Report - ediyieskincare.com/mmm/piwxOczAdffLrF0lf54U8k24BQx2Kj/YnVzaW5lc3MubGFib3JzdGFuZGFyZHNAc2VhdHRsZS5nb3Y=

Report Overview

Submitted URL
ediyieskincare.com/mmm/piwxOczAdffLrF0lf54U8k24BQx2Kj/YnVzaW5lc3MubGFib3JzdGFuZGFyZHNAc2VhdHRsZS5nb3Y=
IP
67.223.118.144
ASN
#22612 NAMECHEAP-NET
Submitted
2024-05-03 23:18:03
Access
public
Website Title
wxMdFNaOFC
Final URL
3aysh.tectishe.com/d9pUPvZC/#Hbusiness.laborstandards@seattle.gov
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ediyieskincare.com	unknown	unknown	No data	No data	556 B	297 B	67.223.118.144
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-03	6.1 kB	726 kB	104.17.3.184
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-03	412 B	32 kB	151.101.66.137
3aysh.tectishe.com	unknown	unknown	No data	No data	1.6 kB	8.2 kB	172.67.185.65

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-02	medium	3aysh.tectishe.com/d9pUPvZC/	Office365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/21Qf3v0qK9yj3r-/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal	3.6 kB	2024-05-04	2024-05-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/21Qf3v0qK9yj3r-/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 01:18:09 Last Seen2024-05-04 01:18:09 Times Seen1 Hash 55f4e4ac7685cf2adae80ef5350edf19 862c6354c693d3b0809f0547a46e31452b18b92b 843a4ebab9c614e1bbcd129e8dce5250cad319b9110cd49c3338cf112e9bcbda Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e3f735afaf56cc	431 kB	2024-05-04	2024-05-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e3f735afaf56cc IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 01:18:09 Last Seen2024-05-04 01:18:09 Times Seen2 Hash 6016cc76f86fe11b5adf8df9e136e164 c81dcbe508e761264231079ca989a8fca29772bb a912286944f924c4c88ff321b107121d2376ea6269728707eb05e980a6439cad Loading...

	3aysh.tectishe.com/d9pUPvZC/#Hbusiness.laborstandards@seattle.gov	6.1 kB	2024-05-04	2024-05-04
Pretty URL 3aysh.tectishe.com/d9pUPvZC/#Hbusiness.laborstandards@seattle.gov IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 01:18:09 Last Seen2024-05-04 01:18:09 Times Seen1 Hash 70be888e1dea5450b2a02b033fc3c617 f538dc7457b062de7f3459273f78388f40f24e45 7c5d7fb0659f4dc1d0fb0fd082f74060876d4af67c9fc851ca98f5acc6c23c12 Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-05-18
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-18 02:37:46 Times Seen274752 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	43 kB	2024-04-25	2024-05-06
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 19:17:04 Last Seen2024-05-06 16:14:42 Times Seen2299 Hash 65b0a652c40c95d12c4ddb3b4567c1ea c654efa19d01d6553ed4e0f500d350011e023ad1 c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7 Loading...

	unknown	157 B	2024-04-03	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-03 09:40:10 Last Seen2024-05-11 11:52:01 Times Seen612 Hash 54b32f51946bf616b908ed2c3732df68 25af89d89433ea4f3910782c01745ecf7da9db23 caaad3feb4c9100116d4d800ae1aa362af1870023bd6f4ff7efb3d773a7a0a94 Loading...

	unknown	1.1 kB	2024-05-04	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 01:18:09 Last Seen2024-05-04 01:18:09 Times Seen1 Hash ef684f4fec0243d0cf0aa2cfda547f60 be2ea9c8d62e8eb44081ef9d470045ae1828849f 572dd49f6caad8ccd94769f9dad817726afaf507dff563e7bab9d4b19bfaad50 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 61fa153f2827c887a48a351ae3c6cfd3	8 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 01:03:50 Last Seen2024-05-17 16:04:22 Times Seen1335 Hash 61fa153f2827c887a48a351ae3c6cfd3 5fbd02245cf700ea94d638c8d76924ecca52d330 4c44d7c28ec0f6ca3e2624c6af1d3be324576d01ef6f6c2dc0af7e61664b8c2c Loading...

	#2 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-18
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-18 02:37:45 Times Seen353014 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#3 Eval - 8944cb50272c147780b3712da43e39aa	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 01:18:09 Last Seen2024-05-04 01:18:09 Times Seen1 Hash 8944cb50272c147780b3712da43e39aa 1c3c7ce3dbfb48ef4ede4b28737bcacf21a773be 84914729bed8021665107834516432c0b15dba03f32ad20f414d971f9e05c611 Loading...

