{"report_id":"38ba6886-82a9-4abc-bb9d-fd55c17e2bff","version":6,"status":"done","tags":["suspicious","phishing","tycoon"],"date":"2025-04-01T17:44:45Z","url":{"schema":"http","addr":"yqr.oterbity.ru/m4zzP/","fqdn":"yqr.oterbity.ru","domain":"oterbity.ru","tld":"ru"},"ip":{"addr":"104.21.18.244","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"yqr.oterbity.ru/m4zzP/","fqdn":"yqr.oterbity.ru","domain":"oterbity.ru","tld":"ru"},"title":"​"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-10T17:44:45Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"yqr.oterbity.ru","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-01-09","domain_rank":0,"first_seen":"2025-04-01T17:44:45.388859Z","last_seen":"2025-04-01T17:44:45.388859Z","alert_count":3,"request_count":2,"received_data":558773,"sent_data":1656,"comment":"","tags":null,"fingerprints":null},{"fqdn":"7wp5.cuisbp.ru","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-02-26","domain_rank":0,"first_seen":"2025-04-01T17:44:45.387337Z","last_seen":"2025-04-01T17:44:45.387337Z","alert_count":0,"request_count":6,"received_data":4457,"sent_data":2646,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Anti-debugging code","verdict":"suspicious","severity":"low","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Tycoon Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","tycoon"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"yqr.oterbity.ru/m4zzP/","fqdn":"yqr.oterbity.ru","domain":"oterbity.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f83e2627007aea283a3cbdc97994f796","sha1":"86ff5658d17c92c3af442e928abd20e866af450f","sha256":"d7029f246a3fb090c5c6e1535aad7a930bf612c162d62fe38f0acf37f59d5a59","sha512":"bf8a70335b42d73bae9769f42fe7da374b7f3894d15557479e8876ef895a0ef58e6c1d5c1ffc7018243b138604f52be4c031f14baf83ebefef9fc102e7419296","ssdeep":"768:HihIVehDsi29qDNxtIhDoDsthTDIfIBYjhDLyhfjfpn/BegDfIBYjhDLyTn/Ber1:HihIVehDsi29qDNxtIhDoDsthTDIfIB7","tlshash":"0b03007390f14000746941617d0ffe5fea104be6a08b8070acc8fccdcabd92c802dba4","size":39417,"data":"","first_seen":"2025-04-01T17:44:46.840939Z","last_seen":"2025-04-01T17:44:46.840939Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yqr.oterbity.ru/m4zzP/","fqdn":"yqr.oterbity.ru","domain":"oterbity.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"239e131a1ac87714b3a577679e678095","sha1":"e173ba32fc1d871564a76ae99565397d47b133ae","sha256":"dfb2168d91975868addd818b3f980df1fc802c024df38b415d8a547cb27746a1","sha512":"f02c6796d95cf1d8bd64278b8f5acb10c7efb0b894058fc72a30dd61e336e7b402f3432e41298c7b481b0ed8a12c382d7c3b3f882299ed88a2ce1a458673a1a7","ssdeep":"","tlshash":"a231bf9bf57260313236726e177f36003f3992c760868574765d4eb4bfda79701a2588","size":1749,"data":"","first_seen":"2025-04-01T17:44:46.842052Z","last_seen":"2025-04-01T17:44:46.842052Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yqr.oterbity.ru/m4zzP/","fqdn":"yqr.oterbity.ru","domain":"oterbity.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb9e0a542fd36548c7bc27fd71fa92e4","sha1":"5c1bdf85fbccb99290822a7292cbe8d787396354","sha256":"8ac6be7b44fe3d343cae1834252515064812f61ba269698bef9d23478fa754b8","sha512":"8401fb89df6f27846cdfb4ee07348f3c8fb5eab9b0048e750cc7957b9327a6b65f87589209ace59f194de145e5fe26b49cc0c6e0288bc93cf57bc73596b2c805","ssdeep":"3072:HhThwhBInzMIDBDD/ld+yXdMDghUDywDBCIYLyNeDy+Sf/IugN3sBdhMJglighDI:HhThwhBInzMIDBDD/ld+yXdMDghUDywy","tlshash":"20e300b3a0f24084712a50203d0fff4fd10a57e5a19b84b8adc9fe9cda7c96c448eb85","size":146058,"data":"","first_seen":"2025-04-01T17:44:46.843584Z","last_seen":"2025-04-01T17:44:46.843584Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yqr.oterbity.ru/m4zzP/","fqdn":"yqr.oterbity.ru","domain":"oterbity.