{"report_id":"2ca0ea84-a0df-435d-a6c1-928939217aed","version":6,"status":"done","tags":["phishing","microsoft","outlook"],"date":"2024-09-16T23:07:54Z","url":{"schema":"http","addr":"www.google.com/url?q=https://www.google.com/url?q=3HOSozuuQiApLjODz3yh\u0026rct=tTPSJ3J3wD5CHARyycT\u0026sa=t\u0026esrc=X4PUcFgECA0xys8Em2FL\u0026source=\u0026cd=HXUursu8uEcr4eTiw9XH\u0026cad=XpPkDfJ6CHARlDJVS0Y\u0026ved=xjnktlqryYWwZIBRrgvK\u0026uact=\u0026url=amp/%E2%80%8Bl%C2%ADob%C2%ADui%C2%ADld%C2%ADe%C2%ADr%C2%ADs.%E2%80%8Bco%C2%ADm/auth/new/gbcfGmBvhfdjC4z2YJ2YBUy8/bXNhbXBzb25Ad2ZnbmF0aW9uYWx0aXRsZS5jb20=","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.228","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hytechsms.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPVdVUmpNbGM9JnVpZD1VU0VSMTIwOTIwMjRVMTQwOTEyMjY=N0123Nmsampson@wfgnationaltitle.com","fqdn":"hytechsms.com","domain":"hytechsms.com","tld":"com"},"title":"hytechsms.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPVdVUmpNbGM9JnVpZD1VU0VSMTIwOTIwMjRVMTQwOTEyMjY=N0123Nmsampson@wfgnationaltitle.com"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-28T20:10:36Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.google.com","ip":{"addr":"216.58.207.228","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":7,"first_seen":"2015-05-10 13:11:19","last_seen":"2024-09-15 18:22:04","alert_count":0,"request_count":2,"received_data":2682,"sent_data":1851,"comment":"","tags":null,"fingerprints":null},{"fqdn":"lobuilders.com","ip":{"addr":"103.83.194.55","port":0,"asn":393960,"as":"HOST4GEEKS-LLC","country":"India","country_code":"IN"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2020-03-07 19:56:03","last_seen":"2024-02-19 11:45:22","alert_count":1,"request_count":1,"received_data":334,"sent_data":459,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-09-15 18:13:05","alert_count":0,"request_count":4,"received_data":3548,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hytechsms.com","ip":{"addr":"104.21.91.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-03-05","domain_rank":353095,"first_seen":"2022-02-07 01:59:35","last_seen":"2024-03-16 15:38:39","alert_count":1,"request_count":2,"received_data":2502,"sent_data":1360,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-15 18:12:18","alert_count":0,"request_count":4,"received_data":3550,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-09-15 18:16:50","alert_count":0,"request_count":2,"received_data":1398,"sent_data":650,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:29.246149495Z","timestamp":1726528049246,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"73C53B2F9EA6CB310EB9DF3E6D917F4649A2C2470B3AE7EE1E4BBB7102550016\"\r\nLast-Modified: Sun, 15 Sep 2024 21:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6815\r\nExpires: Tue, 17 Sep 2024 01:01:04 GMT\r\nDate: Mon, 16 Sep 2024 23:07:29 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"b4ddabe3dc0fdf5ea3a82a9aebbb01c6","sha1":"bfbff7cc66b83f1e16d8739a987f175866a6de68","sha256":"73c53b2f9ea6cb310eb9df3e6d917f4649a2c2470b3ae7ee1e4bbb7102550016","sha512":"fa30674cb0205ddc62bceb4f66b8b8cb150c5da00de2c0ca2fbd9bc68a9a1817e768db99f30e5c54fa4418d89fe881549dc6540662001362b9f80107c53cfa73","ssdeep":"","tlshash":"82f00e372aa875a0bee9154269f9d83d4a753dba72002fc5188216d2ef607e846cc80c","first_seen":"2024-09-16T01:16:34Z","last_seen":"2024-09-19T20:22:21.795612Z","times_seen":28960,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:29.313268129Z","timestamp":1726528049313,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A50CD1C21CA6FCD7B91806CC79BB4669602F2ED234D5722704DF5959AFFECAD0\"\r\nLast-Modified: Sun, 15 Sep 2024 00:20:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13410\r\nExpires: Tue, 17 Sep 2024 02:50:59 GMT\r\nDate: Mon, 16 Sep 2024 23:07:29 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cbe3df23d7a1a604654e06ccca10ab85","sha1":"907419e4690cac7c3af83a771260ec3dd8118bf3","sha256":"a50cd1c21ca6fcd7b91806cc79bb4669602f2ed234d5722704df5959affecad0","sha512":"a91c0b95465fe8bd55e9e735258db4f89bd976c8944f47d6e138b987e6bdb55d3ff103010b695c901a92399eab71333883a6a8eebde412f2174ed4c872b92b45","ssdeep":"","tlshash":"11f07577b995f600fee4154d15e4e064962267ffe5c410e1258023f11601bf8e48840c","first_seen":"2024-09-15T07:08:20Z","last_seen":"2024-09-19T20:30:08.478969Z","times_seen":27661,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:29.613554717Z","timestamp":1726528049613,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"4A2A3E3BB18F4046A78FD131FDDC30A26B37C78F0B85554F495B4B7631261D42\"\r\nLast-Modified: Sun, 15 Sep 2024 02:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=19279\r\nExpires: Tue, 17 Sep 2024 04:28:48 GMT\r\nDate: Mon, 16 Sep 2024 23:07:29 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"2964f413d127163e967d87e9760719e2","sha1":"9f1f8d00cda959fbe9e65e3a0e4af3710fbc3a24","sha256":"4a2a3e3bb18f4046a78fd131fddc30a26b37c78f0b85554f495b4b7631261d42","sha512":"6860b2d24a49bebfda4e8565d06fc5230bb62e4c8a0b25778f0959bb2e4346e307b6910d6aa29910c3d4dc97a0cd038ff2dd6ac06942d806165116f9594dd01e","ssdeep":"","tlshash":"d9f0054327b4b550ebba2eb829e9ec1968027dceb1d048c635c400e76711795035c189","first_seen":"2024-09-15T07:59:35Z","last_seen":"2024-09-19T20:29:50.61604Z","times_seen":16288,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:29.776443Z","timestamp":1726528049776,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"90EA3C7AF91BE1CD66E22F44935435A8F844385AB37CE80DFB1F0D517FA91C02\"\r\nLast-Modified: Sun, 15 Sep 2024 02:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9830\r\nExpires: Tue, 17 Sep 2024 01:51:19 GMT\r\nDate: Mon, 16 Sep 2024 23:07:29 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"dc2649e086d14b37f641e418f94b8dad","sha1":"0e5bcbba8b6c22a8652210eab920b0b3f02d18f3","sha256":"90ea3c7af91be1cd66e22f44935435a8f844385ab37ce80dfb1f0d517fa91c02","sha512":"01be1b81729f639ff658a915b37a2ccab4202c94e2d8786c71166c588c6a3d84fd063dfc6ef121f61904a5d376f0515a5b01797e77901a68b575ef13e994b9ca","ssdeep":"","tlshash":"3ef00eac27f3ad817e6c4a18685dd9117b24bada303425db3d9405f2a1417fc0ec840c","first_seen":"2024-09-15T15:33:17Z","last_seen":"2024-09-19T20:26:35.13374Z","times_seen":15319,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:29.892903344Z","timestamp":1726528049892,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Mon, 16 Sep 2024 23:07:29 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"72daff84a0147917d9c860d5496dc2ca","sha1":"539b04a2664697a404234db3a0518400a72a3011","sha256":"4ea046e49994acc303345fd75b08ac430e7139b1b5fd0e1302205b5dda07f0a2","sha512":"92bf46873b8c178707b35b3891137b6a4ada578b66cdc0339031a9309b80f1125c1c4f97a14a0c94f05d655700e7f3a0590aac443644b4409353231f622314ad","ssdeep":"","tlshash":"b2f0540d00fa38d8bf224d2415e8e2d8be50040501ce1d90503409e5ba04ecd80142ac","first_seen":"2024-09-16T18:07:13Z","last_seen":"2024-09-19T20:14:03.918158Z","times_seen":1033,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.google.com/url?q=https://www.google.com/url?q=3HOSozuuQiApLjODz3yh\u0026rct=tTPSJ3J3wD5CHARyycT\u0026sa=t\u0026esrc=X4PUcFgECA0xys8Em2FL\u0026source=\u0026cd=HXUursu8uEcr4eTiw9XH\u0026cad=XpPkDfJ6CHARlDJVS0Y\u0026ved=xjnktlqryYWwZIBRrgvK\u0026uact=\u0026url=amp/%E2%80%8Bl%C2%ADob%C2%ADui%C2%ADld%C2%ADe%C2%ADr%C2%ADs.