search

Ekultek / WhatWaf

Detect and bypass web application firewalls and protection systems
Other
2.63k stars 447 forks source link

Unknown Firewall (a1b064da5) #1541

Closed WhatWaf-Firewalls closed 2 years ago

WhatWaf-Firewalls commented 2 years ago

WhatWaf version: 2.0.3 Running context: ./whatwaf -u ******************* Fingerprint:

<!--
GET http://apix.trade HTTP/1.1
Status code: 403
Date: Wed, 11 May 2022 16:03:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZcj4ElOA%2FZDVAN0TkbnW4i5wX8NPT6gK8IAsMmEgFV9WFD4XbscwFrIRLzrPIkRJFeb1i1o%2F1Cini%2F%2FljZLkoUbKyVogXI4Kc%2BRJwOqg9PFLUR%2FYvh7pUtECSWh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 709c254cf9e73426-NRT
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-->
<!DOCTYPE html>

<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<title>Please Wait... | Cloudflare</title>
<meta charset="utf-8"/>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type"/>
<meta content="IE=Edge" http-equiv="X-UA-Compatible"/>
<meta content="noindex, nofollow" name="robots"/>
<meta content="width=device-width,initial-scale=1" name="viewport"/>
<link href="/cdn-cgi/styles/cf.errors.css" id="cf_styles-css" rel="stylesheet"/>
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->
<style>body{margin:0;padding:0}</style>
<!--[if gte IE 10]><!-->
<script>
  if (!navigator.cookieEnabled) {
    window.addEventListener('DOMContentLoaded', function () {
      var cookieEl = document.getElementById('cookie-alert');
      cookieEl.style.display = 'block';
    })
  }
</script>
<!--<![endif]-->
<script>
    //<![CDATA[
    (function(){
      window._cf_chl_opt={
        cvId: "2",
        cType: "managed",
        cNounce: "2560",
        cRay: "709c254cf9e73426",
        cHash: "52f462804e24aef",
        cUPMDTk: "\/%3Cframeset%3E%3Cframe%20src=%5C%22javascript:alert('XSS');%5C%22%3E%3C\/frameset%3E?__cf_chl_tk=OqcA5yqrKuSjXdevTFUjylz2cGSr2Di9plKDesfoBXE-1652285017-0-gaNycGzNBz0",
        cFPWv: "b",
        cTTimeMs: "1000",
        cLt: "n",
        cRq: {
          ru: "aHR0cHM6Ly9hcGl4LnRyYWRlLyUzQ2ZyYW1lc2V0JTNFJTNDZnJhbWUlMjBzcmM9JTVDJTIyamF2YXNjcmlwdDphbGVydCgnWFNTJyk7JTVDJTIyJTNFJTNDL2ZyYW1lc2V0JTNF",
          ra: "d2hhdHdhZi8yLjAuMyAoTGFuZ3VhZ2U9Mi43LjE4OyBQbGF0Zm9ybT1MaW51eCk=",
          rm: "R0VU",