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a1c56c3b6e7be2eab2473f057d082f87","sha1":"3785b4fb36bc49c2f2f147ab3ae76410c3ff07dd","sha256":"f1611b1ef96af5fea46a0577de8e5dbcfb7e3bb1687a1d78c6c635b63717e63f","sha512":"e1540631b022383c40162730a035596e7b3a612782c26a7f55a5bded23278f812628829d3d50ab071f8566e28d466547d2c9ddfe43c8e370f994037467b63daf","ssdeep":"96:tEUwtmx8LGs0c251TP8LGPqPdZV1LZ2JlCCq/L4h3m+finiSFWiIiIt7rdM08Nr6:EmxaQc251TPaOMdZV1Lk7C/L4tm+fing","tlshash":"0ac1db175c871c119b23980b1ade46c6ad2c2b8f64d580d97d5eeb888f5d86b10c16ed","size":6114,"data":"","first_seen":"2025-04-01T17:44:46.844909Z","last_seen":"2025-04-01T17:44:46.844909Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yqr.oterbity.ru/m4zzP/","fqdn":"yqr.oterbity.ru","domain":"oterbity.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"faeb8f59b923f035c109cda482eb6224","sha1":"d1041f025efdcd07281741a956913f77d2f5e915","sha256":"1f77045012e201e84ba7c8498a23a6b213015cef8b6d95e774130110627da09a","sha512":"0900e2b658099cc4762654f4e48390b5e405602634c594a4d2aa09c357a7bd2f30d7c6094b6f977a6dbad905f19b885029673dc1c4325eab2d99e79bfa4f5ddc","ssdeep":"1536:UVJCC7nen8/+mVJCC7nen8/+WLBf+tLBf+W:6/7nenZI/7nenZmmrmW","tlshash":"a6c446ee66072133879c2d629467130700278dc57fb16aa1ff650d68eee295e1ac81ff","size":555922,"data":"","first_seen":"2025-04-01T17:44:46.8463Z","last_seen":"2025-04-01T17:44:46.8463Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"436892e812cc12f6f04a09ea979bec76","sha1":"0a8a38c2d6aed61aad0232b169c3a18a6ae481c4","sha256":"9963feca0c11412977906425b4000fb54bf430d876665e5c4a6ee4e1141b162a","sha512":"7818ef7ec48f046868c8ce2f239bca26d59c229999c0fdbd2f9c3a2e55802a8f3286c2e21a764644d63d7cb6be6d174c7e4eab9f1c1f38c75e46d4ba04441f63","ssdeep":"384:0YzYryNRzyFRbl/mgikeBQDXwGrgHD0T3e:0rZmgZDXwGMw3e","tlshash":"b5e3ce7ff512137fa2c6de8b799bad2d10123d9ae10f0784a283b717b746bbc0891855","size":152700,"data":"","first_seen":"2025-04-01T17:44:46.847587Z","last_seen":"2025-04-01T17:44:46.847587Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"yqr.oterbity.ru/favicon.ico","fqdn":"yqr.oterbity.ru","domain":"oterbity.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://yqr.oterbity.ru/m4zzP/","date":"2025-04-01T17:44:24.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oterbity.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 09 Mar 2025 18:37:09 GMT","end":"Sat, 07 Jun 2025 19:34:38 GMT"},"fingerprint":{"sha1":"CE:CE:CA:B0:B7:1B:F3:0C:76:D3:41:BF:34:67:E3:93:99:82:1E:96","sha256":"3E:E1:BA:44:AE:92:79:F2:FB:FB:32:E9:CC:B7:03:28:01:C7:E1:12:44:5F:84:22:BE:36:35:EF:A5:B1:06:F3"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: yqr.oterbity.