%E2%80%8Bco%C2%ADm/auth/new/gbcfGmBvhfdjC4z2YJ2YBUy8/bXNhbXBzb25Ad2ZnbmF0aW9uYWx0aXRsZS5jb20=","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.228","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:29.931286155Z","timestamp":1726528049931,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /url?q=https://www.google.com/url?q=3HOSozuuQiApLjODz3yh\u0026rct=tTPSJ3J3wD5CHARyycT\u0026sa=t\u0026esrc=X4PUcFgECA0xys8Em2FL\u0026source=\u0026cd=HXUursu8uEcr4eTiw9XH\u0026cad=XpPkDfJ6CHARlDJVS0Y\u0026ved=xjnktlqryYWwZIBRrgvK\u0026uact=\u0026url=amp/%E2%80%8Bl%C2%ADob%C2%ADui%C2%ADld%C2%ADe%C2%ADr%C2%ADs.%E2%80%8Bco%C2%ADm/auth/new/gbcfGmBvhfdjC4z2YJ2YBUy8/bXNhbXBzb25Ad2ZnbmF0aW9uYWx0aXRsZS5jb20= HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nCookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\nlocation: https://www.google.com/amp/%E2%80%8Bl%C2%ADob%C2%ADui%C2%ADld%C2%ADe%C2%ADr%C2%ADs.%E2%80%8Bco%C2%ADm/auth/new/gbcfGmBvhfdjC4z2YJ2YBUy8/bXNhbXBzb25Ad2ZnbmF0aW9uYWx0aXRsZS5jb20=\r\ncache-control: private\r\ncontent-type: text/html; charset=UTF-8\r\nstrict-transport-security: max-age=31536000\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Of8Jf4BhYlxXsnCB6sgJ8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\ndate: Mon, 16 Sep 2024 23:07:29 GMT\r\nserver: gws\r\ncontent-length: 373\r\nx-xss-protection: 0\r\nset-cookie: __Secure-ENID=22.SE=e00Eqzry5zrTuw6O-CGYbfEWiK5-mf11ptNlGwWusOKS3skAMecQvsKequ_9Sb1pRc0bWZDMvoB0j38I215hhVP6ZwlmnYYJoYNphF-_yHgb8dbr0yAo1Fpxv0twDNDIqS44CLwg1XxddCpsDwQUSV-NN4d9xKua_ZFwcRqzxlC4XFzYzvKwZhMLdKFsJqJ4XMxDqebB-IAK3TRsZ2y75cj0dpWk93K4KazIuD4; expires=Fri, 17-Oct-2025 15:25:47 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":373,"size_decoded":373,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"743ff575fde7d0613b2814e866dae565","sha1":"5eb8c714e1862b03c7a6654c1797677e5189f063","sha256":"0c668b646e53adbe13b55219ef0748e41ee2725f6605cd4d37b7c80590630757","sha512":"74af2b89fe953a788a48522afdebca7b0b53c56bfecf43ec98062e4929433502673ea47942c546686169710c42b779c4f22532d32e23a0a2938ea1ab3fd311b6","ssdeep":"","tlshash":"54e0207f1a0d78f7d277ba98747a82344c157102c3b58d96e6b31969098c92501d5a85","first_seen":"2024-09-19T20:10:39.422035Z","last_seen":"2024-09-19T20:10:39.422035Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.google.com/amp/%E2%80%8Bl%C2%ADob%C2%ADui%C2%ADld%C2%ADe%C2%ADr%C2%ADs.%E2%80%8Bco%C2%ADm/auth/new/gbcfGmBvhfdjC4z2YJ2YBUy8/bXNhbXBzb25Ad2ZnbmF0aW9uYWx0aXRsZS5jb20=","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.228","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:30.007689108Z","timestamp":1726528050007,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /amp/%E2%80%8Bl%C2%ADob%C2%ADui%C2%ADld%C2%ADe%C2%ADr%C2%ADs.%E2%80%8Bco%C2%ADm/auth/new/gbcfGmBvhfdjC4z2YJ2YBUy8/bXNhbXBzb25Ad2ZnbmF0aW9uYWx0aXRsZS5jb20= HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=22.SE=e00Eqzry5zrTuw6O-CGYbfEWiK5-mf11ptNlGwWusOKS3skAMecQvsKequ_9Sb1pRc0bWZDMvoB0j38I215hhVP6ZwlmnYYJoYNphF-_yHgb8dbr0yAo1Fpxv0twDNDIqS44CLwg1XxddCpsDwQUSV-NN4d9xKua_ZFwcRqzxlC4XFzYzvKwZhMLdKFsJqJ4XMxDqebB-IAK3TRsZ2y75cj0dpWk93K4KazIuD4\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\nlocation: http://​l­ob­ui­ld­e­r­s.