          d: "ITZvB04TRjgj9GuYOkMecxZsCtgam5SFQzpRSRObFBploFAsgHxew14q1VEbEhNHlXWhkjOwa0JvRmUGcwUrmyD9+ODNz93eBznYYDsgRRGCBGQQIlmxh3+L5WLPwGTjVShpK+yQyXtLv3qesDjuGBqy9Fj9Mk5Y5MAQAb7m1wTEN/tOgKbixsoqVYKGtn35bIRgxDNWJqjhtZwaeHDhN/7+2uZ3B2gFzHysfi09bt9l4zVoliLCmB/efnW7bReVMmdjcvyInwdRo7bV5Qj/oFPbJxEiUKnc7dxaAlUS2J5u1AjFyUQQWSzmiPbnUsXZIYdy6O4t6lnITfelVXN9gmzOrX5BAl/0eAKgJHHsHt1yKppaRfRDEXhpAm7G8cwUhRvJnc7k6fIdm1PfWcZmtge/XjbcBzb4Ao5yuBV6unS0bEeNkjdBJ/vO0Q7U6BtTFy25RQnlXZdd9jY+KdbwC82UNUi7k5U/C9wlRWWzPAkKRUxR2oXDC5hzk1RAhqkHgLpyF96IYoVIXELTvm+Y1/7jz5wWDXXZIQue7hCXScudEsq469/26ISXHq9e50o+TahpynQjjWtZZsff4GZ0upBAef2Nvz5WeFz5U32DOXwx023f3ZeUv4zUAsR9oXUK",
          t: "MTY1MjI4NTAxNy4xMzEwMDA=",
          m: "XVOIgzr5jNdu3jYNoEw97gV//HCIsjwWyiFPCx1BRbI=",
          i1: "gc/YLgA50uEaEDPjfpDTJQ==",
          i2: "xqq1jd87k/owGoRsdigomw==",
          zh: "MmrN6FkvcyMrlV0bmYumXlBpGLFNV4DvCfa+ncd8ZJc=",
          uh: "GjF+lffP22x8jqpzthRNaI5exsKaaER1iR1bJivmZSE=",
          hh: "juun39+bY+pUxibi76suhp4W/ZlwjBoU+1TgKbnO3vE=",
        }
      };
    }());
    //]]>
    </script>
<style>
  #cf-wrapper #spinner {width:69px; margin:  auto;}
  #cf-wrapper #cf-please-wait{text-align:center}
  .attribution {margin-top: 32px;}
  .bubbles { background-color: #f58220; width:20px; height: 20px; margin:2px; border-radius:100%; display:inline-block; }
  #cf-wrapper #challenge-form { padding-top:25px; padding-bottom:25px; }
  #cf-hcaptcha-container { text-align:center;}
  #cf-hcaptcha-container iframe { display: inline-block;}
  @keyframes fader     { 0% {opacity: 0.2;} 50% {opacity: 1.0;} 100% {opacity: 0.2;} }
  #cf-wrapper #cf-bubbles { width:69px; }
  @-webkit-keyframes fader { 0% {opacity: 0.2;} 50% {opacity: 1.0;} 100% {opacity: 0.2;} }
  #cf-bubbles > .bubbles { animation: fader 1.6s infinite;}
  #cf-bubbles > .bubbles:nth-child(2) { animation-delay: .2s;}
  #cf-bubbles > .bubbles:nth-child(3) { animation-delay: .4s;}
</style>
</head>
<body>
<div id="cf-wrapper">
<div class="cf-alert cf-alert-error cf-cookie-error" data-translate="enable_cookies" id="cookie-alert">Please enable cookies.</div>
<div class="cf-error-details-wrapper" id="cf-error-details">
<div class="cf-wrapper cf-header cf-error-overview">
<h1 data-translate="managed_challenge_headline">Please wait...</h1>
<h2 class="cf-subheadline"><span data-translate="managed_checking_msg">We are checking your browser...</span> apix.trade</h2>
</div>
<div class="cf-section cf-highlight cf-captcha-container">
<div class="cf-wrapper">
<div class="cf-columns two">
<div class="cf-column">
<div class="cf-highlight-inverse cf-form-stacked">
<form action="/%3Cframeset%3E%3Cframe%20src=%5C%22javascript:alert('XSS');%5C%22%3E%3C/frameset%3E?__cf_chl_f_tk=OqcA5yqrKuSjXdevTFUjylz2cGSr2Di9plKDesfoBXE-1652285017-0-gaNycGzNBz0" class="challenge-form managed-form" enctype="application/x-www-form-urlencoded" id="challenge-form" method="POST">
