urlscan.io logo urlscan.io
SecurityTrails logo

i6l9c1v3h4m.6w5.ru Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e.targito.com/c?a=a765e20b-92d0-4544-a4c3-c23518cbf01d&o=gsklub_cz&m=6b67e0df-8f21-4d26-bac6-98abbf8b9329&c=75...
Effective URL: https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/
Submission: On July 08 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is i6l9c1v3h4m.6w5.ru.
TLS certificate: Issued by GTS CA 1P5 on July 4th 2023. Valid for: 3 months.
This is the only time i6l9c1v3h4m.6w5.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 35.156.178.75 16509 (AMAZON-02)
1 69.49.228.234 19871 (NETWORK-S...)
1 5 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::485 54113 (FASTLY)
21 6
1    35.156.178.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-178-75.eu-central-1.compute.amazonaws.com
e.targito.com
1    69.49.228.234 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 69-49-228-234.webhostbox.net
centeredlivingfarm.com
5    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
i6l9c1v3h4m.6w5.ru
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
8    2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5263
230 KB
5 6w5.ru
i6l9c1v3h4m.6w5.ru
9 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
25 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
30 KB
1 centeredlivingfarm.com
centeredlivingfarm.com
264 B
1 targito.com
e.targito.com — Cisco Umbrella Rank: 665642
810 B
21 6
Domain Requested by
8 challenges.cloudflare.com 1 redirects i6l9c1v3h4m.6w5.ru
challenges.cloudflare.com
5 i6l9c1v3h4m.6w5.ru 1 redirects i6l9c1v3h4m.6w5.ru
1 cdn.jsdelivr.net centeredlivingfarm.com
1 code.jquery.com centeredlivingfarm.com
1 centeredlivingfarm.com
1 e.targito.com 1 redirects
21 6

This site contains no links.

Subject Issuer Validity Valid
cpanel.centeredlivingfarm.com
R3		 2023-07-02 -
2023-09-30		 3 months crt.sh
6w5.ru
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/
Frame ID: 256F5ADA5AC325CE63ED283D30049A9A
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
Frame ID: 5638DD0E2E215533AD9C68E19C2CADF3
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/ Page URL
  2. https://i6l9c1v3h4m.6w5.ru/cdn-cgi/phish-bypass?atok=Oi_up3xVncHzMcCeI5wqumVYQ5nY0R4J6lJvLjDQXgM-168878... HTTP 301
    https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

21
Requests

62 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

295 kB
Transfer

704 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/ Page URL
  2. https://i6l9c1v3h4m.6w5.ru/cdn-cgi/phish-bypass?atok=Oi_up3xVncHzMcCeI5wqumVYQ5nY0R4J6lJvLjDQXgM-1688780162-0-%2FR9o6I3p5%2F HTTP 301
    https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://e.targito.com/c?a=a765e20b-92d0-4544-a4c3-c23518cbf01d&o=gsklub_cz&m=6b67e0df-8f21-4d26-bac6-98abbf8b9329&c=75283f30-ec7c-4c64-8e96-b11b9ceb9007&d=1550125868&l=footer_menu_2&u=https%3A%2F%2Fcenteredlivingfarm.com%2Fnew%2Fauth%2FqDF0%2F%2F%2F%2FbGlzYV9rZWxseUBoZWF0aHJvdy5jb20= HTTP 302
  • https://centeredlivingfarm.com/new/auth/qDF0////bGlzYV9rZWxseUBoZWF0aHJvdy5jb20=
Request Chain 6
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bGlzYV9rZWxseUBoZWF0aHJvdy5jb20=
centeredlivingfarm.com/new/auth/qDF0////
Redirect Chain
  • https://e.targito.com/c?a=a765e20b-92d0-4544-a4c3-c23518cbf01d&o=gsklub_cz&m=6b67e0df-8f21-4d26-bac6-98abbf8b9329&c=75283f30-ec7c-4c64-8e96-b11b9ceb9007&d=1550125868&l=footer_menu_2&u=https%3A%2F%2...
  • https://centeredlivingfarm.com/new/auth/qDF0////bGlzYV9rZWxseUBoZWF0aHJvdy5jb20=
0
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://centeredlivingfarm.com/new/auth/qDF0////bGlzYV9rZWxseUBoZWF0aHJvdy5jb20=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
69.49.228.234 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
69-49-228-234.webhostbox.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 08 Jul 2023 01:36:01 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
refresh
0;url=https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/#lisa_kelly@heathrow.com

