apiservices.krxd.net/click_tracker/track?kx_event_uid=LR25EaJr&clk=https://healthplaner.sa.com/new/auth/sf_rand_string_lowercase6////anVhbi5ndWFyaW5Ac29mZWMuY29t
151.101.130.133302 Found 0 B URL User Request GET HTTP/2 apiservices.krxd.net/click_tracker/track?kx_event_uid=LR25EaJr&clk=https://healthplaner.sa.com/new/auth/sf_rand_string_lowercase6////anVhbi5ndWFyaW5Ac29mZWMuY29t
IP 151.101.130.133:443
Certificate IssuerDigiCert Inc
Subjectapiservices.krxd.net
Fingerprint53:93:0A:7C:24:88:FC:B5:00:CA:05:1F:DF:E2:2A:AC:14:DF:45:B4
ValidityFri, 10 Feb 2023 00:00:00 GMT - Fri, 09 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click_tracker/track?kx_event_uid=LR25EaJr&clk=https://healthplaner.sa.com/new/auth/sf_rand_string_lowercase6////anVhbi5ndWFyaW5Ac29mZWMuY29t HTTP/1.1
Host: apiservices.krxd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://healthplaner.sa.com/new/auth/sf_rand_string_lowercase6////anVhbi5ndWFyaW5Ac29mZWMuY29t
age: 0
via: 1.1 varnish (Varnish/5.2), 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Jun 2023 00:04:46 GMT
x-served-by: click-tracker-a003-ash-prod.krxd.net, cache-bma1669-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1685837086.911086,VS0,VE276
content-length: 0
X-Firefox-Spdy: h2
healthplaner.sa.com/new/auth/sf_rand_string_lowercase6////anVhbi5ndWFyaW5Ac29mZWMuY29t
162.241.69.179200 OK 0 B URL User Request GET HTTP/1.1 healthplaner.sa.com/new/auth/sf_rand_string_lowercase6////anVhbi5ndWFyaW5Ac29mZWMuY29t
IP 162.241.69.179:443
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subject*.healthplaner.sa.com
FingerprintD8:84:79:46:6F:C3:08:AC:93:F2:D4:47:38:54:F1:3B:3C:61:67:6F
ValidityTue, 23 May 2023 07:04:34 GMT - Mon, 21 Aug 2023 07:04:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /new/auth/sf_rand_string_lowercase6////anVhbi5ndWFyaW5Ac29mZWMuY29t HTTP/1.1
Host: healthplaner.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:04:45 GMT
Server: Apache
refresh: 0;url=https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
am4tb9sien64255db14cde3.gulmot.ru/cdn-cgi/styles/challenges.css
188.114.97.1200 OK 2.7 kB URL GET HTTP/3 am4tb9sien64255db14cde3.gulmot.ru/cdn-cgi/styles/challenges.css
IP 188.114.97.1:443
Requested by https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
Certificate IssuerGoogle Trust Services LLC
Subjectgulmot.ru
Fingerprint55:21:4D:A4:C9:3E:C6:64:4C:B7:7A:CB:CC:85:30:13:3E:74:75:C8
ValidityFri, 12 May 2023 08:31:21 GMT - Thu, 10 Aug 2023 08:31:20 GMT
File type gzip compressed data, from Unix\012- data
Hash 9816e313faf220ea079ca8d18a8adcbd
e6e12142b69fa0de2595aaf68d6fa46dca8c98b4
a24a05de7d3fe5e71f73eb37ce9f566d60b6398226e7dbc13b917bbc25fa0ba9
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: am4tb9sien64255db14cde3.gulmot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:04:47 GMT
content-type: text/css
last-modified: Tue, 30 May 2023 15:20:42 GMT
etag: W/"6476144a-19c8"
server: cloudflare
cf-ray: 7d1beba50a83b500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 04 Jun 2023 02:04:47 GMT
cache-control: max-age=7200, public
content-encoding: gzip
am4tb9sien64255db14cde3.gulmot.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d1beba3efa5b4f1
188.114.97.1200 OK 42 B URL GET HTTP/3 am4tb9sien64255db14cde3.gulmot.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d1beba3efa5b4f1
IP 188.114.97.1:443
Requested by https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
Certificate IssuerGoogle Trust Services LLC
Subjectgulmot.ru
Fingerprint55:21:4D:A4:C9:3E:C6:64:4C:B7:7A:CB:CC:85:30:13:3E:74:75:C8
ValidityFri, 12 May 2023 08:31:21 GMT - Thu, 10 Aug 2023 08:31:20 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d1beba3efa5b4f1 HTTP/1.1
Host: am4tb9sien64255db14cde3.gulmot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:04:47 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 30 May 2023 15:20:42 GMT
etag: "6476144a-2a"
server: cloudflare
cf-ray: 7d1beba54aafb500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 04 Jun 2023 02:04:47 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