<div id="cf-please-wait">
<div id="spinner">
<div id="cf-bubbles">
<div class="bubbles"></div>
<div class="bubbles"></div>
<div class="bubbles"></div>
</div>
</div>
<p data-translate="please_wait" id="cf-spinner-please-wait">Please stand by, while we are checking your browser...</p>
<p data-translate="redirecting" id="cf-spinner-redirecting" style="display:none">Redirecting...</p>
</div>
<input name="md" type="hidden" value="VHsYiXVFvRu9o_n8QPiju0QpnCpwV5kVc9Y5MVlaqC8-1652285017-0-AanZBn0aS32tAiGWn8vbZ6MPIZLtyCNYNr9rGDpufawi1LiW7LqHjZrzvIwmi7HyYfjr4_S7oT6kDNPB67fTRT0ZKbxbFf4kSa86JLYX0SR2ekOr8aEStWi8eKgxenu0ljuSUjJwAZH-34NtWHhyKQ91CEqaWiFt5LSEslspyYr4-L7IkokY2_57_kJw2dvNidzuLBTN6xFxT3lKMh5mh3EedaSC6S8kdvrwIdlYB1olvsllQnekTjXh_k2pbNFZBynplkasWtsXHEIDSHhPmg46173H2nASy05VdW9N4cK2jP8N8CDpGRQw-cCfTpbtyj6kiLjn8mOqR4ykP2318zTrOwSksjb1lduc8ZzV7vAvrlJIBsdW_-iqKcn3iJtc60qyWIjxhtiMZrEeRj1yq4YGiMvUj8OhunCQU2SQEmLTqp5bkbbPzPAlOqTVup56mGqZ8CkGclor7cie9chHvlsbfR7hOSMSDD01SKLGBTD6qHtLhjl3sTdwlP2-hZgHrIJ5IqhHMivcWhoC-tGO2HWqwfBwECJmYVIwwm9fZFclezt9ITvlhN7T3wkN4XT7-PobVimc9ipE9iUlea_q0znwtWcF6xFub1OV7Axv66_inFe6pc7Y-FN0cmoOvtApD7gnsJktNWUnpipiSGw1NzZvBsrrpNw5m-DVNwikTH1UBvrZNTOGsGwYA3bFVoO3P70QQJa2UzJSIo9FYtVf2SVWeAUoMn81utj640SdbTsXZ4Yb2jEL2pES9hGLq5IoR5FUzjSeEjYNWVwAL04jqEcFqXWV4isw6eM01y1VUfBY_sDQmHRMaHyPm97TvBwzB13LpM4fR7ojgBNdGlzqZfo_K-1-hZyn8UkMNm-3id4p95MjkyusL20fw375atpaA4QufALZIhODSlw_EKa8ktUlLTpw8ImEoIAQB8CSc3_CIMKMD36chnEXMW98XOzH-CJN8Hpcb86UjlIX2SRbENbbQrHCY7q3wS3wDjrexFnQ-8TwvZ-agAeJFMGIXX07JQ"/>
<input name="r" type="hidden" value="vJyosaFMwcTwdzq8u8tN1cTN_BQ_RPqyZ0c7x1aYX_c-1652285017-0-Acfluu3qE3SI7b/4Od0818P4A434jn3SoPNuE83xXZ4TQ0rWM+tuor77i2AXovl/fwGLOBJGdxvRVryD3nOtxHIzBelScY3PJFHyfqp19xupeHJrancEkBeqho/Y+bOFhXn9pknfYfDtHPHp4FaE/GIXNVa5yuNcoxm9ENMQ6A1+vGJERh2NthPfHnd4GItS4BSRHnh2hLX7vzWbt3M3OMksnanfKKREpppYRllL0qS0eaaPJZX4iNEHXXN6I2P4Y8oMIzLIShdCJxAUhQLpxynrIfqgHSodA+EWcmym4l+Jex6yuTyHAr5icRLDppygyL3M9c2JBd/pmzoexMw6xSRUib+kOFG5EXgXPqP2sf42INx6twyi9TpelOX8Boo80zK6/Tav5+UskLAY4QWX/XFbqouZsjn+dYBNxZYPEpfYMi7kGuk9svpQ7SczHmTTQx0opEiOuX3q1qKYM3I/qNTDWIhlzAaRG4/o01gzfXnJ1wCyKJ44VUedBuzH+4h1vdDHT4qwVc0XghAv3rMaopSr+zE9aTo8/wBzZRAHfn65BzPOzBuveQdKuHxdelxniX1D4r6jqBCAxPd+QNhbh4Lf6hR2Ia7+S4W+bE41JnpXUgAkGFIDgEaZSs5DVA9QfCejjlJSYCiYSZ6cra5FlPAG3kuoDwUbSohpNpwQb/+x8nu2SpHKm40zJS5+g98QG9DWBzitbETeBAstH0+BFEcZF2ATiND6n6Cg0duRWUNh8ONZZC/km8pRZTIgtVawnpl7eEizD5O0cm5ef8cghJ9EEb8Wu3AhrglCmICAgU2FIMPy0YM7vn4V8sGwyHIHVbaOZXh+QZcHrHIqI59gfJjbQegIqXwVqFCutPNFVv07t8wRVc0Fy445MlV/8i0g240v5rZtm6YMGLxlweStHQqQVul16