GET sinomau.top/cdn-cgi/images/icon-exclamation.png?1376755637
200 OK 452 B URL GET sinomau.top/cdn-cgi/images/icon-exclamation.png?1376755637
IP
File type PNG image data, 54 x 54, 8-bit colormap, non-interlaced
Hash c33de66281e933259772399d10a6afe8
b9f9d500f8814381451011d4dcf59cd2d90ad94f
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
Host: sinomau.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sinomau.top/cdn-cgi/styles/cf.errors.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Jul 2025 15:10:02 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Dkn37exn%2FkF4BYr6oCJ8afPcji9yIlRNmDNrvnJyI97JXj6xVGcli3MPJNqIZYy5y5o%2BSNem5LQNDffgh5bWxjxVW42B8npg9A%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
CF-RAY: 95c8bef049c28f59-CPH
GET sinomau.top/favicon.ico
404 Not Found 0 B IP
Certificate IssuerGoogle Trust Services
Subjectsinomau.top
FingerprintD0:57:69:6D:F1:F5:33:86:47:F0:D1:E6:AC:04:1A:0A:5D:9B:25:BE
ValidityWed, 25 Jun 2025 06:55:17 GMT - Tue, 23 Sep 2025 07:53:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: sinomau.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 09 Jul 2025 15:10:02 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7d3yF%2BVtuoz3LFUJ1txlU6c7g%2BvUkDXCMm596QOUtJ6v4d78awkWwKRshA%2BFsVOO4zZ142bi%2BJw%2BHqdE%2B4p9TMNzWJnwERGDdg%3D%3D"}]}
content-encoding: br
cf-ray: 95c8bef25ee1eb48-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1755786717:1752070555:2wpimJK3p_oaOlz0WOUiv2SelEk0ja6FmxYJ1PSplLc/95c8bef18b268f59/QQtPvmRb7lZjnaLFvMuTNOH6PcqQONiGzugEVAf71dQ-1752073802-1.2.1.1-EpPl8WmYNdbR0FwbW0MwUxZ9QLdeizv1uazSkt6eXK_2JccN5sw8SRgKdwwwcTCA
200 OK 285 kB URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1755786717:1752070555:2wpimJK3p_oaOlz0WOUiv2SelEk0ja6FmxYJ1PSplLc/95c8bef18b268f59/QQtPvmRb7lZjnaLFvMuTNOH6PcqQONiGzugEVAf71dQ-1752073802-1.2.1.1-EpPl8WmYNdbR0FwbW0MwUxZ9QLdeizv1uazSkt6eXK_2JccN5sw8SRgKdwwwcTCA
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 285 kB (284700 bytes)
Hash 8f5a9e07dddea924826733cda310404c
2b9e6a2e01c78f22dcc0a7f4be561ace0f82cbd7
43299bdb8298f8222bf70052df1c7d0f610eaee6c10e0bff008eec619c95a73b
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1755786717:1752070555:2wpimJK3p_oaOlz0WOUiv2SelEk0ja6FmxYJ1PSplLc/95c8bef18b268f59/QQtPvmRb7lZjnaLFvMuTNOH6PcqQONiGzugEVAf71dQ-1752073802-1.2.1.1-EpPl8WmYNdbR0FwbW0MwUxZ9QLdeizv1uazSkt6eXK_2JccN5sw8SRgKdwwwcTCA HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
cf-chl: QQtPvmRb7lZjnaLFvMuTNOH6PcqQONiGzugEVAf71dQ-1752073802-1.2.1.1-EpPl8WmYNdbR0FwbW0MwUxZ9QLdeizv1uazSkt6eXK_2JccN5sw8SRgKdwwwcTCA
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3255
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Jul 2025 15:10:03 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: iWsHQWrggSz6uYB/l6VpUDozhWHDitLXKO3Yg9kg3lYIECoa/sZmH5V3EClUWEv/oVVR9y/sF2R3jfKLqWaOCwq8gIECd7oFkEzpOUZSc/97Y8Otr36ARWI57g8MTJHCEJmeGd+P+mwgs42kJPx488dfn0FXWZpjSaEoxRBEgKGyuJjYkkG6Ix7BohBLLsN8r5biFUEaVX1e2cuN//+beJH2qoXrzuh7Zq2JiPiSsLDWYQu2sF7x800QO+50gOqURjpWSg8ksYEW1RpiOsN/ASx8RRbxu5DcKRaI/TeAo/vgDtMI4eXhn9sX65yag5csSMKbYGVX19Mc/tvos8U/Mqzv7dcAW95MM/YX3VfTM9ofRh/pMj+IGXfhIpJBAkKNHQ33QRvkyESPElbj4h9IYVGHpnx1Jwg2VjVy33pToi58jo26K24+kEoV05Il5weEUf/ZZ/OT/xxh1CgEzZaBmm3bCQxDQkQ1Rbr8R3XZyYLs0Ruziq+AvefSQfu9FJbomY5x3Rb76jSL3tO93BbuJ6XpE589td4NhT+kKAB9lzjNAqcfuaZVlsVG11PK+9Tfn7IIIuGooSrlnm3xN09TtyCj9i+yTZFhSkDoQFBBO42fKwVKhqhWl2XvsgPvEwaTN4nIPVq1peaJcei+G5W1p6sjVRszy+23sBMyQ9cV1PFDBWmHD+1UN8+1Xw2vtYI3obnk7Qe9VzZlCLHjGrasj5iIt+6RXmkQ204icOrhXqW720capVUd7f3/q19u3Cn0HNnqiHtVvrVSnc+5DAflOg==$lm2r8bPh38oJqBsj9M5DQg==
priority: u=3,i=?0
server: cloudflare
cf-ray: 95c8bef66a308f59-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
403 Forbidden 5.0 kB IP
File type HTML document, ASCII text, with very long lines (396)
Hash a78fbbc7a3420802495f9bb9eb758dfd
86dc6ef891da695d699c69f09aa500b367791c3d