challenges.cloudflare.com/turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.7.185200 OK 19 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.7.185:443
Requested by https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (19175)
Hash 21a964474a4841c3e62893476cfec550
af06eb1e31d451fe557b7581e707cd88a3107491
fb479d9c5db685793fd57b4cacb188d2aa9ab40d660d54e1cf35d0f54b390c12
GET /turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://am4tb9sien64255db14cde3.gulmot.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 04 Jun 2023 00:04:54 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bebd2edd6fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d1bebd3de8a1c0e
104.18.7.185200 OK 176 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d1bebd3de8a1c0e
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m45c3/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 176 kB (176262 bytes)
Hash 406fe5b830c0b5debaea52c6bb0c2f04
467e93a7895d2687890834186f4e80153ac514e6
5f5e536aa2a1fe7f290a96b91d621fa8db80424ad79c40a7df3e54597185d36a
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d1bebd3de8a1c0e HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m45c3/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:04:55 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7d1bebd4eef71c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/51685292:1685833599:cWOw878W4iZP2C1rxSx2BdYSl8FRBfU8u4vgGbJX9Ec/7d1bebd3de8a1c0e/4d11102f166a3dd
104.18.7.185200 OK 77 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/51685292:1685833599:cWOw878W4iZP2C1rxSx2BdYSl8FRBfU8u4vgGbJX9Ec/7d1bebd3de8a1c0e/4d11102f166a3dd
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m45c3/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 86276993dfff51bce5f47002cd07567c
b98fd189633a504c958e42254665092a8d206a97
b7e5a3fffb6ad98f2aa52a9a418d80709a76e1e3df93c61e498777bae1b9f6e0
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/51685292:1685833599:cWOw878W4iZP2C1rxSx2BdYSl8FRBfU8u4vgGbJX9Ec/7d1bebd3de8a1c0e/4d11102f166a3dd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m45c3/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4d11102f166a3dd
Content-Length: 2783
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:04:55 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: xiHI2eZo2ikeluhcmZ0mXF3IF4yf8bLUzjAomipeVclIm4SX+HYXOoahUZDrJQRtZP0YueogCWgUgeV4P/G+LvEat2K5zjpO7qVHMiKujyVKdnbwyoFbwThhaayAT99D8NijZTi/6DgZW0gt49GiC8o/544BmrcK/8w9nSYYxICjWMmWvnY7pS9XWGQzWSOZi/WaLilPiRsN7OHi+2QVk21CI5IunEW1LBGJxvFX0fBpZ08Lo2yV6Q35gsfsYjt12YPdVIszn44AGIPKNij7361qs0kCXt/gYiR8LWsPfIqw8ge4Qjh5hTSSDGLZjdgM14KM+YNC/jjY5KNTqHNfmqNQP1dU9FqnhiXonrf1tKJVnJBmVjN9p/ijgHFXXK7k$T5nXvJMeA3wrp4wh4iATRg==
server: cloudflare
cf-ray: 7d1bebd66f881c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7d1bebd3de8a1c0e/1685837095435/_-v6bJ6jJSPj53c
104.18.7.185200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7d1bebd3de8a1c0e/1685837095435/_-v6bJ6jJSPj53c
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m45c3/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type PNG image data, 72 x 23, 8-bit/color RGB, non-interlaced\012- data
Hash 6660c25832a97c118ec86a4bd0f176ae
8481efbcee0df3bde6f35154f68e83a176043e75
bbac482123e92936d930cc415ed47645795ae01b71b963f7772f5671343c8960
GET /cdn-cgi/challenge-platform/h/g/img/7d1bebd3de8a1c0e/1685837095435/_-v6bJ6jJSPj53c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m45c3/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:04:55 GMT
content-type: image/png
server: cloudflare
cf-ray: 7d1bebd788001c0e-OSL
alt-svc: h3=":443"; ma=86400
am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
188.114.97.1403 Forbidden 8.1 kB URL User Request GET HTTP/2 am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectgulmot.ru
Fingerprint55:21:4D:A4:C9:3E:C6:64:4C:B7:7A:CB:CC:85:30:13:3E:74:75:C8
ValidityFri, 12 May 2023 08:31:21 GMT - Thu, 10 Aug 2023 08:31:20 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8250), with no line terminators
Hash 7cb56d7e4d98a472c7b52536615b092f
8920f7cc2dba11b33bb65c816df95b0607c0af4b