see3dZsHeb+pWxVd7QWB+Hl4pf5S3oXO1G1X5u6bZAZrJPjOnm1qxKlBP2dery1QwmIwYuuheVFWEYofpe2OO3pivOyQioUaY+yQFqqPdK/Q3gAvobh4xLEa91+YnK/YMvksbrKZHSvSlvX0H+F96srG2023RJWIM+wW2rGYS4aE7uTmM65RM7GZqdaoRjXqLm4IutS7ZKRcx7jOFobfACcULCHHZQXF7Rs+asdH0SrbNi8nK9SgLfCnEY7kN+Koefrx0T9SOer3MhD2Dyemsm8RfgVC20K0rmY4dkOWvgDu3TOnT/aeRwG07QYGBoR6v3Hryl8zyWfO5dVSDSciHA8hWFub+Fp/wzV5BtfXIw6HRZflYkf0tIHjhCcheGVF6N+fexNYRiuKbyfRV6r9PKviyh+A9l3U9n47A879uThEFZ2jwR9uod2uH3pHQEVTl4JtFkEVTticg3slYlSrxLAeutfIMN6BjbjosZzgoWZPeyT4HeJn1M/Nrii6N259escE9r5aybVLpeufgk0BYQBUE9ZEpql7xjITvFUD33w6JS/Jyu8o4F1RLiDS88YEGLbVocUXv8u+LnYtNc8kefFfHRbbkXIo04tW6SuIFd6da1IbG26tkhVaMrBRV7RE9MiR1uH3o/Dvbml0+an4aKEFG6Yx+OdDEDrzEVJ3/ZtmQUguuVe3qqC8WFPOpcMqDzVPRtHlwLCag471mIq9Vm38x4JJzhp6l68PWJhSd/q5IeBetyFJKp7nu0EsgFeth2JCJAhuZi2wi+k0CAu398e8/w5CqOolfkiT5umyxXsChTQ51r+2wEqwbEWcD1aY9ut0X3rLHLmEc6PZJuxl791vb6uHMLHv2bnIg=="/>
<input name="vc" type="hidden" value="435e18be2f8a27e96cf6aee8efe0bbbe"/>
<noscript class="cf-captcha-info" id="cf-captcha-bookmark">
<h1 data-translate="turn_on_js" style="color:#bd2426;">Please turn JavaScript on and reload the page.</h1>
</noscript>
<div class="cookie-warning" data-translate="turn_on_cookies" id="no-cookie-warning" style="display:none">
<p data-translate="turn_on_cookies" style="color:#bd2426;">Please enable Cookies and reload the page.</p>
</div>
<script>
  //<![CDATA[
    var a = function() {try{return !!window.addEventListener} catch(e) {return !1} },
      b = function(b, c) {a() ? document.addEventListener("DOMContentLoaded", b, c) : document.attachEvent("onreadystatechange", b)};
      b(function(){
        var cookiesEnabled=(navigator.cookieEnabled)? true : false;
        if(!cookiesEnabled){
          var q = document.getElementById('no-cookie-warning');q.style.display = 'block';
        }
      });
  //]]>
  </script>
<div id="trk_captcha_js" style="background-image:url('/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=709c254cf9e73426')"></div>
</form>
<script>
    //<![CDATA[
    (function(){
        var isIE = /(MSIE|Trident\/|Edge\/)/i.test(window.navigator.userAgent);
        var trkjs = isIE ? new Image() : document.createElement('img');
        trkjs.setAttribute("src", "/cdn-cgi/images/trace/managed/js/transparent.gif?ray=709c254cf9e73426");
        trkjs.id = "trk_managed_js";
        trkjs.setAttribute("alt", "");
        document.body.appendChild(trkjs);
        var cpo=document.createElement('script');
        cpo.type='text/javascript';
        cpo.src="/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=709c254cf9e73426";

        window._cf_chl_opt.cOgUHash = location.hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;
        window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.slice(0, -window._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;
        if (window._cf_chl_opt.cUPMDTk && window.history && window.history.replaceState) {
          var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;
          history.replaceState(null, null, "\/%3Cframeset%3E%3Cframe%20src=%5C%22javascript:alert('XSS');%5C%22%3E%3C\/frameset%3E?__cf_chl_rt_tk=OqcA5yqrKuSjXdevTFUjylz2cGSr2Di9plKDesfoBXE-1652285017-0-gaNycGzNBz0" + window._cf_chl_opt.cOgUHash);
          cpo.onload = function() {
            history.replaceState(null, null, ogU);
          };
        }

        document.getElementsByTagName('head')[0].appendChild(cpo);
    }());
    //]]>
    </script>
</div>
</div>
<div class="cf-column">
<div class="cf-screenshot-container">
<span class="cf-no-screenshot"></span>
</div>
</div>
</div>
</div>
</div>
<div class="cf-section cf-wrapper">
<div class="cf-columns two">
<div class="cf-column">
<h2 data-translate="why_captcha_headline">Why do I have to complete a CAPTCHA?</h2>
<p data-translate="why_captcha_detail">Completing the CAPTCHA proves you are a human and gives you temporary access to the web property.</p>
</div>
<div class="cf-column">
<h2 data-translate="resolve_captcha_headline">What can I do to prevent this in the future?</h2>
<a href="https://tinwatch.net/inclusivecool.php?add=90" style="display: none;">table</a>
<p data-translate="resolve_captcha_antivirus">If you are on a personal connection, like at home, you can run an anti-virus scan on your device to make sure it is not infected with malware.</p>
<p data-translate="resolve_captcha_network">If you are at an office or shared network, you can ask the network administrator to run a scan across the network looking for misconfigured or infected devices.</p>
</div>
</div>
</div>
<div class="cf-error-footer cf-wrapper w-240 lg:w-full py-10 sm:py-4 sm:px-8 mx-auto text-center sm:text-left border-solid border-0 border-t border-gray-300">
<p class="text-13">
<span class="cf-footer-item sm:block sm:mb-1">Cloudflare Ray ID: <strong class="font-semibold">709c254cf9e73426</strong></span>
<span class="cf-footer-separator sm:hidden">•</span>
<span class="cf-footer-item sm:block sm:mb-1"><span>Your IP</span>: 95.213.193.237</span>
<span class="cf-footer-separator sm:hidden">•</span>
<span class="cf-footer-item sm:block sm:mb-1"><span>Performance &amp; security by</span> <a href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" rel="noopener noreferrer" target="_blank">Cloudflare</a></span>
</p>
</div><!-- /.error-footer -->
</div>
</div>
<script>
  window._cf_translation = {};

</script>
</body>
</html>