Report - www.google.com.vn/url?q=IEQBZO82U018ETYNCV6WTYH64K0BD9FgQiApLjODz3yh4nNeW8uuQi&rct=33c3b9c7c7e6bac970407bbc91ed435ewDnNeW8yycT&sa=t&esrc=nTgV8F33c3b9c7c7e6bac970407bbc91ed435eA0xys8Em2FL&source=&cd=tS6T833c3b9c7c7e6bac970407bbc91ed435eTiw9XH&cad=JxWzDfBP33c3b9c7c7e6bac970407bbc91ed435eVS0Y&ved=xjnktlqryYWwVTDrgvK&uact=&url=amp/technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA==

Report Overview

Visited public
2025-01-15 00:21:14
Tags
suspicious
URL
www.google.com.vn/url?q=IEQBZO82U018ETYNCV6WTYH64K0BD9FgQiApLjODz3yh4nNeW8uuQi&rct=33c3b9c7c7e6bac970407bbc91ed435ewDnNeW8yycT&sa=t&esrc=nTgV8F33c3b9c7c7e6bac970407bbc91ed435eA0xys8Em2FL&source=&cd=tS6T833c3b9c7c7e6bac970407bbc91ed435eTiw9XH&cad=JxWzDfBP33c3b9c7c7e6bac970407bbc91ed435eVS0Y&ved=xjnktlqryYWwVTDrgvK&uact=&url=amp/technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA==
Finishing URL
r.bitualicar.ru/2Q5WxE/#dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA==
IP / ASN
142.250.74.163
#15169 GOOGLE
Title
Suspicious - Anti-debugging code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r.bitualicar.ru	unknown	2025-01-09	2025-01-14	2025-01-14	2.1 kB	35 kB	104.21.86.91
www.google.com.vn	6182	unknown	2012-05-21	2025-01-14	1.8 kB	2.5 kB	142.250.178.67
technicdude.in	unknown	2021-06-27	2021-08-04	2024-09-20	456 B	267 B	185.221.216.102
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-01-08	2.7 kB	189 kB	104.18.94.41
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-01-08	437 B	15 kB	104.17.24.14
code.jquery.com	634	2005-12-10	2012-05-21	2025-01-08	409 B	32 kB	151.101.2.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	r.bitualicar.ru/2Q5WxE/#dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA==	ScriptElement	20 kB	2025-01-15	2025-01-15
Pretty URL r.bitualicar.ru/2Q5WxE/#dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-15 00:21 Last Seen2025-01-15 00:21 Times Seen1 Hash 86f7abef08570aa11337faa99ea4d1af 302d5255a6c57c8e599d2ab24ef74a4756edb82e ca68d1753976b54c4773649bfbf556467442275b32e1f5e96218ee57f1032b23 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	ScriptElement	48 kB	2025-01-09	2025-01-16
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-09 12:16 Last Seen2025-01-16 18:32 Times Seen6431 Hash 7c92ec9d1395055ce0405a32607c7291 4ef0060484503e7a3d005254484d5a7facf42f27 a0ddae0fb79c4a4a66d8613157a0703771fa9be1a75790fccf5eeebaa329788b Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	ScriptElement	48 kB	2023-03-07	2025-05-12
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-05-12 04:15 Times Seen92768 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	unknown	ScriptElement	1.5 kB	2025-01-15	2025-01-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-15 00:21 Last Seen2025-01-15 00:21 Times Seen1 Hash 4ad07189742151a5d5ab51359bc9f4ef fa73e374a9379a7a210acf7ebb0cc913b2783157 cbaf991fc86fb266428003e80ddd5c6626dcc10496be3026bea3b7596b20eb34 Loading...

	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-05-12
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-12 04:15 Times Seen205946 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	unknown	ScriptElement	1.6 kB	2025-01-15	2025-01-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-15 00:21 Last Seen2025-01-15 00:21 Times Seen1 Hash 6acb3957b1151e7fed6b03ed364f97aa cb5051bb1c692bcb411ab26fe6a797bde61e4478 eaef64e22f8899654d6ac36fdf8503ce58e0695d58b96092e5a4297b5e52b7c2 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/zm1ay/0x4AAAAAAA5Dtl6jm2_BdC5F/auto/fbE/normal/auto/	ScriptElement	3.7 kB	2025-01-15	2025-01-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/zm1ay/0x4AAAAAAA5Dtl6jm2_BdC5F/auto/fbE/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-15 00:21 Last Seen2025-01-15 00:21 Times Seen1 Hash e66c7b3e4c509f2c68e429f040f82ca2 647fba2af4ae9e17b1c73ae9dddb65b0c831e1d4 2bf401feb8a87dd265c7b523132113f4f3aaafc26de2fb3fcd6e7edd7140b685 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9021b3c4de5b5695&lang=auto	ScriptElement	112 kB	2025-01-15	2025-01-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9021b3c4de5b5695&lang=auto IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-15 00:21 Last Seen2025-01-15 00:21 Times Seen1 Hash 0db7424d584ac3fea69847c690752831 3fdb3dd4c0280a2d004aacde7bbd2ef8a8c427ed 0de98270091cd4218d8724d1341b7680eac2b611a8e16ed72f4dea71e9acc138 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-05-12 04:15
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-12 04:15 Times Seen369149 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

		Size	First Seen	Last Seen
	#1 Write - e03b814b240687b441ebc86cc18a4e55	5.6 kB	2025-01-15 00:21	2025-01-15 00:21
Pretty Observations First Seen2025-01-15 00:21 Last Seen2025-01-15 00:21 Times Seen1 Hash e03b814b240687b441ebc86cc18a4e55 71c60f277d3117d1bb3c02488143dc5d4a854d16 90f1c2c8e971219896a0fd395253235620511db8e1bdcd654fd49d06659bb3c5 Loading...

HTTP Transactions (13)

	URL	IP	Response	Size
	www.google.com.vn/url?q=IEQBZO82U018ETYNCV6WTYH64K0BD9FgQiApLjODz3yh4nNeW8uuQi&rct=33c3b9c7c7e6bac970407bbc91ed435ewDnNeW8yycT&sa=t&esrc=nTgV8F33c3b9c7c7e6bac970407bbc91ed435eA0xys8Em2FL&source=&cd=tS6T833c3b9c7c7e6bac970407bbc91ed435eTiw9XH&cad=JxWzDfBP33c3b9c7c7e6bac970407bbc91ed435eVS0Y&ved=xjnktlqryYWwVTDrgvK&uact=&url=amp/technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA==	142.250.178.67	302 Found	313 B
URL www.google.com.vn/url?q=IEQBZO82U018ETYNCV6WTYH64K0BD9FgQiApLjODz3yh4nNeW8uuQi&rct=33c3b9c7c7e6bac970407bbc91ed435ewDnNeW8yycT&sa=t&esrc=nTgV8F33c3b9c7c7e6bac970407bbc91ed435eA0xys8Em2FL&source=&cd=tS6T833c3b9c7c7e6bac970407bbc91ed435eTiw9XH&cad=JxWzDfBP33c3b9c7c7e6bac970407bbc91ed435eVS0Y&ved=xjnktlqryYWwVTDrgvK&uact=&url=amp/technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== IP 142.250.178.67:0 ASN #15169 GOOGLE File type HTML document, ASCII text, with CRLF, LF line terminators Size 313 B (313 bytes) Hash e484f8e5c5b6a56f1ce89e46abd5b516 2816ff32102870d6808c45218d459f326ece9a65 5f201e6bc72866f9ad8b28df9e970cffea42e7c11d5e0c8c04730590027f7948 HTTP Headers GET /url?q=IEQBZO82U018ETYNCV6WTYH64K0BD9FgQiApLjODz3yh4nNeW8uuQi&rct=33c3b9c7c7e6bac970407bbc91ed435ewDnNeW8yycT&sa=t&esrc=nTgV8F33c3b9c7c7e6bac970407bbc91ed435eA0xys8Em2FL&source=&cd=tS6T833c3b9c7c7e6bac970407bbc91ed435eTiw9XH&cad=JxWzDfBP33c3b9c7c7e6bac970407bbc91ed435eVS0Y&ved=xjnktlqryYWwVTDrgvK&uact=&url=amp/technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== HTTP/1.1 Host: www.google.com.vn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found location: https://www.google.com.vn/amp/technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== cache-control: private content-type: text/html; charset=UTF-8 strict-transport-security: max-age=31536000 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-bj00wqPBVT6sBZQnQX61GQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Wed, 15 Jan 2025 00:20:48 GMT server: gws content-length: 313 x-xss-protection: 0 set-cookie: __Secure-ENID=25.SE=ZhFwbc2n5hOs5rSxMGj5a5lixblKg78uMsdYj9s5j84src2WdE9fMbKCt6cbpMN_EjyLgI4cYF2zNcHMguQ8jkj59_0NjHJznyS00AvX2jAvwQ88It7K08B_z65VIldENisb_jx_6VJsqw3yOAeK8VLismt2mbvUDma0t-32-rdevNrkW1hWCo2oq5I6nhhQOTiJ8QdmCnQ4GXMtK8D_OB2_i_cGyagXiIIJKNrjaC4; expires=Sat, 14-Feb-2026 16:39:06 GMT; path=/; domain=.google.com.vn; Secure; HttpOnly; SameSite=lax alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com.vn/amp/technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA==	142.250.178.67	302 Found	290 B
URL www.google.com.vn/amp/technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== IP 142.250.178.67:0 ASN #15169 GOOGLE File type HTML document, ASCII text, with CRLF, LF line terminators Size 290 B (290 bytes) Hash 877cd15210063a5bb23b6fc73eafc88a ea13d865a4a352523efd86ce940932dd1ff27c85 90111618ac705c7e19a5a95bb43d1f8adda1aaca562486e1dc6e664fcaa1f731 HTTP Headers GET /amp/technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== HTTP/1.1 Host: www.google.com.vn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=25.SE=ZhFwbc2n5hOs5rSxMGj5a5lixblKg78uMsdYj9s5j84src2WdE9fMbKCt6cbpMN_EjyLgI4cYF2zNcHMguQ8jkj59_0NjHJznyS00AvX2jAvwQ88It7K08B_z65VIldENisb_jx_6VJsqw3yOAeK8VLismt2mbvUDma0t-32-rdevNrkW1hWCo2oq5I6nhhQOTiJ8QdmCnQ4GXMtK8D_OB2_i_cGyagXiIIJKNrjaC4 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 302 Found location: http://technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== cache-control: private x-robots-tag: noindex content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-kIrI1jV2w6zDij8KQt1x3A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]} date: Wed, 15 Jan 2025 00:20:48 GMT server: gws content-length: 290 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA==	185.221.216.102	200 OK	0 B
URL technicdude.in/opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== IP 185.221.216.102:0 ASN #393960 HOST4GEEKS-LLC File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /opuyc/33c3b9c7c7e6bac970407bbc91ed435e/dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== HTTP/1.1 Host: technicdude.in User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 00:20:49 GMT Server: Apache Refresh: 0; url=https://r.bitualicar.ru/2Q5WxE/#dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8`

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	104.18.94.41	302 Found	0 B
URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://r.bitualicar.ru/2Q5WxE/#dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintEF:AE:47:10:51:72:52:24:8B:84:F7:18:BC:91:3D:8F:CC:64:29:8D ValidityWed, 01 Jan 2025 16:48:17 GMT - Tue, 01 Apr 2025 17:48:13 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /turnstile/v0/api.js?render=explicit HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://r.bitualicar.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Wed, 15 Jan 2025 00:20:49 GMT content-length: 0 access-control-allow-origin: * cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public cross-origin-resource-policy: cross-origin location: /turnstile/v0/b/e0c90b6a3ed1/api.js vary: Accept-Encoding server: cloudflare cf-ray: 9021b3c38d9d56ca-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	104.17.24.14	200 OK	14 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://r.bitualicar.ru/2Q5WxE/#dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== Certificate IssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02 ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT File type JavaScript source, ASCII text, with very long lines (48316), with no line terminators Size 14 kB (13972 bytes) Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 HTTP Headers `GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://r.bitualicar.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 15 Jan 2025 00:20:49 GMT content-type: application/javascript; charset=utf-8 content-length: 13972 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "61182885-3694" last-modified: Sat, 14 Aug 2021 20:33:09 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 37159 expires: Mon, 05 Jan 2026 00:20:49 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWRLvQBPcLuiPTCtVdQOgP%2BGrqgCvNMlFHaaFyl%2Bg8p7p8LMVmzFbgICQo6N3NHN9n9nUs3mSa3rP%2BNBM6nZ0J01g5q9VWZJFST%2BHQ5mK4XSAvahawD4Eb9YJ8weV7NAnN2dK5Bh"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 9021b3c38e1cb51b-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	code.jquery.com/jquery-3.6.0.min.js	151.101.2.137	200 OK	31 kB
URL GET HTTP/2 code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137:443 ASN #54113 FASTLY Requested by https://r.bitualicar.ru/2Q5WxE/#dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== Certificate IssuerSectigo Limited Subject.jquery.com FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5 ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65447) Size 31 kB (30875 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /jquery-3.6.0.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://r.bitualicar.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-15d9d" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * cross-origin-resource-policy: cross-origin content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Wed, 15 Jan 2025 00:20:49 GMT age: 653984 x-served-by: cache-lga21931-LGA, cache-hel1410024-HEL x-cache: HIT, HIT x-cache-hits: 71, 51483 x-timer: S1736900450.915329,VS0,VE0 vary: Accept-Encoding content-length: 30875 X-Firefox-Spdy: h2

	r.bitualicar.ru/favicon.ico	104.21.86.91	404 Not Found	64 B
URL GET HTTP/3 r.bitualicar.ru/favicon.ico IP 104.21.86.91:443 ASN #13335 CLOUDFLARENET Requested by https://r.bitualicar.ru/2Q5WxE/#dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== Certificate IssuerGoogle Trust Services Subjectbitualicar.ru Fingerprint5E:C7:63:4A:2A:56:CD:7B:C7:34:F7:80:41:63:9D:7E:52:51:1F:F6 ValidityThu, 09 Jan 2025 18:31:19 GMT - Wed, 09 Apr 2025 19:28:31 GMT File type data Size 64 B (64 bytes) Hash 2c3dd3d4a9bc9d1ffdf125e8439a3c00 a9b83cd7e27c23a420c3f56107ce51368e4662cb 0d68a8110cb0daf3c313fce8c1e3b950e49ed0d27fe4403f708734c3af15003d HTTP Headers GET /favicon.ico HTTP/1.1 Host: r.bitualicar.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://r.bitualicar.ru/2Q5WxE/ Cookie: XSRF-TOKEN=eyJpdiI6IjVEaXovWVFscFVlM0xtdGRJeUlVRlE9PSIsInZhbHVlIjoiMm9xOG5iWkhNV2tKaHFpa0c2MkFLQWRQMTJ6bDBVQTFmNG52S1paRC90d2N2QW1JZmthQUVpNEl4ZkUzRnlnRGJWcDZLbTA3WW9MN1IxV3Y4YWJOWVZxcWZ0SXVNc1d2UDlpWllKVUFNZVdlK3pjeEtrVUcvRGZaS0VGbTFRZFIiLCJtYWMiOiIxNjEyY2QzMGRiMjI4ZjVmYTc0NGYzZDVmNmQyZDdhYTFiYjFkY2NhMzIwZmNjODNiYTNmOGM1ZDFjN2Q5ZmFlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNoaGxVVnVFS0FVVEdZeEd6eS9makE9PSIsInZhbHVlIjoiT094YnJsNCtMcWtjM3VremdOcWk4ODVxeW9PcG1LU1hEcW15MWF6YWxOaU1paGs5aWpzRldrdS84Qk9vRjIxTVI4OTJOWm9nK2kyMU8zNFhKSWpta3RzZUVvWHM5UW9ERFFqZVVMYjFWaFh5M1hYZ3RPTFRnT2VBREp4WjFoRnAiLCJtYWMiOiI0MjkwYmQxNWU4MTFmYmU3Yzc1ZDhiZmFkMTgyYTk0YTM1OTMyNjUxNDM2MWQ4NjljOTY2ZDE1NDc3M2QzZWI5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 404 Not Found date: Wed, 15 Jan 2025 00:20:50 GMT content-type: text/html; charset=UTF-8 cache-control: max-age=14400 age: 7213 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2BTcqTkE%2Bno2qOxPu2IfPX0iCTj8YB5Le7cW%2FUTGqsqZPeNJGzoXARxrVLSht%2FyzMl170j8bF10gR3bgQ7JfF%2BkNA69cfSr931Q5%2FgDuhe%2BcJK%2B5fXnKJBdfbO85%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 cf-cache-status: HIT priority: u=6,i=?0 server: cloudflare cf-ray: 9021b3c50877568f-OSL content-encoding: br server-timing: cfL4;desc="?proto=TCP&rtt=4929&min_rtt=4903&rtt_var=1428&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2823&recv_bytes=2084&delivery_rate=562734&cwnd=251&unsent_bytes=0&cid=a7f0c815622b1510&ts=40&x=0", cfL4;desc="?proto=QUIC&rtt=4269&min_rtt=4245&rtt_var=1640&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4163&recv_bytes=1791&delivery_rate=133280&cwnd=12000&unsent_bytes=0&cid=abd33fb21bbdb09a&ts=398&x=1", cfExtPri, cfHdrFlush;dur=0

	r.bitualicar.ru/2Q5WxE/	104.21.86.91	200 OK	9.9 kB
URL r.bitualicar.ru/2Q5WxE/ IP 104.21.86.91:0 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjectbitualicar.ru Fingerprint5E:C7:63:4A:2A:56:CD:7B:C7:34:F7:80:41:63:9D:7E:52:51:1F:F6 ValidityThu, 09 Jan 2025 18:31:19 GMT - Wed, 09 Apr 2025 19:28:31 GMT File type HTML document, ASCII text, with very long lines (7497), with CRLF line terminators Size 9.9 kB (9947 bytes) Hash 91fd725aa42ea8284dad4a77b52a66d0 8d69b6c25eea2dfe0bb693672b9b5a0279a24116 7bf8ba50644d6ad0498ed2100028afbb7e105f08b861944d00e638d155ad9af7 HTTP Headers `GET /2Q5WxE/ HTTP/1.1 Host: r.bitualicar.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 15 Jan 2025 00:20:49 GMT content-type: text/html; charset=UTF-8 cache-control: no-cache, private cf-cache-status: DYNAMIC vary: accept-encoding report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XlbPA4r1ZkEXquxTiwPcXnxz0b5kDkDne0Gt6JOcKle%2BP5NdsBrTn0SwPFFH6siDoKuFULvN9dOR2%2BkgjppuqgV2NtqfOre00e%2B0VsEwPFInQVe%2BgxXdBVgau9P3Og%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 set-cookie: XSRF-TOKEN=eyJpdiI6IjVEaXovWVFscFVlM0xtdGRJeUlVRlE9PSIsInZhbHVlIjoiMm9xOG5iWkhNV2tKaHFpa0c2MkFLQWRQMTJ6bDBVQTFmNG52S1paRC90d2N2QW1JZmthQUVpNEl4ZkUzRnlnRGJWcDZLbTA3WW9MN1IxV3Y4YWJOWVZxcWZ0SXVNc1d2UDlpWllKVUFNZVdlK3pjeEtrVUcvRGZaS0VGbTFRZFIiLCJtYWMiOiIxNjEyY2QzMGRiMjI4ZjVmYTc0NGYzZDVmNmQyZDdhYTFiYjFkY2NhMzIwZmNjODNiYTNmOGM1ZDFjN2Q5ZmFlIiwidGFnIjoiIn0%3D; expires=Wed, 15-Jan-2025 02:20:49 GMT; Max-Age=7200; path=/; secure; samesite=none laravel_session=eyJpdiI6ImNoaGxVVnVFS0FVVEdZeEd6eS9makE9PSIsInZhbHVlIjoiT094YnJsNCtMcWtjM3VremdOcWk4ODVxeW9PcG1LU1hEcW15MWF6YWxOaU1paGs5aWpzRldrdS84Qk9vRjIxTVI4OTJOWm9nK2kyMU8zNFhKSWpta3RzZUVvWHM5UW9ERFFqZVVMYjFWaFh5M1hYZ3RPTFRnT2VBREp4WjFoRnAiLCJtYWMiOiI0MjkwYmQxNWU4MTFmYmU3Yzc1ZDhiZmFkMTgyYTk0YTM1OTMyNjUxNDM2MWQ4NjljOTY2ZDE1NDc3M2QzZWI5IiwidGFnIjoiIn0%3D; expires=Wed, 15-Jan-2025 02:20:49 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none server: cloudflare cf-ray: 9021b3c14e0156b5-OSL content-encoding: br server-timing: cfL4;desc="?proto=TCP&rtt=5230&min_rtt=5229&rtt_var=1963&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2823&recv_bytes=1386&delivery_rate=543822&cwnd=221&unsent_bytes=0&cid=61a86be89e0f9211&ts=108&x=0", cfL4;desc="?proto=TCP&rtt=5529&min_rtt=466&rtt_var=10118&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3278&recv_bytes=1251&delivery_rate=6961538&cwnd=254&unsent_bytes=0&cid=10ba9da9bb274277&ts=223&x=0" X-Firefox-Spdy: h2

	challenges.cloudflare.com/turnstile/v0/b/e0c90b6a3ed1/api.js	104.18.94.41	200 OK	48 kB
URL GET HTTP/3 challenges.cloudflare.com/turnstile/v0/b/e0c90b6a3ed1/api.js IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://r.bitualicar.ru/2Q5WxE/#dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintEF:AE:47:10:51:72:52:24:8B:84:F7:18:BC:91:3D:8F:CC:64:29:8D ValidityWed, 01 Jan 2025 16:48:17 GMT - Tue, 01 Apr 2025 17:48:13 GMT File type JavaScript source, ASCII text, with very long lines (47520) Size 48 kB (47521 bytes) Hash 7c92ec9d1395055ce0405a32607c7291 4ef0060484503e7a3d005254484d5a7facf42f27 a0ddae0fb79c4a4a66d8613157a0703771fa9be1a75790fccf5eeebaa329788b HTTP Headers `GET /turnstile/v0/b/e0c90b6a3ed1/api.js HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://r.bitualicar.ru/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/3 200 OK date: Wed, 15 Jan 2025 00:20:49 GMT content-type: application/javascript; charset=UTF-8 last-modified: Wed, 08 Jan 2025 13:42:47 GMT cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public access-control-allow-origin: * cross-origin-resource-policy: cross-origin priority: u=2,i=?0 vary: Accept-Encoding server: cloudflare cf-ray: 9021b3c3ddd15695-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/zm1ay/0x4AAAAAAA5Dtl6jm2_BdC5F/auto/fbE/normal/auto/	104.18.94.41	200 OK	26 kB
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/zm1ay/0x4AAAAAAA5Dtl6jm2_BdC5F/auto/fbE/normal/auto/ IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://r.bitualicar.ru/2Q5WxE/#dmZ1cmZhcm9Ac2x1cnBtYWlsLm5ldA== Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintEF:AE:47:10:51:72:52:24:8B:84:F7:18:BC:91:3D:8F:CC:64:29:8D ValidityWed, 01 Jan 2025 16:48:17 GMT - Tue, 01 Apr 2025 17:48:13 GMT File type HTML document, ASCII text, with very long lines (22074) Size 26 kB (26443 bytes) Hash e1360450aba8b088b6ca74eeb0b6a0dc 07f62a2d07026d1ab49e63409291638e1b60c53b cd42c77d238e02328ebb8f6f7345b443761f05b846103a5e8ec3ecd6684abe64 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/zm1ay/0x4AAAAAAA5Dtl6jm2_BdC5F/auto/fbE/normal/auto/ HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://r.bitualicar.ru/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Wed, 15 Jan 2025 00:20:50 GMT content-type: text/html; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self' cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: cross-origin origin-agent-cluster: ?1 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA referrer-policy: same-origin document-policy: js-profiling priority: u=4,i=?0 server: cloudflare cf-ray: 9021b3c4de5b5695-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	r.bitualicar.ru/2Q5WxE/	104.21.86.91	200 OK	20 kB
URL User Request GET HTTP/2 r.bitualicar.ru/2Q5WxE/ IP 104.21.86.91:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjectbitualicar.ru Fingerprint5E:C7:63:4A:2A:56:CD:7B:C7:34:F7:80:41:63:9D:7E:52:51:1F:F6 ValidityThu, 09 Jan 2025 18:31:19 GMT - Wed, 09 Apr 2025 19:28:31 GMT File type HTML document, ASCII text, with very long lines (7497), with CRLF line terminators Size 20 kB (19925 bytes) Hash 91fd725aa42ea8284dad4a77b52a66d0 8d69b6c25eea2dfe0bb693672b9b5a0279a24116 7bf8ba50644d6ad0498ed2100028afbb7e105f08b861944d00e638d155ad9af7 HTTP Headers `GET /2Q5WxE/ HTTP/1.1 Host: r.bitualicar.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 15 Jan 2025 00:20:49 GMT content-type: text/html; charset=UTF-8 cache-control: no-cache, private cf-cache-status: DYNAMIC vary: accept-encoding report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XlbPA4r1ZkEXquxTiwPcXnxz0b5kDkDne0Gt6JOcKle%2BP5NdsBrTn0SwPFFH6siDoKuFULvN9dOR2%2BkgjppuqgV2NtqfOre00e%2B0VsEwPFInQVe%2BgxXdBVgau9P3Og%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 set-cookie: XSRF-TOKEN=eyJpdiI6IjVEaXovWVFscFVlM0xtdGRJeUlVRlE9PSIsInZhbHVlIjoiMm9xOG5iWkhNV2tKaHFpa0c2MkFLQWRQMTJ6bDBVQTFmNG52S1paRC90d2N2QW1JZmthQUVpNEl4ZkUzRnlnRGJWcDZLbTA3WW9MN1IxV3Y4YWJOWVZxcWZ0SXVNc1d2UDlpWllKVUFNZVdlK3pjeEtrVUcvRGZaS0VGbTFRZFIiLCJtYWMiOiIxNjEyY2QzMGRiMjI4ZjVmYTc0NGYzZDVmNmQyZDdhYTFiYjFkY2NhMzIwZmNjODNiYTNmOGM1ZDFjN2Q5ZmFlIiwidGFnIjoiIn0%3D; expires=Wed, 15-Jan-2025 02:20:49 GMT; Max-Age=7200; path=/; secure; samesite=none laravel_session=eyJpdiI6ImNoaGxVVnVFS0FVVEdZeEd6eS9makE9PSIsInZhbHVlIjoiT094YnJsNCtMcWtjM3VremdOcWk4ODVxeW9PcG1LU1hEcW15MWF6YWxOaU1paGs5aWpzRldrdS84Qk9vRjIxTVI4OTJOWm9nK2kyMU8zNFhKSWpta3RzZUVvWHM5UW9ERFFqZVVMYjFWaFh5M1hYZ3RPTFRnT2VBREp4WjFoRnAiLCJtYWMiOiI0MjkwYmQxNWU4MTFmYmU3Yzc1ZDhiZmFkMTgyYTk0YTM1OTMyNjUxNDM2MWQ4NjljOTY2ZDE1NDc3M2QzZWI5IiwidGFnIjoiIn0%3D; expires=Wed, 15-Jan-2025 02:20:49 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none server: cloudflare cf-ray: 9021b3c14e0156b5-OSL content-encoding: br server-timing: cfL4;desc="?proto=TCP&rtt=5230&min_rtt=5229&rtt_var=1963&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2823&recv_bytes=1386&delivery_rate=543822&cwnd=221&unsent_bytes=0&cid=61a86be89e0f9211&ts=108&x=0", cfL4;desc="?proto=TCP&rtt=5529&min_rtt=466&rtt_var=10118&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3278&recv_bytes=1251&delivery_rate=6961538&cwnd=254&unsent_bytes=0&cid=10ba9da9bb274277&ts=223&x=0" X-Firefox-Spdy: h2

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1	104.18.94.41	200 OK	61 B
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1 IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/zm1ay/0x4AAAAAAA5Dtl6jm2_BdC5F/auto/fbE/normal/auto/ Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintEF:AE:47:10:51:72:52:24:8B:84:F7:18:BC:91:3D:8F:CC:64:29:8D ValidityWed, 01 Jan 2025 16:48:17 GMT - Tue, 01 Apr 2025 17:48:13 GMT File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Size 61 B (61 bytes) Hash 9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/zm1ay/0x4AAAAAAA5Dtl6jm2_BdC5F/auto/fbE/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Wed, 15 Jan 2025 00:20:50 GMT content-type: image/png content-length: 61 cache-control: max-age=2629800, public priority: u=4,i=?0 server: cloudflare cf-ray: 9021b3c5aed35695-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9021b3c4de5b5695&lang=auto	104.18.94.41	200 OK	112 kB
URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9021b3c4de5b5695&lang=auto IP 104.18.94.41:443 ASN #13335 CLOUDFLARENET Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/zm1ay/0x4AAAAAAA5Dtl6jm2_BdC5F/auto/fbE/normal/auto/ Certificate IssuerGoogle Trust Services Subjectchallenges.cloudflare.com FingerprintEF:AE:47:10:51:72:52:24:8B:84:F7:18:BC:91:3D:8F:CC:64:29:8D ValidityWed, 01 Jan 2025 16:48:17 GMT - Tue, 01 Apr 2025 17:48:13 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 112 kB (111594 bytes) Hash 0db7424d584ac3fea69847c690752831 3fdb3dd4c0280a2d004aacde7bbd2ef8a8c427ed 0de98270091cd4218d8724d1341b7680eac2b611a8e16ed72f4dea71e9acc138 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9021b3c4de5b5695&lang=auto HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/zm1ay/0x4AAAAAAA5Dtl6jm2_BdC5F/auto/fbE/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Wed, 15 Jan 2025 00:20:50 GMT content-type: application/javascript; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 priority: u=2,i=?0 server: cloudflare cf-ray: 9021b3c5aed45695-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (13)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash