Request 8801208

Parent Attack26d9309f-c650-46aa-a4fe-ba10a7a76562
ID8801208
Date10/13/2017 10:25
URL
ha.do/qYpH
Hostnameha.do
Form Data[]
Headers["Accept: text/html, text/plain", "Connection: TE, close", "Te: deflate,gzip;q=0.3", "User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.361 (KHTML, like Gecko) Chrome/37.1270.2049.0 Safari/537.36"]
Response Body
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ko" lang="ko"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><style type="text/css">body { width:100%; height:100%; } .wrap { position:fixed; top:50%; left:50%; margin:-185px 0 0 -315px; width:630px; height:370px; } h1 {margin: 0 0 20px; font-size: 15pt;}</style></head><body><script type="text/javascript" src="/cupid.js" ></script><script>function toNumbers(t){var e=[];return t.replace(/(..)/g,function(t){e.push(parseInt(t,16))}),e}function toHex(){for(var t=[],t=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",o=0;o<t.length;o++)e+=(16>t[o]?"0":"")+t[o].toString(16);return e.toLowerCase()}function getUrlParams(){var t={};return window.location.search.replace(/[?&]+([^=&]+)=([^&]*)/gi,function(e,o,r){t[o]=r}),t}var a=toNumbers("6bbeed1ffe07b3d31a61074758ae2151"),b=toNumbers("e1a1cfe5e4843fa9f849bc89f337da2c"),c=toNumbers("6dfdbf570d40359f0cd7a5c44c2deb3e"),now=new Date,time=now.getTime();time+=864e5,now.setTime(time),document.cookie="CUPID="+toHex(slowAES.decrypt(c,2,a,b))+"; expires="+now.toUTCString()+"; path=/",oParams=getUrlParams(),nCkattempt=0,oParams.ckattempt&&(nCkattempt=parseInt(oParams.ckattempt)),nCkattempt<3&&(location.href="http://ha.do/qYpH?ckattempt=1");</script><div class="wrap"><div align="center"><h1>자동등록방지를 위해 보안절차를 거치고 있습니다.</h1><p>Please prove that you are human.</p><form action="/___verify" method="POST"><input type="submit" value="  OK  "></form></div></div></body></html>