{"report_id":"10096cf4-9ce8-42c0-98e4-edd48b1463d3","version":6,"status":"done","tags":["phishing","microsoft","outlook"],"date":"2024-01-29T13:48:35Z","url":{"schema":"http","addr":"matesk-ed67fc.alfirsan.in/index/alfirsan/wqnhvy8kk/YWtpbmFyZEBncmF5ZGF6ZS5jb20=","fqdn":"matesk-ed67fc.alfirsan.in","domain":"alfirsan.in","tld":"in"},"ip":{"addr":"208.91.198.96","port":0,"asn":394695,"as":"PUBLIC-DOMAIN-REGISTRY","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post#akinard@graydaze.com","fqdn":"39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev","domain":"6baa1e70ef945d7e23ab66c0.workers.dev","tld":"workers.dev"},"title":"Just a moment..."},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T01:32:34Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2019-02-08","domain_rank":0,"first_seen":"2024-01-25 18:58:21","last_seen":"2024-01-27 15:50:36","alert_count":0,"request_count":2,"received_data":7706,"sent_data":1171,"comment":"","tags":null,"fingerprints":null},{"fqdn":"servantsclass.org","ip":{"addr":"46.253.135.7","port":443,"asn":212238,"as":"Datacamp Limited","country":"Netherlands","country_code":"NL"},"domain_registered":"2005-04-12","domain_rank":0,"first_seen":"2015-07-08 04:54:07","last_seen":"2024-01-29 10:43:22","alert_count":0,"request_count":1,"received_data":3610,"sent_data":566,"comment":"","tags":null,"fingerprints":null},{"fqdn":"matesk-ed67fc.alfirsan.in","ip":{"addr":"208.91.198.96","port":0,"asn":394695,"as":"PUBLIC-DOMAIN-REGISTRY","country":"United States","country_code":"US"},"domain_registered":"2016-05-18","domain_rank":0,"first_seen":"2024-01-26 12:18:07","last_seen":"2024-01-29 10:43:21","alert_count":1,"request_count":1,"received_data":917,"sent_data":533,"comment":"","tags":null,"fingerprints":null},{"fqdn":"link.mail.beehiiv.com","ip":{"addr":"104.18.69.40","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-10-08","domain_rank":0,"first_seen":"2021-11-11 01:31:09","last_seen":"2024-01-28 05:19:54","alert_count":2,"request_count":2,"received_data":4984,"sent_data":2358,"comment":"","tags":null,"fingerprints":null},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":0,"first_seen":"2021-10-20 07:02:03","last_seen":"2024-01-28 20:49:00","alert_count":0,"request_count":8,"received_data":396944,"sent_data":4903,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post#akinard@graydaze.com","fqdn":"39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev","domain":"6baa1e70ef945d7e23ab66c0.workers.dev","tld":"workers.dev"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"c34b6f2b122236a5ebe85ae5bd851bc3","sha1":"0ea8ce72d96decbed2c5d6e2ca1c6adcaf430ae6","sha256":"1308d1cd5040cb8aa5a81e47f576a24a43d231db72bab75f091c059f30b8665a","sha512":"87b27fa344cade18433cf84ddd0dcffcec8e50844452638b9bc98d890d59d9a904f7c28f2ac911baf25c226420d44789a442ff1a198a63929d6c8ec8fb2f0dc8","ssdeep":"","tlshash":"09e07d6c39437283af71c2a6111b2b867c2d8069dc5ce1175513d14c3d106d18328916","size":311,"data":"","first_seen":"2024-01-26T10:58:35Z","last_seen":"2024-08-20T11:02:09.272528Z","times_seen":292,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b6cb18920c726f1e608330edb44ad8ca","sha1":"faba4125756c52d2cf61d28cd029316227139b00","sha256":"b63864b56750d2f5a52e6185c3258e689718661a2fa03b633af1528e56345543","sha512":"d7e8600918d0240d7ba8ab4f8166e0d77f3b943ec2ea0e00b1f67a9c48ceb34623140a5e617df2e32aa5252cbb4e405293fbce35d4eb9b1513e019c62f8020cb","ssdeep":"","tlshash":"805194fb99f942055629a625530f23812d30129f1c48787d3e8dda0dafac86f61f5bd1","size":3124,"data":"","first_seen":"2024-08-20T10:44:33.276107Z","last_seen":"2024-08-20T10:44:33.276107Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"382de2d5802b5bd3d87cf2fb3071121d","sha1":"d0299a88eb32dbc533d61b024ff6e35956113e29","