| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/604787560:1746174956:CSfXWaLpLBDCvsBX64ZHzcVorSUEl8TnQFW6SIvxMHg/9396432c7e52b50c/IvXgsO7eetkhtYhPHuA_OAa7uPtzVIVvrW1Jpv_MxcY-1746175735-1.2.1.1-LZ2.LIQBwcOZufcFz6nHnUFuXuSSfD2eWvDfyfgbjB1H07nMWDU7uceOH0Nrt_Vd |  104.18.94.41 | 200 OK | 238 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/604787560:1746174956:CSfXWaLpLBDCvsBX64ZHzcVorSUEl8TnQFW6SIvxMHg/9396432c7e52b50c/IvXgsO7eetkhtYhPHuA_OAa7uPtzVIVvrW1Jpv_MxcY-1746175735-1.2.1.1-LZ2.LIQBwcOZufcFz6nHnUFuXuSSfD2eWvDfyfgbjB1H07nMWDU7uceOH0Nrt_Vd IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size238 kB (238076 bytes) Hash09f7a92e493c1e635e100cdd54cbcd40 9da6af4b1df485f25835ff0275ecc7ef2fd61737 bc80a8edc977d80a80b17e3c80ab841bf8cc00883707ab78d07c90f61e09bd4b
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/604787560:1746174956:CSfXWaLpLBDCvsBX64ZHzcVorSUEl8TnQFW6SIvxMHg/9396432c7e52b50c/IvXgsO7eetkhtYhPHuA_OAa7uPtzVIVvrW1Jpv_MxcY-1746175735-1.2.1.1-LZ2.LIQBwcOZufcFz6nHnUFuXuSSfD2eWvDfyfgbjB1H07nMWDU7uceOH0Nrt_Vd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
cf-chl: IvXgsO7eetkhtYhPHuA_OAa7uPtzVIVvrW1Jpv_MxcY-1746175735-1.2.1.1-LZ2.LIQBwcOZufcFz6nHnUFuXuSSfD2eWvDfyfgbjB1H07nMWDU7uceOH0Nrt_Vd
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3895
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 May 2025 08:48:56 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: gZ3z3dkAhRRzg7v3w6zb9EJimplcouEFhnEaHPSNeBwOIehZ4GSKbEQnM6A5r3hvYT7X80IU/jfACMO/MBhvrNRmvp4fjn5rKuESbGR7u3Mk+xFRvjTA33Zlyp5tvMg5GNf/4/3DzQ6vy3b/IMal+NibhHdoIvjnBNyyCiZhrIXNKFLsThUfzItJvviKzokXyAhq/Qa1eW3aAEv+ckW2aiDwWa/dkWyjuBJ8N7iFkApMCij2uY+6hCh9n4B5NrXq7GgSe89pD3VRm5alr2ciFswD3GosHq18quwI2T/+hhvo378GGo9ouQpeneKhDKkXzCvXB2kZKH0MRIHVdb84gGH6wXqyUZiUxWcf5CoucPGMo0r2hxw28niWJO8vTdQslFvAoYawVIsVdV4Ag4GzVksQT2r012TimwL1Kh0Qg5wUfhLTFWGngHZTb49Qa1cTuiY5MH7WOviVT6Ev8BiJ7V1FhGCTqotxJPwR8ag/SvRpqjVH3X+pniCWDFm3jwEdQd7KBO3RfLfGY/vcV3iR83fqgo/hCVb+qVHOGp7VZtmVraaanknzwKdYJTiSE3ZyeoxRGEND7tIGDzTC3eqF3uQ2fE+jQhk4G7oXlPFiv3rsK4sC1dVyZfVt3jE8svgL9voK94zQ5uqTZZ7jaeIuoNQ1LVxs1yxFlxU1DOKkkdeiPDoFdR2zzOnurMNeN+/JsPuTKOmAF6bNoU0nU/gU7VAubSkblTo9oyA3m9WDeTpx+qru8HlGd6xqEUnGwc0wDho8/HwlnuwILtrVT4xlVWrhR5WILtHBpNI+AU4nFnA=$qfq0rbH83lhEBDfCbUDBXg==
priority: u=3,i=?0
server: cloudflare
cf-ray: 9396432fdbe2b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| | 172.67.217.150 | 403 Forbidden | 7.2 kB |
IP172.67.217.150:443
CertificateIssuerGoogle Trust Services Subjectyubit.co.za FingerprintE3:59:80:FB:CF:BE:F8:98:58:B5:4A:A4:8E:09:D5:B0:14:57:EE:EB ValidityThu, 03 Apr 2025 11:38:40 GMT - Wed, 02 Jul 2025 12:36:26 GMT
File typeHTML document, ASCII text, with very long lines (7233), with no line terminators Hash89f238b51f5e6b8a7cc45fc236c9f58a 4599a55802e5ae851ca30c14df0c0933a7aabfc4 0d3f713acda8709f9a326661da9565ad1e78a1144e226ea353c3dbcbeec51507
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 02 May 2025 08:48:54 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 939643268c9b568e-OSL
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7norekYIRcSG1oXD9%2B9eTUWhYlM9G1WI%2FrRAPgTN6G4GWaqEf5%2Fn9lDP%2FnR8qZ%2BVMX%2FRZz6yM02q8HQ2%2BdTYQAhupIo36HG2h9Swe7GtlXInMSsqrlgToozeiqhVH5H8qpfZv5VqufuXIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: chlray;desc="939643268c9b568e", cfL4;desc="?proto=TCP&rtt=559&min_rtt=529&rtt_var=125&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3198&recv_bytes=1131&delivery_rate=7227953&cwnd=253&unsent_bytes=0&cid=c73ee68c67b69fc2&ts=69&x=0"
X-Firefox-Spdy: h2
|
|
| dogozekeziv.yubit.co.za/favicon.ico | 104.21.75.85 | 403 Forbidden | 5.6 kB |
URL GET dogozekeziv.yubit.co.za/favicon.ico IP104.21.75.85:80
Requested byhttp://dogozekeziv.yubit.co.za/
File typeHTML document, ASCII text, with very long lines (5602), with no line terminators Hash1afaf8fc04facd5298c2e40a84bd6538 0b1f6219a4f85e4c661b579e45deb8b43b3d5a14 4e3e838cf05de1ad4b1c660b9adbbb6de09e1547338aac2d140a4b30e78819ea
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dogozekeziv.yubit.co.za/?__cf_chl_rt_tk=t.N_g5Cs8hDVuy.AsfeepOKx15y.f5kZN4CSN8ZbLa0-1746175735-1.0.1.1-tvJTplueGaZHOujwKVDlBhyO1VQIIxlc5jYNTkot0VM
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 02 May 2025 08:48:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPt%2F9IhX30DNgYBzC4t4%2BLrX%2BK3kXhv0QTYPGrdxY03T7EQP5%2Fb2vJm%2FtChOgSl%2BB07L7j4PA1fp4mbZul9Pauj5SE5fArHV2mBnBtOj6tjgDqBLhqe41US8LqlbS4vQZiRNt9jTJcEf0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 9396432a1f7a56c7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="9396432a1f7a56c7", cfL4;desc="?proto=TCP&rtt=1226&min_rtt=781&rtt_var=794&sent=31&recv=21&lost=0&retrans=0&sent_bytes=38455&recv_bytes=1028&delivery_rate=14944954&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| dogozekeziv.yubit.co.za/favicon.ico | 104.21.75.85 | 403 Forbidden | 5.5 kB |
URL GET dogozekeziv.yubit.co.za/favicon.ico IP104.21.75.85:80
Requested byhttp://dogozekeziv.yubit.co.za/
File typeHTML document, ASCII text, with very long lines (5453), with no line terminators Hashf2ff7cd0043f3230eef81fd7ad4c1736 377a17ed2df7df5a40b9d41e2be399eb8c0cb8e8 d1e6095f6cd8c2057bc2ebfd2d682f5ed8fa7b36f32de21b8fe9082a867bd550
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dogozekeziv.yubit.co.za/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 02 May 2025 08:48:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xzjn9kJpxzyERRnPNXOcFaugFt3O7OgSJ1J%2Ff5iN3N%2FtL8%2BO5kmKPP0%2BIGQLEzuNedDtq3o381iO4QVclXfAs4tAYW6plba%2Bxbg25Nb%2BIROfzP6IgmN1RWoRf3iyzE5YAFjiqbpwODkXlw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 9396432a2c9a5689-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="9396432a2c9a5689", cfL4;desc="?proto=TCP&rtt=520&min_rtt=520&rtt_var=260&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=371&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9396432c7e52b50c&lang=auto | 104.18.94.41 | 200 OK | 111 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9396432c7e52b50c&lang=auto IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size111 kB (111094 bytes) Hashb1f416709032b36ae861fa31befd6e71 b6f883f8d790671981f7136a03eaca3d965dc0a5 7cce753a544ba1ae7f48a0a99b851b3ff1076bd352244a48da2f4a738e0387eb
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9396432c7e52b50c&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 May 2025 08:48:55 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 9396432da84cb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ | 104.18.94.41 | 200 OK | 28 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ IP104.18.94.41:443
Requested byhttp://dogozekeziv.yubit.co.za/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT
File typeHTML document, ASCII text, with very long lines (22244) Hashaca4bd76d502868df28fd5feb91578de b539ba9e05b22b19406739070b965742e8abab65 967a512702f5147c8a6f8e3b081d6bff6d04e0ad53da8f70ef4dd0839def8e05
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 May 2025 08:48:55 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-fHBpMxQvKOhzy4nS' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 9396432c7e52b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.75.85 | 302 Found | 8.4 kB |
URL GET dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.75.85:80
Requested byhttp://dogozekeziv.yubit.co.za/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=6Cwm1I9GmdRStowBMYg_UGSl.5YV7Qw3Mf.CA6J8aMA-1746175750-1.2.1.1-_ZMTzfGAo5adp0S3NuQHC4oX1eSA.co1.yTrDqdUVwbnAjXIYqfcJsmHWSUhAe9e_mFjdDc5tA8Fi6KwGTTMkhIXCor7qw2pkDPYopBdx.ftpsaSsT_CC_0ztep3Zwbyf.rQbT7g_9g3hrB7J9fb3L0Qc6hIkD8qkXZCtVEebZFO6Fj7.Y7xdL5SgMXI7nI0jH19NisnbWPlamveXTpcVzy5mmKxEGu1XZsjvyCwB3lgeblfR3TRHeYRDAAcwNHOaW.tjRKRTaDcVB4u4041fnC56rAnkUnE2wqh6gxAkDDYIVEzbhV_e.85_OmPGDerZ.0yqYh.3cEtfoPVN7httXxkgBQ7VW2xwcike4ZeR.v7es9.9zPAL9y9wgno06Kq
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 02 May 2025 08:49:10 GMT
Content-Length: 0
Connection: keep-alive
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a51d7b3d53cb/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1eyqMywOtsHsHMQllsGt61vW0KPHFOYgRBW61g7UZKUtgPCDKGPuL25hziBCWP5oWefo1a4cBn%2Fr0c9fX5sEg4BKGMTIML2IL4kc6ZezLDgbYa2VfG6jHPTibsqu%2F50NSvqcJJRYaFn9Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 939643897b4bb50f-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=458&min_rtt=458&rtt_var=229&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=812&delivery_rate=0&cwnd=247&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/h/b/jsd/r/0.583538372896949:1746174850:keEXKBF5RcjiP-WbiFaaPTgKQ_JZcCwSHUnGx6SWZ1w/93964387cf5656bd | 104.21.75.85 | 200 OK | 0 B |
URL POST dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/h/b/jsd/r/0.583538372896949:1746174850:keEXKBF5RcjiP-WbiFaaPTgKQ_JZcCwSHUnGx6SWZ1w/93964387cf5656bd IP104.21.75.85:80
Requested byhttp://dogozekeziv.yubit.co.za/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/0.583538372896949:1746174850:keEXKBF5RcjiP-WbiFaaPTgKQ_JZcCwSHUnGx6SWZ1w/93964387cf5656bd HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 11524
Origin: http://dogozekeziv.yubit.co.za
DNT: 1
Connection: keep-alive
Referer: http://dogozekeziv.yubit.co.za/
Cookie: cf_clearance=6Cwm1I9GmdRStowBMYg_UGSl.5YV7Qw3Mf.CA6J8aMA-1746175750-1.2.1.1-_ZMTzfGAo5adp0S3NuQHC4oX1eSA.co1.yTrDqdUVwbnAjXIYqfcJsmHWSUhAe9e_mFjdDc5tA8Fi6KwGTTMkhIXCor7qw2pkDPYopBdx.ftpsaSsT_CC_0ztep3Zwbyf.rQbT7g_9g3hrB7J9fb3L0Qc6hIkD8qkXZCtVEebZFO6Fj7.Y7xdL5SgMXI7nI0jH19NisnbWPlamveXTpcVzy5mmKxEGu1XZsjvyCwB3lgeblfR3TRHeYRDAAcwNHOaW.tjRKRTaDcVB4u4041fnC56rAnkUnE2wqh6gxAkDDYIVEzbhV_e.85_OmPGDerZ.0yqYh.3cEtfoPVN7httXxkgBQ7VW2xwcike4ZeR.v7es9.9zPAL9y9wgno06Kq
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 May 2025 08:49:10 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
Connection: keep-alive
set-cookie: cf_clearance=v7QtqYjiARS_pMu0LnpxTcHts7aBIloX.iJuIwiC0nQ-1746175750-1.2.1.1-WPVzRBn6o6XcwCEpcMw_3LGk9EcCcYiJz7tf6GIVPNvN0p0DV1pvIyPKCy3LPdWym7yGmialdn2jS1XkUObqpq14hjm8A1POszgO6HO4B06GrE9YopeH.alGSFM8bTbmGud2FvQItauexOO_adD48H4CUOlNuNqsIgU0DWuHM3qlXI7DoQGCPBBu50PqlevnE2GqOXSAM1vpBtUy1P.ZwvwY44hBukhjrMllSoOkaKDwdacSG3dQMA4v.qGkgEG4uUsQq792y6H.EmozahjReyiHzLa5jhdKJ._1cGsWO2fkR.nhqmKi4ZqofSjpJIPI99lK3gQkEejBd3VP2Oemer5sUvYssCOIs2TkrI4kVNpqUDORiK7UrRKW4rl7ll3h; HttpOnly; SameSite=Strict; Path=/; Domain=yubit.co.za; Expires=Sat, 02 May 2026 08:49:10 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MNfCYIUKaoX7OrF31qgipX1XVxT4qarHpvOFLA98OKLXwXGnsA4Rw194uhREmVIqyV2c7YA2HoBYUWD5UpNJNWj4xj8f%2BheO9i063ro6hVQWrywTwtFxHh1ZNpL1of0%2FgEXBz08ZJuxs3w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 9396438abcd256bd-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=728&min_rtt=437&rtt_var=268&sent=35&recv=47&lost=0&retrans=0&sent_bytes=21383&recv_bytes=24657&delivery_rate=12288543&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| | 172.67.217.150 | 403 Forbidden | 5.4 kB |
IP172.67.217.150:80
File typeHTML document, ASCII text, with very long lines (5419), with no line terminators Hash6e6d4835fec7b104de3f031cf788b42e e11c37d3197d06b32a4745d831505c17eb20baec 5037ba7f5a38194ca3ba50c958814860f3324be97103c57a990a4e57c1376d3a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 02 May 2025 08:48:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2Fmrfg6edzLZH5SqGbbhxufgrmWxGXw0wiEtD%2BwdSW1JaAD%2Bw8LifVtuFaVnWkHdlGvrVPsgulwB0Y3n6cruz%2BGYOYw%2BXfAIbrmED2FIkgJOgpyA073D4V3lhvY3pGQRlq8ALM0iKRbyBg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 939643280c1e0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="939643280c1e0b65", cfL4;desc="?proto=TCP&rtt=486&min_rtt=486&rtt_var=243&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=408&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/h/b/flow/ov1/1836183016:1746171267:AAvZ-S4Ygd1NML1CgV13DhE1uly8ss-YR0lKdRcShQs/939643280c1e0b65/wIbf06bSpumvMV03OZZq2lpO9cDF8OSnDrNOJ_9EdzI-1746175735-1.2.1.1-rzJ0mz9k7LxjncWvugmXFfJwA2VoEss4M3OS4NZhCfWidTrkAXdF6Q.3MkNczJ9M | 104.21.75.85 | 200 OK | 17 kB |
URL POST dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/h/b/flow/ov1/1836183016:1746171267:AAvZ-S4Ygd1NML1CgV13DhE1uly8ss-YR0lKdRcShQs/939643280c1e0b65/wIbf06bSpumvMV03OZZq2lpO9cDF8OSnDrNOJ_9EdzI-1746175735-1.2.1.1-rzJ0mz9k7LxjncWvugmXFfJwA2VoEss4M3OS4NZhCfWidTrkAXdF6Q.3MkNczJ9M IP104.21.75.85:80
Requested byhttp://dogozekeziv.yubit.co.za/
File typeASCII text, with very long lines (16972), with no line terminators Hash04173bbcd31e5ce6e039f3bb0139ba45 922494ada3a8202e123bc7d814b6516ebcb06a6e 729a444677a1d558520a06dc05a35a88e3ebf524bb3b86ec3f2528a910d0b186
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1836183016:1746171267:AAvZ-S4Ygd1NML1CgV13DhE1uly8ss-YR0lKdRcShQs/939643280c1e0b65/wIbf06bSpumvMV03OZZq2lpO9cDF8OSnDrNOJ_9EdzI-1746175735-1.2.1.1-rzJ0mz9k7LxjncWvugmXFfJwA2VoEss4M3OS4NZhCfWidTrkAXdF6Q.3MkNczJ9M HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dogozekeziv.yubit.co.za/
cf-chl: wIbf06bSpumvMV03OZZq2lpO9cDF8OSnDrNOJ_9EdzI-1746175735-1.2.1.1-rzJ0mz9k7LxjncWvugmXFfJwA2VoEss4M3OS4NZhCfWidTrkAXdF6Q.3MkNczJ9M
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1879
Origin: http://dogozekeziv.yubit.co.za
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 May 2025 08:48:55 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: Xf2tu/scHytaRZopGRxmSvgDOD/ZrJ2Qn9fQzHmrF74=$cTOUZQ6+ej5ED07dWdIAeA==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXMxFEU5yvNKdw03cP54prQM98JUwof6Iviga5tg8OWFvyCD3ZACGK%2FPfmEq6whMoDe7o%2FZlOVpljKR6CgMDyJ%2BiZobd3AMrSrNqs0eRDPueCiYNU%2FtI%2Bl34Z3TeSDyNOgl4Y203KfFu1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 9396432b49d656bd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=437&min_rtt=437&rtt_var=218&sent=2&recv=4&lost=0&retrans=0&sent_bytes=0&recv_bytes=2721&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/604787560:1746174956:CSfXWaLpLBDCvsBX64ZHzcVorSUEl8TnQFW6SIvxMHg/9396432c7e52b50c/IvXgsO7eetkhtYhPHuA_OAa7uPtzVIVvrW1Jpv_MxcY-1746175735-1.2.1.1-LZ2.LIQBwcOZufcFz6nHnUFuXuSSfD2eWvDfyfgbjB1H07nMWDU7uceOH0Nrt_Vd | 104.18.94.41 | 200 OK | 28 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/604787560:1746174956:CSfXWaLpLBDCvsBX64ZHzcVorSUEl8TnQFW6SIvxMHg/9396432c7e52b50c/IvXgsO7eetkhtYhPHuA_OAa7uPtzVIVvrW1Jpv_MxcY-1746175735-1.2.1.1-LZ2.LIQBwcOZufcFz6nHnUFuXuSSfD2eWvDfyfgbjB1H07nMWDU7uceOH0Nrt_Vd IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT
File typeASCII text, with very long lines (28152), with no line terminators Hash435f35a12c0a7e79646b48a8ad68d11f 0850867e7418761dbdca9f37ba1c406739a4f955 6bfadf82d7d52f3ede3746e5d8e1e78513debf92a8ef8509ceec91e53139c63d
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/604787560:1746174956:CSfXWaLpLBDCvsBX64ZHzcVorSUEl8TnQFW6SIvxMHg/9396432c7e52b50c/IvXgsO7eetkhtYhPHuA_OAa7uPtzVIVvrW1Jpv_MxcY-1746175735-1.2.1.1-LZ2.LIQBwcOZufcFz6nHnUFuXuSSfD2eWvDfyfgbjB1H07nMWDU7uceOH0Nrt_Vd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
cf-chl: IvXgsO7eetkhtYhPHuA_OAa7uPtzVIVvrW1Jpv_MxcY-1746175735-1.2.1.1-LZ2.LIQBwcOZufcFz6nHnUFuXuSSfD2eWvDfyfgbjB1H07nMWDU7uceOH0Nrt_Vd
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 34061
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 May 2025 08:49:03 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Ie+UiAKmt4uzNjQX4AaPVbX8N38E0PkNborNW6GylKyYFPfGB+yFMQPtp2KEbxLa$vKFGfLpQuCh3dLmHVjwiFA==
priority: u=3,i=?0
server: cloudflare
cf-ray: 9396435c2980b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| | 104.21.75.85 | 404 Not Found | 1.1 kB |
IP104.21.75.85:80
File typeHTML document, ASCII text, with very long lines (945) Hash533d7803bc4b79895554bc6e7d53b261 c1461311198f641abb9c5d7a4f720c9f3d82ee47 95bac37e3e9d7f23d948190bce05ec72ee7531533822fc5891bb651634fd3374
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST / HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dogozekeziv.yubit.co.za/?__cf_chl_tk=t.N_g5Cs8hDVuy.AsfeepOKx15y.f5kZN4CSN8ZbLa0-1746175735-1.0.1.1-tvJTplueGaZHOujwKVDlBhyO1VQIIxlc5jYNTkot0VM
Content-Type: application/x-www-form-urlencoded
Content-Length: 2370
Origin: http://dogozekeziv.yubit.co.za
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=6Cwm1I9GmdRStowBMYg_UGSl.5YV7Qw3Mf.CA6J8aMA-1746175750-1.2.1.1-_ZMTzfGAo5adp0S3NuQHC4oX1eSA.co1.yTrDqdUVwbnAjXIYqfcJsmHWSUhAe9e_mFjdDc5tA8Fi6KwGTTMkhIXCor7qw2pkDPYopBdx.ftpsaSsT_CC_0ztep3Zwbyf.rQbT7g_9g3hrB7J9fb3L0Qc6hIkD8qkXZCtVEebZFO6Fj7.Y7xdL5SgMXI7nI0jH19NisnbWPlamveXTpcVzy5mmKxEGu1XZsjvyCwB3lgeblfR3TRHeYRDAAcwNHOaW.tjRKRTaDcVB4u4041fnC56rAnkUnE2wqh6gxAkDDYIVEzbhV_e.85_OmPGDerZ.0yqYh.3cEtfoPVN7httXxkgBQ7VW2xwcike4ZeR.v7es9.9zPAL9y9wgno06Kq
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 02 May 2025 08:49:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 93964387cf5656bd-OSL
CF-Cache-Status: DYNAMIC
Cache-Control: no-cache, no-store, must-revalidate
Expires: Fri, 02 May 2025 08:49:10 GMT
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2BSXuhAP1wCbfy51bBFarnul9xAx7alBoYIsg4s7sH11oCRCbpEOMdyEjB85NoXEXpvl2INqgHzA5Ro4gRaM%2FXX6na5I7IQJwTptiO8%2BXnCb%2FhKNKp9uM8DMW4394qH1xucQyj1JFLPMDg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=958&min_rtt=437&rtt_var=463&sent=23&recv=29&lost=0&retrans=0&sent_bytes=18830&recv_bytes=11254&delivery_rate=12288543&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/h/b/flow/ov1/1836183016:1746171267:AAvZ-S4Ygd1NML1CgV13DhE1uly8ss-YR0lKdRcShQs/939643280c1e0b65/wIbf06bSpumvMV03OZZq2lpO9cDF8OSnDrNOJ_9EdzI-1746175735-1.2.1.1-rzJ0mz9k7LxjncWvugmXFfJwA2VoEss4M3OS4NZhCfWidTrkAXdF6Q.3MkNczJ9M | 104.21.75.85 | 200 OK | 4.2 kB |
URL POST dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/h/b/flow/ov1/1836183016:1746171267:AAvZ-S4Ygd1NML1CgV13DhE1uly8ss-YR0lKdRcShQs/939643280c1e0b65/wIbf06bSpumvMV03OZZq2lpO9cDF8OSnDrNOJ_9EdzI-1746175735-1.2.1.1-rzJ0mz9k7LxjncWvugmXFfJwA2VoEss4M3OS4NZhCfWidTrkAXdF6Q.3MkNczJ9M IP104.21.75.85:80
Requested byhttp://dogozekeziv.yubit.co.za/
File typeASCII text, with very long lines (4156), with no line terminators Hashd770a731122cfa9731ebcec5286740cc b7857feca64b5d08a37404bf087d5c157be89252 6ff559d3b3df4e2f4a9ab550e4c9c1f5aad7772b9ba9eac938b272635e5ef8a2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1836183016:1746171267:AAvZ-S4Ygd1NML1CgV13DhE1uly8ss-YR0lKdRcShQs/939643280c1e0b65/wIbf06bSpumvMV03OZZq2lpO9cDF8OSnDrNOJ_9EdzI-1746175735-1.2.1.1-rzJ0mz9k7LxjncWvugmXFfJwA2VoEss4M3OS4NZhCfWidTrkAXdF6Q.3MkNczJ9M HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dogozekeziv.yubit.co.za/
cf-chl: wIbf06bSpumvMV03OZZq2lpO9cDF8OSnDrNOJ_9EdzI-1746175735-1.2.1.1-rzJ0mz9k7LxjncWvugmXFfJwA2VoEss4M3OS4NZhCfWidTrkAXdF6Q.3MkNczJ9M
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 4170
Origin: http://dogozekeziv.yubit.co.za
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 May 2025 08:49:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: x6d17gNOZ/kVy8tc9wQdQyC+geAyREZ6Kq2WkjvvM6v5r2x3uwSFxU3zD64ANzcYpDEhbpEMaGmijHGrlZXTvQ==$qomIIVR2TzHz00JztB1kag==
cf-chl-out-s: I/S59lW870dGXalu5nJWNeVQG30HaqoDNFR8da+vCsBwTugVbixYaqRep2Fl0duYk8CLShlWnpJV+ct+GrH53Oi8ipmxt1lOkwQlKlTUK/0yl+Bylpc527pC0MzhgiBBgTLUqxWPyps3TAsN/qEI/2J3OmRKLIYXvcVxqSqaoueTaSei54EOhvFbU61DgX+SWqZ7noEqf8/ftWtahsUdMKRdTdl0YEpLQ5gnaqsyaqLxnxGXpkvmDlfcJRQyM/eem32bET/oTiSoMwyLMrdcDblqUoptx6WmCU/wqqDTmycsvnP3YYB0j4JjM1nQGVOETfYn5Ml91z17RriFln39z0SHA6yCQLr7GnkxwatDcf0=$k4HHQejfUBTCgBxqyKqLkw==
set-cookie: cf_clearance=6Cwm1I9GmdRStowBMYg_UGSl.5YV7Qw3Mf.CA6J8aMA-1746175750-1.2.1.1-_ZMTzfGAo5adp0S3NuQHC4oX1eSA.co1.yTrDqdUVwbnAjXIYqfcJsmHWSUhAe9e_mFjdDc5tA8Fi6KwGTTMkhIXCor7qw2pkDPYopBdx.ftpsaSsT_CC_0ztep3Zwbyf.rQbT7g_9g3hrB7J9fb3L0Qc6hIkD8qkXZCtVEebZFO6Fj7.Y7xdL5SgMXI7nI0jH19NisnbWPlamveXTpcVzy5mmKxEGu1XZsjvyCwB3lgeblfR3TRHeYRDAAcwNHOaW.tjRKRTaDcVB4u4041fnC56rAnkUnE2wqh6gxAkDDYIVEzbhV_e.85_OmPGDerZ.0yqYh.3cEtfoPVN7httXxkgBQ7VW2xwcike4ZeR.v7es9.9zPAL9y9wgno06Kq; HttpOnly; SameSite=Strict; Path=/; Domain=yubit.co.za; Expires=Sat, 02 May 2026 08:49:10 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pyBXd0Ygv1P8xzJftYailwgE3RbH9xF%2FIi5XpX9uki2gIzHjcX6S3oO43MVUN9NG%2FMcr6M171g3PHjm%2FaUrspv9xDYmPkibFwawQhMzbn0h3Pun62HHL8Ts4s2xEA9u1BAsYqVknEBUXkw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 939643867ccb56bd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1383&min_rtt=437&rtt_var=480&sent=15&recv=20&lost=0&retrans=0&sent_bytes=13727&recv_bytes=7733&delivery_rate=8512639&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| dogozekeziv.yubit.co.za/favicon.ico | 104.21.75.85 | 404 Not Found | 146 B |
URL GET dogozekeziv.yubit.co.za/favicon.ico IP104.21.75.85:80
Requested byhttp://dogozekeziv.yubit.co.za/
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dogozekeziv.yubit.co.za/
Cookie: cf_clearance=6Cwm1I9GmdRStowBMYg_UGSl.5YV7Qw3Mf.CA6J8aMA-1746175750-1.2.1.1-_ZMTzfGAo5adp0S3NuQHC4oX1eSA.co1.yTrDqdUVwbnAjXIYqfcJsmHWSUhAe9e_mFjdDc5tA8Fi6KwGTTMkhIXCor7qw2pkDPYopBdx.ftpsaSsT_CC_0ztep3Zwbyf.rQbT7g_9g3hrB7J9fb3L0Qc6hIkD8qkXZCtVEebZFO6Fj7.Y7xdL5SgMXI7nI0jH19NisnbWPlamveXTpcVzy5mmKxEGu1XZsjvyCwB3lgeblfR3TRHeYRDAAcwNHOaW.tjRKRTaDcVB4u4041fnC56rAnkUnE2wqh6gxAkDDYIVEzbhV_e.85_OmPGDerZ.0yqYh.3cEtfoPVN7httXxkgBQ7VW2xwcike4ZeR.v7es9.9zPAL9y9wgno06Kq
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 02 May 2025 08:49:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 939643896a5e56bd-OSL
CF-Cache-Status: MISS
Cache-Control: max-age=14400
Vary: accept-encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K2Lq1Gs%2F64XBPR5ZS82yNK3ZiU2uktmMqG6SUJdxcGgUWJa9knRtqTXj%2BCFaZsrC5BD99lF2hLW3j9LISTiybgXCdlUv2iv4lafG7JC%2FgMX8baqnnmvFAGcorQg%2FlMk8n1JZ2qEZ6%2FkvCw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=797&min_rtt=437&rtt_var=367&sent=28&recv=34&lost=0&retrans=0&sent_bytes=20378&recv_bytes=12095&delivery_rate=12288543&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/h/b/scripts/jsd/a51d7b3d53cb/main.js? | 104.21.75.85 | 200 OK | 8.4 kB |
URL GET dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/h/b/scripts/jsd/a51d7b3d53cb/main.js? IP104.21.75.85:80
Requested byhttp://dogozekeziv.yubit.co.za/
File typeJavaScript source, ASCII text, with very long lines (8432), with no line terminators Hash62620e3119c9bb09983f3dfe339a5f40 de0532d8e013fa95d6314f3c8fd3a38567a8c213 a3560a8aeb91eb411accea81a21ab57b61021e0067f7c5f6fd7256d2185e5950
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/a51d7b3d53cb/main.js? HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=6Cwm1I9GmdRStowBMYg_UGSl.5YV7Qw3Mf.CA6J8aMA-1746175750-1.2.1.1-_ZMTzfGAo5adp0S3NuQHC4oX1eSA.co1.yTrDqdUVwbnAjXIYqfcJsmHWSUhAe9e_mFjdDc5tA8Fi6KwGTTMkhIXCor7qw2pkDPYopBdx.ftpsaSsT_CC_0ztep3Zwbyf.rQbT7g_9g3hrB7J9fb3L0Qc6hIkD8qkXZCtVEebZFO6Fj7.Y7xdL5SgMXI7nI0jH19NisnbWPlamveXTpcVzy5mmKxEGu1XZsjvyCwB3lgeblfR3TRHeYRDAAcwNHOaW.tjRKRTaDcVB4u4041fnC56rAnkUnE2wqh6gxAkDDYIVEzbhV_e.85_OmPGDerZ.0yqYh.3cEtfoPVN7httXxkgBQ7VW2xwcike4ZeR.v7es9.9zPAL9y9wgno06Kq
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 May 2025 08:49:10 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMXx1Re5KrJ8F5Ekmia0PGj%2FPODfRANFd2b0Y0O2DSSEfXv3%2BNYMVWVmWjB%2FoC11Ghc4TWr9yMQ0vZ1DXZE1voKJ4ZgbRwUWJMNVdWujLjiq0aNKGTEEbSf6nxefdnnfORztMoWigdEBcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 93964389ab87b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=473&min_rtt=458&rtt_var=203&sent=2&recv=5&lost=0&retrans=0&sent_bytes=936&recv_bytes=1642&delivery_rate=2483704&cwnd=248&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=939643280c1e0b65 | 104.21.75.85 | 200 OK | 98 kB |
URL GET dogozekeziv.yubit.co.za/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=939643280c1e0b65 IP104.21.75.85:80
Requested byhttp://dogozekeziv.yubit.co.za/
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash4dcc314a546afe0183f904963d889f69 364e830788d07f3c37819470d57f6ed86530f037 69b0bc727d0e105b64d19f0fd43850498f1b81b9a050ae15e4da18c28a628ac0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=939643280c1e0b65 HTTP/1.1
Host: dogozekeziv.yubit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dogozekeziv.yubit.co.za/?__cf_chl_rt_tk=t.N_g5Cs8hDVuy.AsfeepOKx15y.f5kZN4CSN8ZbLa0-1746175735-1.0.1.1-tvJTplueGaZHOujwKVDlBhyO1VQIIxlc5jYNTkot0VM
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 May 2025 08:48:55 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BIi26Kgy4z9zNxSVghxUTdv0py2Xk%2FMifFgehHo9Gt3GNpd9GKz%2FRKmMvO9omzJXps8R9wyVEZm5%2B9Rld6r%2FLmPSFNalfZK0rmJK%2BopkH0FozHzH%2BxkBnPKaM4i4diP10nvlfKJ8GIpP5w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 939643297ea756c7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=805&min_rtt=805&rtt_var=402&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=535&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| challenges.cloudflare.com/turnstile/v0/b/a51d7b3d53cb/api.js?onload=PGGZB0&render=explicit | 104.18.94.41 | 200 OK | 48 kB |
URL GET challenges.cloudflare.com/turnstile/v0/b/a51d7b3d53cb/api.js?onload=PGGZB0&render=explicit IP104.18.94.41:443
Requested byhttp://dogozekeziv.yubit.co.za/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT
File typeJavaScript source, ASCII text, with very long lines (48149) Hashd9a3ab12847d314bf1d721e6eb8c3513 431752442ccfa282692cbebf653faa5acd8bf808 5674e4c97d44dd68c38977f0f8414ba46c77d521ceae4ae6ec1fe2142d0cc1f1
GET /turnstile/v0/b/a51d7b3d53cb/api.js?onload=PGGZB0&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dogozekeziv.yubit.co.za
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 May 2025 08:48:55 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 29 Apr 2025 09:01:54 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 9396432a4efb0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1 | 104.18.94.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 May 2025 08:48:55 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
priority: u=4,i=?0
server: cloudflare
cf-ray: 9396432d8813b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/9396432c7e52b50c/1746175736330/oGfKK8zAsNFk2VY | 104.18.94.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/9396432c7e52b50c/1746175736330/oGfKK8zAsNFk2VY IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT
File typePNG image data, 34 x 9, 8-bit/color RGB, non-interlaced Hash52b4961b5f07c0351d414028046ab930 17c124ac6974a91fb49f343600ad39e23d2053ab de21dfbe75d41ce6d10a278e79e1f83400db90877e30c29b736965ece617cfd9
GET /cdn-cgi/challenge-platform/h/b/d/9396432c7e52b50c/1746175736330/oGfKK8zAsNFk2VY HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ki884/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 May 2025 08:48:57 GMT
content-type: image/png
content-length: 61
priority: u=4,i=?0
server: cloudflare
cf-ray: 93964334dbf8b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
0.0.0.0