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yqr.oterbity.ru/m4zzP/\r\nCookie: XSRF-TOKEN=eyJpdiI6IlljZzRtM1NMckxOZFNFYzh0NGp0UFE9PSIsInZhbHVlIjoiTmhneEVlU2luVGMyREx3UnlCZUFhdUxuc1FobytmcXFjeWhJSjhncUZKVXBXd2UyaDdxR082a1RDSTZSWkVETmt0QUwvaDZmTmpkUUZUVGYxbldRSWVGZm5qV1loc1F4d3ZTbmZpak9tNGdoTExxMmdkMnBGSnRkWk1xd011ZmwiLCJtYWMiOiI3ODNkNzA3MjIzYTI1OTYxOGIxMWFhNjJkNmUxZGIyNTc3ZDZlNjQ2NDk3N2RmZWJmOWY0ZGU3YTVkM2I4NDNiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImYrWW12UTAwclE4NjhSZFoyYmtGYkE9PSIsInZhbHVlIjoiUVJlWWd6ZFFlcy9sMUlOYnBKK2h3eERmdTBSTndXMytkbnhUc1VzdlZPaHAyZGtCKzRmV3gzUHA4akNCNUp3cUlaUUJWQTBBSExESm1hOVBWeUtPZXgzYlQvR0FjZHVOVmtWakZJVUFJS0dNRHBHV0hzK0ZxSDV5aXp1c083a0wiLCJtYWMiOiJlZmM4YThjODhjMzYzMmY0MDQ2ODNkMjgwMzFjMmEzNjYyMzg3NWJhMjk2Mzg5ZjVlZmIxNzE3ODY3OGMwYTkzIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 01 Apr 2025 17:44:24 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=IMbp3XNHK0TBWjMAIgmrD09FRnJgIPs%2BEjvUR3%2F1dQ%2BpAu5yTdg%2BM%2Fwg2gkg1Il7bK694ny5k3O%2FXja2CTKBHp9O503nVhonYAQCKBqWxCzOybnfdi2DHT30VZ4HZA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=6,i=?0\r\nserver: cloudflare\r\ncf-ray: 9299e4ef8cc48459-AMS\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=10121\u0026min_rtt=9803\u0026rtt_var=350\u0026sent=807\u0026recv=187\u0026lost=0\u0026retrans=0\u0026sent_bytes=1056914\u0026recv_bytes=42876\u0026delivery_rate=17824369\u0026cwnd=560\u0026unsent_bytes=0\u0026cid=63d22c798892defa\u0026ts=415866\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=24459\u0026min_rtt=21040\u0026rtt_var=10332\u0026sent=12\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=4095\u0026recv_bytes=1743\u0026delivery_rate=28231\u0026cwnd=12000\u0026unsent_bytes=0\u0026cid=244fc4a9385400f2\u0026ts=1055\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":484,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":484,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Tycoon Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","tycoon"],"meta":null}]}},{"url":{"schema":"https","addr":"7wp5.cuisbp.ru/ando!yebi","fqdn":"7wp5.cuisbp.ru","domain":"cuisbp.ru","tld":"ru"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://yqr.oterbity.ru/m4zzP/","date":"2025-04-01T17:44:31.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cuisbp.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Feb 2025 12:35:01 GMT","end":"Wed, 28 May 2025 13:32:28 GMT"},"fingerprint":{"sha1":"03:8F:12:65:19:56:E7:91:6C:3F:2E:7A:2F:8B:02:B4:BE:EE:02:B0","sha256":"53:F7:9F:5B:F7:E3:B1:B6:53:1D:1A:A7:3E:89:8B:6B:C6:EF:EE:DB:DF:77:9C:41:E3:0A:50:ED:47:8F:79:48"}}},"request":{"raw":"GET /ando!yebi HTTP/1.1\r\nHost: 7wp5.cuisbp.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yqr.oterbity.ru/\r\nOrigin: https://yqr.oterbity.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 01 Apr 2025 17:44:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=xxibXwRK6R57tp23E%2B0H5oEvC25zoZRnuOVTE4zOOnMoqQxKBqfZrIj4D3hQXLzeEsruALcF7OW2sYK7253ia9%2FT5noNMmLgvveeFdO2%2F0qx%2FsODikfGo%2BmZUXHs3HBgew%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9299e520285a60e5-AMS\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=19742\u0026min_rtt=19609\u0026rtt_var=3355\u0026sent=8\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=3190\u0026recv_bytes=1164\u0026delivery_rate=220799\u0026cwnd=35\u0026unsent_bytes=0\u0026cid=e798f80c3db505b5\u0026ts=851\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"very short file (no