sha256":"18cbe0edc0b01c71a6c3ffe704550a8bb1cfe7e02839b7dbdc9c44288bf8b59c","sha512":"8e40f9af6117018e7a6ad62ec2988c82eef9f4dd29915a40b9741da8663f60d17594a60633ad9cdf8c5b153d025de4f3cbf39bf81a915af243b385cd9eb7e387","ssdeep":"768:fCEd/9UHA9q79HkHwcNMN3JEB1p2Ej7FPWuR3DfH6eMf7crAx:b9UHA9q79HkHwAg3U2Ec","tlshash":"09032a98329b747257ee44a0607ba743722a7e3ae48c8c50d857dc3135bcd9ac137fa9","size":38245,"data":"","first_seen":"2024-01-22T13:34:29Z","last_seen":"2024-08-20T11:30:33.452082Z","times_seen":13694,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=84d1ee60ce615685","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"751b7c97ae6d5fab7f89bd0bcc7a0acf","sha1":"aca3584a4c437c3b737abbd9cc8463e24cf49191","sha256":"f46ef5a932656e89413edaca796604f1ef7e1a0bbe16ab1d9dfe7962b90a3f55","sha512":"e81392f5bda54c61984d85bb8260ebd43980d0579f71ab0d09819af14af96b806a3e743127a14b83f2f947c5195795406c490fbf6162059cb13bcfc946171f8e","ssdeep":"3072:c9hAGu6HPxVfxjoM9yVFx+ac3uvfTzzbIWssq9bWeS:cPY6npjlyEif/zbfVq1lS","tlshash":"7f0482cc7bdbb95565233d3860273213a0af1d496c7c09ddea00b1d529f530a92e7aaf","size":178236,"data":"","first_seen":"2024-08-20T10:44:33.26313Z","last_seen":"2024-08-20T10:44:33.383705Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1c862db5f2555377c2dc1e62ed7b3981","sha1":"c29e6dc25c08a70995127ec13ded6f80d9a36174","sha256":"27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac","sha512":"31143265b96385ef4b575b72591775139057dff85891be61591e3d55259b6d1dc95d86a0feec40c801d38e64278cfbe50c3c2a16757f986ad40f716935bf2bb2","ssdeep":"","tlshash":"0c8000ac38802000803328e8002fa8aaa020083030800e022a02e8888cb222c822a8ae","size":26,"data":"","first_seen":"2023-04-11T21:13:06Z","last_seen":"2026-04-03T23:30:04.997601Z","times_seen":264157,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":[{"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-03T23:31:13.923495Z","times_seen":665310,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"write":[{"md5":"5050ea273fba3b7d71092fbef9768548","sha1":"9281dd4f49ab214e92a33e63965002a096b8bc61","sha256":"c3a2e8ce226d8184c225a6d6098bfefb971538e4edee7233a2caae661e4d6d03","sha512":"6668409e4af6ad8b59157f3954b7e6ed37d11c10bf170bdb8a44c076c4030eaff275ccb3dbde92e192dcdb2188a8e47c303c8e0e7b8789d753396a418cec052e","ssdeep":"","tlshash":"1771d064acf3508185cbd34cfbe0ed861be0b1a3919a5656bb4c874ec7857ec8957f02","size":3575,"data":"","first_seen":"2024-01-22T15:04:07Z","last_seen":"2024-08-20T11:30:22.302101Z","times_seen":8986,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"matesk-ed67fc.alfirsan.in/index/alfirsan/wqnhvy8kk/YWtpbmFyZEBncmF5ZGF6ZS5jb20=","fqdn":"matesk-ed67fc.alfirsan.in","domain":"alfirsan.in","tld":"in"},"ip":{"addr":"208.91.198.96","port":0,"asn":394695,"as":"PUBLIC-DOMAIN-REGISTRY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-01-29T13:48:10.892117828Z","timestamp":1706536090892,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /index/alfirsan/wqnhvy8kk/YWtpbmFyZEBncmF5ZGF6ZS5jb20= HTTP/1.1\r\nHost: matesk-ed67fc.alfirsan.in\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nrefresh: 0;url=https://link.mail.beehiiv.com/ls/click?upn=9AjBS24XjIke9Nu0vYZ9-2BuwLVBu5KGr8fnD4W0I-2FN4V2ao9zppVW-2BCc7Jl9OpQIvBncXzZ1wqCFPUI5-2FzvPx-2FthEhBAgZvqs6cXMIBvXQakac1hANH34VEqP0XZMcFdMoeNQPk0L-2FhIJnqPWoFX2VMUsZNkFVpvZPStAV70uqPc-3Dtbps_oSVnkAVexNANk2eJ9iVljiNwKDh-2BEPd5PhF5Lpq-2Fm7J7iJdRIdCSqICxYeHmWvKSp18OMQ4gwU0dagL2Ns5yZi4iDTasfq0wXzUf0TrpgJIEyIQdnoRJAVSvp1NFxJFmn20uoecDy2QYcfXlzVWVCRCvlK3y1vunC3RDyMRaPjNF6NNfIYWC99CkjxDgAp6Hh2xVD2pOZNIUPLo2E2yJ6PSwJ4a3jp2G5z6rzYnJiqpmvCwL-2FbKWLhzvH2JPvqXA-2BR1GLqUugQBwoVapf29thV9zVK5-2Fwb2E7P84ZoIJ9bH7cHW6MLKbSRq626qPBjoeyu-2BT8B2y1LdgfMejqBNaZziRDEeYANT-2Bbf-2BaURiXyPYRmmZbFjMpcSCNB5ehS5Opw-2FFRXth-2F67AFEY2kbNlqJAWtVCBAZvr51CmlfHJDrW1TsfPEvA9lbDMGPrQijtLijYyexOh3tY-2BDHMsnAoc92g-3D-3D#akinard@graydaze.com\r\ncontent-length: 