudflare
cf-ray: 9553f19fd9d2568b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9553f19e7f74568b&lang=auto

104.18.94.41

200 OK

150 kB

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9553f19e7f74568b&lang=auto

IP / ASN

104.18.94.41

#13335 CLOUDFLARENET

Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/

Resource Info

File typeASCII text, with very long lines (65536), with no line terminators

First Seen2025-06-25

Last Seen2025-06-25

Times Seen1

Size150 kB (149876 bytes)

MD54fea2e30e3ad289ab58925232aa8e79b

SHA1b5b3067b9fcdc7515bd8d15726de50079459663f

SHA256294f5e9df11f64f7f7502feb3f9c0d2b31499854e90aca644081a40fdadf082e

Certificate Info

IssuerGoogle Trust Services

Subjectchallenges.cloudflare.com

Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C

ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9553f19e7f74568b&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/1uplq/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 25 Jun 2025 10:57:24 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 9553f1a00a04568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET mygas-vulner.gajnss.cn/mtgalogin/

172.67.206.134

403 Forbidden

5.0 kB

URL

mygas-vulner.gajnss.cn/mtgalogin/

IP / ASN

172.67.206.134

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (396)

First Seen2025-06-25

Last Seen2025-06-25

Times Seen1

Size5.0 kB (5003 bytes)

MD5a711b9c63ae98f632cf524cba01d4c89

SHA19a1a8a5189588a86d241ca5922ac4807b62d56a3

SHA25695cf89fb95140f13b683587ede6ffb4bb896d3a9778089b240bf6a18ea42abe4

Certificate Info

IssuerGoogle Trust Services

Subjectgajnss.cn

FingerprintA4:BA:85:E0:5A:8F:83:7A:6A:5A:0F:77:1B:4B:42:6C:46:2B:CA:0F

ValidityThu, 29 May 2025 16:19:49 GMT - Wed, 27 Aug 2025 17:16:55 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mtgalogin/ HTTP/1.1
Host: mygas-vulner.gajnss.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Wed, 25 Jun 2025 10:57:23 GMT
content-type: text/html; charset=utf-8
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2TGHhR%2B6iFNavShEEznRAKBddN6cj2MG%2F7TsOZuySbIbdXZvUGsxmCm6kyMXAWVfjRIAlzwnSJGAJ4IEtNtK2R4StsdOh0rBTjFC7MfCTtJDuatB"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
server: cloudflare
cf-ray: 9553f19a4a9956b4-OSL
X-Firefox-Spdy: h2

GET mygas-vulner.gajnss.cn/cdn-cgi/styles/cf.errors.css

104.21.69.84

200 OK

24 kB

URL

mygas-vulner.gajnss.cn/cdn-cgi/styles/cf.errors.css

IP / ASN

104.21.69.84

#13335 CLOUDFLARENET

Requested byhttp://mygas-vulner.gajnss.cn/mtgalogin/

Resource Info

File typeASCII text, with very long lines (24050)

First Seen0001-01-01

Last Seen2025-08-02

Times Seen229583

Size24 kB (24051 bytes)

MD55e8c69a459a691b5d1b9be442332c87d

SHA1f24dd1ad7c9080575d92a9a9a2c42620725ef836

SHA25684e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: mygas-vulner.gajnss.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mygas-vulner.gajnss.cn/mtgalogin/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 25 Jun 2025 10:57:23 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jz%2FEoXbvy79ccHnl1qXgYvJqKyu%2BrhFqAr%2FBP5nKacEdu0EXTiC23KImGjNV66ECHPElK28sPnEGWVkvvqHQHRhY6jwLZzgCB6MzMfjk4v1udyxB"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Content-Encoding: gzip
Server: cloudflare
CF-RAY: 9553f19cae4e568d-OSL