​co­m/auth/new/gbcfGmBvhfdjC4z2YJ2YBUy8/bXNhbXBzb25Ad2ZnbmF0aW9uYWx0aXRsZS5jb20=\r\ncache-control: private\r\nx-robots-tag: noindex\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-HsTXUmfHlmNBcZ41J_XYvw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/fff\"}]}\r\ndate: Mon, 16 Sep 2024 23:07:29 GMT\r\nserver: gws\r\ncontent-length: 313\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":313,"size_decoded":313,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"944fd01daac76701a806de2914a41961","sha1":"48eb7a46de58952de8ed81d826dd4ae9272a46f6","sha256":"25437ec3e89ae060d6c0dd10068d51aed3d23f8eb86b1de158e7a578fb6394f1","sha512":"8db2100f960e6d6be00b0a3ff48d7524e83708cad25e4d11733f7e4f163a061e08d06945d141209b447ef828356f1f29a356f02f328d46e4644d122ab0350882","ssdeep":"","tlshash":"81e0e7be0d0d65774573bba4b47a84304c103043f35745dad2b424ec0d9493442c1fc2","first_seen":"2024-09-19T20:10:39.423698Z","last_seen":"2024-09-19T20:10:39.423698Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:30.072983607Z","timestamp":1726528050072,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Mon, 16 Sep 2024 23:07:30 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"98c9ce3ee137208450dc272d972390ac","sha1":"f86e924b5038dc55e359197d8d08989004aa8452","sha256":"d206ab20afcec3a318401700475e24d1b0ceea8010a5d3bc8b1d6c0527f33c0e","sha512":"8c5395f37fe06402ce27869f1c00042a7efa064f4c0d1f541fa7526b32885fa9f52ae99732f7807b505ca6c8181164aa08893067208ecedb4011d3faf55456a0","ssdeep":"","tlshash":"fdf0d43e10f25c53de23cd5814ed65b5331a300ed8941eb1347ab7a5784465cd8012a0","first_seen":"2024-09-16T18:05:35Z","last_seen":"2024-09-19T20:14:03.586767Z","times_seen":984,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"lobuilders.com/auth/new/gbcfGmBvhfdjC4z2YJ2YBUy8/bXNhbXBzb25Ad2ZnbmF0aW9uYWx0aXRsZS5jb20=","fqdn":"lobuilders.com","domain":"lobuilders.com","tld":"com"},"ip":{"addr":"103.83.194.55","port":0,"asn":393960,"as":"HOST4GEEKS-LLC","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:30.100208319Z","timestamp":1726528050100,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /auth/new/gbcfGmBvhfdjC4z2YJ2YBUy8/bXNhbXBzb25Ad2ZnbmF0aW9uYWx0aXRsZS5jb20= HTTP/1.1\r\nHost: lobuilders.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 16 Sep 2024 23:07:30 GMT\r\nServer: Apache\r\nrefresh: 0;url=https://hytechsms.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPVdVUmpNbGM9JnVpZD1VU0VSMTIwOTIwMjRVMTQwOTEyMjY=N0123Nmsampson@wfgnationaltitle.com\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T02:38:17.241927Z","times_seen":13523349,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:32.09321914Z","timestamp":1726528052093,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"7868B9D67D4D3AA59F3CFAE358B4252F060290EEE91B140396C820B9387AF260\"\r\nLast-Modified: Sun, 15 Sep 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7160\r\nExpires: Tue, 17 Sep 2024 01:06:52 GMT\r\nDate: Mon, 16 Sep 2024 23:07:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ca723553e74ec93d39dd2f922b78cd33","sha1":"19488770f771507f7cc656302076d90be4453b52","sha256":"7868b9d67d4d3aa59f3cfae358b4252f060290eee91b140396c820b9387af260","sha512":"4b64fb24634c949f00a29e4a387a633dc6c848f940e290f886a19ebb150bc49c45106e7184faeb964606ebe2153d582dcfb9b924ab87d157b0eb7ce779beccee","ssdeep":"","tlshash":"25f0052636206865265d1417d9dde83679211d98355127aa496403e478693fe545810c","first_seen":"2024-09-15T12:44:44Z","last_seen":"2024-09-19T20:28:00.588003Z","times_seen":10856,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:32.094115817Z","timestamp":1726528052094,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"7868B9D67D4D3AA59F3CFAE358B4252F060290EEE91B140396C820B9387AF260\"\r\nLast-Modified: Sun, 15 Sep 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7160\r\nExpires: Tue, 17 Sep 2024 01:06:52 GMT\r\nDate: Mon, 16 Sep 2024 23:07:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ca723553e74ec93d39dd2f922b78cd33","sha1":"19488770f771507f7cc656302076d90be4453b52","sha256":"7868b9d67d4d3aa59f3cfae358b4252f060290eee91b140396c820b9387af260","sha512":"4b64fb24634c949f00a29e4a387a633dc6c848f940e290f886a19ebb150bc49c45106e7184faeb964606ebe2153d582dcfb9b924ab87d157b0eb7ce779beccee","ssdeep":"","tlshash":"25f0052636206865265d1417d9dde83679211d98355127aa496403e478693fe545810c","first_seen":"2024-09-15T12:44:44Z","last_seen":"2024-09-19T20:28:00.588003Z","times_seen":10856,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:32.094987105Z","timestamp":1726528052094,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"7868B9D67D4D3AA59F3CFAE358B4252F060290EEE91B140396C820B9387AF260\"\r\nLast-Modified: Sun, 15 Sep 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7160\r\nExpires: Tue, 17 Sep 2024 01:06:52 GMT\r\nDate: Mon, 16 Sep 2024 23:07:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ca723553e74ec93d39dd2f922b78cd33","sha1":"19488770f771507f7cc656302076d90be4453b52","sha256":"7868b9d67d4d3aa59f3cfae358b4252f060290eee91b140396c820b9387af260","sha512":"4b64fb24634c949f00a29e4a387a633dc6c848f940e290f886a19ebb150bc49c45106e7184faeb964606ebe2153d582dcfb9b924ab87d157b0eb7ce779beccee","ssdeep":"","tlshash":"25f0052636206865265d1417d9dde83679211d98355127aa496403e478693fe545810c","first_seen":"2024-09-15T12:44:44Z","last_seen":"2024-09-19T20:28:00.588003Z","times_seen":10856,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-16T23:07:32.097053069Z","timestamp":1726528052097,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"7868B9D67D4D3AA59F3CFAE358B4252F060290EEE91B140396C820B9387AF260\"\r\nLast-Modified: Sun, 15 Sep 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7160\r\nExpires: Tue, 17 Sep 2024 01:06:52 GMT\r\nDate: Mon, 16 Sep 2024 23:07:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ca723553e74ec93d39dd2f922b78cd33","sha1":"19488770f771507f7cc656302076d90be4453b52","sha256":"7868b9d67d4d3aa59f3cfae358b4252f060290eee91b140396c820b9387af260","sha512":"4b64fb24634c949f00a29e4a387a633dc6c848f940e290f886a19ebb150bc49c45106e7184faeb964606ebe2153d582dcfb9b924ab87d157b0eb7ce779beccee","ssdeep":"","tlshash":"25f0052636206865265d1417d9dde83679211d98355127aa496403e478693fe545810c","first_seen":"2024-09-15T12:44:44Z","last_seen":"2024-09-19T20:28:00.588003Z","times_seen":10856,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hytechsms.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPVdVUmpNbGM9JnVpZD1VU0VSMTIwOTIwMjRVMTQwOTEyMjY=N0123Nmsampson@wfgnationaltitle.com","fqdn":"hytechsms.com","domain":"hytechsms.com","tld":"com"},"ip":{"addr":"104.21.91.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-16T23:07:30.962Z","timestamp":1726528050962,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hytechsms.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 21 Aug 2024 05:52:32 GMT","end":"Tue, 19 Nov 2024 05:52:31 GMT"},"fingerprint":{"sha1":"17:F2:B9:79:BD:2C:4B:1C:56:83:76:00:6E:28:4A:1B:2F:0D:7A:27","sha256":"14:BE:8A:9B:06:2C:79:5E:70:5D:A5:E0:C6:F1:FD:01:DB:96:E1:7E:C5:72:A9:0F:5E:CB:F3:0C:CA:47:54:7A"}}},"request":{"raw":"POST /o/?c3Y9bzM2NV8xX25vbSZyYW5kPVdVUmpNbGM9JnVpZD1VU0VSMTIwOTIwMjRVMTQwOTEyMjY=N0123Nmsampson@wfgnationaltitle.com HTTP/1.1\r\nHost: hytechsms.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 111532\r\nOrigin: https://hytechsms.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hytechsms.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPVdVUmpNbGM9JnVpZD1VU0VSMTIwOTIwMjRVMTQwOTEyMjY=N0123Nmsampson@wfgnationaltitle.com\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 16 Sep 2024 23:07:31 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=bkSmy2UiS%2BZApp%2FW1eiXk3L65sz2r6%2F10Ffd4lC9JBB2czbWH%2FAXOOaWHulzsZ7qAycHx%2BTYSnBtOscHWyiPnsU9Ek6KLBO9zytLODKaVyJ35w%2F2Hkp%2FIVMwKn6CwcnG\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8c44835e8f1756b9-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1,"size_decoded":1,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"1d78758685e5e2f4efeeb490f8521abd","sha1":"ef7e6794ca9c6a06b54b66f279237fb8daaaeea8","sha256":"a80e516bfb196e1c48a9acbe39da8fceb6bc82e0d991b8a990b8f3239c7efaed","sha512":"9e2ec546bf544644f631b6ed08bf8f925b8141439df580afc94ef90652b057a102b452d59ac8ea7decdf739e2e82383c0c7cfbc4181287a8c68914ad7551b5a0","ssdeep":"","tlshash":"c710000000000000000000000000000000000000003000000000000000000000000000","first_seen":"2023-04-05T08:34:26Z","last_seen":"2025-04-06T22:11:20.074579Z","times_seen":6700,"resource_available":false,"data":null}},"time_used":635,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":635,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"hytechsms.com/favicon.ico","fqdn":"hytechsms.com","domain":"hytechsms.com","tld":"com"},"ip":{"addr":"104.21.91.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hytechsms.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPVdVUmpNbGM9JnVpZD1VU0VSMTIwOTIwMjRVMTQwOTEyMjY=N0123Nmsampson@wfgnationaltitle.com","date":"2024-09-16T23:07:31.631Z","timestamp":1726528051631,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hytechsms.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 21 Aug 2024 05:52:32 GMT","end":"Tue, 19 Nov 2024 05:52:31 GMT"},"fingerprint":{"sha1":"17:F2:B9:79:BD:2C:4B:1C:56:83:76:00:6E:28:4A:1B:2F:0D:7A:27","sha256":"14:BE:8A:9B:06:2C:79:5E:70:5D:A5:E0:C6:F1:FD:01:DB:96:E1:7E:C5:72:A9:0F:5E:CB:F3:0C:CA:47:54:7A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hytechsms.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hytechsms.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPVdVUmpNbGM9JnVpZD1VU0VSMTIwOTIwMjRVMTQwOTEyMjY=N0123Nmsampson@wfgnationaltitle.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 16 Sep 2024 23:07:31 GMT\r\ncontent-type: text/html\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: BYPASS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=qlYjcyVRDnhfMWEPAgy8goKl6vw%2FFSrZs6bmugHHtzS0OqBtBzgDdV4eOI7wsH5dh0zlkxWgLmGLleeaPO3QLrF0nU5dLrQYtIJAHFdwK4LoTbLHQhvS8MrgA2nEd%2BVD\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8c448362acbe56b9-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1224,"size_decoded":1224,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1261), with no line terminators","md5":"e115d0eada02ecd8e3e87b1897e15677","sha1":"a2f12dfb4e1b32a0b5e1054842f7ade8fa4fa7ee","sha256":"0ac055079ff3c4066f1cdb86c9b47210fa130bd0e9a9d7461f5cd4104a59b6cd","sha512":"be00a051e27754e94402be628fd404f49c1bee220d5d51c20abe3da4945fc6d21a01a06a52cec43352a1673a0d4df489d8d5ac32a8e4c23ecac58a102477293c","ssdeep":"","tlshash":"9221403ec2c1920a94171198f7d1b2b8266ac341eb930ff52a4971a8f4cd0ee56a3fc4","first_seen":"2023-04-06T19:42:52Z","last_seen":"2024-10-15T22:28:47.810855Z","times_seen":287,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}