0\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Mon, 29 Jan 2024 13:48:08 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T23:31:02.874036Z","times_seen":13307549,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"link.mail.beehiiv.com/ls/click?upn=9AjBS24XjIke9Nu0vYZ9-2BuwLVBu5KGr8fnD4W0I-2FN4V2ao9zppVW-2BCc7Jl9OpQIvBncXzZ1wqCFPUI5-2FzvPx-2FthEhBAgZvqs6cXMIBvXQakac1hANH34VEqP0XZMcFdMoeNQPk0L-2FhIJnqPWoFX2VMUsZNkFVpvZPStAV70uqPc-3Dtbps_oSVnkAVexNANk2eJ9iVljiNwKDh-2BEPd5PhF5Lpq-2Fm7J7iJdRIdCSqICxYeHmWvKSp18OMQ4gwU0dagL2Ns5yZi4iDTasfq0wXzUf0TrpgJIEyIQdnoRJAVSvp1NFxJFmn20uoecDy2QYcfXlzVWVCRCvlK3y1vunC3RDyMRaPjNF6NNfIYWC99CkjxDgAp6Hh2xVD2pOZNIUPLo2E2yJ6PSwJ4a3jp2G5z6rzYnJiqpmvCwL-2FbKWLhzvH2JPvqXA-2BR1GLqUugQBwoVapf29thV9zVK5-2Fwb2E7P84ZoIJ9bH7cHW6MLKbSRq626qPBjoeyu-2BT8B2y1LdgfMejqBNaZziRDEeYANT-2Bbf-2BaURiXyPYRmmZbFjMpcSCNB5ehS5Opw-2FFRXth-2F67AFEY2kbNlqJAWtVCBAZvr51CmlfHJDrW1TsfPEvA9lbDMGPrQijtLijYyexOh3tY-2BDHMsnAoc92g-3D-3D","fqdn":"link.mail.beehiiv.com","domain":"beehiiv.com","tld":"com"},"ip":{"addr":"104.18.69.40","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-01-29T13:48:11.915440837Z","timestamp":1706536091915,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /ls/click?upn=9AjBS24XjIke9Nu0vYZ9-2BuwLVBu5KGr8fnD4W0I-2FN4V2ao9zppVW-2BCc7Jl9OpQIvBncXzZ1wqCFPUI5-2FzvPx-2FthEhBAgZvqs6cXMIBvXQakac1hANH34VEqP0XZMcFdMoeNQPk0L-2FhIJnqPWoFX2VMUsZNkFVpvZPStAV70uqPc-3Dtbps_oSVnkAVexNANk2eJ9iVljiNwKDh-2BEPd5PhF5Lpq-2Fm7J7iJdRIdCSqICxYeHmWvKSp18OMQ4gwU0dagL2Ns5yZi4iDTasfq0wXzUf0TrpgJIEyIQdnoRJAVSvp1NFxJFmn20uoecDy2QYcfXlzVWVCRCvlK3y1vunC3RDyMRaPjNF6NNfIYWC99CkjxDgAp6Hh2xVD2pOZNIUPLo2E2yJ6PSwJ4a3jp2G5z6rzYnJiqpmvCwL-2FbKWLhzvH2JPvqXA-2BR1GLqUugQBwoVapf29thV9zVK5-2Fwb2E7P84ZoIJ9bH7cHW6MLKbSRq626qPBjoeyu-2BT8B2y1LdgfMejqBNaZziRDEeYANT-2Bbf-2BaURiXyPYRmmZbFjMpcSCNB5ehS5Opw-2FFRXth-2F67AFEY2kbNlqJAWtVCBAZvr51CmlfHJDrW1TsfPEvA9lbDMGPrQijtLijYyexOh3tY-2BDHMsnAoc92g-3D-3D HTTP/1.1\r\nHost: link.mail.beehiiv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 29 Jan 2024 13:48:09 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://servantsclass.org/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post\r\nx-robots-tag: noindex, nofollow\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=4bC3KA6UFUkgpeR24BNI9hYDnHuz76hR5UiVOFYYrtg-1706536089-1-AWH1D/nf9ygHXw50ejvY9ZkzwPBOuE5YNzpUqV0rQIH4c/tlYIKZGewa9Zq4q2nI9tYxQzRLd7nblUDyDbUt1Dc=; path=/; expires=Mon, 29-Jan-24 14:18:09 GMT; domain=.beehiiv.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\ncf-ray: 84d1ee594f7db4f4-OSL\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":487,"size_decoded":487,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"ede09048247d4950ecdfd20cf4c8e81b","sha1":"fec1b2963cf5d1239746ffa411f0695b481fd37c","sha256":"0ba711fdce7b9086a97d6afe9145d1fff7740d253bd0f1668fd46ff6dd5b88b0","sha512":"e87be3e25fe671c937090aab46a3cee11e516789f0bf5c25fabed75fa2ae507372d29aac59510a80264a16f03b5f479d3415604cbf6702a559557e3b6474f5d3","ssdeep":"","tlshash":"cef09eb7c54314c704a72d1140c6f2e044463ab7fc4697dc7bc74c5a902a1fa88c472f","first_seen":"2024-01-26T10:58:35Z","last_seen":"2024-08-20T11:02:09.262889Z","times_seen":180,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post#akinard@graydaze.com","date":"2024-01-29T13:48:12.112Z","timestamp":1706536092112,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 29 Jan 2024 13:48:09 GMT\r\ncache-control: max-age=300, public\r\naccess-control-allow-origin: *\r\nvary: accept-encoding\r\nlocation: /turnstile/v0/g/ea25f566/api.js?onload=onloadTurnstileCallback\r\nserver: cloudflare\r\ncf-ray: 