1096205d042d4fd13d70ff9df7176193edc2f37def0e830a86adf6aa98b2994f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: sinomau.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 09 Jul 2025 15:10:01 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=aT%2FIUOPJADWqzc5uZekZfmqsSdmcigvwcc8Ys6JbwwRYKi8cGv4YdkzFtT1iCZw%2BdV3p4SFG8izOjBkMea2TYEhKkrTOAQvRVw%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Content-Encoding: gzip
Server: cloudflare
CF-RAY: 95c8beee1f2c8f59-CPH
alt-svc: h2=":443"; ma=60
GET sinomau.top/cdn-cgi/styles/cf.errors.css
200 OK 24 kB URL GET sinomau.top/cdn-cgi/styles/cf.errors.css
IP
File type ASCII text, with very long lines (24050)
Hash 5e8c69a459a691b5d1b9be442332c87d
f24dd1ad7c9080575d92a9a9a2c42620725ef836
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: sinomau.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://sinomau.top/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Jul 2025 15:10:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=01ac4c%2BB1YvhQKdx6wC4l4UUlAkFuV9UJQeJnFwdWhAkO%2BS4tct4Wv3TXiDDc6ThjmxDuDbkiCDqJN4kqen%2FVgYcGVJmoraO6Q%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Content-Encoding: gzip
Server: cloudflare
CF-RAY: 95c8beef18688f59-CPH
GET challenges.cloudflare.com/turnstile/v0/b/e7e9d014f96e/api.js
200 OK 49 kB URL GET challenges.cloudflare.com/turnstile/v0/b/e7e9d014f96e/api.js
IP
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (48827)
Hash 8b98ab0c9c1187379712de2162d133c8
13070544fcfc6954ce563779c26ba54b72271380
73f6150de629bcd8401d4778d9a4f5460cbcce244f913447acbdd25ad50cca25
GET /turnstile/v0/b/e7e9d014f96e/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Jul 2025 15:10:02 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Jul 2025 10:26:41 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
priority: u=3,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 95c8bef069f08f59-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/95c8bef18b268f59/1752073803287/QqNaNm8zaHEBG3f
200 OK 170 B URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/95c8bef18b268f59/1752073803287/QqNaNm8zaHEBG3f
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT
File type PNG image data, 70 x 13, 8-bit/color RGBA, non-interlaced
Hash 9300cf382d9944ab427808a6dcfe513c
3bc52a51ba9acb9d17383ad5a53bd4c562a1dbdb
b8937a256565f970ab7dc0274d0b84ab94100d9c54195255e4cd5b1536cdba57
GET /cdn-cgi/challenge-platform/h/b/d/95c8bef18b268f59/1752073803287/QqNaNm8zaHEBG3f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Jul 2025 15:10:05 GMT
content-type: image/png
content-length: 170
priority: u=4,i=?0
server: cloudflare
cf-ray: 95c8bf03fba88f59-CPH
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET challenges.cloudflare.com/turnstile/v0/api.js
302 Found 49 kB URL GET challenges.cloudflare.com/turnstile/v0/api.js
IP
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 09 Jul 2025 15:10:02 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/e7e9d014f96e/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 95c8beefa98c92c1-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET sinomau.top/favicon.ico
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: sinomau.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://sinomau.top/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 09 Jul 2025 15:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://sinomau.top/favicon.ico
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CMoeF07MP%2BVZ3uy71uUmLhKg1r4wxWJ58ecHz7UkVC%2F4Q6o3tbZcEs4imrrBFVe4cBZLZKxr7TT%2Fl4jA4%2BP7kYnT60RisqAWIQ%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
CF-RAY: 95c8bef14adb8f59-CPH
alt-svc: h2=":443"; ma=60
POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1755786717:1752070555:2wpimJK3p_oaOlz0WOUiv2SelEk0ja6FmxYJ1PSplLc/95c8bef18b268f59/QQtPvmRb7lZjnaLFvMuTNOH6PcqQONiGzugEVAf71dQ-1752073802-1.2.1.1-EpPl8WmYNdbR0FwbW0MwUxZ9QLdeizv1uazSkt6eXK_2JccN5sw8SRgKdwwwcTCA
200 OK 30 kB URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1755786717:1752070555:2wpimJK3p_oaOlz0WOUiv2SelEk0ja6FmxYJ1PSplLc/95c8bef18b268f59/QQtPvmRb7lZjnaLFvMuTNOH6PcqQONiGzugEVAf71dQ-1752073802-1.2.1.1-EpPl8WmYNdbR0FwbW0MwUxZ9QLdeizv1uazSkt6eXK_2JccN5sw8SRgKdwwwcTCA
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT
File type ASCII text, with very long lines (29608), with no line terminators
Hash 6fe3bb8d56854a005a04aff195f6f1a6
ece2d103739822066017c83a20eb7e24a3f0aa16
40e041d4572e41f4c47eb569ef5461dfdcfdf10c00464bf73a092baf574a95ef
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1755786717:1752070555:2wpimJK3p_oaOlz0WOUiv2SelEk0ja6FmxYJ1PSplLc/95c8bef18b268f59/QQtPvmRb7lZjnaLFvMuTNOH6PcqQONiGzugEVAf71dQ-1752073802-1.2.1.1-EpPl8WmYNdbR0FwbW0MwUxZ9QLdeizv1uazSkt6eXK_2JccN5sw8SRgKdwwwcTCA HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
cf-chl: QQtPvmRb7lZjnaLFvMuTNOH6PcqQONiGzugEVAf71dQ-1752073802-1.2.1.1-EpPl8WmYNdbR0FwbW0MwUxZ9QLdeizv1uazSkt6eXK_2JccN5sw8SRgKdwwwcTCA
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 34199
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Jul 2025 15:10:12 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: bXkkxo+mjjOHd+RxBhc4dV2EVtOJZosrT8tDwi3tuFALC6G6T+B/y6oaRIUY3vPK$5cF9Dh9iXSN4d/APzqvG4w==
priority: u=3,i=?0
server: cloudflare
cf-ray: 95c8bf2f4f738f59-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
403 Forbidden 5.0 kB IP
Certificate IssuerGoogle Trust Services
Subjectsinomau.top
FingerprintD0:57:69:6D:F1:F5:33:86:47:F0:D1:E6:AC:04:1A:0A:5D:9B:25:BE
ValidityWed, 25 Jun 2025 06:55:17 GMT - Tue, 23 Sep 2025 07:53:46 GMT
File type HTML document, ASCII text, with very long lines (396)
Hash b703517925ee1509afd616cd500939c2
dac4ff9d60209e1b424dc68b2c5c6f1d79743c6b
0b22311aa3312bb264e0639d1a0955d2423648ed0105066448f4992e3be8d928
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: sinomau.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Wed, 09 Jul 2025 15:10:01 GMT
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=pwV8LlVeBo%2FZs0y0AJZ07cv7g2uOvgzQpOfmIHqtD%2FEEFwoXbn1B8BLu%2Fctvc5TyN3D855pm2KhhhxfSSJcpS%2FVTjzrgrSVGLA%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
server: cloudflare
cf-ray: 95c8beecc8ca92d3-CPH
X-Firefox-Spdy: h2
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
200 OK 27 kB URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
IP
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT
File type HTML document, ASCII text, with very long lines (26963), with no line terminators
Hash 91ef7107984128f7832e2bc8909f4d3f
f1335bdab4aaa945e8aeaf952086ff9f71dfe375
98d765a8e001c5e2caaae60cc6ae56af9f6ee180bb1d7aa20e4eb30a62dda9f9
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Jul 2025 15:10:02 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-wazAeVD1j5Yt1oCp' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 95c8bef18b268f59-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
200 OK 86 B URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT
File type PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced
Hash 70c202196187ab3c11b4e094c20c6de1
9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863
6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643
GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Jul 2025 15:10:02 GMT
content-type: image/png
content-length: 86
priority: u=4,i=?0
server: cloudflare
cf-ray: 95c8bef2cd168f59-CPH
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=95c8bef18b268f59&lang=auto
200 OK 142 kB URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=95c8bef18b268f59&lang=auto
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 142 kB (141812 bytes)
Hash f4808af0ff9318aa455134e53911a469
9f7e7c0a1aabd579e947bb3978cbed75710919ae
6696a55de8ae222b325932d1ffc07124bddce6489c6315fd427a8790c21b97f1
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=95c8bef18b268f59&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f6yce/0x4AAAAAABDaGKKSGLylJZFA/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Jul 2025 15:10:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 95c8bef2cd1b8f59-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
104.21.72.65