	#4 Eval - fe911c049adbf4b91b288d1f83d6be84	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 01:18:09 Last Seen2024-05-04 01:18:09 Times Seen1 Hash fe911c049adbf4b91b288d1f83d6be84 17d123fce1856c370682201d2ae09d0c5492c900 b4c9a9bfdde6bc27ee764a3bed6317d4a4589c840d2c8044d5df7a23473f90e9 Loading...

		Size	First Seen	Last Seen
	#1 Write - 826452d526b572253f06467ad0334015	4.5 kB	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 01:18:09 Last Seen2024-05-04 01:18:09 Times Seen1 Hash 826452d526b572253f06467ad0334015 63f772eec292ff697a648436f4ae79eba93f6043 21bdba949328850e455b315da1e067dc31767a05b03724556416d615d6e90036 Loading...

HTTP Transactions (14)

URL IP Response Size

ediyieskincare.com/mmm/piwxOczAdffLrF0lf54U8k24BQx2Kj/YnVzaW5lc3MubGFib3JzdGFuZGFyZHNAc2VhdHRsZS5nb3Y=

67.223.118.144

0 B

URL
ediyieskincare.com/mmm/piwxOczAdffLrF0lf54U8k24BQx2Kj/YnVzaW5lc3MubGFib3JzdGFuZGFyZHNAc2VhdHRsZS5nb3Y=
IP
67.223.118.144:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /mmm/piwxOczAdffLrF0lf54U8k24BQx2Kj/YnVzaW5lc3MubGFib3JzdGFuZGFyZHNAc2VhdHRsZS5nb3Y= HTTP/1.1
Host: ediyieskincare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/8.0.30
refresh: 0;url=https://3aySH.tectishe.com/d9pUPvZC/#Hbusiness.laborstandards@seattle.gov
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 03 May 2024 23:17:36 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

104.17.3.184

302 Found

0 B

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://3aysh.tectishe.com/d9pUPvZC/#Hbusiness.laborstandards@seattle.gov
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3aysh.tectishe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 03 May 2024 23:17:37 GMT
content-length: 0
location: /turnstile/v0/g/d0ff3ebede6b/api.js
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f72f2bce5695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.66.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://3aysh.tectishe.com/d9pUPvZC/#Hbusiness.laborstandards@seattle.gov
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3aysh.tectishe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 May 2024 23:17:37 GMT
age: 634439
x-served-by: cache-lga21931-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 254994
x-timer: S1714778258.851861,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/21Qf3v0qK9yj3r-/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:38 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e3f7312d1356cc-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/386283913:1714775368:QnDfYBr5lhR4UjTMNb1nYdiiOCve05ao65fShdSxZs4/87e3f7305c8856cc/f86aa8c6678e1df

104.17.3.184

14 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/386283913:1714775368:QnDfYBr5lhR4UjTMNb1nYdiiOCve05ao65fShdSxZs4/87e3f7305c8856cc/f86aa8c6678e1df
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JSON text data
Size
14 B (14 bytes)
Hash
a9dfddb54aff6f43a0723f949320903f
4346c8bdb5b9601075ac17fb3368ce1402602c52
109717522e1340f031ebef562d8e618dfc8994d0d5194c38444d93c90b3ba313

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/386283913:1714775368:QnDfYBr5lhR4UjTMNb1nYdiiOCve05ao65fShdSxZs4/87e3f7305c8856cc/f86aa8c6678e1df HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: f86aa8c6678e1df
Content-Length: 2537
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 400 Bad Request
date: Fri, 03 May 2024 23:17:38 GMT
content-type: application/json
content-length: 14
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: l5neKnr2qMaO6De9SzYi8QR1EcVPfzyLTLVz22gyIdA81NgxtVIapV+zOScrfBN1GWUHbnzi5vmUBYpT4TEZqg==$S9DoaFgFf55WvJLWGN1JAg==
server: cloudflare
cf-ray: 87e3f7330e2556cc-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/21Qf3v0qK9yj3r-/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:38 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e3f7336e6156cc-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal

104.17.3.184

200 OK

26 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://3aysh.tectishe.com/d9pUPvZC/#Hbusiness.laborstandards@seattle.gov
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25543 bytes)
Hash
a89a45d24fd807d2c058879e57f5fa1f
1f0658a08de6f78490801a2202360fb799384760
7c92a499fb0ff2b76b2a5c2b7c96e68463f22f7a16460030dd3cae818fe0b7b1

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3aysh.tectishe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:37 GMT
content-type: text/html; charset=UTF-8
document-policy: js-profiling
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
vary: accept-encoding
server: cloudflare
cf-ray: 87e3f7305c8856cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/21Qf3v0qK9yj3r-/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/21Qf3v0qK9yj3r-/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:38 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e3f735efd456cc-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js

104.17.3.184

200 OK

25 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://3aysh.tectishe.com/d9pUPvZC/#Hbusiness.laborstandards@seattle.gov
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42565)
Size
25 kB (24888 bytes)
Hash
65b0a652c40c95d12c4ddb3b4567c1ea
c654efa19d01d6553ed4e0f500d350011e023ad1
c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7

HTTP Headers

GET /turnstile/v0/g/d0ff3ebede6b/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3aysh.tectishe.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:37 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f72f7bdf56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal

104.17.3.184

200 OK

205 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://3aysh.tectishe.com/d9pUPvZC/#Hbusiness.laborstandards@seattle.gov
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
205 kB (204718 bytes)
Hash
27366b0b789616f70c12fcc21cdfbe45
a68fcfb3a3e0486e97399e8944e849e0f98adb15
bf4d07b8e51db92d587bd2a1990bf337537fc53c76c2e689501daa37d7610678

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3aysh.tectishe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:38 GMT
content-type: text/html; charset=UTF-8
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
document-policy: js-profiling
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
cross-origin-opener-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
vary: accept-encoding
server: cloudflare
cf-ray: 87e3f7332e3b56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/21Qf3v0qK9yj3r-/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal

104.17.3.184

200 OK

34 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/21Qf3v0qK9yj3r-/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://3aysh.tectishe.com/d9pUPvZC/#Hbusiness.laborstandards@seattle.gov
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
34 kB (33514 bytes)
Hash
77a5760dc62733d8218287492ed47905
c8519ed7eba317a2baa9ef192d8d7d5557df8cc1
f96b0ff0bcdfb153116651dfedbde0b3d01704581a5cfdae2dcc6faf2a088258

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/21Qf3v0qK9yj3r-/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3aysh.tectishe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:38 GMT
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
vary: accept-encoding
server: cloudflare
cf-ray: 87e3f735afaf56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

3aysh.tectishe.com/d9pUPvZC/

172.67.185.65

200 OK

6.1 kB

URL User Request GET HTTP/2
3aysh.tectishe.com/d9pUPvZC/
IP
172.67.185.65:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecttectishe.com
Fingerprint1D:FF:AA:F0:76:47:D7:E9:F9:C6:D1:42:1A:6D:6D:17:64:2D:88:C5
ValidityMon, 15 Apr 2024 14:56:41 GMT - Sun, 14 Jul 2024 14:56:40 GMT

File type
HTML document, ASCII text, with very long lines (6110), with no line terminators
Size
6.1 kB (6110 bytes)
Hash
28e6c33991c4c1577aa920f519c3a34c
070822c61acdde1311fc3f3ba104a25621297b14
7321dc21c549f2d7e164cd932692a84c0e563d3ed3e4275c19a9edd5a944208d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /d9pUPvZC/ HTTP/1.1
Host: 3aysh.tectishe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:17:37 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3hq%2BjZfrkUs3DHr2V%2F1zgGDiYyAMMe6Ws35cLt8Z7%2FZIXg7Afhx8IaWTEGC%2Bfq6tIOZc7jiWwfqqBFbXVAd7f78sLEVCWw9nylr6ZAcLFEIb9Xyfnb2R%2Brd5WAvQ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6IkdhN3FvT0VTU2NPTGRIdkVucGRUWWc9PSIsInZhbHVlIjoiZWlqNHQ3YjFnaExOS09wUEtmVVBIQnVKdmxucXBYUVJCSUtzV1BTc1NhYWNmZmpQOU1SMHB5cGY3TlNMK1RoemhiZXJIdHNpTUFNMjRnRW9vOStrcXNyNlQ0cVpRWm9jMjVobXJtQ3g1MEJNZGRkMm40a0FOU1gzQU4wRGVFR2wiLCJtYWMiOiI3ODkyY2E1MjY0NzMzYTVhMjUwOGJjNzM2NmNkMDZhNjk1NGFiZWNiYzM4MzdlZGRiMDc5NTExYTQ2MWRmZjMwIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 01:17:37 GMT; Max-Age=7200; path=/; secure; samesite=none
laravel_session=eyJpdiI6Im1CWHFUNlJvOGhwUlA0S0E5S1FicHc9PSIsInZhbHVlIjoiNkRyVHFUUENDK25NaUZ4UEkvMnhzVGFXOVUxSTZpY0R2Mm54dDlzRllYZzFMNFdKK3BiZFhqVThWTkFNNGdSNDIyWnFLM1p6ZHZ3WnZja0VtdUlaVjNvTU5BZDFNc1RMWHhlN3ljTnZLcjJFeWtEcitaV3FpZFE1LzdlbXFQRi8iLCJtYWMiOiI1OTEyZjJhNDZmOWNlZmM0MDkyZTlkYTk0Y2E5NjcwYzU3OGFmYjk0OGJjNzk2ZmU1ZjM1MjQyNjZjZmE4ODJjIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 01:17:37 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 87e3f729ba3e0b49-OSL
content-encoding: br
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e3f735afaf56cc

104.17.3.184

200 OK

431 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e3f735afaf56cc
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/21Qf3v0qK9yj3r-/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
431 kB (430929 bytes)
Hash
6016cc76f86fe11b5adf8df9e136e164
c81dcbe508e761264231079ca989a8fca29772bb
a912286944f924c4c88ff321b107121d2376ea6269728707eb05e980a6439cad

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e3f735afaf56cc HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/21Qf3v0qK9yj3r-/cjkyc/0x4AAAAAAAZNatbLKB6BC9e9/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:38 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 87e3f735efd856cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

3aysh.tectishe.com/favicon.ico

172.67.185.65

404 Not Found

0 B

URL GET HTTP/3
3aysh.tectishe.com/favicon.ico
IP
172.67.185.65:443
ASN
#13335 CLOUDFLARENET

Requested by
https://3aysh.tectishe.com/d9pUPvZC/#Hbusiness.laborstandards@seattle.gov
Certificate
IssuerGoogle Trust Services LLC
Subjecttectishe.com
Fingerprint1D:FF:AA:F0:76:47:D7:E9:F9:C6:D1:42:1A:6D:6D:17:64:2D:88:C5
ValidityMon, 15 Apr 2024 14:56:41 GMT - Sun, 14 Jul 2024 14:56:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 3aysh.tectishe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3aysh.tectishe.com/d9pUPvZC/
Cookie: XSRF-TOKEN=eyJpdiI6IkdhN3FvT0VTU2NPTGRIdkVucGRUWWc9PSIsInZhbHVlIjoiZWlqNHQ3YjFnaExOS09wUEtmVVBIQnVKdmxucXBYUVJCSUtzV1BTc1NhYWNmZmpQOU1SMHB5cGY3TlNMK1RoemhiZXJIdHNpTUFNMjRnRW9vOStrcXNyNlQ0cVpRWm9jMjVobXJtQ3g1MEJNZGRkMm40a0FOU1gzQU4wRGVFR2wiLCJtYWMiOiI3ODkyY2E1MjY0NzMzYTVhMjUwOGJjNzM2NmNkMDZhNjk1NGFiZWNiYzM4MzdlZGRiMDc5NTExYTQ2MWRmZjMwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im1CWHFUNlJvOGhwUlA0S0E5S1FicHc9PSIsInZhbHVlIjoiNkRyVHFUUENDK25NaUZ4UEkvMnhzVGFXOVUxSTZpY0R2Mm54dDlzRllYZzFMNFdKK3BiZFhqVThWTkFNNGdSNDIyWnFLM1p6ZHZ3WnZja0VtdUlaVjNvTU5BZDFNc1RMWHhlN3ljTnZLcjJFeWtEcitaV3FpZFE1LzdlbXFQRi8iLCJtYWMiOiI1OTEyZjJhNDZmOWNlZmM0MDkyZTlkYTk0Y2E5NjcwYzU3OGFmYjk0OGJjNzk2ZmU1ZjM1MjQyNjZjZmE4ODJjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 03 May 2024 23:17:38 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8S98%2FhpYI0Jypz%2F0b%2BQyBEx9X7u8igVj3bQne7ZdRLgLPgTRRam50PawTtuZCExd3yaXy5A9aUZctq0Y0heWjYC9PZQbD8vJORDyhQFLZSBnQ9KtG1owlKEfvTQUvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 87e3f730aa4bb4f1-OSL
content-encoding: br

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (14)