84d1ee5ff9605687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":80910,"size_decoded":80910,"mime_type":"application/javascript; charset=UTF-8","magic":"data","md5":"21496f467e971ad9d981edfd32394e53","sha1":"8184b8019637feb5e5b73add674af18e9bb458d7","sha256":"50809572cdc82630e8726a20eab47a7e08cd7b4e7ada954b00f68a8f0204c49d","sha512":"8895a13fcdde9a9015f62c30aa636ef132fdade81cf51ef12e508e6365028bb5d7aeed689b93f66106f81fea5aeda063120dbdc84d110dd8f8a4ad8ef7c267a7","ssdeep":"1536:w060D5QhGsgBBSc7gdhiUcWlxpEdWsn/egchheQoLn8kmla4x9FEmtHbL:w06EhBx7oi7QN0/ZcT5un8kUa4VEUHH","tlshash":"ac8312c9e3a2176395ed0c97314e87e283f215216d0349d1bc122fe8977729ea3974dd","first_seen":"2024-08-20T10:44:33.243567Z","last_seen":"2024-08-20T10:44:33.243567Z","times_seen":1,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":13,"dns":0,"connect":1,"send":0,"wait":11,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/198365853:1706533918:4hD-B1yLgSkXE4yIA80BIk_rgskz2wmNiPQF8QItSvo/84d1ee60ce615685/ae1bb2d5a252aa0","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal","date":"2024-01-29T13:48:12.560Z","timestamp":1706536092560,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/198365853:1706533918:4hD-B1yLgSkXE4yIA80BIk_rgskz2wmNiPQF8QItSvo/84d1ee60ce615685/ae1bb2d5a252aa0 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal\r\nContent-type: application/x-www-form-urlencoded\r\nCF-Challenge: ae1bb2d5a252aa0\r\nContent-Length: 25435\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 29 Jan 2024 13:48:12 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: T1ANeZsRieE1F6n9ZCDh80In4VJJx93fFnu+YBy7NpIJ8ZZKCw76rbzRs62kcVhy$ZvOby11F+bFVnh5maepfng==\r\nserver: cloudflare\r\ncf-ray: 84d1ee6f4e795685-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20449,"size_decoded":18304,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (18304), with no line terminators","md5":"69ea2eb76a870496c68635ca48d5b57f","sha1":"47b8d4a8f8c5721ddbda3c136bc96f7e2ecc3d67","sha256":"a92dd864e0378203bd280c287500a5fd3a8ae0baa10ae0504da9b2ec14fa41b0","sha512":"0a2e12956b9419db7cb9f66cbeef1006bb2512ee8641336e43f55df3ae9deb930e4e1f82b2e85a016d380d920a82ed7f45459a4eed1b7cd1cdab2730ff259c10","ssdeep":"384:yxGJe0A0wyFQ/2WziiLgoK0COLnRJUx/HS5cUnBqOm:OGe3zjnTIyKy5z0Om","tlshash":"a982d1be69ab7f89220551e60a028d3b77fe78e596f87384c465f68f06c9e100374d4c","first_seen":"2024-08-20T10:44:33.244581Z","last_seen":"2024-08-20T10:44:33.244581Z","times_seen":1,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal","date":"2024-01-29T13:48:12.343Z","timestamp":1706536092343,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 29 Jan 2024 13:48:09 GMT\r\ncontent-type: image/png\r\ncache-control: max-age=2629800, public\r\nserver: cloudflare\r\ncf-ray: 84d1ee6158445685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61,"size_decoded":61,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced","md5":"9246cca8fc3c00f50035f28e9f6b7f7d","sha1":"3aa538440f70873b574f40cd793060f53ec17a5d","sha256":"c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84","sha512":"a2098304d541df4c71cde98e4c4a8fb1746d7eb9677ceba4b19ff522efdd981e484224479fd882809196b854dbc5b129962dba76198d34aaecf7318bd3736c6b","ssdeep":"","tlshash":"a5a002e763957d7bd94b133756651151f8324514171305458805d475161736c81c4a82","first_seen":"2023-08-25T15:09:14Z","last_seen":"2025-05-14T12:12:43.698394Z","times_seen":189286,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post","fqdn":"39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev","domain":"6baa1e70ef945d7e23ab66c0.workers.dev","tld":"workers.dev"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-29T13:48:11.924Z","timestamp":1706536091924,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6baa1e70ef945d7e23ab66c0.workers.dev","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 13 Jan 2024 13:44:07 GMT","end":"Fri, 12 Apr 2024 13:44:06 GMT"},"fingerprint":{"sha1":"9E:E2:2A:8D:04:E3:62:D9:43:F5:CA:BC:15:72:34:E4:7A:6B:7D:C2","sha256":"18:F1:3D:26:C7:97:07:E3:5B:4A:2F:E0:1B:51:18:C4:35:17:B6:36:E7:B4:0B:07:D4:5D:2C:AC:17:05:B1:4D"}}},"request":{"raw":"GET /?