Redirect headers

content-length
0
date
Sat, 08 Jul 2023 01:36:01 GMT
location
https://centeredlivingfarm.com/new/auth/qDF0////bGlzYV9rZWxseUBoZWF0aHJvdy5jb20=
server
Kestrel
/
i6l9c1v3h4m.6w5.ru/R9o6I3p5/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63612340cffdb0e65d8f4f87c2b3a310cb152669fb029b539af78e5b336b14dd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://centeredlivingfarm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-ray
7e349812bbf7dc39-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Jul 2023 01:36:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVKYs%2BejzgwGAE5K7LPMr3ERDr7ZjepKykDD6UdqhIXoH8O%2FI%2FnqDWnmzg1cRzQecZuZITsxogBxtim9CyChx9oSn7HK04GGa4%2F2bfes1KOetzL%2FDJBhjrrpwNc0AR6SdVcKVk04EbsmVNiuOsIql8s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
i6l9c1v3h4m.6w5.ru/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i6l9c1v3h4m.6w5.ru/cdn-cgi/styles/cf.errors.css
Requested by
Host: i6l9c1v3h4m.6w5.ru
URL: https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 01:36:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 Jul 2023 15:21:35 GMT
server
cloudflare
etag
W/"64a438ff-5e44"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7e3498130c50dc39-LHR
expires
Sat, 08 Jul 2023 03:36:03 GMT
icon-exclamation.png
i6l9c1v3h4m.6w5.ru/cdn-cgi/images/ 		452 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6l9c1v3h4m.6w5.ru/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: i6l9c1v3h4m.6w5.ru
URL: https://i6l9c1v3h4m.6w5.ru/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://i6l9c1v3h4m.6w5.ru/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 01:36:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Jul 2023 15:21:35 GMT
server
cloudflare
etag
"64a438ff-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7e3498134c7adc39-LHR
content-length
452
expires
Sat, 08 Jul 2023 03:36:03 GMT
Primary Request /
i6l9c1v3h4m.6w5.ru/R9o6I3p5/
Redirect Chain
  • https://i6l9c1v3h4m.6w5.ru/cdn-cgi/phish-bypass?atok=Oi_up3xVncHzMcCeI5wqumVYQ5nY0R4J6lJvLjDQXgM-1688780162-0-%2FR9o6I3p5%2F
  • https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.7
Resource Hash
e6d37ac1176b6d99c1470b6d603bb2d3998791c3dd037e21e728727df6392faa

Request headers

Referer
https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7e349825faf9dc39-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 08 Jul 2023 01:36:06 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCgjvy%2F8mLGMqtdMp%2FCpPSy1pGFs5eH6BUZoQs6zaJF1Dg9kHP1IWCcQwb2oJaJWJeA%2Bla3zDEX%2FQyMzSNL9jiGn4NDwpXKWfDPaBbK2Cv%2BYl01nhVPEJJdQoJnusS8lh%2FKgYsUaayGiRkIhJWfBIIo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/8.2.7
x-turbo-charged-by
LiteSpeed

Redirect headers

cache-control
private, no-cache
cf-ray
7e349825cac6dc39-LHR
content-length
167
content-type
text/html
date
Sat, 08 Jul 2023 01:36:06 GMT
location
https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
truncated
/ 		130 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
695aa3f7108e86ebc1c1a1ed1f6b46be645acf4a211e5aa16f7c83cbca4d3b97

