ocsp.godaddy.com/
192.124.249.24 1.8 kB IP 192.124.249.24:0
Hash 5550915a85206fb47d691c32c8b53b5f
a13a25cbe28a119eb36f74827064a12c4e5c634b
b3fd75c92ed085f551fc4a306f4acb321faae963f5aa079b8c98fe4a82905c5b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 10 Jun 2023 00:10:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Jun 2023 21:16:47 GMT
Expires: Sat, 10 Jun 2023 21:16:47 GMT
ETag: "a13a25cbe28a119eb36f74827064a12c4e5c634b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.cambeywest.com/openclick/?m=FAF202207281710&t=c&e=eric@slurpmail.net&p=FAF&a=24877445&s=SEXZZ00ZZX&c=link1-text&l=https://atacoff.com/new/auth/sf_rand_string_lowercase6////anVsaWUudHJlbnRAdXZkaS5jb20=
52.188.77.88302 Found 203 B URL User Request GET HTTP/1.1 www.cambeywest.com/openclick/?m=FAF202207281710&t=c&e=eric@slurpmail.net&p=FAF&a=24877445&s=SEXZZ00ZZX&c=link1-text&l=https://atacoff.com/new/auth/sf_rand_string_lowercase6////anVsaWUudHJlbnRAdXZkaS5jb20=
IP 52.188.77.88:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.cambeywest.com
Fingerprint37:F5:14:AD:5B:D8:5A:05:E5:E5:31:BD:16:D1:DF:02:8B:0E:31:F4
ValidityTue, 01 Nov 2022 14:58:24 GMT - Mon, 23 Oct 2023 00:06:31 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash e1103b2555e381d7e1874f26eb4c9581
f0402a159d4f071348d08bb3bef8b4ebe2a5994c
74a4740f0deac82606f9d8208180543928203cf593c87efcdad39c6152eb0d8a
GET /openclick/?m=FAF202207281710&t=c&e=eric@slurpmail.net&p=FAF&a=24877445&s=SEXZZ00ZZX&c=link1-text&l=https://atacoff.com/new/auth/sf_rand_string_lowercase6////anVsaWUudHJlbnRAdXZkaS5jb20= HTTP/1.1
Host: www.cambeywest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 10 Jun 2023 00:10:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 203
Connection: keep-alive
Cache-Control: private
Location: https://atacoff.com/new/auth/sf_rand_string_lowercase6////anVsaWUudHJlbnRAdXZkaS5jb20=
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Content-Security-Policy: default-src https: 'unsafe-eval' 'unsafe-inline'; img-src * data:; object-src 'none'; font-src https: data:; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors https://www.cambeywest.com
X-Content-Type-Options: NOSNIFF
X-Frame-Options: ALLOW-FROM https://www.cambeywest.com
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
atacoff.com/new/auth/sf_rand_string_lowercase6////anVsaWUudHJlbnRAdXZkaS5jb20=
192.185.75.229200 OK 0 B URL User Request GET HTTP/2 atacoff.com/new/auth/sf_rand_string_lowercase6////anVsaWUudHJlbnRAdXZkaS5jb20=
IP 192.185.75.229:443
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subjectatacoff.com
FingerprintE6:16:BA:08:FE:D3:A5:2E:7A:16:6A:A0:61:7D:7E:49:3F:D4:D0:58
ValiditySat, 03 Jun 2023 15:16:50 GMT - Fri, 01 Sep 2023 15:16:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /new/auth/sf_rand_string_lowercase6////anVsaWUudHJlbnRAdXZkaS5jb20= HTTP/1.1
Host: atacoff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
refresh: 0;url=https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mjulie.trent@uvdi.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 10 Jun 2023 00:10:51 GMT
server: Apache
X-Firefox-Spdy: h2
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d4d64c9bcb4b521
172.67.193.242 42 B URL wsbmbzp6dk64254fd9a9cc4.bgglux.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d4d64c9bcb4b521
IP 172.67.193.242:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d4d64c9bcb4b521 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mjulie.trent@uvdi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:51 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 06 Jun 2023 11:54:00 GMT
etag: "647f1e58-2a"
server: cloudflare
cf-ray: 7d4d64cace66fac0-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 10 Jun 2023 02:10:51 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/favicon.ico
172.67.193.242404 Not Found 18 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/favicon.ico
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2479)
Hash 2909048a19b75a16eb3ecf3e2744d3fa
438cd63bdaf81547be1c0e365bf019a284a88c1c
bbddf275960edb1dfc412601fcb8b5e391ba121943654c0090e37c996ffe650e
GET /favicon.ico HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mjulie.trent@uvdi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Sat, 10 Jun 2023 00:10:52 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRCvjcpeTaHhyuE6aBWWaFKzEsL14MnNLkALiltRnHJRouVJP%2BCX1F5DhB10V74qW%2FFG3yZKOvBiBkM%2FQXyeSjqeMUmBbCHe3onxuQJYhDaHKvyc0ephlcS7msDknv4euj3yJMJ5UjttWeEwLOOT6Z%2FjSOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4d64cb4e90fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/ASSETS/img/BIMG-6483bf904c5be.css
172.67.193.242200 OK 306 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/ASSETS/img/BIMG-6483bf904c5be.css
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 306 kB (306493 bytes)
Hash 7d07c247e8dfd5bfaf9a7169b5c402bd
392cc7836ca5418f3e65cc67f5680b2a359399dc
345f500582fb5cfc20df5426c6b54bb0bcaa62eb0249a4a661dc9716a9edc006
GET /ASSETS/img/BIMG-6483bf904c5be.css HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:56 GMT
content-type: image/png
content-length: 306493
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 00:10:56 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikMrgFGByKjAOCQPxXzKOGcQrM5rQr7Fj2s4Wbs8gDIYmptjpcR384CNRkm%2ByPDoj1S7IWSVi6W%2FZbikTAI2ltMJrYt3Z%2BM4E0RdxhhUSQNd03uCNI2Xg4YS5aqz3XKkoiO1Ru5fNTElLeknS1f8R%2BZ1InU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4d64e61a72fac0-OSL
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/ASSETS/img/LIMG-6483bf8f8648f.css
172.67.193.242200 OK 1.6 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/ASSETS/img/LIMG-6483bf8f8648f.css
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type PNG image data, 108 x 24, 8-bit colormap, non-interlaced\012- data
Hash ee236805d05e24861ce1b6b0e7d94b8d
d46828cf9df268ddaf62facf15590a447116aeb8
175986272200fb72da9a598d30016bbda9ddcaa9e6e3f07eb94bc74196d4b805
GET /ASSETS/img/LIMG-6483bf8f8648f.css HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:55 GMT
content-type: image/png
content-length: 1637
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 00:10:55 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyW8WQzAAmYeeCzrMpNLYLlQwrfyjL0KxdRAJAtOs59NdCHQEPYpQG%2BIXs3kwPqBagEof5F6dJ7%2Fu45cD8WD9KBb%2BwfOwpwY7tcE9tusOJAkeH18h9%2FSkCU8Ybb%2F2E8%2BXtqBTCAGCEozf6Ezuahkma7HORY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4d64e14874fac0-OSL
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mjulie.trent@uvdi.com
172.67.193.242302 Found 24 kB URL User Request POST HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mjulie.trent@uvdi.com
IP 172.67.193.242:443
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
POST /Mjulie.trent@uvdi.com HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mjulie.trent@uvdi.com?__cf_chl_tk=QCZ35qjmjImbdzR7SxMe1h7RpD5L3oQNOL8ag9RgK4s-1686355851-0-gaNycGzNC9A
Content-Type: application/x-www-form-urlencoded
Content-Length: 3190
Origin: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Sat, 10 Jun 2023 00:10:54 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
set-cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; path=/; expires=Sun, 09-Jun-24 00:10:54 GMT; domain=.bgglux.ru; HttpOnly; Secure; SameSite=None
PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVT9IFVIcZUDwacm%2BhjtVGlSLr28icEM5H4r%2B8ma%2B59pHr98RULNiPYfsEa7cXx5Enu1b0%2FlM%2F8Wf1gFppGM6lKMy5qvRokyme%2BZdyLTIkWsWUaZN82YNIj4Rc0WbWXIyHa0ti2Fra5z4gX7aun3Cap5rx0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64d9cd65fac0-OSL
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/api-as1f?email=julie.trent@uvdi.com&data=background
172.67.193.242200 OK 109 B URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/api-as1f?email=julie.trent@uvdi.com&data=background
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 29bc05b099bf209ab015f79a48a19dca
ef96384cd02ca28f86e8b658297c68bebcb8603b
0b0e1d8274854d9efaf50d0a0b11b68b506563d506966ca261f72d96d4850a7f
GET /api-as1f?email=julie.trent@uvdi.com&data=background HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:56 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHPyvaOBV1DOR8bUhbuuR7o5YjvZXoINFenUPbjukNYFfGQoNUnMHQ0vJzATY7pUQPXJCRZxIPHw%2BAX7tVPdgRnqC03IEosmqjTl9p4OkG3g6i3C%2B28wEs9jj%2BLwFWlRxGzKX5ucRUJ5bz9L4EEnBKsOSKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64dedfb7fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/ic/3291105fbc8016740b4e392cced8e6886483bf8f20868
172.67.193.242200 OK 17 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/ic/3291105fbc8016740b4e392cced8e6886483bf8f20868
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ic/3291105fbc8016740b4e392cced8e6886483bf8f20868 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:55 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 00:10:55 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUL9%2BXMznaSRuHs7QG3NNQKE6El252ZDRyslzSWTlbO%2FzjE9AT2nZD9imfZJ5pjh%2FowIWcS%2FMdADUNbX%2BEVwltmL%2BaKWOfO5wAW3AJPEu7zxMWQU5vkjpLDWe0BWoYUOCNg9uPp1fQyiz72fldeq%2Ft8CQeM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64e0e856fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
172.67.193.242200 OK 24 kB URL User Request GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
IP 172.67.193.242:443
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (22448)
Hash 4dd11ad76c517bd940682dc24a48a86e
f3c2ad1b03a14d993a8ca95ff86643684252fc7a
25b3b6b31dae1a4bf4a3c7e8a78f54a9b88f7a5504001ceb181c70209af13289
GET /beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mjulie.trent@uvdi.com?__cf_chl_tk=QCZ35qjmjImbdzR7SxMe1h7RpD5L3oQNOL8ag9RgK4s-1686355851-0-gaNycGzNC9A
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:54 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjfBT2eP0ALmOf3tqtKRoboRth0pOlUb2oBoFXm3HQ%2BM1M9VbgBaIke6deextXfuzebeFw6Ivnk1u7LaICo4Z0LDYlmxVf9m9K8u4bqbF5Lv3lIyNK42g1SRcf7i4mdRsc%2B%2FNKNSCH4fh1XBLcko3g%2FDicY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64dc1eaafac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/2
172.67.193.242200 OK 38 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/2
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:55 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvA0LgHe6AdSEBD%2FwAfEmJR9COIMYdrwo4TjRyuO13VgzgzmRDciUNvEAqA3XJ70tsgnQItePjfb0lmhY5C5buJFd1Bj2rjeyt%2FovsV9hWKOhesZJsufM66VJCW65b5aKHBtValpQoSwYIY5trsM4ckHETI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64de4f7ffac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/api-as1f?email=julie.trent@uvdi.com&data=logo
172.67.193.242200 OK 103 B URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/api-as1f?email=julie.trent@uvdi.com&data=logo
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 21fb393a25534e8b139b93feb6e5c37c
b42f8e562157d52741ef2e5cee60e375af2872c0
b9ad5419b81678a0a1c4013542fb1cd4a5ba32b79cfd3cf3c34ec7600a34a07e
GET /api-as1f?email=julie.trent@uvdi.com&data=logo HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:55 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjkrkXycyCjlEhjpTqDDBfcUIuyy2IieMwsj%2BRhZVB8HbrSAaW9b0uzJoTDlJmyHntoKh4Oy%2F1Kyoi0U7tQn9E1SdGIJ0lmnF3SDO5ybh7VgKj2646oq6b0Zzq2D0iJkwHSl%2BHDAIaMosykGCnZkM%2BT2emA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64dedfb2fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios@1.4.0/dist/axios.min.js
104.16.124.175200 OK 32 kB URL GET HTTP/2 unpkg.com/axios@1.4.0/dist/axios.min.js
IP 104.16.124.175:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (31803)
Hash 6470a918ba1fd4b8d0882df0269ddb82
97814fdab64aa7d1b30f082f9eb272d4b1ce18a2
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e
GET /axios@1.4.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 00:10:54 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7c62-l4FP2rZKp9GzDwgvnrJy1LHOGKI"
via: 1.1 fly.io
fly-request-id: 01GZP8TZEXW4PFCT61FHX2WRTS-fra
cf-cache-status: HIT
age: 3054946
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4d64dd49ab1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/e/3291105fbc8016740b4e392cced8e6886483bf8f208c5
172.67.193.242200 OK 513 B URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/e/3291105fbc8016740b4e392cced8e6886483bf8f208c5
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (529), with no line terminators
Hash adc405f5fd089662209870ca5d2106f7
3a8b776df84bf251afc6ddd802cc5bbeddfb0e36
e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49
GET /e/3291105fbc8016740b4e392cced8e6886483bf8f208c5 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 00:10:55 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT6lnHwSoI%2BlrDtxHI4O3RjnJr1G63oczSrkTyRJc63sOfJO8gZao7XLeYSJq5xbbpDl%2B1oslTpWIHD2ynv2hqDUBw5lYsIZs9teL3I8E9Wsi%2B6AhAaM2B3A3JcA8FYkRUU80bQg6VWBnxlU62D7smhkBdo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64decfa9fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/APP-EZSF4G/3291105fbc8016740b4e392cced8e6886483bf8f20870
172.67.193.242200 OK 105 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/APP-EZSF4G/3291105fbc8016740b4e392cced8e6886483bf8f20870
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (105369 bytes)
Hash 8e6b0f88563f9c33f78bce65cf287df7
ef7765cd2a7d64ed27dd7344702597aff6f8c397
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a
GET /APP-EZSF4G/3291105fbc8016740b4e392cced8e6886483bf8f20870 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:55 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 00:10:55 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmOOxKqmb2Z6xt7cOyFzP8geJP5%2FmfKSIMiD%2F6bS48Ch%2FkZEkcK7Lel3%2F%2FNuwEZcE2vS4wBB1MRaNHNYZ0zH4XPNz9U2UHvyKzBTkDERlqb6TYMua1ZGnKNL%2FEOjDsdp8%2F%2BYSPTxILoIoc%2FHwLnXFqS%2FHEg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64deefbcfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/jq/3291105fbc8016740b4e392cced8e6886483bf8ebe0ae
172.67.193.242200 OK 86 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/jq/3291105fbc8016740b4e392cced8e6886483bf8ebe0ae
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jq/3291105fbc8016740b4e392cced8e6886483bf8ebe0ae HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:54 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 00:10:54 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Asinqwljq0ObYLNZpJ%2Bjp9E6SeFML%2FSULv7%2BGAATMgFTuwEQD6mPiqiUOMKwiauqbdOlVPsj%2BnjWTK1950CmpGIvMKFJUo2P76x8IqCeTA0rD6g2zvyZ4UAoJFz5R8NHhqyv78PcGNqFkj%2BfzpMgwr6XjXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64dd1efffac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mjulie.trent@uvdi.com
172.67.193.242403 Forbidden 7.7 kB URL User Request GET HTTP/2 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mjulie.trent@uvdi.com
IP 172.67.193.242:443
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7890), with no line terminators
Hash 4d9d42ff0c0416431c1d1f5412e51c4f
7c8b848cdb09e2b833f3f3469a18418b83f9d3ab
66da829c88ab6a74e182ebf6fe3e7b009ed9bc6d2f4f7d5417fc0601b9ffa0c5
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /Mjulie.trent@uvdi.com HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Sat, 10 Jun 2023 00:10:51 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8DaMG%2F4VWgz7SVkyQi8edrL66A3iCYr3oBoYZS8Td%2Bp0CJz%2FeUxgjtqe9sERVpIpBE8CPr4e6YaSQ0zL494h3ROB1aZ4QG5tObYyTNwfFuM%2BDFZFAZyPCHhoT8yUAbMcHETYrTSCJBHs%2FcwDkw1HFId1%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4d64c9bcb4b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/axios/dist/axios.min.js
104.16.124.175302 Found 32 kB URL GET HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.124.175:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 10 Jun 2023 00:10:54 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.4.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H2H9SE0HN56VYMTV9E2Q9PB4-fra
cf-cache-status: HIT
age: 495
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4d64dd399f1bfa-OSL
X-Firefox-Spdy: h2
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/boot/3291105fbc8016740b4e392cced8e6886483bf8ebe0b2
172.67.193.242200 OK 51 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/boot/3291105fbc8016740b4e392cced8e6886483bf8ebe0b2
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type ASCII text, with very long lines (50758)
Hash 67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /boot/3291105fbc8016740b4e392cced8e6886483bf8ebe0b2 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:54 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 00:10:54 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkTDOJ9WQvvdsdwoWgJBSV02Z3oYXjrum7i15iazUrKDmGD4wPK7UME91UNYeslA7YI6tQSYj%2FviMo0PXCrE8C05vG1UAsPdPe6FGgt%2BZYPdiFP%2F5oUXkbiTHOU5jQg72To4gllyWl162Gu1poE4feETiRM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64dd1f01fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/jm/3291105fbc8016740b4e392cced8e6886483bf8ebe0b3
172.67.193.242200 OK 6.1 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/jm/3291105fbc8016740b4e392cced8e6886483bf8ebe0b3
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type ASCII text, with very long lines (6175), with no line terminators
Hash 0b3cd9bfcbe6444742df90b00f63efc3
0c978b0541c9659215908034b6299f78135c935c
2065edfabc7924bff8e65b4b4ade30bb341d70ab350518bfbad98e1d4f35266f
GET /jm/3291105fbc8016740b4e392cced8e6886483bf8ebe0b3 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:54 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 00:10:54 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSQcU%2BlRm7f4vNUZ4KTpt0dQDQaqyxNvjiQlqgr86cnkP1HwAMPiHdU6uJGYUpQYsDNPArwPvYByGQLyLCFTy9Dk5b56aXw5YBiM96JglzmfSY8CM0mrg1Xoi38JvKpphTJSsc7nGG8T3RgYyGqwgRhjIJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64dd1f02fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/o/3291105fbc8016740b4e392cced8e6886483bf8f208bb
172.67.193.242200 OK 3.7 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/o/3291105fbc8016740b4e392cced8e6886483bf8f208bb
IP 172.67.193.242:443
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3695), with no line terminators
Hash d633a913e6f3b1f45774b9874dfc85e0
5ba1344048578062c93cfddfdf8458477eaca476
c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714
GET /o/3291105fbc8016740b4e392cced8e6886483bf8f208bb HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516483bf8eb21e4PASbeebb091955c06fa68b3eb8afc0bae516483bf8eb21e6
Cookie: cf_clearance=E2yElO_1VKqISiw2mZXVw8sRt1AFjWwrUsRUutbVsBI-1686355851-0-160; PHPSESSID=b954620ae4a813ffc7ab2ef0b73113f8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 10 Jun 2023 00:10:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Sat, 17 Jun 2023 00:10:55 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dizCZi9wd0poclC0pOcjUGVI7z4so9S3pEOSdX%2B42ws1XVxrjTyzVxp3pAqFyRjchHt6ZMKIbTkRCmEgAUhHkTcgzgBn4wIQpOb9Sb9KUPWuk63WV0EXgPhy7wtGbEdrdG5cJAPFSi9AQOXX1u4P94UPcPM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4d64decfa6fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400