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post HTTP/1.1\r\nHost: 39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 29 Jan 2024 13:48:09 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=2v9lXhWAG4%2BEJ9LJzHo8nUypSiIaEydboUjVaELUU%2FrAUMSoaxnuredfUGxeJwCQhOm5cAiXBhgJRjdKTBc7L1qseZnU2pqR9SJz%2FLExplcoC%2BMJTLkI7xH%2B1%2BSpJQ9hVC3tiVS%2BkQprs8J6RVp90LYonf2T0Z8VdaTBtr6v7vE%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 84d1ee5edf735687-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3255,"size_decoded":3255,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (3271), with no line terminators","md5":"43aa7eff1486d3747b4ffc53ff65de48","sha1":"cff87ae2339269fbc6cdf0797328f114543323f7","sha256":"1b0b82cc4999a000a1b6cd6846a1cc81333fa471779481e2bfd5bb6ec7acf659","sha512":"7bfee2f0870c12f3e6838a1f47aacd2db42b58136c372bb69d4e0aa1d7e4eb9a956dc957499f7eb5b4565956683d820cba23619183754317e6ff41ff1f66d653","ssdeep":"","tlshash":"d061b52b6e21b01a96e38d7a20f123dd3934f108da07879eee73d7548ed22660f1274c","first_seen":"2024-01-26T10:58:35Z","last_seen":"2024-08-20T11:02:09.267293Z","times_seen":287,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":21,"dns":0,"connect":6,"send":0,"wait":14,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js?onload=onloadTurnstileCallback","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post#akinard@graydaze.com","date":"2024-01-29T13:48:12.144Z","timestamp":1706536092144,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/g/ea25f566/api.js?onload=onloadTurnstileCallback HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 29 Jan 2024 13:48:09 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 84d1ee6019a05687-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38245,"size_decoded":38245,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (38244)","md5":"382de2d5802b5bd3d87cf2fb3071121d","sha1":"d0299a88eb32dbc533d61b024ff6e35956113e29","sha256":"18cbe0edc0b01c71a6c3ffe704550a8bb1cfe7e02839b7dbdc9c44288bf8b59c","sha512":"8e40f9af6117018e7a6ad62ec2988c82eef9f4dd29915a40b9741da8663f60d17594a60633ad9cdf8c5b153d025de4f3cbf39bf81a915af243b385cd9eb7e387","ssdeep":"768:fCEd/9UHA9q79HkHwcNMN3JEB1p2Ej7FPWuR3DfH6eMf7crAx:b9UHA9q79HkHwAg3U2Ec","tlshash":"09032a98329b747257ee44a0607ba743722a7e3ae48c8c50d857dc3135bcd9ac137fa9","first_seen":"2024-01-22T13:34:29Z","last_seen":"2024-08-20T11:30:33.452082Z","times_seen":13694,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/favicon.ico","fqdn":"39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev","domain":"6baa1e70ef945d7e23ab66c0.workers.dev","tld":"workers.dev"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post#akinard@graydaze.com","date":"2024-01-29T13:48:12.232Z","timestamp":1706536092232,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6baa1e70ef945d7e23ab66c0.workers.dev","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 13 Jan 2024 13:44:07 GMT","end":"Fri, 12 Apr 2024 13:44:06 GMT"},"fingerprint":{"sha1":"9E:E2:2A:8D:04:E3:62:D9:43:F5:CA:BC:15:72:34:E4:7A:6B:7D:C2","sha256":"18:F1:3D:26:C7:97:07:E3:5B:4A:2F:E0:1B:51:18:C4:35:17:B6:36:E7:B4:0B:07:D4:5D:2C:AC:17:05:B1:4D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 29 Jan 2024 13:48:09 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Vsf8rLJ2WF2Q8uTmepNwTcewCittEXEwPn3ZxChyViYBTgYEGEwQlVQqdPJ0wgiVDfDo1IBfcTHqsrffmHhbdjV%2FwlMrGxuspKSEtIp662Qv%2FQAjJopgYSBOoo6l6zNdOVE%2BLe51PkLB5v9%2BH6654EJjDZ8pqqC1IHSLYwUeWE8%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 84d1ee60ab3c1c0a-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3255,"size_decoded":3255,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (3271), with no line terminators","md5":"43aa7eff1486d3747b4ffc53ff65de48","sha1":"cff87ae2339269fbc6cdf0797328f114543323f7","sha256":"1b0b82cc4999a000a1b6cd6846a1cc81333fa471779481e2bfd5bb6ec7acf659","sha512":"7bfee2f0870c12f3e6838a1f47aacd2db42b58136c372bb69d4e0aa1d7e4eb9a956dc957499f7eb5b4565956683d820cba23619183754317e6ff41ff1f66d653","ssdeep":"","tlshash":"d061b52b6e21b01a96e38d7a20f123dd3934f108da07879eee73d7548ed22660f1274c","first_seen":"2024-01-26T10:58:35Z","last_seen":"2024-08-20T11:02:09.267293Z","times_seen":287,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"link.mail.beehiiv.com/ls/click?upn=9AjBS24XjIke9Nu0vYZ9-2BuwLVBu5KGr8fnD4W0I-2FN4V2ao9zppVW-2BCc7Jl9OpQIvBncXzZ1wqCFPUI5-2FzvPx-2FthEhBAgZvqs6cXMIBvXQakac1hANH34VEqP0XZMcFdMoeNQPk0L-2FhIJnqPWoFX2VMUsZNkFVpvZPStAV70uqPc-3Dtbps_oSVnkAVexNANk2eJ9iVljiNwKDh-2BEPd5PhF5Lpq-2Fm7J7iJdRIdCSqICxYeHmWvKSp18OMQ4gwU0dagL2Ns5yZi4iDTasfq0wXzUf0TrpgJIEyIQdnoRJAVSvp1NFxJFmn20uoecDy2QYcfXlzVWVCRCvlK3y1vunC3RDyMRaPjNF6NNfIYWC99CkjxDgAp6Hh2xVD2pOZNIUPLo2E2yJ6PSwJ4a3jp2G5z6rzYnJiqpmvCwL-2FbKWLhzvH2JPvqXA-2BR1GLqUugQBwoVapf29thV9zVK5-2Fwb2E7P84ZoIJ9bH7cHW6MLKbSRq626qPBjoeyu-2BT8B2y1LdgfMejqBNaZziRDEeYANT-2Bbf-2BaURiXyPYRmmZbFjMpcSCNB5ehS5Opw-2FFRXth-2F67AFEY2kbNlqJAWtVCBAZvr51CmlfHJDrW1TsfPEvA9lbDMGPrQijtLijYyexOh3tY-2BDHMsnAoc92g-3D-3D","fqdn":"link.mail.beehiiv.com","domain":"beehiiv.com","tld":"com"},"ip":{"addr":"104.18.69.40","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-29T13:48:11.040Z","timestamp":1706536091040,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"beehiiv.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Sun, 06 Aug 2023 00:00:00 GMT","end":"Sun, 04 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CE:51:1F:72:9C:F3:A5:DD:02:F8:91:63:03:E1:44:49:3E:D7:98:F7","sha256":"5C:AB:74:EE:55:DA:AE:65:96:21:02:4A:B5:73:7B:82:DB:02:D4:C4:7E:56:14:30:98:D6:39:88:9E:FC:DE:7D"}}},"request":{"raw":"GET /ls/click?upn=9AjBS24XjIke9Nu0vYZ9-2BuwLVBu5KGr8fnD4W0I-2FN4V2ao9zppVW-2BCc7Jl9OpQIvBncXzZ1wqCFPUI5-2FzvPx-2FthEhBAgZvqs6cXMIBvXQakac1hANH34VEqP0XZMcFdMoeNQPk0L-2FhIJnqPWoFX2VMUsZNkFVpvZPStAV70uqPc-3Dtbps_oSVnkAVexNANk2eJ9iVljiNwKDh-2BEPd5PhF5Lpq-2Fm7J7iJdRIdCSqICxYeHmWvKSp18OMQ4gwU0dagL2Ns5yZi4iDTasfq0wXzUf0TrpgJIEyIQdnoRJAVSvp1NFxJFmn20uoecDy2QYcfXlzVWVCRCvlK3y1vunC3RDyMRaPjNF6NNfIYWC99CkjxDgAp6Hh2xVD2pOZNIUPLo2E2yJ6PSwJ4a3jp2G5z6rzYnJiqpmvCwL-2FbKWLhzvH2JPvqXA-2BR1GLqUugQBwoVapf29thV9zVK5-2Fwb2E7P84ZoIJ9bH7cHW6MLKbSRq626qPBjoeyu-2BT8B2y1LdgfMejqBNaZziRDEeYANT-2Bbf-2BaURiXyPYRmmZbFjMpcSCNB5ehS5Opw-2FFRXth-2F67AFEY2kbNlqJAWtVCBAZvr51CmlfHJDrW1TsfPEvA9lbDMGPrQijtLijYyexOh3tY-2BDHMsnAoc92g-3D-3D HTTP/1.1\r\nHost: link.mail.beehiiv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 29 Jan 2024 13:48:09 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://servantsclass.org/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post\r\nx-robots-tag: noindex, nofollow\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=4bC3KA6UFUkgpeR24BNI9hYDnHuz76hR5UiVOFYYrtg-1706536089-1-AWH1D/nf9ygHXw50ejvY9ZkzwPBOuE5YNzpUqV0rQIH4c/tlYIKZGewa9Zq4q2nI9tYxQzRLd7nblUDyDbUt1Dc=; path=/; expires=Mon, 29-Jan-24 14:18:09 GMT; domain=.beehiiv.