magic)","md5":"c4ca4238a0b923820dcc509a6f75849b","sha1":"356a192b7913b04c54574d18c28d46e6395428ab","sha256":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","sha512":"4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a","ssdeep":"","tlshash":"c70000000c000000c00000300000000000000000000000000000000000000000000030","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-04-04T14:48:20.916036Z","times_seen":104813,"resource_available":true,"data":null}},"time_used":1288,"timings":{"blocked":237,"dns":156,"connect":21,"send":0,"wait":812,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7wp5.cuisbp.ru/ando!yebi","fqdn":"7wp5.cuisbp.ru","domain":"cuisbp.ru","tld":"ru"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://yqr.oterbity.ru/m4zzP/","date":"2025-04-01T17:44:31.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cuisbp.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Feb 2025 12:35:01 GMT","end":"Wed, 28 May 2025 13:32:28 GMT"},"fingerprint":{"sha1":"03:8F:12:65:19:56:E7:91:6C:3F:2E:7A:2F:8B:02:B4:BE:EE:02:B0","sha256":"53:F7:9F:5B:F7:E3:B1:B6:53:1D:1A:A7:3E:89:8B:6B:C6:EF:EE:DB:DF:77:9C:41:E3:0A:50:ED:47:8F:79:48"}}},"request":{"raw":"GET /ando!yebi HTTP/1.1\r\nHost: 7wp5.cuisbp.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yqr.oterbity.ru/\r\nOrigin: https://yqr.oterbity.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 01 Apr 2025 17:44:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=taPnTjCERokHldxv9tXp%2BYCVVta%2BNVU7%2BJasMeWgrfrpI2Sl0lUmIN2ac71pbBszGpxlcjdmbtg5%2BHpY85sia%2FgdRp2IbH9RnF%2FdWJdZPwPAPu9WcjXWWXV5luyPJ6TwKw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9299e520490260e5-AMS\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=19829\u0026min_rtt=19609\u0026rtt_var=2690\u0026sent=10\u0026recv=12\u0026lost=0\u0026retrans=0\u0026sent_bytes=3856\u0026recv_bytes=1164\u0026delivery_rate=220799\u0026cwnd=37\u0026unsent_bytes=0\u0026cid=e798f80c3db505b5\u0026ts=879\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"very short file (no magic)","md5":"c4ca4238a0b923820dcc509a6f75849b","sha1":"356a192b7913b04c54574d18c28d46e6395428ab","sha256":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","sha512":"4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a","ssdeep":"","tlshash":"c70000000c000000c00000300000000000000000000000000000000000000000000030","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-04-04T14:48:20.916036Z","times_seen":104813,"resource_available":true,"data":null}},"time_used":964,"timings":{"blocked":74,"dns":2,"connect":24,"send":0,"wait":815,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7wp5.cuisbp.ru/ando!yebi","fqdn":"7wp5.cuisbp.ru","domain":"cuisbp.ru","tld":"ru"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://yqr.oterbity.ru/m4zzP/","date":"2025-04-01T17:44:36.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cuisbp.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Feb 2025 12:35:01 GMT","end":"Wed, 28 May 2025 13:32:28 GMT"},"fingerprint":{"sha1":"03:8F:12:65:19:56:E7:91:6C:3F:2E:7A:2F:8B:02:B4:BE:EE:02:B0","sha256":"53:F7:9F:5B:F7:E3:B1:B6:53:1D:1A:A7:3E:89:8B:6B:C6:EF:EE:DB:DF:77:9C:41:E3:0A:50:ED:47:8F:79:48"}}},"request":{"raw":"GET /ando!yebi HTTP/1.1\r\nHost: 7wp5.cuisbp.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yqr.oterbity.ru/\r\nOrigin: https://yqr.oterbity.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 01 Apr 2025 17:44:37 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=XdUV6ql1V48cnKK4PE6y258ftsX3YGlSllFjXQiiY1LbfZBz5HF5xb7030az2KMtUmyP4PfSdViJjHegpV9d0gHyj3VwhBeQr%2FmQ%2BJBhgIdMdstpRx93f6bdMcSdReYq%2BA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9299e53bea9f60e5-AMS\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=20068\u0026min_rtt=19609\u0026rtt_var=2494\u0026sent=14\u0026recv=14\u0026lost=0\u0026retrans=0\u0026sent_bytes=4349\u0026recv_bytes=1239\u0026delivery_rate=220799\u0026cwnd=37\u0026unsent_bytes=0\u0026cid=e798f80c3db505b5\u0026ts=5238\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"very short file (no magic)","md5":"c4ca4238a0b923820dcc509a6f75849b","sha1":"356a192b7913b04c54574d18c28d46e6395428ab","sha256":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","sha512":"4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a","ssdeep":"","tlshash":"c70000000c000000c00000300000000000000000000000000000000000000000000030","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-04-04T14:48:20.916036Z","times_seen":104813,"resource_available":true,"data":null}},"time_used":754,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":752,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7wp5.cuisbp.ru/ando!yebi","fqdn":"7wp5.cuisbp.ru","domain":"cuisbp.ru","tld":"ru"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://yqr.oterbity.ru/m4zzP/","date":"2025-04-01T17:44:36.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cuisbp.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Feb 2025 12:35:01 GMT","end":"Wed, 28 May 2025 13:32:28 GMT"},"fingerprint":{"sha1":"03:8F:12:65:19:56:E7:91:6C:3F:2E:7A:2F:8B:02:B4:BE:EE:02:B0","sha256":"53:F7:9F:5B:F7:E3:B1:B6:53:1D:1A:A7:3E:89:8B:6B:C6:EF:EE:DB:DF:77:9C:41:E3:0A:50:ED:47:8F:79:48"}}},"request":{"raw":"GET /ando!yebi HTTP/1.1\r\nHost: 7wp5.cuisbp.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yqr.oterbity.ru/\r\nOrigin: https://yqr.oterbity.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 01 Apr 2025 17:44:37 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncf-ray: 9299e53d6c56f794-AMS\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"very short file (no magic)","md5":"c4ca4238a0b923820dcc509a6f75849b","sha1":"356a192b7913b04c54574d18c28d46e6395428ab","sha256":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","sha512":"4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a","ssdeep":"","tlshash":"c70000000c000000c00000300000000000000000000000000000000000000000000030","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-04-04T14:48:20.916036Z","times_seen":104813,"resource_available":true,"data":null}},"time_used":783,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":781,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7wp5.cuisbp.ru/ando!yebi","fqdn":"7wp5.cuisbp.ru","domain":"cuisbp.ru","tld":"ru"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://yqr.oterbity.ru/m4zzP/","date":"2025-04-01T17:44:41.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cuisbp.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Feb 2025 12:35:01 GMT","end":"Wed, 28 May 2025 13:32:28 GMT"},"fingerprint":{"sha1":"03:8F:12:65:19:56:E7:91:6C:3F:2E:7A:2F:8B:02:B4:BE:EE:02:B0","sha256":"53:F7:9F:5B:F7:E3:B1:B6:53:1D:1A:A7:3E:89:8B:6B:C6:EF:EE:DB:DF:77:9C:41:E3:0A:50:ED:47:8F:79:48"}}},"request":{"raw":"GET /ando!yebi HTTP/1.1\r\nHost: 7wp5.cuisbp.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yqr.oterbity.ru/\r\nOrigin: https://yqr.oterbity.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 01 Apr 2025 17:44:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=dWllp8n3p2xmWJ8204KDnX2Qil16SglfIu7Wa0f91giFUyGMtm6vNa%2BJAM0GSu9guCw84QwJefp3JL2JQghKEW%2FfuhGirALCy8maaIp9STFvcGGf5XFs5FwbkT0gNd4R8A%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9299e55decbaf794-AMS\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=23953\u0026min_rtt=21027\u0026rtt_var=8471\u0026sent=15\u0026recv=9\u0026lost=0\u0026retrans=0\u0026sent_bytes=4339\u0026recv_bytes=1690\u0026delivery_rate=269\u0026cwnd=12000\u0026unsent_bytes=0\u0026cid=904b616406dec674\u0026ts=5999\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"very short file (no magic)","md5":"c4ca4238a0b923820dcc509a6f75849b","sha1":"356a192b7913b04c54574d18c28d46e6395428ab","sha256":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","sha512":"4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a","ssdeep":"","tlshash":"c70000000c000000c00000300000000000000000000000000000000000000000000030","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-04-04T14:48:20.916036Z","times_seen":104813,"resource_available":true,"data":null}},"time_used":588,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":587,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7wp5.cuisbp.ru/ando!yebi","fqdn":"7wp5.cuisbp.ru","domain":"cuisbp.ru","tld":"ru"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://yqr.oterbity.ru/m4zzP/","date":"2025-04-01T17:44:42.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cuisbp.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Feb 2025 12:35:01 GMT","end":"Wed, 28 May 2025 13:32:28 GMT"},"fingerprint":{"sha1":"03:8F:12:65:19:56:E7:91:6C:3F:2E:7A:2F:8B:02:B4:BE:EE:02:B0","sha256":"53:F7:9F:5B:F7:E3:B1:B6:53:1D:1A:A7:3E:89:8B:6B:C6:EF:EE:DB:DF:77:9C:41:E3:0A:50:ED:47:8F:79:48"}}},"request":{"raw":"GET /ando!yebi HTTP/1.1\r\nHost: 7wp5.cuisbp.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yqr.oterbity.ru/\r\nOrigin: https://yqr.oterbity.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 01 Apr 2025 17:44:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=UbeNr9xnLCwEhlGzujjA4oY2tA2KXS5DLxrm22KaQCdcsE2rUXtXr3g8avK8To0rb56IPWaFSzZwrL69GSjF646ioFXXBmN2M0OYOJ1PUbyPdhDbw1THVvZzKi8PlfhgFQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9299e55f3976f794-AMS\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=23753\u0026min_rtt=21027\u0026rtt_var=6753\u0026sent=16\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=4992\u0026recv_bytes=1734\u0026delivery_rate=1076\u0026cwnd=12000\u0026unsent_bytes=0\u0026cid=904b616406dec674\u0026ts=6397\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"very short file (no magic)","md5":"c4ca4238a0b923820dcc509a6f75849b","sha1":"356a192b7913b04c54574d18c28d46e6395428ab","sha256":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","sha512":"4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a","ssdeep":"","tlshash":"c70000000c000000c00000300000000000000000000000000000000000000000000030","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-04-04T14:48:20.916036Z","times_seen":104813,"resource_available":true,"data":null}},"time_used":779,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":779,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yqr.oterbity.ru/m4zzP/","fqdn":"yqr.oterbity.ru","domain":"oterbity.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-04-01T17:44:22.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oterbity.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 09 Mar 2025 18:37:09 GMT","end":"Sat, 07 Jun 2025 19:34:38 GMT"},"fingerprint":{"sha1":"CE:CE:CA:B0:B7:1B:F3:0C:76:D3:41:BF:34:67:E3:93:99:82:1E:96","sha256":"3E:E1:BA:44:AE:92:79:F2:FB:FB:32:E9:CC:B7:03:28:01:C7:E1:12:44:5F:84:22:BE:36:35:EF:A5:B1:06:F3"}}},"request":{"raw":"GET /m4zzP/ HTTP/1.1\r\nHost: yqr.oterbity.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 01 Apr 2025 17:44:23 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-cache, private\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nalt-svc: h3=\":443\"; ma=86400\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IlljZzRtM1NMckxOZFNFYzh0NGp0UFE9PSIsInZhbHVlIjoiTmhneEVlU2luVGMyREx3UnlCZUFhdUxuc1FobytmcXFjeWhJSjhncUZKVXBXd2UyaDdxR082a1RDSTZSWkVETmt0QUwvaDZmTmpkUUZUVGYxbldRSWVGZm5qV1loc1F4d3ZTbmZpak9tNGdoTExxMmdkMnBGSnRkWk1xd011ZmwiLCJtYWMiOiI3ODNkNzA3MjIzYTI1OTYxOGIxMWFhNjJkNmUxZGIyNTc3ZDZlNjQ2NDk3N2RmZWJmOWY0ZGU3YTVkM2I4NDNiIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Tue, 01 Apr 2025 19:44:23 GMT\nlaravel_session=eyJpdiI6ImYrWW12UTAwclE4NjhSZFoyYmtGYkE9PSIsInZhbHVlIjoiUVJlWWd6ZFFlcy9sMUlOYnBKK2h3eERmdTBSTndXMytkbnhUc1VzdlZPaHAyZGtCKzRmV3gzUHA4akNCNUp3cUlaUUJWQTBBSExESm1hOVBWeUtPZXgzYlQvR0FjZHVOVmtWakZJVUFJS0dNRHBHV0hzK0ZxSDV5aXp1c083a0wiLCJtYWMiOiJlZmM4YThjODhjMzYzMmY0MDQ2ODNkMjgwMzFjMmEzNjYyMzg3NWJhMjk2Mzg5ZjVlZmIxNzE3ODY3OGMwYTkzIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Tue, 01 Apr 2025 19:44:23 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=YcYoKvHnAsD%2FqOx7%2F2O4GvKeEbas2Cmkp3ng1DPZDUqPyjZ8UhTWIa9mmqI3AZBNFwhvBxg4XK34uILT4ipAOE469387Kbekfu8MlB48Ju0zAXs%2FkiKOCqFsR0pNBBWKwec%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9299e4e848625286-AMS\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=25488\u0026min_rtt=19928\u0026rtt_var=13432\u0026sent=7\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=3198\u0026recv_bytes=1130\u0026delivery_rate=217286\u0026cwnd=91\u0026unsent_bytes=0\u0026cid=7e1336b0835968a0\u0026ts=540\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":555939,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (65364)","md5":"d5489ecb47e3711f6e721a4181f99511","sha1":"629e7343dbfaa19d6107031d8c6c2e0f6994e289","sha256":"12067ecc13016fec9bf453b0be99420a617f9d53ea021db4a88a872774b7bfa2","sha512":"214a7dc9c641bcab22c7984b3bb69763e00be4d4ba733e494ff0a0b4883592a3a9d5539873872f982ce4318ff7a9ff5cf594775839c5d652e68d352a9e186f72","ssdeep":"1536:RVJCC7nen8/+mVJCC7nen8/+WLBf+tLBf+G:d/7nenZI/7nenZmmrmG","tlshash":"f5c446ee66072133879c2d629467130700278dc57fb16aa1ff650d68eee295e1ac81ff","first_seen":"2025-04-01T17:44:46.839884Z","last_seen":"2025-04-01T17:44:46.839884Z","times_seen":1,"resource_available":false,"data":null}},"time_used":677,"timings":{"blocked":81,"dns":10,"connect":21,"send":0,"wait":516,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Anti-debugging code","verdict":"suspicious","severity":"low","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Tycoon Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","tycoon"],"meta":null}]}}]}