d9a472d119d49938f7df0ba7fd5166c90623f650cf3a4263bac56c19988090b2
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /Mjuan.guarin@sofec.com HTTP/1.1
Host: am4tb9sien64255db14cde3.gulmot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Sun, 04 Jun 2023 00:04:47 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BVRtPsMmTD1E%2BRn%2FYmu6kFBvoBsy43MUSkfqmNSMyoofmaho7DjJ7Bw%2FLoZGvzGT8PWuEXUczxgDKgjLzG4QezB7tyns7VQZ5WB8V7GK%2BAZBQG8o5pRzB5hgVY1b9z8MTBvocsGP48IxLI82JXPCdM7UxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1beba3efa5b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7d1bebd3de8a1c0e/1685837095435/31dec089121bec6c46dcdfb1db3fd045a027794581babd3da1582a75b13a3e03/mJEx5hGZOQZ1OlW
104.18.7.185401 Unauthorized 1 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7d1bebd3de8a1c0e/1685837095435/31dec089121bec6c46dcdfb1db3fd045a027794581babd3da1582a75b13a3e03/mJEx5hGZOQZ1OlW
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m45c3/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type very short file (no magic)
Hash ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/7d1bebd3de8a1c0e/1685837095435/31dec089121bec6c46dcdfb1db3fd045a027794581babd3da1582a75b13a3e03/mJEx5hGZOQZ1OlW HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m45c3/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Sun, 04 Jun 2023 00:04:55 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gMd7AiRIb7GxG3N-x2z_QRaAneUWBur09oVgqdbE6PgMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA2QmmahoTCdzzWU_cjTkt9rzQkK7r0JRDfy3Ug31wK-hp3n5Nlkur9cyfSmGhvETNfzP7DjBWLuFe3BGfCvaMn-2I8epeGGFpx57OKWenWkS0ozAVw8pZwpCGNdPD2eeeWcC63BypcwUcZnnJKohILWHt5HcJ6e71kKJNsOrcX9gfLt3ZesHAVwc1uJomYnRcvyLUtAXgg8B8n-H2X664Z3WqgUtqA8ZprXuyXHIjXxHORfViPZWU-y48WLmCWq4SgzW8OJH-fB8OU4naRCAme2w1bQV7r8xfE0uHuhhsMqoI6A_Q-BHk2mkZDHYaScQrq-E1vjk9ZMN1gVzfLYDHgwIDAQAB, max-age=20
server: cloudflare
cf-ray: 7d1bebd73fde1c0e-OSL
alt-svc: h3=":443"; ma=86400
am4tb9sien64255db14cde3.gulmot.ru/favicon.ico
188.114.97.1403 Forbidden 7.0 kB URL GET HTTP/3 am4tb9sien64255db14cde3.gulmot.ru/favicon.ico
IP 188.114.97.1:443
Requested by https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
Certificate IssuerGoogle Trust Services LLC
Subjectgulmot.ru
Fingerprint55:21:4D:A4:C9:3E:C6:64:4C:B7:7A:CB:CC:85:30:13:3E:74:75:C8
ValidityFri, 12 May 2023 08:31:21 GMT - Thu, 10 Aug 2023 08:31:20 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7199), with no line terminators
Hash 8dfef600441a9372ef7558a402bc4cf1
b5494bb58176cb694f1dabe6357e6b3116cd71a3
9fdd5961e80644ec1b22c70916292646751c820f0fa0fdf944593d74ab2e1906
GET /favicon.ico HTTP/1.1
Host: am4tb9sien64255db14cde3.gulmot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Sun, 04 Jun 2023 00:04:54 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3LOfbxFg8FBAtwofeHExaKG6lq7ws2bP0mVrYcRIMm2kjmowb8haqQgh3XzaH8KsNSgEOdgIkPQVjZCccUwFKJg2XoKiOPSpFtsnPH2K9AKdbBISiHMuITZawq2H1VFSXIZ2AnvJRa5RWeIjnSpHjgJ0Ss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bebd2ac30b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
am4tb9sien64255db14cde3.gulmot.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1398977900:1685833789:epoyiDw-Kk7dA9HAY7lc3Mdxw0J4KdxdPoiZNXy3yP4/7d1beba3efa5b4f1/3cc4ee71efb70b8
188.114.97.1200 OK 7.4 kB URL POST HTTP/3 am4tb9sien64255db14cde3.gulmot.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1398977900:1685833789:epoyiDw-Kk7dA9HAY7lc3Mdxw0J4KdxdPoiZNXy3yP4/7d1beba3efa5b4f1/3cc4ee71efb70b8
IP 188.114.97.1:443
Requested by https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
Certificate IssuerGoogle Trust Services LLC
Subjectgulmot.ru
Fingerprint55:21:4D:A4:C9:3E:C6:64:4C:B7:7A:CB:CC:85:30:13:3E:74:75:C8
ValidityFri, 12 May 2023 08:31:21 GMT - Thu, 10 Aug 2023 08:31:20 GMT
File type ASCII text, with very long lines (7416), with no line terminators
Hash 10a035062c58376b5b0e42dc9c4b1f6e
50a7d1cc8972d656eaeb483233a1a05ada06a73f
19203192bf52fcf6a3af04a8ac6c6c710534ca60f6032b8801acea90af2945c7
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1398977900:1685833789:epoyiDw-Kk7dA9HAY7lc3Mdxw0J4KdxdPoiZNXy3yP4/7d1beba3efa5b4f1/3cc4ee71efb70b8 HTTP/1.1