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
text/javascript
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: centeredlivingfarm.com
URL: https://centeredlivingfarm.com/new/auth/qDF0////bGlzYV9rZWxseUBoZWF0aHJvdy5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://i6l9c1v3h4m.6w5.ru/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 08 Jul 2023 01:36:06 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1688780166.dop088.lo4.t,1688780166.cds232.lo4.hn,1688780166.cds263.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
api.js
challenges.cloudflare.com/turnstile/v0/g/19b997cb/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
Requested by
Host: i6l9c1v3h4m.6w5.ru
URL: https://i6l9c1v3h4m.6w5.ru/R9o6I3p5/
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://i6l9c1v3h4m.6w5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 01:36:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7e34982abf4023e7-LHR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 08 Jul 2023 01:36:06 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/19b997cb/api.js
cache-control
max-age=300, public
cf-ray
7e34982a7f1d23e7-LHR
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: centeredlivingfarm.com
URL: https://centeredlivingfarm.com/new/auth/qDF0////bGlzYV9rZWxseUBoZWF0aHJvdy5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://i6l9c1v3h4m.6w5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 08 Jul 2023 01:36:06 GMT
x-content-type-options
nosniff
content-encoding
br
age
2303408
x-jsd-version
5.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25360
x-served-by
cache-fra-eddf8230097-FRA, cache-man4147-MAN
x-jsd-version-type
version
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/ Frame 5638 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce09432865d1b46a8369073c45d8760ac3add55709b50906eb95b16ff93f312
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://i6l9c1v3h4m.6w5.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7e34982b1ace732a-LHR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jul 2023 01:36:06 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 5638 		178 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e34982b1ace732a
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb201a345c8cf8b70997832e74e245474620a707f793413f89a161d3be965473

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 01:36:06 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7e34982bab0e732a-LHR
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
f54ea4fc-c4e8-4f2a-b55b-6822e7ebc202
https://challenges.cloudflare.com/ Frame 5638 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/f54ea4fc-c4e8-4f2a-b55b-6822e7ebc202
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
a45bbd43eb856f0
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1460253554:1688775884:lxV007ZympJ5jDnFxWVEj_hE54Vs3y4TvBirvQAT8PA/7e34982b1ace732a/ Frame 5638 		190 KB
143 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1460253554:1688775884:lxV007ZympJ5jDnFxWVEj_hE54Vs3y4TvBirvQAT8PA/7e34982b1ace732a/a45bbd43eb856f0
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e34982b1ace732a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6a7c87914af05283fc590255282020cb24dc12fb857f16ed4ac3847480392a

