Report - gf56.k78-we.blog/

Report Overview

Visited public
2025-02-26 21:14:19
Tags
URL
gf56.k78-we.blog/
Finishing URL
gf56.k78-we.blog/
IP / ASN
172.67.165.176
#13335 CLOUDFLARENET
Title
404 Not Found

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
gf56.k78-we.blog	unknown	2025-02-19	2025-02-26	2025-02-26	7.3 kB	88 kB	188.114.96.1
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-02-26	1.3 kB	606 B	104.18.95.41

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-02-26 21:13:56	medium	188.114.96.1	Client IP	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (32)

	URL	From	Size	First Seen	Last Seen
	gf56.k78-we.blog/	ScriptElement	923 B	2025-02-26	2025-02-26
Pretty URL gf56.k78-we.blog/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash 6d5470be1feaed521414942c7fa8292c 87af7f2b32e13043e33918c5d3abbf676139e947 064661af1b9d5349a84f85df7d064214d7fe1ac2d032b5970b34955c4b0c1a71 Loading...

	gf56.k78-we.blog/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.5 kB	2025-02-26	2025-02-26
Pretty URL gf56.k78-we.blog/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-26 21:02 Last Seen2025-02-26 21:14 Times Seen4 Hash 81e79a26bfd60ea621807b7d7569499d 3c77009475a38a4d1386e4567033ef49b9e7314b c7f46a2596b7008406b6b0b35289cb20900acacc9174e4c5801e777263274595 Loading...

	unknown	ScriptElement	236 B	2025-02-26	2025-02-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash 92ff6d8b7105d49a4844e4d64c74d355 21f340d7231493d60e8b05a31f08ef4dc732b513 839fbdac1ff063a5ad48afe9bc3672eefea70d06cdeb589d0a09fdc70fae42cd Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0920b13a8dc61133da8d1489f0682783	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash 0920b13a8dc61133da8d1489f0682783 4e639e7012dd2f36546f22d189298e8ef822addc 9282c8415e082589006a33acffb1148949bc2453a6e2e9101ac8fbc5dabb5939 Loading...

	#2 Eval - 6725de5e358dc33b95d3c1a6c56453ed	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash 6725de5e358dc33b95d3c1a6c56453ed 6404256af63ac95e5ac4879f49e11c7e69f63527 38fd99b644f662630ed6ce1b90eb647f8b991721f65091ff4ba8c53443980809 Loading...

	#3 Eval - 2085bd100589edbceeda5470dbb53de6	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash 2085bd100589edbceeda5470dbb53de6 3c3c1966cbd4bf99d710a2339bec465196003750 84f43dcb5622dbd99539e072aa02466f674a2d4859b5e63050ba3eb9e9175cee Loading...

	#4 Eval - e31ffe076261c459c137ab8f688dab82	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash e31ffe076261c459c137ab8f688dab82 7addfe848d1091e31fd83f98d64de577370deead 035cedfc582c35c6fc9c2c2ef711c3b84ff46b8e8757c27d12bcc5b0f9ae4b25 Loading...

	#5 Eval - 2d8668e9f5ee829634bbc8a0d9571a52	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash 2d8668e9f5ee829634bbc8a0d9571a52 191a56836f755b823a5d74a31a37f6c8438e0597 5660172a72b22f5da0ce09931d3425265616e3928daaf471897801fa14cdd5ee Loading...

	#6 Eval - a6911d75e337052fb78e75bcb7d20e64	1.0 kB	2025-02-26 20:51	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 20:51 Last Seen2025-02-26 21:14 Times Seen3 Hash a6911d75e337052fb78e75bcb7d20e64 a8cb39341390073399a141e59aa71775e4fc5add e07c9b566ae254bd1f95c4477f071f684663c95ba6c0f5913ca2eacf287f68a7 Loading...

	#7 Eval - 3bb75628e1d004f08fbcbd74b81555cb	142 B	2025-02-20 12:03	2025-03-02 06:12
Pretty Observations First Seen2025-02-20 12:03 Last Seen2025-03-02 06:12 Times Seen1205 Hash 3bb75628e1d004f08fbcbd74b81555cb bdf8dc37752e0228580cd870763c2c8c571ada1a 9ea68ebcc418d0b67cc42c3194fd71836ff98973526381ee5af4a3ae1dd1d537 Loading...

	#8 Eval - 1d2acc5165080dd018feaf08ea69e588	87 B	2025-02-20 12:03	2025-05-14 04:27
Pretty Observations First Seen2025-02-20 12:03 Last Seen2025-05-14 04:27 Times Seen11889 Hash 1d2acc5165080dd018feaf08ea69e588 26698128d62a4d0c2c902723f8eb8d62043dab06 6d5c9f536080a954f2b1bfcc1f1273fda5a5d464111900b8fe9c7c49c6f2b9dc Loading...

	#9 Eval - ff03fc8f0c3179fb4dcf4389f88a1c16	14 B	2024-12-12 23:50	2025-05-14 04:27
Pretty Observations First Seen2024-12-12 23:50 Last Seen2025-05-14 04:27 Times Seen14273 Hash ff03fc8f0c3179fb4dcf4389f88a1c16 05ff911d7ddf2d7c14b4316a87fd08f42c618f9f 025229ec6bb50e915572750c5045d22c5fe16851fd077f1411f41b19aa1dfece Loading...

	#10 Eval - c58456c52586b48d3c6bbfd184d94636	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash c58456c52586b48d3c6bbfd184d94636 108c05fcfc8a0f8ab00160f1078952922954087b 565847e26e5616a18fc11c7ae9b8ece0341f35dce50a3fd8e4702d44a8466350 Loading...

	#11 Eval - ebe41b8aa6f47b494c3d364f0151ca54	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash ebe41b8aa6f47b494c3d364f0151ca54 cb3a0cb5e82b34ad7b465fd95a8c2b15a2185450 594c32ce03ee8295198180ff8406255dc945f272fae51f58dbf414020f08a95e Loading...

	#12 Eval - 0f8bc2d30745a2b2c3dc4b3fc25500e5	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash 0f8bc2d30745a2b2c3dc4b3fc25500e5 8ff805d847c0aa74e528fa77906e59a56a001447 adad1e30a5c2e5879828dd2632d2964bbc78133ca0de71510d2fd4968f37baed Loading...

	#13 Eval - ca897fb253cc8807c5aafc947eb02fb6	16 B	2024-12-12 23:50	2025-05-14 04:27
Pretty Observations First Seen2024-12-12 23:50 Last Seen2025-05-14 04:27 Times Seen14234 Hash ca897fb253cc8807c5aafc947eb02fb6 25137d68712ada7d3ad424c80bc0d688a696f7bb 57f9c536daa79c4d770534dbafbe2e7b2b2aa48b9eb2617b4e670b8a78a4a4ce Loading...

	#14 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	0001-01-01 00:00	2025-05-14 05:14
Pretty Observations First Seen0001-01-01 00:00 Last Seen2025-05-14 05:14 Times Seen4677387 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#15 Eval - c4a722488e1e05ff968429d3486434c5	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash c4a722488e1e05ff968429d3486434c5 2b400f3932667016daa156f91692435d5a93bde0 bc5b78edf11ba8e2061bed4a2fd08c13e905aa8b9830c5eaf3c15745081d88c3 Loading...

	#16 Eval - fe79065ace3fe8cebb0369624436eed6	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash fe79065ace3fe8cebb0369624436eed6 5dbda315b2576fe91a23adb4fabda9ac678dbbf2 94b74dd84a152e4a713832f8c113f57e0d4754dcc7d84f7a55d8f6f2ab0bdbcc Loading...

	#17 Eval - 17ccee0446431d3e78436820ed42414c	159 B	2025-02-20 12:03	2025-03-02 06:12
Pretty Observations First Seen2025-02-20 12:03 Last Seen2025-03-02 06:12 Times Seen1209 Hash 17ccee0446431d3e78436820ed42414c 0706fd7ec13e446698f23637c4de2750766bdfe7 c2e5c09e3abae42130e399662d26f021ad43c3831d453cb832aa75431e124e58 Loading...

	#18 Eval - e43a58121bbe002083fbee3d541b5026	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash e43a58121bbe002083fbee3d541b5026 6c6cff065d934a7c3c91cf28845b31e1b0eedafa 7b76046e7f10d8dd28316c84eb0e619a139792be643211f760cf2e64c1030e0e Loading...

	#19 Eval - f47389d2f1abd47dbebeef3e2d3ae8a7	94 B	2024-12-12 23:50	2025-05-14 04:27
Pretty Observations First Seen2024-12-12 23:50 Last Seen2025-05-14 04:27 Times Seen14241 Hash f47389d2f1abd47dbebeef3e2d3ae8a7 dde5aa75f9a647e73d3e2d3fdda68898f850f72d 30893b81b3c71cdbd5cf34b54fb52f8eef50b27d8a3f2498a28d2b89bd987fda Loading...

	#20 Eval - b46221aa8dd0a98e1385131f05378bbf	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash b46221aa8dd0a98e1385131f05378bbf dbad932b1cccaab4ea510791157702ac56372220 499d2ea8880cba4cd7e1e69a9950be202a1de8511fc0929aea601e9ee598e52e Loading...

	#21 Eval - 93189f6a9e35036fd6b7287bbbb2ec0e	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash 93189f6a9e35036fd6b7287bbbb2ec0e 6fed02a36896fd14832a20a672abab86591c048e ce50bce7088b69814c2c369705e374e2490f50ec929487a1039aee5c60e0a8a0 Loading...

	#22 Eval - a4f3c7478610ddf7bd4d31e7c42b0a89	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash a4f3c7478610ddf7bd4d31e7c42b0a89 9457a8b4e87d4132353832e600ab9ccb407662a0 3212b1c151a2f82cefb8f22727bb423cac1186a3bed2aaf1de4aebfe439ff403 Loading...

	#23 Eval - 63afadbdef7fd01293c762299c7b6b3a	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash 63afadbdef7fd01293c762299c7b6b3a 098a0dd26ebf23290e1e1f0fe774f58cdcbcfa91 520e3754bd2235e02e57ac9c37d57aebc96633d07418b0127ee49a27b6d151d0 Loading...

	#24 Eval - 976115851d706ceb5255b2672fb60fef	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash 976115851d706ceb5255b2672fb60fef f8073d673742b245b5585175d78de6e8337939cf a50e762f572aa8c3c87f906764acbf315c513e85337a134e21d4ed0fd96f2afe Loading...

	#25 Eval - 8fafa64de20174eed89d6f86e9899372	1.3 MB	2025-02-26 21:14	2025-02-26 21:14
Pretty Observations First Seen2025-02-26 21:14 Last Seen2025-02-26 21:14 Times Seen1 Hash 8fafa64de20174eed89d6f86e9899372 87e77ac1fcdc3cf288934f6f15a7c1132b989e3f f732941e908ee6f1c22f7124e7c36c0583344665af1521207e32b2b682c101a5 Loading...

	#26 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-05-14 04:27
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 04:27 Times Seen369540 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#27 Eval - fefbc35dd5f2f6c1be47aaea33609106	61 B	2025-02-20 12:03	2025-03-02 06:12
Pretty Observations First Seen2025-02-20 12:03 Last Seen2025-03-02 06:12 Times Seen1208 Hash fefbc35dd5f2f6c1be47aaea33609106 47222047c4fe80726aed4ab7ffc2d50bc0e524d2 2b9fb47b9bde39352e799ce4f09817053ed1c1318f8afc6e1d7a6b334095f111 Loading...

	#28 Eval - 33ff6022e88df59f8dfc9eb546435e9c	14 B	2024-12-12 23:50	2025-05-14 04:27
Pretty Observations First Seen2024-12-12 23:50 Last Seen2025-05-14 04:27 Times Seen14296 Hash 33ff6022e88df59f8dfc9eb546435e9c 7f2ad96c0a1276fbc858c652a6e2d0b3c9d4d3e4 a1c845cab782ea7dec04543ec72e0b354cb8e9aae23acc02ee02b1832e3acd9a Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07 01:03	2025-05-14 04:27
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 04:27 Times Seen58234 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

HTTP Transactions (13)

	URL	IP	Response	Size
	gf56.k78-we.blog/	188.114.96.1	403 Forbidden	4.0 kB
URL User Request POST HTTP/1.1 gf56.k78-we.blog/ IP 188.114.96.1:80 ASN #13335 CLOUDFLARENET File type HTML document, ASCII text, with very long lines (6208), with no line terminators Size 4.0 kB (4010 bytes) Hash c732314a66b45549d177a2d2363bfd1f d3c426a11a8e009da8738be2fbce200ed836bc78 e634a484269ec585fc8980dfee4b7f370758e63c510408fb3b09d7313c8479ab HTTP Headers `GET / HTTP/1.1 Host: gf56.k78-we.blog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Date: Wed, 26 Feb 2025 21:13:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cf-mitigated: challenge critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin x-content-options: nosniff x-frame-options: SAMEORIGIN cf-chl-out: D8R0hicFhhNVkpVsuEeiXDEnLF2KtTx90r2YRx9V5tKiDma5tgFv8ib/45PqaZluY8KCUsHfM/4XvUpE5PaqKXvNOYb08YdXx9/b+xwgChd0MIvo0s4Y8+X1YHnUHUnTL6MslWMG8lso6T70dKMT6w==$jfX8Jk3bZ1FNJBZPrVxaIA== Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itNkqUGm%2BGZC5%2BXwihixSFQRS5YeNa2ZdjCN49c7lp3IN85T%2FhtccsVEiU8pAes1QzIBxNopWLJemWDdZwMC2iIMB5AWkbpqL2KjYo1zV98VccGbnGDQGb0qiti%2FlyNzVfBG"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 9182f0eb2e5b56a5-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 server-timing: chlray;desc="9182f0eb2e5b56a5", cfL4;desc="?proto=TCP&rtt=464&min_rtt=464&rtt_var=232&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=401&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	gf56.k78-we.blog/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=9182f0eb2e5b56a5	188.114.96.1	200 OK	37 kB
URL gf56.k78-we.blog/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=9182f0eb2e5b56a5 IP 188.114.96.1:0 ASN #13335 CLOUDFLARENET File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 37 kB (36614 bytes) Hash b73c0fb6f3a1f74a04e57f1fa63c0928 d53a444fac39915ff332483f80d163e0d8a0b21d a4a222100eb5e32908d501c6eceacf6dda8cb0eb69057741cee0d66437965554 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=9182f0eb2e5b56a5 HTTP/1.1 Host: gf56.k78-we.blog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://gf56.k78-we.blog/?__cf_chl_rt_tk=1z1_a4fjPkZUNDGlsILICLMFrTeYBgAFYoDUMYrsTXw-1740604428-1.0.1.1-eKvvzkkgFNYM.6kksiGA7LWp_8uff2eawcD7N96.AyA DNT: 1 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Wed, 26 Feb 2025 21:13:48 GMT Content-Type: application/javascript; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8RrYF%2BVjMdyyDixtm1DHjMV1rX1os06QxOeWRIDw4bxE7atBi7Z4n%2BbsOqROYn5L6r7e7DOEzMInK3WUFngY1Qt6uaqjd036aELxx2%2FFlpblRgzdrxv26aa1n%2FG2KcKsUBe"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9182f0edad4d5690-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=556&min_rtt=556&rtt_var=278&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=521&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	gf56.k78-we.blog/favicon.ico	188.114.96.1	403 Forbidden	4.1 kB
URL GET HTTP/1.1 gf56.k78-we.blog/favicon.ico IP 188.114.96.1:80 ASN #13335 CLOUDFLARENET Requested by http://gf56.k78-we.blog/ File type HTML document, ASCII text, with very long lines (6370), with no line terminators Size 4.1 kB (4121 bytes) Hash a0a2197244f6281cb98f0fb842643958 7084b439546a8c22824b3e21b01c4e5366bbd3f7 c6203f7fed0761dcbeab3a268abd2744a2bbdc4730f583673d486fc650023cc0 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: gf56.k78-we.blog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://gf56.k78-we.blog/?__cf_chl_rt_tk=1z1_a4fjPkZUNDGlsILICLMFrTeYBgAFYoDUMYrsTXw-1740604428-1.0.1.1-eKvvzkkgFNYM.6kksiGA7LWp_8uff2eawcD7N96.AyA DNT: 1 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Date: Wed, 26 Feb 2025 21:13:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cf-mitigated: challenge critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin x-content-options: nosniff x-frame-options: SAMEORIGIN cf-chl-out: UU6UUL49PwPifAZ+GPeB2gLDiIoZHg1+7igA7qKSBPMcRLovO9+oPfDA52iPVNBxPhbA/88sBu/+UXh62gfMKalW7xQ9ZVHbw+26CR4nUN2NnW+Eh/dnTDdAvO+yCZ3OUUSVn6Mkl1iE/ou/gYJY7w==$QYQDEoWpCNSv36G/QbEQgA== Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GupAny4BN9RbiVjpoKD5Q33%2FTzJjKgyvIlVwTv0rKw5tsnF%2FddfoWsnhuF%2FeUl4NsLC7igEISj9n0IWpSoSrFVzEwln6Um2R1cmoTfzt%2Fl9s9cp%2B2au8HyrlJzf4fB5duiIM"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 9182f0edfdda5690-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 server-timing: chlray;desc="9182f0edfdda5690", cfL4;desc="?proto=TCP&rtt=887&min_rtt=556&rtt_var=356&sent=29&recv=22&lost=0&retrans=0&sent_bytes=37531&recv_bytes=1000&delivery_rate=16778679&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	gf56.k78-we.blog/favicon.ico	188.114.96.1	403 Forbidden	4.0 kB
URL GET HTTP/1.1 gf56.k78-we.blog/favicon.ico IP 188.114.96.1:80 ASN #13335 CLOUDFLARENET Requested by http://gf56.k78-we.blog/ File type HTML document, ASCII text, with very long lines (6242), with no line terminators Size 4.0 kB (4023 bytes) Hash 2d04067add40136b75fb6702433f1abe d62f4084d749f019209e2eb291ae9e6c83c8ccd4 46e49b0ae1438c93e84303ba19a1c35cec972f7efbc0a15f3fef2cb0e4b0e0dc HTTP Headers `GET /favicon.ico HTTP/1.1 Host: gf56.k78-we.blog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://gf56.k78-we.blog/ DNT: 1 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Date: Wed, 26 Feb 2025 21:13:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cf-mitigated: challenge critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin x-content-options: nosniff x-frame-options: SAMEORIGIN cf-chl-out: lJZnw8n7j87vsYTQDk0q/KyGSsS/QDVAWtZm9tphIzK484cyJE29P3SBSAuUj/qSZFqr5fZz8RPMT+KQoYKtaeqjfcJZi897ncjdlRlVpai1MaM6Ole72t5coWzkWu0fOp62I0n1aMMEPl+BTg1Vnw==$b8AYFBBEXwh0TgeXHXnBGQ== Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uJ0R5bCWM7lWhTR8Oll86ZhAZ%2FDhkA4TpBLeg5DObixmvKJ%2B20RCHBLEQ%2BSDML6mSMT4TWB%2FlsL8peqQdfXgEzuIly2eRmNYN%2BgZSvsv5cvtQgsrU6IskRzHyyPYZ%2BsP1mJ"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 9182f0ee7ecd712f-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 server-timing: chlray;desc="9182f0ee7ecd712f", cfL4;desc="?proto=TCP&rtt=473&min_rtt=473&rtt_var=236&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=357&delivery_rate=0&cwnd=241&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	gf56.k78-we.blog/cdn-cgi/challenge-platform/h/b/flow/ov1/2047436465:1740600835:O8ULil0Z6js2tuVzBGSC6pEQ1foGXI1XJugqKq2-y8U/9182f0eb2e5b56a5/HwDxz0agXvbSdrsFqE2Va3zK8bVZDIcpQO6AAIqLlOE-1740604428-1.2.1.1-9OGYDP4FH5PTxcS1EH8qo6dILWWFUK32vkRlTXLnOgD_5mUPNvhtQbnOabJXXw_M	188.114.96.1	200 OK	12 kB
URL gf56.k78-we.blog/cdn-cgi/challenge-platform/h/b/flow/ov1/2047436465:1740600835:O8ULil0Z6js2tuVzBGSC6pEQ1foGXI1XJugqKq2-y8U/9182f0eb2e5b56a5/HwDxz0agXvbSdrsFqE2Va3zK8bVZDIcpQO6AAIqLlOE-1740604428-1.2.1.1-9OGYDP4FH5PTxcS1EH8qo6dILWWFUK32vkRlTXLnOgD_5mUPNvhtQbnOabJXXw_M IP 188.114.96.1:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (16364), with no line terminators Size 12 kB (12350 bytes) Hash fb74ee921d5367d5b9908066fb82148b 018e8773b37253e20950753ddee3bedc7ac88962 94cfb28c31b4cfb0eed9e935f1f9c778de17563c21ba2b6a79cb857199853043 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2047436465:1740600835:O8ULil0Z6js2tuVzBGSC6pEQ1foGXI1XJugqKq2-y8U/9182f0eb2e5b56a5/HwDxz0agXvbSdrsFqE2Va3zK8bVZDIcpQO6AAIqLlOE-1740604428-1.2.1.1-9OGYDP4FH5PTxcS1EH8qo6dILWWFUK32vkRlTXLnOgD_5mUPNvhtQbnOabJXXw_M HTTP/1.1 Host: gf56.k78-we.blog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://gf56.k78-we.blog/ cf-chl: HwDxz0agXvbSdrsFqE2Va3zK8bVZDIcpQO6AAIqLlOE-1740604428-1.2.1.1-9OGYDP4FH5PTxcS1EH8qo6dILWWFUK32vkRlTXLnOgD_5mUPNvhtQbnOabJXXw_M cf-chl-ra: 0 Content-Type: text/plain;charset=UTF-8 Content-Length: 3011 Origin: http://gf56.k78-we.blog DNT: 1 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Wed, 26 Feb 2025 21:13:48 GMT Content-Type: text/plain; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive cf-chl-gen: w9SXt10FcSbQjRXDr2y6ktGUahnXd8NPbCpX8eMQ+HY=$mNnlwT4WuCXUK4LpgdTGyw== Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aB2zA2geAg7i3DBGHuUbcDCmeBbidGGdKddDPA9X40owZYd6XXFZOCNPFhYi1BZt%2FqHCuKp7zapUmQTKXFelA9kCeb9feCzCgiCv55QSA8NcZFOZOTfRTZJ7oEp4SrVXQcxV"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9182f0efec6156b4-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=464&min_rtt=464&rtt_var=232&sent=2&recv=5&lost=0&retrans=0&sent_bytes=0&recv_bytes=3832&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1	104.18.95.41	200 OK	61 B
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1 IP 104.18.95.41:0 ASN #13335 CLOUDFLARENET File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Size 61 B (61 bytes) Hash 9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x7p1e/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 200 OK date: Wed, 26 Feb 2025 21:13:49 GMT content-type: image/png content-length: 61 cache-control: max-age=2629800, public priority: u=4,i=?0 server: cloudflare cf-ray: 9182f0f3083a56cc-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/9182f0f16df756cc/1740604429653/PMyDjI47BSY_MWc	104.18.95.41	200 OK	61 B
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/9182f0f16df756cc/1740604429653/PMyDjI47BSY_MWc IP 104.18.95.41:0 ASN #13335 CLOUDFLARENET File type PNG image data, 94 x 33, 8-bit/color RGB, non-interlaced Size 61 B (61 bytes) Hash 6374865d01b34d3323fa2903d8f97584 1141174578d2593621eb9cd027cb38aafa9e6689 f5469cee25455711f0c219704a9c03bf27984b61a9b148a8f263860dd274a80b HTTP Headers GET /cdn-cgi/challenge-platform/h/b/d/9182f0f16df756cc/1740604429653/PMyDjI47BSY_MWc HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x7p1e/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 200 OK date: Wed, 26 Feb 2025 21:13:52 GMT content-type: image/png content-length: 61 priority: u=4,i=?0 server: cloudflare cf-ray: 9182f1048b1056cc-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri`

	gf56.k78-we.blog/cdn-cgi/challenge-platform/h/b/flow/ov1/2047436465:1740600835:O8ULil0Z6js2tuVzBGSC6pEQ1foGXI1XJugqKq2-y8U/9182f0eb2e5b56a5/HwDxz0agXvbSdrsFqE2Va3zK8bVZDIcpQO6AAIqLlOE-1740604428-1.2.1.1-9OGYDP4FH5PTxcS1EH8qo6dILWWFUK32vkRlTXLnOgD_5mUPNvhtQbnOabJXXw_M	188.114.96.1	200 OK	6.9 kB
URL gf56.k78-we.blog/cdn-cgi/challenge-platform/h/b/flow/ov1/2047436465:1740600835:O8ULil0Z6js2tuVzBGSC6pEQ1foGXI1XJugqKq2-y8U/9182f0eb2e5b56a5/HwDxz0agXvbSdrsFqE2Va3zK8bVZDIcpQO6AAIqLlOE-1740604428-1.2.1.1-9OGYDP4FH5PTxcS1EH8qo6dILWWFUK32vkRlTXLnOgD_5mUPNvhtQbnOabJXXw_M IP 188.114.96.1:0 ASN #13335 CLOUDFLARENET File type data Size 6.9 kB (6907 bytes) Hash c99351f0dcb843915d91d47cda6f54ed 5cc324c5e9317a5b4b6e3051c0c4a924e1fbe4d1 1d3765d5c810780bd99b9012a1f597978fcff2ac48d732a6a9905fcc6c834830 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2047436465:1740600835:O8ULil0Z6js2tuVzBGSC6pEQ1foGXI1XJugqKq2-y8U/9182f0eb2e5b56a5/HwDxz0agXvbSdrsFqE2Va3zK8bVZDIcpQO6AAIqLlOE-1740604428-1.2.1.1-9OGYDP4FH5PTxcS1EH8qo6dILWWFUK32vkRlTXLnOgD_5mUPNvhtQbnOabJXXw_M HTTP/1.1 Host: gf56.k78-we.blog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://gf56.k78-we.blog/ cf-chl: HwDxz0agXvbSdrsFqE2Va3zK8bVZDIcpQO6AAIqLlOE-1740604428-1.2.1.1-9OGYDP4FH5PTxcS1EH8qo6dILWWFUK32vkRlTXLnOgD_5mUPNvhtQbnOabJXXw_M cf-chl-ra: 0 Content-Type: text/plain;charset=UTF-8 Content-Length: 5225 Origin: http://gf56.k78-we.blog DNT: 1 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Wed, 26 Feb 2025 21:13:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive cf-chl-out: UaDw71kdv36Pgg7s64EO/7rotbORm5Fnl2cYUEHrJCz6FTZLj8nKLPf9+OLwS2Z4atMad0bnWCwVTZyYIJklcg==$4GTbOBcKS0UWMtv5l+5+yQ== set-cookie: cf_chl_rc_ni=;Expires=Tue, 25 Feb 2025 21:13:55 GMT;SameSite=Strict cf-chl-out-s: e9jiMHgxZXirHSvLGxF86NALXCyv8WMq1Z9H5JI8v1E8bldHHMXR6uzQRPQ89dwQnuX6V/e3uiBjnJbqk6DVMtHUcn86K9FTyYk22F1VPjmAo/3o01QhA/l/IPh1naegEvLYWEoWHECYnmSA4srkfBbB1Mfqf9iORrMzGzcqFYxSNseb6ekowduVBMgxFO4ZRDRwuAc+SfD0sa2a2cV8rXt5kDqcip/h3VGXdpzUo82Y3UsIFszYLZ9SgBHXWZV0io0dHXi0e5LuG7TcplMBE0S4cs7+TDXaw5ZLL+JdzJ9JhPxwXaIYuZrR4pVj/1Z6Ba3AvjQ+XKYoVSvcQ7J/3+WFFc2tai6ntta7Gqyypn0=$9tTmgdoa/tLrqYGhZ19tuw== Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dkiHTW97F96BPkJiseDQ5SJWzHyCw7QjHYx8wyFDYKa1sTKdSDmBUAOX%2Fae0%2B8vhv6MfyGxZMKnJLcoObc42lwxlP5P9PupG4itFMTBMXl2wrody4tRDn4Nuriv5RUnvMOyw"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9182f1197efa56b4-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=642&min_rtt=464&rtt_var=110&sent=15&recv=21&lost=0&retrans=0&sent_bytes=13216&recv_bytes=9878&delivery_rate=21379865&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	gf56.k78-we.blog/	188.114.96.1	200 OK	638 B
URL User Request POST HTTP/1.1 gf56.k78-we.blog/ IP 188.114.96.1:80 ASN #13335 CLOUDFLARENET File type JavaScript source, ASCII text, with very long lines (952) Size 638 B (638 bytes) Hash 8ee51c32ed27331837d889ab72b0c369 91e39c5776bc9a4d4250de51e869bd3fb8ef9a77 75e2adda923a51031e616ca61f685f2ebc623c9e4954a5cf441f843a269c6d77 HTTP Headers POST / HTTP/1.1 Host: gf56.k78-we.blog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://gf56.k78-we.blog/?__cf_chl_tk=1z1_a4fjPkZUNDGlsILICLMFrTeYBgAFYoDUMYrsTXw-1740604428-1.0.1.1-eKvvzkkgFNYM.6kksiGA7LWp_8uff2eawcD7N96.AyA Content-Type: application/x-www-form-urlencoded Content-Length: 3138 Origin: http://gf56.k78-we.blog DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Wed, 26 Feb 2025 21:13:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: cf_clearance=JjlaCOi17Xo40D1Rx5lM9dHMze52q2Lmy43Onrl1_dw-1740604435-1.2.1.1-baHwTluYWMjmsLGFaP02K4PTK3kqU4VM3VYFnQu6WPrwRwzoREyw9S.aa_GH_GwpKK44VV0o575S3c7GcDU0Q82NSwjrOe46ejh3Te7k6LISqSZ27HrMPc_s0xfr9tNQhKjQHg5ht7wn6ww2W16n2i5m9ds0EBZVUMAYVow5d8y5t_wTVDWqydPLAjflVUfYuOZxQCeBKcbR5zzvxswJhNHnIv6y.sVkQ678RMFjnFszOM0u0FHg0BDHxPnKdI9wSZLuworTETh1T9fkHbomUyoWAh08IpXOYaBD.NjzfatJmO8Tz7dpnvwNBNXrDQ4C.29jqU8XpfF3r2qyZ5h2rg; Path=/; Expires=Thu, 26-Feb-26 21:13:55 GMT; Domain=.k78-we.blog; Priority=High; HttpOnly X-Powered-By: PHP/5.6.30 cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SskEC0h%2BWqW8Q5li6RqGDEVNn3KL%2BkgPo1%2F05AEBLTQRaVHHler4RcN9xUA1yAoG4VCwqZpn8FNoKLeRHg6DH%2BltisY4kmEvJzp1F2jZ3oxXWx1O73NeSP%2FClQ%2F0nAotJ4L%2B"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9182f11b79de56b4-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=727&min_rtt=464&rtt_var=126&sent=21&recv=29&lost=0&retrans=0&sent_bytes=17816&recv_bytes=13676&delivery_rate=21379865&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	gf56.k78-we.blog/cdn-cgi/challenge-platform/scripts/jsd/main.js	188.114.96.1	302 Found	0 B
URL GET HTTP/1.1 gf56.k78-we.blog/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 188.114.96.1:80 ASN #13335 CLOUDFLARENET Requested by http://gf56.k78-we.blog/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1 Host: gf56.k78-we.blog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Cookie: cf_clearance=JjlaCOi17Xo40D1Rx5lM9dHMze52q2Lmy43Onrl1_dw-1740604435-1.2.1.1-baHwTluYWMjmsLGFaP02K4PTK3kqU4VM3VYFnQu6WPrwRwzoREyw9S.aa_GH_GwpKK44VV0o575S3c7GcDU0Q82NSwjrOe46ejh3Te7k6LISqSZ27HrMPc_s0xfr9tNQhKjQHg5ht7wn6ww2W16n2i5m9ds0EBZVUMAYVow5d8y5t_wTVDWqydPLAjflVUfYuOZxQCeBKcbR5zzvxswJhNHnIv6y.sVkQ678RMFjnFszOM0u0FHg0BDHxPnKdI9wSZLuworTETh1T9fkHbomUyoWAh08IpXOYaBD.NjzfatJmO8Tz7dpnvwNBNXrDQ4C.29jqU8XpfF3r2qyZ5h2rg Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Date: Wed, 26 Feb 2025 21:13:56 GMT Content-Length: 0 Connection: keep-alive location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/b0e4a89976ce/main.js? cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public access-control-allow-origin: * Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUx9QrqXQW2AYKLQBJU1b0IPFq2OCDITuUpBgqg8zTUy%2BtT%2BwA4MCkN7W%2FJxLARnDHoS1G5samvBute0CHf7sfEf92GrPnP43Bz1aBgY6D0z1QKajP1fiL9G%2BfZtZyPKx4Xv"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 9182f11fdec656c6-OSL alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=566&min_rtt=566&rtt_var=283&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=763&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	gf56.k78-we.blog/cdn-cgi/challenge-platform/h/b/scripts/jsd/b0e4a89976ce/main.js?	188.114.96.1	200 OK	3.9 kB
URL GET HTTP/1.1 gf56.k78-we.blog/cdn-cgi/challenge-platform/h/b/scripts/jsd/b0e4a89976ce/main.js? IP 188.114.96.1:80 ASN #13335 CLOUDFLARENET Requested by http://gf56.k78-we.blog/ File type JavaScript source, ASCII text, with very long lines (8483), with no line terminators Size 3.9 kB (3862 bytes) Hash 81e79a26bfd60ea621807b7d7569499d 3c77009475a38a4d1386e4567033ef49b9e7314b c7f46a2596b7008406b6b0b35289cb20900acacc9174e4c5801e777263274595 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/b0e4a89976ce/main.js? HTTP/1.1 Host: gf56.k78-we.blog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Cookie: cf_clearance=JjlaCOi17Xo40D1Rx5lM9dHMze52q2Lmy43Onrl1_dw-1740604435-1.2.1.1-baHwTluYWMjmsLGFaP02K4PTK3kqU4VM3VYFnQu6WPrwRwzoREyw9S.aa_GH_GwpKK44VV0o575S3c7GcDU0Q82NSwjrOe46ejh3Te7k6LISqSZ27HrMPc_s0xfr9tNQhKjQHg5ht7wn6ww2W16n2i5m9ds0EBZVUMAYVow5d8y5t_wTVDWqydPLAjflVUfYuOZxQCeBKcbR5zzvxswJhNHnIv6y.sVkQ678RMFjnFszOM0u0FHg0BDHxPnKdI9wSZLuworTETh1T9fkHbomUyoWAh08IpXOYaBD.NjzfatJmO8Tz7dpnvwNBNXrDQ4C.29jqU8XpfF3r2qyZ5h2rg Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Wed, 26 Feb 2025 21:13:56 GMT Content-Type: application/javascript; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public x-content-type-options: nosniff Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nfps8omvFjeQR7rTAtVhWQQptm1vr84mAzjnZaYqFz3ioIDqumBq6exe3nTAl4vmm1LDGYc4hdJnESFmdY1IEqp%2BkcNJY5ejwAekMmiAk2KBOOcB8nYXVK6bxKu2Bowcl8HH"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 9182f11fff1256c6-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=558&min_rtt=502&rtt_var=228&sent=2&recv=5&lost=0&retrans=0&sent_bytes=924&recv_bytes=1544&delivery_rate=2884462&cwnd=250&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	gf56.k78-we.blog/cdn-cgi/challenge-platform/h/b/jsd/r/0.6178417887016308:1740600731:S-3ToSW50cYBWlKaOsMEDzbcO3Edxyv9M25DiqQCGA0/9182f11b79de56b4	188.114.96.1	200 OK	0 B
URL POST HTTP/1.1 gf56.k78-we.blog/cdn-cgi/challenge-platform/h/b/jsd/r/0.6178417887016308:1740600731:S-3ToSW50cYBWlKaOsMEDzbcO3Edxyv9M25DiqQCGA0/9182f11b79de56b4 IP 188.114.96.1:80 ASN #13335 CLOUDFLARENET Requested by http://gf56.k78-we.blog/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/jsd/r/0.6178417887016308:1740600731:S-3ToSW50cYBWlKaOsMEDzbcO3Edxyv9M25DiqQCGA0/9182f11b79de56b4 HTTP/1.1 Host: gf56.k78-we.blog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: text/plain;charset=UTF-8 Content-Length: 11511 Origin: http://gf56.k78-we.blog DNT: 1 Connection: keep-alive Referer: http://gf56.k78-we.blog/ Cookie: cf_clearance=JjlaCOi17Xo40D1Rx5lM9dHMze52q2Lmy43Onrl1_dw-1740604435-1.2.1.1-baHwTluYWMjmsLGFaP02K4PTK3kqU4VM3VYFnQu6WPrwRwzoREyw9S.aa_GH_GwpKK44VV0o575S3c7GcDU0Q82NSwjrOe46ejh3Te7k6LISqSZ27HrMPc_s0xfr9tNQhKjQHg5ht7wn6ww2W16n2i5m9ds0EBZVUMAYVow5d8y5t_wTVDWqydPLAjflVUfYuOZxQCeBKcbR5zzvxswJhNHnIv6y.sVkQ678RMFjnFszOM0u0FHg0BDHxPnKdI9wSZLuworTETh1T9fkHbomUyoWAh08IpXOYaBD.NjzfatJmO8Tz7dpnvwNBNXrDQ4C.29jqU8XpfF3r2qyZ5h2rg Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Wed, 26 Feb 2025 21:13:56 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 0 Connection: keep-alive Set-Cookie: cf_clearance=CWlKPymhdutH.UtlQqmoylzXyz8fE7qUk3KtW96Guqg-1740604436-1.2.1.1-bbFZBWzJnEw9GB3TYvLTjAY_0Hx_njTSPRkLI7WMUwV3qcxqX2GaS6GTJ31RzlCTaxfPi.VZIVokELKtFBfsYLlI_P90s8Chgkei3DlDJUXCGzq7v_jBNfhbVqswZzfgdDahyAw4k2BBGUXgLJSVzvuuhD0kIiP0AerhBSQL4X9eBDJ4IGe2SiwNSHUePtFAMKZejd2lGSo1bFrTIgtKKHw9JKXqW53iO64906ZeCnpb3.J.MbVUXb7QHSuMJ7foh3XV9hWimAFWokZpSEuWY4jA_u2YuIcjUNytXb8.ui09L9zSYaEYTczguNlMU319CXaDBVLaXiOc5U_2jT8S7w; Path=/; Expires=Thu, 26-Feb-26 21:13:56 GMT; Domain=.k78-we.blog; Priority=High; HttpOnly Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OTXAc8ziKRU%2BJicvrKTki5ZfxWi7BNPq925EtoRZMJArw6DvjEMUlXQgXuLi%2FYndAsitebMlpj%2Bc8CHhNVLF7fbOmn%2BXwmW3yGNKSbwF53q1gGvRSLLTZ3%2BoLkKKwsfiknQR"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9182f12118d556c6-OSL alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=592&min_rtt=502&rtt_var=240&sent=9&recv=15&lost=0&retrans=0&sent_bytes=5734&recv_bytes=14031&delivery_rate=8691476&cwnd=255&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	gf56.k78-we.blog/favicon.ico	188.114.96.1	404 Not Found	256 B
URL GET HTTP/1.1 gf56.k78-we.blog/favicon.ico IP 188.114.96.1:80 ASN #13335 CLOUDFLARENET Requested by http://gf56.k78-we.blog/ File type HTML document, ASCII text Size 256 B (256 bytes) Hash 0f883a0f65d4fa21399d9036be8e23da 1bf8df7beda5e7400cfe0900e9200931fef4ed13 04a5650273784836555ff7d2c9bdbea4918a0f91dca0b5f49e4212bc6b849860 HTTP Headers GET /favicon.ico HTTP/1.1 Host: gf56.k78-we.blog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://gf56.k78-we.blog/ Cookie: cf_clearance=JjlaCOi17Xo40D1Rx5lM9dHMze52q2Lmy43Onrl1_dw-1740604435-1.2.1.1-baHwTluYWMjmsLGFaP02K4PTK3kqU4VM3VYFnQu6WPrwRwzoREyw9S.aa_GH_GwpKK44VV0o575S3c7GcDU0Q82NSwjrOe46ejh3Te7k6LISqSZ27HrMPc_s0xfr9tNQhKjQHg5ht7wn6ww2W16n2i5m9ds0EBZVUMAYVow5d8y5t_wTVDWqydPLAjflVUfYuOZxQCeBKcbR5zzvxswJhNHnIv6y.sVkQ678RMFjnFszOM0u0FHg0BDHxPnKdI9wSZLuworTETh1T9fkHbomUyoWAh08IpXOYaBD.NjzfatJmO8Tz7dpnvwNBNXrDQ4C.29jqU8XpfF3r2qyZ5h2rg Pragma: no-cache Cache-Control: no-cache HTTP/1.1 404 Not Found Date: Wed, 26 Feb 2025 21:13:57 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=14400 cf-cache-status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Si%2FS0%2Fd3aisp0IjDItmlCpi4lTjgwDqDXagIyNGv%2Bdbbv7WL8cJpsDtGlXsczmLLUjrOCmrVfpUY4fyFusHT2EdVz3hdCpALwT%2B09ONFr%2Fb2LYus9OHI5JF5Hjl%2FS6s4FUl3"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 9182f11fcff156b4-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=681&min_rtt=464&rtt_var=101&sent=26&recv=34&lost=0&retrans=0&sent_bytes=19841&recv_bytes=14461&delivery_rate=21379865&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash