Report - secure.adnxs.com/clktrb?id=704169&redir=https://www.google.com/amp/s/mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==

Report Overview

Visited public
2024-02-29 00:10:40
Tags
URL
secure.adnxs.com/clktrb?id=704169&redir=https://www.google.com/amp/s/mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
Finishing URL
165.227.120.179/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
IP / ASN
185.89.210.141
#29990 ASN-APPNEX
Title
Page not found – Flotsam & Jetsam

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
flotsamandjetsam.art	unknown	2023-11-28	2023-11-29 06:37:15	2024-01-13 18:25:43	958 B	7.4 kB	165.227.120.179
secure.adnxs.com	396	2008-05-27	2012-05-22 18:37:37	2024-02-28 16:22:17	1.2 kB	2.1 kB	185.89.210.180
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2019-03-28 07:25:17	588 B	1.5 kB	142.250.74.164
mindmehq.eu	unknown	unknown	2023-09-28 17:02:01	2024-01-24 19:48:40	3.0 kB	80 kB	188.114.96.1
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20 07:02:03	2024-02-28 09:59:00	3.6 kB	190 kB	104.17.2.184
165.227.120.179	unknown	unknown	2021-02-23 05:45:10	2024-01-31 13:01:55	502 B	15 kB	165.227.120.179

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-02-29	medium	165.227.120.179	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	165.227.120.179/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==	ScriptElement	4.7 kB	2024-02-19	2024-08-20
Pretty URL 165.227.120.179/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ== IP 165.227.120.179 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-19 01:02 Last Seen2024-08-20 09:26 Times Seen2 Hash bc4abfd8ef5d0e21c4ca1d9185df50a8 a10c2a9411c3b0123f7e7f58aade91ba216ea102 53524a1c76ca9f9fc7ad1fd3beeb21151c25b7dc83bb7cdb430597eb4a9f9a7d Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-05-12 04:15
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-12 04:15 Times Seen369149 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

		Size	First Seen	Last Seen
	#1 Write - 393ab90cc5629fb2d655a905888caca0	3.6 kB	2024-02-27 13:34	2024-08-20 08:47
Pretty Observations First Seen2024-02-27 13:34 Last Seen2024-08-20 08:47 Times Seen2397 Hash 393ab90cc5629fb2d655a905888caca0 50de0718461984001d38a3bc699c5bb8572caf67 0bf60aaa96d4c6edc371efb1033717488b49df496ed1ad4afb138b0f1bccbf8d Loading...

HTTP Transactions (17)

URL IP Response Size

secure.adnxs.com/clktrb?id=704169&redir=https://www.google.com/amp/s/mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==

185.89.210.180

0 B

URL
secure.adnxs.com/clktrb?id=704169&redir=https://www.google.com/amp/s/mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
IP
185.89.210.180:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /clktrb?id=704169&redir=https://www.google.com/amp/s/mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ== HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
server: nginx/1.23.4
date: Thu, 29 Feb 2024 00:10:15 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fclktrb%3Fid%3D704169%26redir%3Dhttps%3A%2F%2Fwww.google.com%2Famp%2Fs%2Fmindmehq.eu%2FbWlrZS5icnVpbnNAdXBiZWF0LmNvbQ%3D%3D
an-x-request-uuid: 3d8bb960-0da0-41d6-a656-8b4f005e0829
set-cookie: uuid2=2578574591887808358; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 29-May-2024 00:10:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-Firefox-Spdy: h2

secure.adnxs.com/bounce?%2Fclktrb%3Fid%3D704169%26redir%3Dhttps%3A%2F%2Fwww.google.com%2Famp%2Fs%2Fmindmehq.eu%2FbWlrZS5icnVpbnNAdXBiZWF0LmNvbQ%3D%3D

185.89.210.180

0 B

URL
secure.adnxs.com/bounce?%2Fclktrb%3Fid%3D704169%26redir%3Dhttps%3A%2F%2Fwww.google.com%2Famp%2Fs%2Fmindmehq.eu%2FbWlrZS5icnVpbnNAdXBiZWF0LmNvbQ%3D%3D
IP
185.89.210.180:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fclktrb%3Fid%3D704169%26redir%3Dhttps%3A%2F%2Fwww.google.com%2Famp%2Fs%2Fmindmehq.eu%2FbWlrZS5icnVpbnNAdXBiZWF0LmNvbQ%3D%3D HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: uuid2=2578574591887808358
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx/1.23.4
date: Thu, 29 Feb 2024 00:10:15 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://www.google.com/amp/s/mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
an-x-request-uuid: 04949e9e-109d-4e66-b759-e1bac4dd4ca3
set-cookie: uuid2=2578574591887808358; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 29-May-2024 00:10:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-Firefox-Spdy: h2

www.google.com/amp/s/mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==

142.250.74.164

249 B

URL
www.google.com/amp/s/mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
249 B (249 bytes)
Hash
9a6c02eb0d0f2ab4336fa25a25b89eb6
0135c1674fa944b1066b3c6974ca14766b58a3e4
c0d04375cd4fb397064cc7d27a81ffb14aef15a84ec513039fd9f2398eb041c1

HTTP Headers

GET /amp/s/mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ== HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-xOSTeNW894ArNcJZBo7euA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 29 Feb 2024 00:10:15 GMT
server: gws
content-length: 249
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: __Secure-ENID=17.SE=WwXoPBSKltUTSjNFoQ2lbXmVloxTWeQy3T5Vvb4IFn0w8hWVscRq-t3EQTv_McQXFZrpvTwFlMPWAqu3QvQYnKbSPplPkzfrDxOfIVRVtsatifCiknoXzReN5KmfNv4ixQ1KmksXs-8yQdv0gjqYSnMTV7mEmZJ6dTJod5XLjHcTOt0; expires=Sun, 30-Mar-2025 16:28:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==

188.114.96.1

5.9 kB

URL
mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14359), with no line terminators
Size
5.9 kB (5945 bytes)
Hash
f76b2e88bf2055848490d5936d2976f9
d95a3a5a8365dc1ab3fe1b2a6f76a9eb175ab5d0
4c8cd41e1edc216cea1eeac0032e208cfc9c19bbd166e376fd6b77e43de09c39

HTTP Headers

GET /bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ== HTTP/1.1
Host: mindmehq.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 29 Feb 2024 00:10:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: E7V1fxodoX3JE6sWwmkm1hsXKsqTskO03lAQ/+7pJG8Me6ZWuns7/Vt7nu2htRlSq6USmc16ijSLxJ1wqPxoNXCeuT7B01ZseW9wsQMtscQ=$GUnkbBOmmLhROzb1HV3wKg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPj5Rv8CucS6vLP148px00ZpbaYg8EkSNa2hcGKktZR3yA%2FwHJYidyGcWT5ws1EPYDD5s%2BQRERopGvToFcl6JObVcP5YqT7dHzDzXNjk2teUf6d6KZchomc8fEyHWA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 85ccaee9ff601c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

mindmehq.eu/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=85ccaee9ff601c16

188.114.97.1

57 kB

URL
mindmehq.eu/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=85ccaee9ff601c16
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
57 kB (57058 bytes)
Hash
067b19a038d7ba594a6a779760a2d423
36afdc7374866dc629c92c1095c121176d74afa6
2643348d7265e783993c73ccca8bd35d8f921a0443521ce1fc3b9d4aeb58fd57

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=85ccaee9ff601c16 HTTP/1.1
Host: mindmehq.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==?__cf_chl_rt_tk=HQlMpL86jG0n.D.RTOZWaS2lZ_PXQJI8Yph.TQxTYpE-1709165416-0.0-1533
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 29 Feb 2024 00:10:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8KxYOL8ziT7368ry5G06KsUCWzGxPFpqGLOE8hdbG2RUwzlO57rlCaf5GaX1D4v6Nr%2FNQprSUaR7%2Bs7JHqxGH8%2FoWla2bPB4l2EpqCX3RVUJrvopUk5kbMQDax26Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 85ccaeeb1c56569f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

mindmehq.eu/favicon.ico

188.114.97.1

324 B

URL
mindmehq.eu/favicon.ico
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
324 B (324 bytes)
Hash
da101b6b4137ed46f2e9102818a2b9c1
8a53428987685b56fbbae3d4570fd45198c399c1
527aa5002e26bc2d87a206847b7107e9a11ca611d8239138b783c96dc696ed5f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mindmehq.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==?__cf_chl_rt_tk=HQlMpL86jG0n.D.RTOZWaS2lZ_PXQJI8Yph.TQxTYpE-1709165416-0.0-1533
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 29 Feb 2024 00:10:16 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://165.227.120.179/favicon.ico
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KX0yaWFhCedV4v%2FJedXy4lljN7jnY3bvDfNvhe2OpxSWBNDvsOk3xe1XvMu1DghJ2i5ZIRU1CpZ0SKjeWoxu%2Ba4Rp%2BXwqg7%2FVPCQhb8v7Qao2CePtLfMPgAlsRX9aA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 85ccaeeb6cbe569f-OSL
alt-svc: h2=":443"; ma=60

mindmehq.eu/favicon.ico

188.114.97.1

324 B

URL
mindmehq.eu/favicon.ico
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
324 B (324 bytes)
Hash
da101b6b4137ed46f2e9102818a2b9c1
8a53428987685b56fbbae3d4570fd45198c399c1
527aa5002e26bc2d87a206847b7107e9a11ca611d8239138b783c96dc696ed5f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mindmehq.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 29 Feb 2024 00:10:16 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://165.227.120.179/favicon.ico
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B37KheUumEA5S007ak6Iq5Bl330SpLP1lInXev1Qpqy8etmjV%2BT8jR9h8zsa%2BFUYSq4W3BfdILHzFoycvERWaq54Oy5K33HlQv8eEeZVzwXf8ejlXiuHAojJl0%2BT%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 85ccaeebcb7756cb-OSL
alt-svc: h2=":443"; ma=60

mindmehq.eu/cdn-cgi/challenge-platform/h/g/flow/ov1/602988913:1709161727:_HIacAMlhfYHrlqiw-5I0FiiKljk3y_98JPzWTQIERs/85ccaee9ff601c16/f12a4fa9a94ccea

188.114.97.1

10 kB

URL
mindmehq.eu/cdn-cgi/challenge-platform/h/g/flow/ov1/602988913:1709161727:_HIacAMlhfYHrlqiw-5I0FiiKljk3y_98JPzWTQIERs/85ccaee9ff601c16/f12a4fa9a94ccea
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (13384), with no line terminators
Size
10 kB (10111 bytes)
Hash
5601af2f3d4dece8d60a9a58062efcb3
da00d27cecaf737407752956a832b4602eb018d3
511e983ac61f0898486c725644270ff6826cf9fc0c2fd8770bbcd74ab36127ee

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/602988913:1709161727:_HIacAMlhfYHrlqiw-5I0FiiKljk3y_98JPzWTQIERs/85ccaee9ff601c16/f12a4fa9a94ccea HTTP/1.1
Host: mindmehq.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
Content-type: application/x-www-form-urlencoded
CF-Challenge: f12a4fa9a94ccea
Content-Length: 1730
Origin: http://mindmehq.eu
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 29 Feb 2024 00:10:16 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: c2TjtQBNVkmfr302yGrQVz91YM6o9tIHsbIh+a7d7Z+tsFETac0CDFmFI9tpcKHT$rzfctohmdHRd1cxXQVC58g==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssSXNLRLFw9nwH9aBhsH3SgfpHnCV8m4n9QeZyDioHGjNetwHBC%2Fd2NZeki0jinJHjJhZ1IlC0nSyldvQ4uYNQCjRL71l3gzauBTcH2z0EaTY%2F41iSDV9%2BFnqOP%2BiA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 85ccaeecad65569f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1889994638:1709161904:kEHilZATTQUl4iYHqdbRaRoheRgPt7llkKmzrKDjNjU/85ccaeed2fda712a/ad50568133e588f

104.17.2.184

70 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1889994638:1709161904:kEHilZATTQUl4iYHqdbRaRoheRgPt7llkKmzrKDjNjU/85ccaeed2fda712a/ad50568133e588f
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
70 kB (69940 bytes)
Hash
4f2d2d12a56d56936eeac2fb363b66be
064fa56d5b3b21b8c12f8a426aec7f9f80df4e24
259cad950041d4c1bdff0ab644d927dc2ecd35cfcd81dca5eb89b839685eccea

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1889994638:1709161904:kEHilZATTQUl4iYHqdbRaRoheRgPt7llkKmzrKDjNjU/85ccaeed2fda712a/ad50568133e588f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/f9oe2/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: ad50568133e588f
Content-Length: 3076
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 29 Feb 2024 00:10:16 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 71ODpE2BU73XEqwWsi8DIsDTZ7+q/WdWmLuRqN6S04I/vyvCeMDdvDQi5GKVbumy/DVyrJYgHqhJQJh2IJ+CSBBUcmAd0GpwodAaDVRqTKdRW+8kQRefQqDfsUciT1DVApYq+0xzesRBxOnIYq9Erdo2C8sjNazuQI8XlvaY2l5ZQe7ruvffegHOL1pg6FzxPttBEiMX1RnNTegzkrp+m73mA6UaFYDYdE7iQgISkkyhyJeAgnCe7UDKSMGWnVEWPDbSrKUfaezyegqpzGeJ1z2WKLiX3e0LtnLm4q//2GPyDVUmJrBu/enm+CnP0mpKAMbv0c0n/mm7XPfCuiWcWwmoC9CMEBXojtdAUDCcjh6p+7mzp7v/6N+Ei5tIResLPbeg1WRKabZpUEmMi5xP8Q==$nQ8YfwD4RgxPcNjSikgdtw==
server: cloudflare
cf-ray: 85ccaeef2965712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/85ccaeed2fda712a/1709165416838/H29qXAFJAR7DQFB

104.17.2.184

2.8 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/85ccaeed2fda712a/1709165416838/H29qXAFJAR7DQFB
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 25 x 68, 8-bit/color RGB, non-interlaced
Size
2.8 kB (2804 bytes)
Hash
b1defc73bc53763b4b7da64c1afcb3a7
a182775da1113a7e6974db60a8f66f8702f7ee5d
207b71cc43152e26a199b6cf06ef7f992569a341f18d22cc3c72e0ba4c50fcae

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/85ccaeed2fda712a/1709165416838/H29qXAFJAR7DQFB HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/f9oe2/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 29 Feb 2024 00:10:17 GMT
content-type: image/png
server: cloudflare
cf-ray: 85ccaef2bb55712a-OSL
alt-svc: h3=":443"; ma=86400

mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==

188.114.97.1

345 B

URL
mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
345 B (345 bytes)
Hash
57029bd7502594f5582f6d703274958a
4da072e332f5a28aa84505d955acc877eff29dea
16c81f10ab25ec84c3ab15e44e616222aca19b1452de14501ead80b894f34647

HTTP Headers

POST /bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ== HTTP/1.1
Host: mindmehq.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://mindmehq.eu/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==?__cf_chl_tk=HQlMpL86jG0n.D.RTOZWaS2lZ_PXQJI8Yph.TQxTYpE-1709165416-0.0-1533
Content-Type: application/x-www-form-urlencoded
Content-Length: 2828
Origin: http://mindmehq.eu
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 29 Feb 2024 00:10:22 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_clearance=srGf4Rb.79hGeejf8HuKHfXNzdvP_DoIBXuutN1CkiE-1709165416-1.0-Aa07Z5WwwmOZGrQdNOVqCBMGUSSnDQwVbrE0fRaBoH42mz2AdLRxl1lt6FSDZzsphZQowdVkJADYB2Zz19hXQyo=; path=/; expires=Fri, 28-Feb-25 00:10:22 GMT; domain=.mindmehq.eu; HttpOnly; SameSite=None
Location: https://165.227.120.179/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCV6TlVatNNoioVsyclTaScqaSUWbCzW4f2b36GMadlQk6gu%2B7qUvYFW9QAmyD10ULfZX8EwcotsM7tgJT0qnDW4dU8NDljmJWosOuYea%2BQ5%2BMqatlHGRNuHsWZPSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 85ccaf117ea8569f-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1889994638:1709161904:kEHilZATTQUl4iYHqdbRaRoheRgPt7llkKmzrKDjNjU/85ccaeed2fda712a/ad50568133e588f