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
a45bbd43eb856f0
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
7Ggeu7q55IzYZRQJFhzrOsSn0BB/+fit6tBb/PeJOm+rMz88NRTnAtq5liEFwWb4/5gfcFbg3MBpQV5aR/Kx/uoTkPtqaTxvXkssZ1fQt1Rj46VRYWUpI0o6DvE04AV5vM4+vs9dfOVWLIhgoNPDpNWMziqVGSS6QyKRI/jYZZWUfel7e5n79yg62nJKDBa+I+KnhrK6mfJntbQubNkT+t02+VWvDjrNVXtfQFNIOjsEgtueJ5VbqpFUOJGUhrsKg7DMK3xY90y2n1r3xfHcYghOptIYIcGCG8scoo/iRo1Ef3I5IK5B9VH8CMQkUxjX4OcDPFXGCvFTxta+HoLHCgOe0Qx3GGrSfhYZ3JdZsDYfQrVXC9ssS1vsLNgl6Bo3Z+OIGGF04iCHilcl1716hQEMugg8cBj3rr6RG+Fgt3P2HLjhcFue2/JnWD/L9zDlyz+dkfjceNsoCIYCAFvRJdtZJucPyhos1WhyhiEPC4KVO53r+JzS+/vRJV8qHnXh$8IuWsxI9V7znFJBF2S/crw==
date
Sat, 08 Jul 2023 01:36:07 GMT
content-encoding
br
server
cloudflare
cf-ray
7e34982d1bb7732a-LHR
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
11907c1c-8eb8-4863-b746-86c8d1ced038
https://challenges.cloudflare.com/ Frame 5638 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/11907c1c-8eb8-4863-b746-86c8d1ced038
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b52d14f58995f4f725bfe13e1714120be4082d234fa580d7d0bd772a80c66f4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
2643
Content-Type
text/javascript
11907c1c-8eb8-4863-b746-86c8d1ced038
https://challenges.cloudflare.com/ Frame 5638 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/11907c1c-8eb8-4863-b746-86c8d1ced038
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b52d14f58995f4f725bfe13e1714120be4082d234fa580d7d0bd772a80c66f4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
2643
Content-Type
text/javascript
11907c1c-8eb8-4863-b746-86c8d1ced038
https://challenges.cloudflare.com/ Frame 5638 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/11907c1c-8eb8-4863-b746-86c8d1ced038
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b52d14f58995f4f725bfe13e1714120be4082d234fa580d7d0bd772a80c66f4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
2643
Content-Type
text/javascript
yGF48YjPqEG6vW6
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e34982b1ace732a/1688780167224/df033fd07d698ad8abeeb9361d1b64c032902d2d93ba859c7827444574edcae9/ Frame 5638 		1 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e34982b1ace732a/1688780167224/df033fd07d698ad8abeeb9361d1b64c032902d2d93ba859c7827444574edcae9/yGF48YjPqEG6vW6
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e34982b1ace732a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 01:36:07 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g3wM_0H1pitir7rk2HRtkwDKQLS2TuoWceCdERXTtyukAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsnhnbals60aWxv0jmjxXrSzdZ94Rg2NRW0YopV9htBYj4BoU19zK1LuViSVIzVcCYE57_KL35HJkxGxtdDIDlTp0vpUfJFuLjWeuY6-UVNh9bERnFXivMB8kYroBKyMP7FAJBT8ZXycjF6sKL2W6-zNXb3tBABTu2kKre_y5s5nNqEjE7P4mh3wiMpr3R0AaUJi9KtLcFBAYyiejLLxLwK-FGakP_d5aSp_krUHWtYoLI89sF8YZXcE0Ljl5JduIo-ZZxfWlmaGbY9hRRjueY5VD4uhxjMAmy7NDr70Ji27c87GtHs1CVTeRX13-3BoGpQdK9epZBNG8rGU4beokwQIDAQAB, max-age=20
server
cloudflare
cf-ray
7e34982fccd8732a-LHR
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
f178de66-7b3d-47bb-9044-f76333a4271c
https://challenges.cloudflare.com/ Frame 5638 		539 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/f178de66-7b3d-47bb-9044-f76333a4271c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
539
Content-Type
text/javascript
w5R_3chH0YANJy4
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7e34982b1ace732a/1688780167227/ Frame 5638 		61 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7e34982b1ace732a/1688780167227/w5R_3chH0YANJy4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d1dd1a5afbe1cfe8ff8e206e4248121463071526a60d446c0f8087a15853ccc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 01:36:08 GMT
server
cloudflare
cf-ray
7e3498359fd6732a-LHR
alt-svc
h3=":443"; ma=86400
content-type
image/png
f5eadd7a-323e-4af4-8796-7c22ab0e87db
https://challenges.cloudflare.com/ Frame 5638 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/f5eadd7a-323e-4af4-8796-7c22ab0e87db
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
7c279a9c-37e7-4472-a581-aa1fc90ee2e5
https://challenges.cloudflare.com/ Frame 5638 		99 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/7c279a9c-37e7-4472-a581-aa1fc90ee2e5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
99
Content-Type
text/javascript
a45bbd43eb856f0
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1460253554:1688775884:lxV007ZympJ5jDnFxWVEj_hE54Vs3y4TvBirvQAT8PA/7e34982b1ace732a/ Frame 5638 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1460253554:1688775884:lxV007ZympJ5jDnFxWVEj_hE54Vs3y4TvBirvQAT8PA/7e34982b1ace732a/a45bbd43eb856f0
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e34982b1ace732a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ab4745aa9cc69f76e176c539fe90fca5285b4efb63d6ce337e624eb1e56e9f

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uolex/0x4AAAAAAAG5fjKusprYFGIs/auto/normal
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
a45bbd43eb856f0
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
Qk3fXrUjAQ3O31sONpjd8oFvwFDp+4hH1OkVQ52455rgLoHxNCniz4c5fH80Kcu0$kyG2r5sa/ncaKwLGsPd2CQ==
date
Sat, 08 Jul 2023 01:36:09 GMT
content-encoding
br
server
cloudflare
cf-ray
7e3498392992732a-LHR
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend string| nox function| $ function| jQuery function| x object| turnstile

8 Cookies

Domain/Path Name / Value
.targito.com/ Name: a765e20b-92d0-4544-a4c3-c23518cbf01d
Value: 75283f30-ec7c-4c64-8e96-b11b9ceb9007
.targito.com/ Name: trgid_gsklub_cz
Value: 75283f30-ec7c-4c64-8e96-b11b9ceb9007
.targito.com/ Name: a765e20b-92d0-4544-a4c3-c23518cbf01d_m
Value: 6b67e0df-8f21-4d26-bac6-98abbf8b9329
.targito.com/ Name: trgm_gsklub_cz
Value: 6b67e0df-8f21-4d26-bac6-98abbf8b9329
.targito.com/ Name: a765e20b-92d0-4544-a4c3-c23518cbf01d_d
Value: 1550125868
.targito.com/ Name: trgd_gsklub_cz
Value: 1550125868
.i6l9c1v3h4m.6w5.ru/ Name: __cf_mw_byp
Value: Oi_up3xVncHzMcCeI5wqumVYQ5nY0R4J6lJvLjDQXgM-1688780162-0-/R9o6I3p5/
i6l9c1v3h4m.6w5.ru/ Name: PHPSESSID
Value: atujg824tq8emlbnns6jceb7f2

4 Console Messages

Source Level URL
Text
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iZW1kMVZpNTZiakVPTmZWMWdJdmsiOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iZW1kMVZpNTZiakVPTmZWMWdJdmsiOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e34982b1ace732a/1688780167224/df033fd07d698ad8abeeb9361d1b64c032902d2d93ba859c7827444574edcae9/yGF48YjPqEG6vW6
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
centeredlivingfarm.com
challenges.cloudflare.com
code.jquery.com
e.targito.com
i6l9c1v3h4m.6w5.ru
2001:4de0:ac18::1:a:2b
2606:4700::6811:2b8
2a04:4e42::485
2a06:98c1:3120::3
35.156.178.75
69.49.228.234
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1b52d14f58995f4f725bfe13e1714120be4082d234fa580d7d0bd772a80c66f4
63612340cffdb0e65d8f4f87c2b3a310cb152669fb029b539af78e5b336b14dd
695aa3f7108e86ebc1c1a1ed1f6b46be645acf4a211e5aa16f7c83cbca4d3b97
6d1dd1a5afbe1cfe8ff8e206e4248121463071526a60d446c0f8087a15853ccc
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7ce09432865d1b46a8369073c45d8760ac3add55709b50906eb95b16ff93f312
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075
bb201a345c8cf8b70997832e74e245474620a707f793413f89a161d3be965473
bf6a7c87914af05283fc590255282020cb24dc12fb857f16ed4ac3847480392a
c6ab4745aa9cc69f76e176c539fe90fca5285b4efb63d6ce337e624eb1e56e9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
e6d37ac1176b6d99c1470b6d603bb2d3998791c3dd037e21e728727df6392faa
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e