benaturalfitnese.sa.com/new/auth/sf_rand_string_lowercase6/ZG9uakBsb25kb25zcG9ydHNwYXJrLmNvbQ==
200 OK
0
URL
User Request
GET
HTTP/1.1
benaturalfitnese.sa.com/new/auth/sf_rand_string_lowercase6/ZG9uakBsb25kb25zcG9ydHNwYXJrLmNvbQ==
IP
ASN
#46606 UNIFIEDLAYER-AS-1
Certificate
IssuerLet's Encrypt
Subject*.benaturalfitnese.sa.com
FingerprintF5:B4:8B:5E:FE:26:11:E8:3D:9B:A1:D6:0A:AD:21:4C:05:29:95:20
ValidityThu, 01 Jun 2023 09:13:09 GMT - Wed, 30 Aug 2023 09:13:08 GMT
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Microsoft Outlook
GET /new/auth/sf_rand_string_lowercase6/ZG9uakBsb25kb25zcG9ydHNwYXJrLmNvbQ== HTTP/1.1
Host: benaturalfitnese.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Jun 2023 00:35:46 GMT
Server: Apache
refresh: 0;url=https://tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
tg99cjqxtr647a2a44d78d6.casagr.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2c98cfbbf00b31
200 OK
42
URL
GET
HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2c98cfbbf00b31
IP
Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT
Magic
GIF image data, version 89a, 1 x 1\012- data
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2c98cfbbf00b31 HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:39:12 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 30 May 2023 15:20:42 GMT
etag: "6476144a-2a"
server: cloudflare
cf-ray: 7d2c98d0fb6cb52d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Tue, 06 Jun 2023 02:39:12 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
200 OK
24085
URL
GET
HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP
Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10899)
Hash
8d9c663e91240121f9c3aa4476127f9c
bf5cf2d6d376079028bd4036a6ebee6f683e57dd
4f194c256c480a724b75e8d3f682e48ebd3d405d246d87aded698aa6d50d3482
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:39:13 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7d2c98d2de0cb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d2c98d2de0cb518
200 OK
180591
URL
GET
HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d2c98d2de0cb518
IP
Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
Magic
ASCII text, with very long lines (65536), with no line terminators
Hash
f729a08054700eee9577681cee5fa11a
7e8044329d74e550db67b7f6f297bacf94967519
58023d2cdfde56365cfa36b59fdd4e4566a11f9a354a8567de09639e381758a4
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d2c98d2de0cb518 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:39:13 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7d2c98d38e61b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/612408604:1686009948:3B8ZbWTf6irr730HMDvceFkTFdRW5NQFRoWdatf1_Lw/7d2c98d2de0cb518/50eb21c87c04bb9
200 OK
140504
URL
POST
HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/612408604:1686009948:3B8ZbWTf6irr730HMDvceFkTFdRW5NQFRoWdatf1_Lw/7d2c98d2de0cb518/50eb21c87c04bb9
IP
Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
Magic
ASCII text, with very long lines (65536), with no line terminators
Hash
fb8c5e297a4aa563d62d9a08c9ba95ca
1c8f00077068d498e81bf6c72e27bafe7991bd71
f7c8147dfbb4959eedac54e47b77179150475238000f4ec9bb0d24df68cab419
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/612408604:1686009948:3B8ZbWTf6irr730HMDvceFkTFdRW5NQFRoWdatf1_Lw/7d2c98d2de0cb518/50eb21c87c04bb9 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 50eb21c87c04bb9
Content-Length: 2796
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:39:13 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: j6RWhz7UTRRtWb5PmAcIeKGSG/9XQ+GP4g4maMS9uwNN5iyH3lgsYrwWM1DVh4AjxZUSfUKjyBqxR+mocd08+Y/Ts+6EPmjRw7I4v6t3dP1//CTv/YgI+b4TlwiQMSOtBQ4UJvXlIUleDJW0VQexMlLuDIi8dYHkRv0XjBXGnZs5biq7wzMYzVgIDOSlp5DoaW5ShEAmhu4b8CFzKvzr224nWiLp3J3KDUbFw7PIlAR4yL2rvuwwYXKkmYUVe+ypjHbHT4vgATgVzcZPAD035buOvUZ43rIALnS3IXOM8dOSG3cup4kmubQwgJRmoeiwJnw5iFBgwHGdErV8qDHEa3aDxXwhugIRKjs6yQA857U=$caY4KghhgvvYn6ID+dbHWw==
server: cloudflare
cf-ray: 7d2c98d51f38b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7d2c98d2de0cb518/1686011953458/8dea9c1d6ad46949ffad02cb96a9ef6328142aa818b4261484c4ae4e0eaa10c0/9OcpsbvMhdH_J4w
401 Unauthorized
1
URL
GET
HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7d2c98d2de0cb518/1686011953458/8dea9c1d6ad46949ffad02cb96a9ef6328142aa818b4261484c4ae4e0eaa10c0/9OcpsbvMhdH_J4w
IP
Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
Magic
very short file (no magic)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/7d2c98d2de0cb518/1686011953458/8dea9c1d6ad46949ffad02cb96a9ef6328142aa818b4261484c4ae4e0eaa10c0/9OcpsbvMhdH_J4w HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Tue, 06 Jun 2023 00:39:13 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gjeqcHWrUaUn_rQLLlqnvYygUKqgYtCYUhMSuTg6qEMAAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA2QmmahoTCdzzWU_cjTkt9rzQkK7r0JRDfy3Ug31wK-hp3n5Nlkur9cyfSmGhvETNfzP7DjBWLuFe3BGfCvaMn-2I8epeGGFpx57OKWenWkS0ozAVw8pZwpCGNdPD2eeeWcC63BypcwUcZnnJKohILWHt5HcJ6e71kKJNsOrcX9gfLt3ZesHAVwc1uJomYnRcvyLUtAXgg8B8n-H2X664Z3WqgUtqA8ZprXuyXHIjXxHORfViPZWU-y48WLmCWq4SgzW8OJH-fB8OU4naRCAme2w1bQV7r8xfE0uHuhhsMqoI6A_Q-BHk2mkZDHYaScQrq-E1vjk9ZMN1gVzfLYDHgwIDAQAB, max-age=20
server: cloudflare
cf-ray: 7d2c98d62fbfb518-OSL
alt-svc: h3=":443"; ma=86400
tg99cjqxtr647a2a44d78d6.casagr.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7d2c98cfbbf00b31
200 OK
188490
URL
GET
HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7d2c98cfbbf00b31
IP
Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT
Magic
ASCII text, with very long lines (65536), with no line terminators
Hash
fc62960c8b87907105f8101f13ca86d2
02af2d79fed189fa51ce4b7742c8aec6fbd9d5ff
f939a909a820b1171edc3dc39418b870dcf8f96310a069c4698ec70e49d6168b
GET /cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7d2c98cfbbf00b31 HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com?__cf_chl_rt_tk=mPEzY9mF_OYRssm7WLVbZSy9_SP_19xhjTOzW3Dp2aE-1686011952-0-gaNycGzNDXs
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:39:12 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FD%2BJHOpsQGCOh1Ez6FbngaWur2LM4psZD579Nu8AwCmHN%2Fl7PXuHGnTlmtN2n0rabV0Oo%2BRlZpoFccm71JcuomC7tV6PpsWmFHEjD7DoiCCO3SoRhHxCHzjGc4U6jIQkLfs8js%2FoooU0p7HMl4tQThAk4M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c98d0fb71b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com
403 Forbidden
8145
URL
User Request
GET
HTTP/2
tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com
IP
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8313), with no line terminators
Hash
1b2232ee06eb86ada27e7945720f1759
9e7e337eaa4c01b617f57e14547d93d5bdea44ba
1524d69d9eeba7d99ef6521b97ab36457e5239f5c73d93c816d0b0e9e7b4c12c
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Microsoft Outlook
GET /Mdonj@londonsportspark.com HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 06 Jun 2023 00:39:12 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkqYNvAIzdeekxlZZXIanoNwRVJ9sxWskus5HmFD5apGivw%2FBfnYIx4DsJBnp%2Bed3W0wwueZLVSKMDJUc69sRDHk%2BsxP4jI8GmE6IDkWDNFwUeihWSTAOxL%2BjWt7ei%2F%2BoogxNKUVVqPxJVPSCbfVY%2BUpuHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2c98cfbbf00b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7d2c98d2de0cb518/1686011953461/pzwl47isVdbyrwC
200 OK
61
URL
GET
HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7d2c98d2de0cb518/1686011953461/pzwl47isVdbyrwC
IP
Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
Magic
PNG image data, 70 x 93, 8-bit/color RGB, non-interlaced\012- data
Hash
21c1ad75ca12e7c6dec0a6d086c28dcb
3a3c1812ea5baed02b8a7376518d8d625308180f
d86ce8e7ded04aca84b5d42bca6708df800df4f3aac52f14ce28b1f95697d0be
GET /cdn-cgi/challenge-platform/h/g/img/7d2c98d2de0cb518/1686011953461/pzwl47isVdbyrwC HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:39:15 GMT
content-type: image/png
server: cloudflare
cf-ray: 7d2c98e07d13b518-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/612408604:1686009948:3B8ZbWTf6irr730HMDvceFkTFdRW5NQFRoWdatf1_Lw/7d2c98d2de0cb518/50eb21c87c04bb9
200 OK
13288
URL
POST
HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/612408604:1686009948:3B8ZbWTf6irr730HMDvceFkTFdRW5NQFRoWdatf1_Lw/7d2c98d2de0cb518/50eb21c87c04bb9
IP
Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
Magic
ASCII text, with very long lines (13288), with no line terminators
Hash
20835913014b59807eb95dc8a23c5d6d
e3269e1f64e64d09d0e664c4d3a7f3c6b4f14be4
f3b34f0787888bfae1f7a1babbc42a24313fe2166954db89ad8ef34bb09cf596
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/612408604:1686009948:3B8ZbWTf6irr730HMDvceFkTFdRW5NQFRoWdatf1_Lw/7d2c98d2de0cb518/50eb21c87c04bb9 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/05yam/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 50eb21c87c04bb9
Content-Length: 22578
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:39:16 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: BsqJxnSCfxgPCZ6MH4fL8eiWcfavhnpIoN5GWtynIHc/vIFOFDxFbMMk9vwWSz28$uAQmPXdEHlmuXiNNw3lALw==
server: cloudflare
cf-ray: 7d2c98ea0b46b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tg99cjqxtr647a2a44d78d6.casagr.ru/favicon.ico
403 Forbidden
7120
URL
GET
HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/favicon.ico
IP
Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7288), with no line terminators
Hash
314488c625a39134e16c2d7e6d1f8a57
e38536d209b5b9659b715bd52fc775ccb9f34169
f1cf43686d6112bd83bde2dab0c244f2a1b2e46b89493ebbd2efa5a1359f9393
GET /favicon.ico HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com?__cf_chl_rt_tk=mPEzY9mF_OYRssm7WLVbZSy9_SP_19xhjTOzW3Dp2aE-1686011952-0-gaNycGzNDXs
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Tue, 06 Jun 2023 00:39:12 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJpqY02MVoZivYpZvGXuqY8AGVOvBj0lu2oFpzP%2FxlWsaB9%2BxDnwL5kysuCfSHwU8YJWymE%2BVnxVOotHTvPJXoXswM%2B6L9nDSJh3Hc9DbTbTEcrwf3HcRIbCJTNU8X2MZUu3AJw%2BREfUL%2FNdKKzYucWdbjw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2c98d14ba2b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit
200 OK
19176
URL
GET
HTTP/2
challenges.cloudflare.com/turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP
Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
Magic
ASCII text, with very long lines (19175)
Hash
21a964474a4841c3e62893476cfec550
af06eb1e31d451fe557b7581e707cd88a3107491
fb479d9c5db685793fd57b4cacb188d2aa9ab40d660d54e1cf35d0f54b390c12
GET /turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tg99cjqxtr647a2a44d78d6.casagr.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 00:39:12 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2c98d1f9f1b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tg99cjqxtr647a2a44d78d6.casagr.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1244492894:1686010142:mxMeuN-URG-Cg2pNRMTkz8I1Yq95PN55iEdfSE7W0xE/7d2c98cfbbf00b31/a41484f2c02ca3d
200 OK
7408
URL
POST
HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1244492894:1686010142:mxMeuN-URG-Cg2pNRMTkz8I1Yq95PN55iEdfSE7W0xE/7d2c98cfbbf00b31/a41484f2c02ca3d
IP
Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT
Magic
ASCII text, with very long lines (7408), with no line terminators
Hash
fb5deb49c2211d0a60056fcd3dd80f4a
aecab3dea14777c447ebac99a52ba6f8ab5da282
ebc0c0af4749d4f28917daf9f6dbe5a10b093935084788119611968ef9ddec83
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1244492894:1686010142:mxMeuN-URG-Cg2pNRMTkz8I1Yq95PN55iEdfSE7W0xE/7d2c98cfbbf00b31/a41484f2c02ca3d HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/Mdonj@londonsportspark.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: a41484f2c02ca3d
Content-Length: 1805
Origin: https://tg99cjqxtr647a2a44d78d6.casagr.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:39:13 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: yUJGrwolGH04NcEeCj4mClX30t6FFsfkLmJTNYaO7GsytKNmw0CDMxgCq/K/52pF$OtijNaPDXg83uuuu3hH5AA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cAGCdNLlaj91KihFoV93yudkJByQuBOrO4ReaU3gJf2K%2F8f2r%2Bz%2FwiGC7efOpw5W1VdubnOeNwpIKhLHRjKf1PgciEb92efBIL59Gn4Dpgj7%2FfnM%2FNR7tNfWqL6bF67mY4qpSfywh%2BAi%2FipGob2gjdvkAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c98d27c57b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
162.241.69.179
104.18.7.185![URL tg99cjqxtr647a2a44d78d6.casagr.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2c98cfbbf00b31](/search?q=http.url.addr:"tg99cjqxtr647a2a44d78d6.casagr.ru%2fcdn-cgi%2fimages%2ftrace%2fmanaged%2fjs%2ftransparent.gif%3fray%3d7d2c98cfbbf00b31"){kind=link}