Host: am4tb9sien64255db14cde3.gulmot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3cc4ee71efb70b8
Content-Length: 1846
Origin: https://am4tb9sien64255db14cde3.gulmot.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:04:54 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: KTZOqgyqNpyoLJWyLDQjVlAteztqp2uO1xCrAgVVZ+rc900tZNwJF3oFY7mwvO8o$7ONbKELWdPymrjYUSGIcvQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwXLKO%2FxrxcCGQWChjQNbQqRNpfbDlgH7xK%2FKsfN2T%2Bj0PLC8vgIOsWoJzOizUswUgB90WHhSFvrQ4ZxVxu%2FVlR%2BmM2ME7vsIj4%2BdfLSzfR71kJebDu9Hegric2OR%2Fo%2BBYy1Qz7TdEmRQfbp3FC89%2Bd7hoU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1bebd37cafb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
am4tb9sien64255db14cde3.gulmot.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7d1beba3efa5b4f1
188.114.97.1200 OK 176 kB URL GET HTTP/3 am4tb9sien64255db14cde3.gulmot.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7d1beba3efa5b4f1
IP 188.114.97.1:443
Requested by https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
Certificate IssuerGoogle Trust Services LLC
Subjectgulmot.ru
Fingerprint55:21:4D:A4:C9:3E:C6:64:4C:B7:7A:CB:CC:85:30:13:3E:74:75:C8
ValidityFri, 12 May 2023 08:31:21 GMT - Thu, 10 Aug 2023 08:31:20 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 176 kB (176114 bytes)
Hash 88eb48c502b8fc13c3f53cc7f3804cee
c3df14acdb1a611d75780653a8bfbdb69f3b16a3
b589de9cf6c103f187328de4b5d116f34738e68dfdfc77947bba83165765db53
GET /cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7d1beba3efa5b4f1 HTTP/1.1
Host: am4tb9sien64255db14cde3.gulmot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com?__cf_chl_rt_tk=wU9tRDEz5ln8AlSMdJ4UZlWq1nLATn6bJetZ05wv7XY-1685837087-0-gaNycGzNDWU
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:04:54 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=We%2Fa%2Fu89K7xXefLZoRyNeUVx7PBWhsVxTBcMWRXIPeAOyOKTzDMrXZ%2BY9DcJxzLks%2F3GKdBeN1dqkD7HO5RXOHcUzSBss7A%2BGVV2xc%2BM1ltzp2RuB907RaMPlhLRu5f0n2%2BlVs%2B0soU1CVg7TyHB%2BFcZmKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1beba55ab7b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m45c3/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
104.18.7.185200 OK 24 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m45c3/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP 104.18.7.185:443
Requested by https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10899)
Hash f82b37de19adfe66de3f6460345713e4
95a01089a9f40f13c5d5dc16c0a74bc1f4baa84c
951ce12850e630a63f2f9ea893edbb587ff8929ac74382d1a7a7425bb022708e
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m45c3/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:04:55 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7d1bebd3de8a1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
am4tb9sien64255db14cde3.gulmot.ru/favicon.ico
188.114.97.1403 Forbidden 7.0 kB URL GET HTTP/3 am4tb9sien64255db14cde3.gulmot.ru/favicon.ico
IP 188.114.97.1:443
Requested by https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
Certificate IssuerGoogle Trust Services LLC
Subjectgulmot.ru
Fingerprint55:21:4D:A4:C9:3E:C6:64:4C:B7:7A:CB:CC:85:30:13:3E:74:75:C8
ValidityFri, 12 May 2023 08:31:21 GMT - Thu, 10 Aug 2023 08:31:20 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7199), with no line terminators
Hash 389d2a11502c536ff97349c3e12d8c3d
74bf331afe15af235c6c605cd472e7303bf6bf76
cf5663e6449aeab598f4ae838c59410651c2bb5f88aa113c53daaea3692b2206
GET /favicon.ico HTTP/1.1
Host: am4tb9sien64255db14cde3.gulmot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am4tb9sien64255db14cde3.gulmot.ru/Mjuan.guarin@sofec.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Sun, 04 Jun 2023 00:04:47 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asBkAdGm4xMBzN0RjfLiUEolBgeRvtTCBgGeIePhGQcnyqqpbssR314nr66sqQeF59P%2F%2FFF6nh4r6KexMx52jDiSattyTW%2BjQYCgC%2FHO70ng704XjkkrJIN%2BPF3xMQzLYx6NAJbQa4sxxjRKhJ7JNvHKBOk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1beba5fb41b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400