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\ncf-ray: 84d1ee594f7db4f4-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":3255,"size_decoded":3255,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T23:31:02.874036Z","times_seen":13307549,"resource_available":true,"data":null}},"time_used":533,"timings":{"blocked":14,"dns":0,"connect":1,"send":0,"wait":505,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/84d1ee60ce615685/1706536090045/VEN9rpA2IAoovxo","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal","date":"2024-01-29T13:48:13.257Z","timestamp":1706536093257,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/i/84d1ee60ce615685/1706536090045/VEN9rpA2IAoovxo HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 29 Jan 2024 13:48:10 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\ncf-ray: 84d1ee670bd25685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61,"size_decoded":61,"mime_type":"image/png","magic":"PNG image data, 94 x 25, 8-bit/color RGB, non-interlaced","md5":"6ac4eab2d58050d87a33757061058735","sha1":"ee222200ba3ebd119e52e665d6f65252e19af5c9","sha256":"8721ace517717488725d511127a149372e428dd3a6dff5a9aadd6c9ab2ef6e66","sha512":"2791e5be52420c8b9dfc3f3f5ae52b153689516dc7f01a440924cf011120f495d48b403bb322b5a524b0c642bbd1c1abc9b3b86ffa5c8f452758b76e71d41e17","ssdeep":"","tlshash":"72a002d767916cb8c94702b79a3500a1f8330514161101458d05d529169666d80c4a46","first_seen":"2023-05-05T22:40:07Z","last_seen":"2025-04-30T16:27:32.550396Z","times_seen":97,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/84d1ee60ce615685/1706536090053/eb5ab799cf8e7db90b87956af6849fa278ee4bfa27c94d3926ecb1df4f447021/71zQLgbwMJ9wGAY","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal","date":"2024-01-29T13:48:13.986Z","timestamp":1706536093986,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/pat/84d1ee60ce615685/1706536090053/eb5ab799cf8e7db90b87956af6849fa278ee4bfa27c94d3926ecb1df4f447021/71zQLgbwMJ9wGAY HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 Unauthorized\r\ndate: Mon, 29 Jan 2024 13:48:11 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nwww-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g61q3mc-OfbkLh5Vq9oSfonjuS_onyU05Juyx309EcCEAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAri695vAyuHNtz2ItdxPGPC_0gnyGU7CIj6Qub5qktpl5OD04pv7fX57blUoUXd7x32e_aXzBQFdDeWQWE2cWOFVJmkn7MjSWiyGkCmCPF-WkrqZa6b_xBfw8B_RKHlHXIc2zVxlyq7VCibH6aj5APXWRExezQ6PO2XHOCOhTDxEwzYgzSdi0VVHm-UlUN1SCRorqk6zP9Sw8J-b9gccRlyhNHTpO5s-YVSbMhNfQg0MzQ3tpiHbUAVMEJBg37cRTl8lDttnyYIqJLjddfNQZAxBXeAgU3Wa9pB_T6YK_gCqNlV1pZs2jzl0H2R-bU63XlM0QodHbi5MqmlVNy_2g4wIDAQAB, max-age=20, PrivateToken challenge=AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIOtat5nPjn25C4eVavaEn6J47kv6J8lNOSbssd9PRHAhABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyAcIyqXWj0XAym0z5V844rFA0WOzLVwj0uCwmVj6zC4qOH40oBiGHrMNMBnDyk95jvnBAuHeEs855e7nA4l4DPJ4jUWKZbua8BxGAzjn74A1BV81a52F1zvBPUm-VEJXPAPXQehXphSv51uR7HKtfcM5oaS33TGDSy-6xv0r84xjMuTBvwPgXGehxpi1MCGGE5yWkzKN5Zzllk7m6Nkiv6learV-Uz7tzaoPbdZkBk1bFXxm2q07jWavoBZ-JEuEJyjQ00PSTz2Zjpbct6AlR3eCS9sbmXtb5XxSs7JMsvoa8uojD7a5m2SEJIwaf8xKL6wtxkaPonUfvsLj4JoJZQIDAQAB, max-age=20\r\nserver: cloudflare\r\ncf-ray: 84d1ee6b9e565685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":null,"data":{"size":1,"size_decoded":1,"mime_type":"text/plain; charset=UTF-8","magic":"very short file (no magic)","md5":"ff44570aca8241914870afbc310cdb85","sha1":"58668e7669fd564d99db5d581fcdb6a5618440b5","sha256":"6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5","sha512":"3c266c0035de59eab2a0dd31b3dcb4a9dd157b310289e5db9ab4f8c2fddb7433466d48f25da7ad735a1cb8f2935aa612ad1f62f0efcece3933ba9979082e2304","ssdeep":"","tlshash":"c700000000000003c00000300000003000000000000000000003000000000000000000","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T23:31:13.888836Z","times_seen":399769,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"servantsclass.org/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post","fqdn":"servantsclass.org","domain":"servantsclass.org","tld":"org"},"ip":{"addr":"46.253.135.7","port":443,"asn":212238,"as":"Datacamp Limited","country":"Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-29T13:48:11.565Z","timestamp":1706536091565,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.servantsclass.org","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 18 Sep 2023 00:00:00 GMT","end":"Tue, 17 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"32:ED:15:D8:F3:5A:71:2A:8F:B5:A2:76:55:40:67:DF:8C:79:83:7F","sha256":"DC:6E:94:A1:82:C2:DE:82:DC:7B:E7:62:93:55:9E:B6:EA:3B:78:54:17:9C:F5:87:FD:5E:14:AD:BC:50:46:0A"}}},"request":{"raw":"GET /?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post HTTP/1.1\r\nHost: servantsclass.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Mon, 29 Jan 2024 13:48:09 GMT\r\nServer: Apache\r\nLocation: https://39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post\r\nContent-Length: 338\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":3255,"size_decoded":3255,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T23:31:02.874036Z","times_seen":13307549,"resource_available":true,"data":null}},"time_used":579,"timings":{"blocked":231,"dns":0,"connect":111,"send":0,"wait":115,"receive":1,"ssl":117},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/?utm_source=kandis-newsletter-108a44.beehiiv.com\u0026utm_medium=newsletter\u0026utm_campaign=new-post#akinard@graydaze.com","date":"2024-01-29T13:48:12.252Z","timestamp":1706536092252,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://39a36ab4.6baa1e70ef945d7e23ab66c0.workers.dev/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 29 Jan 2024 13:48:09 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ncontent-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndocument-policy: js-profiling\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver: cloudflare\r\ncf-ray: 84d1ee60ce615685-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":74719,"size_decoded":74719,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (40811)","md5":"4ab9bcd8d2abd52695944a7633c1cc8f","sha1":"57dd5a7189a77329762116d2b4e5bbf1e8d43611","sha256":"709e3e14ede2b239fc7b97b37bed8134979e70a72eaba7ec6aeb98e19c932494","sha512":"da56d8d637915785d1f4bac45118916bfb20c68470fc55b29a388c25631e58a092f176cb8ff90ac7e00ce9f3168dabd6e2bee5eee725f6c20cb9b1f4180791b7","ssdeep":"1536:3aJfcyI6+2ecnfIedWeOnCgw1EkWCziqRW4a4YYPqi1Pt2MYE1lDaHy7YYXYVttD:ofTmG9pkrw6EfD97YYXYjtgMkCOsU1yp","tlshash":"0f73f7d9cebc2d19ab029729b1ce51e3632d63471506e599b4cca280cfed14e26f0f79","first_seen":"2024-08-20T10:44:33.262366Z","last_seen":"2024-08-20T10:44:33.262366Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=84d1ee60ce615685","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal","date":"2024-01-29T13:48:12.346Z","timestamp":1706536092346,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=84d1ee60ce615685 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hfwkw/0x4AAAAAAAQo5DADXS9wRUyh/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 29 Jan 2024 13:48:09 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nserver: cloudflare\r\ncf-ray: 84d1ee6158525685-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":178236,"size_decoded":178236,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"751b7c97ae6d5fab7f89bd0bcc7a0acf","sha1":"aca3584a4c437c3b737abbd9cc8463e24cf49191","sha256":"f46ef5a932656e89413edaca796604f1ef7e1a0bbe16ab1d9dfe7962b90a3f55","sha512":"e81392f5bda54c61984d85bb8260ebd43980d0579f71ab0d09819af14af96b806a3e743127a14b83f2f947c5195795406c490fbf6162059cb13bcfc946171f8e","ssdeep":"3072:c9hAGu6HPxVfxjoM9yVFx+ac3uvfTzzbIWssq9bWeS:cPY6npjlyEif/zbfVq1lS","tlshash":"7f0482cc7bdbb95565233d3860273213a0af1d496c7c09ddea00b1d529f530a92e7aaf","first_seen":"2024-08-20T10:44:33.26313Z","last_seen":"2024-08-20T10:44:33.383705Z","times_seen":2,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}