104.17.2.184

3.2 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1889994638:1709161904:kEHilZATTQUl4iYHqdbRaRoheRgPt7llkKmzrKDjNjU/85ccaeed2fda712a/ad50568133e588f
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3544), with no line terminators
Size
3.2 kB (3190 bytes)
Hash
5e7f532145accf469a9936532f6aa119
391392425f6e4623086304894131f6e3d4b05362
2ebfd8b9e793448520389b0ca67a8e5094f8703137cb415502d00db8156ea2c8

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1889994638:1709161904:kEHilZATTQUl4iYHqdbRaRoheRgPt7llkKmzrKDjNjU/85ccaeed2fda712a/ad50568133e588f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/f9oe2/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: ad50568133e588f
Content-Length: 25944
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 29 Feb 2024 00:10:22 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: 4axsElhDiKgsh8IQUxwRBpPCaf+U9xeE29WK04CTCns/m60m9zl8EfsCpTg04Iata/QORSQXajWYXxsp0fJ56Fy48witv+wTQggFkeUhC4y93JD0NeuPlyLC4B6R321y$0BVIo5mRken746WZEr274w==
cf-chl-out-s: FctLlI6zqJcvL9yqogNsvtJ/QzvmTbs3bUGaRYspQBJgbmiAC3BT8ZtzfjVQrow7/G67/za2dz1yEvtFL1R/2wvl0OeJr9BEiz2S67tvRcTH0DKkF/HBg6ltwIEA6R5DHkVcgfrXNASfijTM0EBcnoIkgZwGOUPkl+ZZX4Gg9OTmlXlDc/nGALGCKNjGo/FJ7XVuxzi5oY9u/bCBi5wAwZe5nM0GEvzOyT0c+uUW9TSS7XBKqpb/6swdipxW5ZzkcpWhcihKjTyyVoaeZcjKgVux9pLA7dvbPy6CL71e3/ma5Xn6LYPS2fDNjpbLRXbYxbpcIdw/CktB0FVrsV2hOEGbfkeNtP1gmvp1TTOG7am9WG+mpCfc4mPvksiN7lmrgKGPYgi+VW7IolBY29z5aPseCsuKiMPmkZx8gMj7nL3AjrXyC/vvoFoBcLM65SqVh8vEkPGCQQnfR35IxEy9SfsEecok+579Md7jtUMSWgySgGhtqc/+qpTF01Puz5tccFuKRILPHMUEhM1St8T9WMUOxQBYDZxraQm9+J6tDwRBnlLtozzA0QTGdIJcQW5flelyVvTG/91OoZBruTp4uCxOfZ0m/L0Fdxu9Ldvn3cVxmiNeASNb7qsynTt+eiRA$Ew68I3ckm/J5f7Q8N21K2g==
server: cloudflare
cf-ray: 85ccaf0f9905712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/f9oe2/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

104.17.2.184

89 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/f9oe2/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (40811)
Size
89 kB (89185 bytes)
Hash
c5c5965115e3819f6a8073e115f118a7
d73471f126871e2792891f0caf96cc027b9c4c19
ceeb5518242088314bba43c9f98a9e6a6fdd67102022fd64699219ac27e4458c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/f9oe2/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 29 Feb 2024 00:10:16 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 85ccaeed2fda712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

165.227.120.179/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==

165.227.120.179

404 Not Found

15 kB

URL User Request GET HTTP/1.1
165.227.120.179/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
IP
165.227.120.179:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectflotsamandjetsam.art
Fingerprint80:C6:98:32:04:AC:F5:B3:E1:0E:8D:4A:53:33:A9:E8:43:35:11:B5
ValidityTue, 09 Jan 2024 04:52:20 GMT - Mon, 08 Apr 2024 04:52:19 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1877)
Size
15 kB (14770 bytes)
Hash
9b8486176f47d55dde246ead0398ec2b
f0ebf2ba63fa7577871e2dd8c786d5ab00d1976d
23f6b6a624d2a48d4831459053cab82cf45d750240e39b8cba826402c222a818

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ== HTTP/1.1
Host: 165.227.120.179
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Thu, 29 Feb 2024 00:10:24 GMT
Server: Apache/2.4.52 (Ubuntu)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

flotsamandjetsam.art/wp-content/plugins/password-protect-page/includes/views/dist/ppw-form-entire-site.css

165.227.120.179

200 OK

495 B

URL GET HTTP/1.1
flotsamandjetsam.art/wp-content/plugins/password-protect-page/includes/views/dist/ppw-form-entire-site.css
IP
165.227.120.179:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://165.227.120.179/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
Certificate
IssuerLet's Encrypt
Subjectflotsamandjetsam.art
Fingerprint80:C6:98:32:04:AC:F5:B3:E1:0E:8D:4A:53:33:A9:E8:43:35:11:B5
ValidityTue, 09 Jan 2024 04:52:20 GMT - Mon, 08 Apr 2024 04:52:19 GMT

File type
ASCII text, with very long lines (890)
Size
495 B (495 bytes)
Hash
02e844a65e0e874ee498f36cce4ecbb5
22b5e21ca7e189fade98c7b0c195030971a86431
3aa7ae0d6a4caf0a353ba208e59125b5479df26bd26b1c860457daf6994cd45f

HTTP Headers

GET /wp-content/plugins/password-protect-page/includes/views/dist/ppw-form-entire-site.css HTTP/1.1
Host: flotsamandjetsam.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://165.227.120.179/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 29 Feb 2024 00:10:24 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 12 Jan 2024 06:57:49 GMT
ETag: "37c-60eba2ea54230-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 495
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

flotsamandjetsam.art/wp-content/uploads/2024/01/cropped-Favicon-3.png

165.227.120.179

200 OK

6.3 kB

URL GET HTTP/1.1
flotsamandjetsam.art/wp-content/uploads/2024/01/cropped-Favicon-3.png
IP
165.227.120.179:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://165.227.120.179/bWlrZS5icnVpbnNAdXBiZWF0LmNvbQ==
Certificate
IssuerLet's Encrypt
Subjectflotsamandjetsam.art
Fingerprint80:C6:98:32:04:AC:F5:B3:E1:0E:8D:4A:53:33:A9:E8:43:35:11:B5
ValidityTue, 09 Jan 2024 04:52:20 GMT - Mon, 08 Apr 2024 04:52:19 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
6.3 kB (6320 bytes)
Hash
4d92b53446db4b3227cca4498139a770
3050b0e470c50eb46ac9d0cbd892d649d990ed4d
cd0169f5687cdff69c3cb54a4fa0c103a4c3893a6e14011d6eec1c7e28cc4364

HTTP Headers

GET /wp-content/uploads/2024/01/cropped-Favicon-3.png HTTP/1.1
Host: flotsamandjetsam.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://165.227.120.179/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 29 Feb 2024 00:10:24 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Wed, 10 Jan 2024 12:51:56 GMT
ETag: "18b0-60e96e566af35"
Accept-Ranges: bytes
Content-Length: 6320
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1889994638:1709161904:kEHilZATTQUl4iYHqdbRaRoheRgPt7llkKmzrKDjNjU/85ccaeed2fda712a/ad50568133e588f

104.17.2.184

21 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1889994638:1709161904:kEHilZATTQUl4iYHqdbRaRoheRgPt7llkKmzrKDjNjU/85ccaeed2fda712a/ad50568133e588f
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19068), with no line terminators
Size
21 kB (21356 bytes)
Hash
e6793a8f485f46e2738325650356a529
04d49ab8f7f0899bb94736271fc1ba7614218aab
17cbb09e6ca693552167cbb4132222705b889065104c1afa551013054ec0adb6

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1889994638:1709161904:kEHilZATTQUl4iYHqdbRaRoheRgPt7llkKmzrKDjNjU/85ccaeed2fda712a/ad50568133e588f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/f9oe2/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: ad50568133e588f
Content-Length: 25286
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 29 Feb 2024 00:10:18 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 6TKnpBFO37U8yzuEVd7jXBzT3LleFuWVLc0BrCQHY5oezTyP8hw5bsDhg3zFCGXp$R77ibxCnc+dsHnfZswVStQ==
server: cloudflare
cf-ray: 85ccaefc7ffa712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (17)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash