{"report_id":"4d4b7d21-27e9-4eed-842d-71d73a53f25f","version":6,"status":"done","tags":["phishing","microsoft","outlook"],"date":"2023-11-29T18:43:02Z","url":{"schema":"http","addr":"hkrecruit.sa.com/new/auth/qJuD/R3JlZ2dCQHJlc291cmNlY29uc3VsdGluZy5jb20=","fqdn":"hkrecruit.sa.com","domain":"hkrecruit.sa.com","tld":"sa.com"},"ip":{"addr":"69.49.230.170","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"s36ng5qwcxoerkf.izpelhtpwo.ru/052ri/#GreggB@resourceconsulting.com","fqdn":"s36ng5qwcxoerkf.izpelhtpwo.ru","domain":"izpelhtpwo.ru","tld":"ru"},"title":"s36ng5qwcxoerkf.izpelhtpwo.ru/052ri/#GreggB@resourceconsulting.com"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T10:02:52Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"hkrecruit.sa.com","ip":{"addr":"69.49.230.170","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"2023-05-03","domain_rank":0,"first_seen":"2023-05-03 19:37:28","last_seen":"2023-11-28 18:16:37","alert_count":2,"request_count":1,"received_data":276,"sent_data":537,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":439,"first_seen":"2012-09-30 02:15:09","last_seen":"2023-11-29 05:10:22","alert_count":0,"request_count":1,"received_data":26134,"sent_data":477,"comment":"","tags":null,"fingerprints":null},{"fqdn":"s36ng5qwcxoerkf.izpelhtpwo.ru","ip":{"addr":"172.67.138.17","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-10-24","domain_rank":0,"first_seen":"2023-11-01 17:32:24","last_seen":"2023-11-29 14:33:13","alert_count":1,"request_count":2,"received_data":7939,"sent_data":1021,"comment":"","tags":null,"fingerprints":null},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":0,"first_seen":"2021-10-20 07:02:03","last_seen":"2023-11-29 08:11:22","alert_count":0,"request_count":9,"received_data":451313,"sent_data":5688,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-29","alert":"Sinkholed","trigger":"hkrecruit.sa.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1c862db5f2555377c2dc1e62ed7b3981","sha1":"c29e6dc25c08a70995127ec13ded6f80d9a36174","sha256":"27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac","sha512":"31143265b96385ef4b575b72591775139057dff85891be61591e3d55259b6d1dc95d86a0feec40c801d38e64278cfbe50c3c2a16757f986ad40f716935bf2bb2","ssdeep":"","tlshash":"0c8000ac38802000803328e8002fa8aaa020083030800e022a02e8888cb222c822a8ae","size":26,"data":"","first_seen":"2023-04-11T21:13:06Z","last_seen":"2026-04-06T08:10:18.021609Z","times_seen":267009,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7ce378d89e4c7af24ac7e2ccd9ca9b9","sha1":"c8a276d5dd2dd005f66b680ce0adf40db9a352e0","sha256":"cbdc15016036ffa8f52ed3b08ed12a1f77ad8403adab094d1c531673d478ff49","sha512":"510cb3fb46aa3ea36b7ecf9977383a2b8c2f50f9ba6de57844a71eb096f89dc95cb4874da299585a5760973384768b9da428694f956a714c9a757e8cc4a4e622","ssdeep":"","tlshash":"6be0262d32a29278afc37d29842aef4906b218bd899a1011168e644d242c368c30398e","size":318,"data":"","first_seen":"2024-08-20T17:26:16.950835Z","last_seen":"2024-08-20T17:26:16.950835Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoInltbGh4S1ZpendvVllzTSIpLmdldEF0dHJpYnV0ZSgiVm1kWEtBYUJvYnNsbW5yIikpKSkpO3p4dGlHQk5yRlNkZUFRckFMRkJLPSJDR1JiQ2h3V0tpVkpuZloiOw==","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"76e3e12342f3a71ea6c22b3e8cd30115","sha1":"b860a58ae0064c65205f4bb0653b0e093f407ff7","sha256":"f8bfc1b28e24e8e229d9fd0717abe7ec8a07e26e77545c5ebade7770acca3f9a","sha512":"474c5aa42f4f68814a85974d7c47ca60a480134e6c340f791d207fc070d1d93040a8f7d88e983434f9758b3cb97813840fb4f4e97e23e61f8811f14874537bef","ssdeep":"","tlshash":"55c08c730241787d9e9f22929a38dbdb9cf8a970e81bc904684e6dd1a58dca209404a2","size":163,"data":"","first_seen":"2024-08-20T17:26:16.951919Z","last_seen":"2024-08-20T17:26:16.951919Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d253b976aa21dc0add0a7c6ce5440afb","sha1":"c6803bbf319d4093d9c20638d409131b941da81d","sha256":"f8c88dc7e4c9accfd55e01165000dfb7a0a551d1165239ca0a84f37f01a75c20","sha512":"1978b6ecf1ac57090425f5958f256c1730bcbcc29406608ac11a988f8b268cfb31933c37b77324beadca715b337ff0bf2656f58bb4e802a17070be60b4eca982","ssdeep":"","tlshash":"01f0496eb0192472a0742e227717b3cabb3a625463b33493b22d4594f011ceb82a7e84","size":651,"data":"","first_seen":"2024-08-20T17:26:16.953387Z","last_seen":"2024-08-20T17:26:16.953387Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9a837684f7518289669b962b03118eca","sha1":"68b27e5accc67b8fa40469a396d5f459fce898d7","sha256":"287ed690feaa5fac3d44f319e64f3a571153289557afe689aaaf901e752e10d7","sha512":"6203e0ef858eb6edefa3bdc6e9a00f18a244cfa51ef28924fddfbe74d02b660c0386950752231e4f5b785f1ba35f44a02825f7b94c5b8f7cdc55818ab351717b","ssdeep":"","tlshash":"5a611af995fa019502186a62938fb2001a3002af4c48797c3e9dc44dbf7d43f61b53d9","size":3460,"data":"","first_seen":"2024-08-20T17:26:16.95444Z","last_seen":"2024-08-20T17:26:16.95444Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82dcfe1199341c16","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f1034a1f38806eb95abd0072e954b14","sha1":"e1e65bcef987ab900eb4c6c00ea099f1a1f6a7c2","sha256":"e1216db256c3ff859b96ff4cae3e53058a42ed6e343975dc8a0bb3e206203c81","sha512":"1720321acdf3c5561d99726ad52ffd8a0175199797d8f9b16a3d9653dc19ce94e5f22ce78e270bf20b4298ccaca62d251d7aca9a250bdcbb1a67fb001a61f6df","ssdeep":"1536:Zio7ETlYQ06k2oKHk5u/HbxPUrZHj6AkywzEfr3AKuuIk5T6DRA5LqAH9Rt3AL:ZitTn/1l8rdj63ywzEfjWk4DQqAHjt38","tlshash":"9d0463cc7b81ad58413379387023221670af7d056c7c199efa05b5d42afa31b92d7aee","size":184319,"data":"","first_seen":"2023-11-29T19:43:02Z","last_seen":"2023-11-29T20:38:51Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6142a5f5c66e2c1be52ee9506a565962","sha1":"c3b39e8352efd1e0619b6dd62af8b2a917622868","sha256":"51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7","sha512":"3de194e4c8f32703cfee9e2a48230d21301e28a39beefb36dcb2b8df26b962b3a508e7fd8fe55aca2f619293e293cdf64459bf5d91526cbceda770396765d5e2","ssdeep":"768:3YpyCIUTKuBT1ytljuXeMDKLFn76p+B5nLZ73akHgMO4B4oq0HVi:30nKuBT1Yj7MDCKp","tlshash":"9ff229993187343187ee41e0207b67877339ba3ae58cc840d85bc97539bcd8ad137ba9","size":34254,"data":"","first_seen":"2023-11-07T13:44:12Z","last_seen":"2023-11-30T20:53:42Z","times_seen":32842,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":[{"md5":"134a390698d4747a1bdba68887ebbd73","sha1":"1ad3e0568092c7b64303fe86e701a8b56b0708bf","sha256":"6821abb2f3010aff5a617d3d18218c9d1c3bef86750779ccd00abd7314db5e35","sha512":"36ae1d22065c4ee8c58633b01cb716134671c66ad1548eb65882487cc6e74402a3a993ea30fdca639bd26fac8725a557df0914cd5294978473f9e70618d81ad4","ssdeep":"","tlshash":"c0c08c2ea0398ca96337307f38822c008007ee84e1137ac962c7038002030b34381d21","size":164,"data":"","first_seen":"2023-11-07T14:10:12Z","last_seen":"2024-08-20T20:33:04.427047Z","times_seen":12219,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"69bfe81f969d448928a39ffcebcbaabd","sha1":"8ec3f032985b596021312f491b927d48bce68523","sha256":"1b4ffe75bdb380811bef578516def72060ca5e34d052e9d74af77135b8aeefa4","sha512":"d3d91b7f70e0c636274938b92ea6016ecb8953e80c7deec4e38feaa3383f5712382178d53a14ce7d210c278bee4cf4a1b6fc4ad2968b8a99354a89cdcab31cda","ssdeep":"","tlshash":"9ff00f8ec08333847fae7bee32093ea80aad1bc36568ec2c750964f01fd976110ce905","size":604,"data":"","first_seen":"2024-08-20T17:26:16.961866Z","last_seen":"2024-08-20T17:26:16.961866Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"fc4924ccdb70a98c3578c323a84c30cf","sha1":"df21347fd8768629af61e102ec9331d1a774cae0","sha256":"0af338fbc1237ece1f5b40d46b4ee6f49ae57c808879676c39629797f2da11e0","sha512":"47fbe37df050bad53b75094c8dafa6bddcd3f97700651a378dcdbdd8ae36aaa74244c389c71127f285c41e7a872ced3c620dcaf3582e5b33611ab569dd76e280","ssdeep":"","tlshash":"1011ef9e7ee8bcb7132264d6a9fb1106d223fc88980535148a40c1ce3f61f90950bf7c","size":1039,"data":"","first_seen":"2023-11-29T19:39:37Z","last_seen":"2024-08-20T17:26:17.645764Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"write":[{"md5":"7f9a7b9eebf92553e884d704db877594","sha1":"f397a10786bd68c26bae391548a76382de2d8c37","sha256":"6589b1c4aefbec5592b2b40907c13a19657c6fcc65d5fc4c4f843f83271944bf","sha512":"452c0633d4762a6f7542d844e97d8fccd48705525b84323f24f59ddac87f627c1dfa610ad1f6b70d73a2db29e1c26b0cc21964a956a661ab7a493407cd213af3","ssdeep":"","tlshash":"7971a6a7f4e6003a2a339df3b992236975f15918ceb200417bed326816dbed6710bd4c","size":3692,"data":"","first_seen":"2024-08-20T17:26:16.964762Z","last_seen":"2024-08-20T17:26:16.964762Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a27c88365ce7cd8f68390c4c024e29e1","sha1":"1d15a8d192608f93096ef8d9aa623c360dbb7351","sha256":"0ca2b3df8f04565300bafcd6c929a1d310d2a761ff9f8dda200f3f6cffab50ce","sha512":"1ce1d149845e13e3f312f848dcbd973d241a0815da5aa7202a2db68160a84a21e9585bc115a3020ffc995139a8a25f44c0f28f51e5f9a9099753708e937d6584","ssdeep":"","tlshash":"e671c264acf3509185cbd30cbbe0ed861be0b1a3919a5656bb4c874ec7857ec8957f02","size":3574,"data":"","first_seen":"2023-11-07T13:07:13Z","last_seen":"2024-08-20T20:33:21.268002Z","times_seen":72071,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"hkrecruit.sa.com/new/auth/qJuD/R3JlZ2dCQHJlc291cmNlY29uc3VsdGluZy5jb20=","fqdn":"hkrecruit.sa.com","domain":"hkrecruit.sa.com","tld":"sa.com"},"ip":{"addr":"69.49.230.170","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-29T18:42:48.943931919Z","timestamp":1701283368943,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /new/auth/qJuD/R3JlZ2dCQHJlc291cmNlY29uc3VsdGluZy5jb20= HTTP/1.1\r\nHost: hkrecruit.sa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 29 Nov 2023 18:42:44 GMT\r\nServer: Apache\r\nrefresh: 0;url=https://s36ng5qwcxoerkf.izpelhtpwo.ru/052ri/#GreggB@resourceconsulting.com\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-29","alert":"Sinkholed","trigger":"hkrecruit.sa.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"cdn.jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://s36ng5qwcxoerkf.izpelhtpwo.ru/052ri/#GreggB@resourceconsulting.com","date":"2023-11-29T18:42:50.771Z","timestamp":1701283370771,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://s36ng5qwcxoerkf.izpelhtpwo.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.0.2\r\nx-jsd-version-type: version\r\netag: W/\"260c5-fByeBXPlzqi603M74vxjqoxo6o0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 29 Nov 2023 18:42:46 GMT\r\nage: 14806608\r\nx-served-by: cache-fra-eddf8230097-FRA, cache-bma1658-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 25360\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25360,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65306)","md5":"abe91756d18b7cd60871a2f47c1e8192","sha1":"7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d","sha256":"7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b","sha512":"bac54101debafcda5535f0607b5f60c2cda3e896629e771ad76ac07b697e77e4242d4f5f886d363b55fc43a85ea48a6bfc460a66f2b1fc8f56b27ba326e3a604","ssdeep":"1536:d0bwW83RipVVsEBpy0cuJcf22RWb5CyVUpz600I4fM:d0bwlyVUpz600I4fM","tlshash":"09e3a3d7f581241dd4a7c259a0d1bffd052f4586e3025babb0277bb88b8a6c70963e4c","first_seen":"2023-04-05T03:16:49Z","last_seen":"2026-04-06T07:56:22.316157Z","times_seen":94556,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":28,"dns":1,"connect":10,"send":0,"wait":9,"receive":3,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s36ng5qwcxoerkf.izpelhtpwo.ru/052ri/","fqdn":"s36ng5qwcxoerkf.izpelhtpwo.ru","domain":"izpelhtpwo.ru","tld":"ru"},"ip":{"addr":"172.67.138.17","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-29T18:42:49.158Z","timestamp":1701283369158,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"izpelhtpwo.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 24 Oct 2023 16:27:47 GMT","end":"Mon, 22 Jan 2024 16:27:46 GMT"},"fingerprint":{"sha1":"78:43:8E:47:13:1D:A2:D7:C4:EF:49:8E:9F:3D:8F:6A:6A:61:71:8C","sha256":"87:01:FB:CD:76:A3:B6:8F:3E:6D:F0:86:FE:D6:F9:A1:4F:18:9D:B4:3F:15:CB:0C:0E:5C:CD:53:D5:8C:59:90"}}},"request":{"raw":"GET /052ri/ HTTP/1.1\r\nHost: s36ng5qwcxoerkf.izpelhtpwo.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 29 Nov 2023 18:42:46 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\nset-cookie: PHPSESSID=cpj2glejsmcna5u5n11kghbrs5; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=C2Awp7XdY6yipq85msp4C7WfBexykxej76g8tQqev%2F6XrRMePE3KNFjx1r9eW%2BbUv9V%2FEfZVXYb%2FXGgGGuWQc30Z%2FO1t5kfEwejid%2B2SKPr5qngJ6nuN2232YoaAUJSFsjsMQzSufqjY5BSM0q7ZDg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82dcfe06cdbf56c0-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5233,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (5237), with no line terminators","md5":"128a34a798fa63fec49c70f50f964310","sha1":"ca2b51ebf4f8d2aa00da0f0fd37bd94255428359","sha256":"25374ea56112c498f6835fd65b0d5b2edadb2a8611ce419326af7bd46934650e","sha512":"3c886fe03f5430443e6e2dcb6a97f834003d11a418725a3aa6bbbe263e8aa0a8a85bff992ff084f80f3c77ed9e7c4e34fca87dce462a31b241a090291ab7a9e2","ssdeep":"96:MAR788rRu0bId1Id0PLax17AN/AFqsx/5zt3ASMamIyFPZlT:MASYRNId1Id0zs1ANI15zt3hnmIy5ZlT","tlshash":"8eb1eba2d9121e8ceb14e7c4b35515ab7828bdaf4421e814e5304c2acf7f16045eeb7d","first_seen":"2023-11-29T19:43:02Z","last_seen":"2023-11-29T19:43:02Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1541,"timings":{"blocked":54,"dns":33,"connect":11,"send":0,"wait":1431,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/82dcfe1199341c16/1701283366977/24f0ea5cfb8ecb73cebe946a8fb68d7e22426ac8e5e8290f9989ed75cd859b1f/lywvkx__KSvULAx","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal","date":"2023-11-29T18:42:51.881Z","timestamp":1701283371881,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/pat/82dcfe1199341c16/1701283366977/24f0ea5cfb8ecb73cebe946a8fb68d7e22426ac8e5e8290f9989ed75cd859b1f/lywvkx__KSvULAx HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 Unauthorized\r\ndate: Wed, 29 Nov 2023 18:42:47 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nwww-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gJPDqXPuOy3POvpRqj7aNfiJCasjl6CkPmYntdc2Fmx8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApsOXvs4inomvHEEJWeAmbewj10vTdOMUJh5YooYpzkcTFx8O1fGckZDmN__WSsDanz_dK-uZ_ETYKIumajyX7F3zXM4AXeZC2iYL_e3-Pi1TmaGIMJZdPWVVC9cf8AFwX7fRkcgCHxky-BRBi2T8ry--e2NK119BZC3f1t7LwQTVpP1LL3UYxZNFWJTGISYzuWNO5NvmWgGr2V4bint7BqWVsBG5VguykSCXBQX0WyMxge5W5z-tspRPjpXtc35sgdq737t6ATIZ2BVH0nyYaECjgMbN-BY6w9Y_jz03Ce0StP3YSZijpo1lfW2_lIX3SvsNX-SYCOkZ-9685ZUBSQIDAQAB, max-age=20, PrivateToken challenge=AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tICTw6lz7jstzzr6Uao-2jX4iQmrI5egpD5mJ7XXNhZsfABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyAcIyqXWj0XAym0z5V844rFA0WOzLVwj0uCwmVj6zC4qOH40oBiGHrMNMBnDyk95jvnBAuHeEs855e7nA4l4DPJ4jUWKZbua8BxGAzjn74A1BV81a52F1zvBPUm-VEJXPAPXQehXphSv51uR7HKtfcM5oaS33TGDSy-6xv0r84xjMuTBvwPgXGehxpi1MCGGE5yWkzKN5Zzllk7m6Nkiv6learV-Uz7tzaoPbdZkBk1bFXxm2q07jWavoBZ-JEuEJyjQ00PSTz2Zjpbct6AlR3eCS9sbmXtb5XxSs7JMsvoa8uojD7a5m2SEJIwaf8xKL6wtxkaPonUfvsLj4JoJZQIDAQAB, max-age=20\r\nserver: cloudflare\r\ncf-ray: 82dcfe1778ae1c16-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":null,"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"very short file (no magic)","md5":"ff44570aca8241914870afbc310cdb85","sha1":"58668e7669fd564d99db5d581fcdb6a5618440b5","sha256":"6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5","sha512":"3c266c0035de59eab2a0dd31b3dcb4a9dd157b310289e5db9ab4f8c2fddb7433466d48f25da7ad735a1cb8f2935aa612ad1f62f0efcece3933ba9979082e2304","ssdeep":"","tlshash":"c700000000000003c00000300000003000000000000000000003000000000000000000","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:09:53.324732Z","times_seen":400892,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1957803305:1701282512:_Tz1ajaNphZ4jEYiTBvUfVjSZzTI4udKvroCAn3yvnE/82dcfe1199341c16/63317ed5906f744","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal","date":"2023-11-29T18:42:53.016Z","timestamp":1701283373016,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1957803305:1701282512:_Tz1ajaNphZ4jEYiTBvUfVjSZzTI4udKvroCAn3yvnE/82dcfe1199341c16/63317ed5906f744 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal\r\nContent-type: application/x-www-form-urlencoded\r\nCF-Challenge: 63317ed5906f744\r\nContent-Length: 26274\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 29 Nov 2023 18:42:48 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: VAkGG8MwpQwRZ+e/4d/liyHA6P6JyeuIF3dz2smiWR3M6LpYkbyqYqQOm/LDCbMT$iTw1v+MsWT3fEa680X2LnA==\r\nserver: cloudflare\r\ncf-ray: 82dcfe1e98651c16-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17824,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (17824), with no line terminators","md5":"aa2f8fcf3078341ee1bfb2f7670abb10","sha1":"87d2fcf9ab06696f072cc2a541fb36862969c369","sha256":"88f707131c712716933c44fdd8af2139d66c3eea9ab837ab677ba9155c182cf5","sha512":"d45af2a780fa6c0919c4f1c240c6d9733a75e038c5876b074b105769c5169ebc3b639349c15a7a55baa37e4c5882e440a487c486695e08d9a232ca795d9b8490","ssdeep":"384:Qwj9hrcbfykZQy6wXnGBHweG3TRjyqQAh7FCpfFEHOIun:Qwj9May6wXM1M5h76d+hU","tlshash":"eb82c01e7c74c4eb81a21e871f295a2637d06743f57fccc266d215ab2978d9540c0fe9","first_seen":"2023-11-29T19:43:02Z","last_seen":"2023-11-29T19:43:02Z","times_seen":1,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://s36ng5qwcxoerkf.izpelhtpwo.ru/052ri/#GreggB@resourceconsulting.com","date":"2023-11-29T18:42:50.770Z","timestamp":1701283370770,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://s36ng5qwcxoerkf.izpelhtpwo.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 29 Nov 2023 18:42:46 GMT\r\ncache-control: max-age=300, public\r\naccess-control-allow-origin: *\r\nlocation: /turnstile/v0/g/9914b343/api.js\r\nvary: accept-encoding\r\nserver: cloudflare\r\ncf-ray: 82dcfe10998a0b3d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":34254,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":14,"dns":1,"connect":2,"send":0,"wait":14,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/82dcfe1199341c16/1701283366978/ufTSt3orRH0lU6K","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal","date":"2023-11-29T18:42:51.910Z","timestamp":1701283371910,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/i/82dcfe1199341c16/1701283366978/ufTSt3orRH0lU6K HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 29 Nov 2023 18:42:47 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\ncf-ray: 82dcfe17a8fc1c16-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 98 x 85, 8-bit/color RGB, non-interlaced\\012- data","md5":"f5e916339163d60e1ed658e517794f00","sha1":"67527c18dbfa3e5ab7389f30acc813c6f799e08c","sha256":"fbf844f131147029a117415dacdb312aa1a48027380dbcf6e36a146a939cc193","sha512":"c2b6d996643992cd567067dd09e47801e65a50c0ed7887ce12a6f10020da6171d945397e15b7cfe2847ff49fe6418df4abbe0bd2d654e3f767aacc0a185ca964","ssdeep":"","tlshash":"a8a002e767917c38ca47037b56690091e9320614231301458805d43916166bd84c4b42","first_seen":"2023-06-16T14:44:23Z","last_seen":"2025-04-10T22:00:31.838662Z","times_seen":78,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://s36ng5qwcxoerkf.izpelhtpwo.ru/052ri/#GreggB@resourceconsulting.com","date":"2023-11-29T18:42:50.936Z","timestamp":1701283370936,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://s36ng5qwcxoerkf.izpelhtpwo.ru/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 29 Nov 2023 18:42:46 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ncontent-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndocument-policy: js-profiling\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver: cloudflare\r\ncf-ray: 82dcfe1199341c16-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":73278,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (40091)","md5":"4202ae153d428fca7cdafcc89513786e","sha1":"13202488a677575bc287739975a04b62bd0280ca","sha256":"3184be5de49f67359b78cbd8257e30fd8ac27f40dee3f2195cbc1e1ce45a6777","sha512":"d3ec0a43e179c638af25a957cdcdb55ef22bd67523263f551f67ea38fa2e564d38fb1193275e41351ff07722e29b2cba06e9b7c697a23da2ee1e4a974095739e","ssdeep":"1536:naTfc9IJbBeceIedkeO5gwyc99Kh0afdU6/jPNXhzNmU77JuI15fJRjDbY1GvIjU:ofoTV/Pws9/j1hd77Jv5fJRjDbYMvIjU","tlshash":"4263f6d98ebc3c69ab029a29b0ce51e3732d53471551e598b8dca190cfec04e26f1f79","first_seen":"2023-11-29T19:43:02Z","last_seen":"2023-11-29T19:43:02Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal","date":"2023-11-29T18:42:51.044Z","timestamp":1701283371044,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 29 Nov 2023 18:42:46 GMT\r\ncontent-type: image/png\r\ncache-control: max-age=2629800, public\r\nserver: cloudflare\r\ncf-ray: 82dcfe1239fb1c16-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\\012- data","md5":"9246cca8fc3c00f50035f28e9f6b7f7d","sha1":"3aa538440f70873b574f40cd793060f53ec17a5d","sha256":"c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84","sha512":"a2098304d541df4c71cde98e4c4a8fb1746d7eb9677ceba4b19ff522efdd981e484224479fd882809196b854dbc5b129962dba76198d34aaecf7318bd3736c6b","ssdeep":"","tlshash":"a5a002e763957d7bd94b133756651151f8324514171305458805d475161736c81c4a82","first_seen":"2023-08-25T15:09:14Z","last_seen":"2025-05-14T12:12:43.698394Z","times_seen":189286,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82dcfe1199341c16","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal","date":"2023-11-29T18:42:51.046Z","timestamp":1701283371046,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82dcfe1199341c16 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 29 Nov 2023 18:42:46 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nserver: cloudflare\r\ncf-ray: 82dcfe1239fd1c16-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":184319,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0f1034a1f38806eb95abd0072e954b14","sha1":"e1e65bcef987ab900eb4c6c00ea099f1a1f6a7c2","sha256":"e1216db256c3ff859b96ff4cae3e53058a42ed6e343975dc8a0bb3e206203c81","sha512":"1720321acdf3c5561d99726ad52ffd8a0175199797d8f9b16a3d9653dc19ce94e5f22ce78e270bf20b4298ccaca62d251d7aca9a250bdcbb1a67fb001a61f6df","ssdeep":"1536:Zio7ETlYQ06k2oKHk5u/HbxPUrZHj6AkywzEfr3AKuuIk5T6DRA5LqAH9Rt3AL:ZitTn/1l8rdj63ywzEfjWk4DQqAHjt38","tlshash":"9d0463cc7b81ad58413379387023221670af7d056c7c199efa05b5d42afa31b92d7aee","first_seen":"2023-11-29T19:43:02Z","last_seen":"2023-11-29T20:38:51Z","times_seen":5,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1957803305:1701282512:_Tz1ajaNphZ4jEYiTBvUfVjSZzTI4udKvroCAn3yvnE/82dcfe1199341c16/63317ed5906f744","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal","date":"2023-11-29T18:42:51.251Z","timestamp":1701283371251,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1957803305:1701282512:_Tz1ajaNphZ4jEYiTBvUfVjSZzTI4udKvroCAn3yvnE/82dcfe1199341c16/63317ed5906f744 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/951rs/0x4AAAAAAAMRnHXrz4x5NkcF/auto/normal\r\nContent-type: application/x-www-form-urlencoded\r\nCF-Challenge: 63317ed5906f744\r\nContent-Length: 2903\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 29 Nov 2023 18:42:47 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: jyrt03XKjWPXliW1G0+VUtJzQCdfL9XGRsLS+/uZ0z0wEO1Q5McxIZ5FV9u7Tqu2ytRVtECYoXGMSkE7pBiGgUosZDsUQc3h4qpWuQ9jk5obpz8daIvoph/PjzepxrUihC7u2ChiwXk/s1QuhPWn7j6x5XpIaEydhGcEXYDoVUMpQPYU1rLpGeWH0FRldxZR+25P3D5m9EqRXrkZtnQ4ACU/r5fNyVePg1W09FjZmkEojIJtismxexI357AzkcejoWZnxr5/GpvLzZp9snTfb2/krtOvFAUVR2in89lDcar5gIPUmJ/OxL/7KdeC1wAsRrc8aev6Aac/ODTdjKtzWfXMQNpXaXJNPMlMLGRDfZJS7h5GF3Nt4eQkrDhYuFK23T52zzim57q2fHVjwKJeC5rs9/sUrQx/yg5r3ZTCtt+2wzMlLNt9uxQRC7K1LOZtW+5afi0PBOC7G3qyG5tQZ8RQU5NhXm6NDv46jyG7Q259UNyw4lhAUBtp3UIUJp0KsoKUrDIwHsCwYzHqIY8MN7Lvse0cWM8/dX24C2NnnFs=$0i/IoorUpGNExsIdllqZ8g==\r\nserver: cloudflare\r\ncf-ray: 82dcfe138bc21c16-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102524,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7bc91d6551ab0acae0537b6d78858012","sha1":"9a95a62ac0c1dff0b7f1a21a8ff8cbbf63ad4896","sha256":"3c534d17b0843110a2f977556d834edba5cc8f86fc4d19ff8c0d2e61cec01530","sha512":"16d355011ac8a08f21097d2048160d2bef71390f8a145893e72558b61f970b1f58f6e290a282d7bb9fdcff80e57112b1875c03db1286d29f42cd7d31c45d4d01","ssdeep":"1536:vQ5fMcGRDe4+qhCODP7QkPTYDy/vGdI4/IIdRECcrrfaNhdvVLFj:vQBMc4h+o7QiTYDy/vGdIHIYC0wB","tlshash":"c5a312450a7c9f4e11635bedd549bd0640890c07284de0e36ea6bb86ac0d79b5c2ffeb","first_seen":"2023-11-29T19:43:02Z","last_seen":"2023-11-29T19:43:02Z","times_seen":1,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":70,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://s36ng5qwcxoerkf.izpelhtpwo.ru/052ri/#GreggB@resourceconsulting.com","date":"2023-11-29T18:42:50.808Z","timestamp":1701283370808,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/g/9914b343/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://s36ng5qwcxoerkf.izpelhtpwo.ru/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 29 Nov 2023 18:42:46 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82dcfe10c9c40b3d-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34254,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (34253)","md5":"6142a5f5c66e2c1be52ee9506a565962","sha1":"c3b39e8352efd1e0619b6dd62af8b2a917622868","sha256":"51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7","sha512":"3de194e4c8f32703cfee9e2a48230d21301e28a39beefb36dcb2b8df26b962b3a508e7fd8fe55aca2f619293e293cdf64459bf5d91526cbceda770396765d5e2","ssdeep":"768:3YpyCIUTKuBT1ytljuXeMDKLFn76p+B5nLZ73akHgMO4B4oq0HVi:30nKuBT1Yj7MDCKp","tlshash":"9ff229993187343187ee41e0207b67877339ba3ae58cc840d85bc97539bcd8ad137ba9","first_seen":"2023-11-07T13:44:12Z","last_seen":"2023-11-30T20:53:42Z","times_seen":32842,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s36ng5qwcxoerkf.izpelhtpwo.ru/favicon.ico","fqdn":"s36ng5qwcxoerkf.izpelhtpwo.ru","domain":"izpelhtpwo.ru","tld":"ru"},"ip":{"addr":"172.67.138.17","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://s36ng5qwcxoerkf.izpelhtpwo.ru/052ri/#GreggB@resourceconsulting.com","date":"2023-11-29T18:42:50.924Z","timestamp":1701283370924,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"izpelhtpwo.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 24 Oct 2023 16:27:47 GMT","end":"Mon, 22 Jan 2024 16:27:46 GMT"},"fingerprint":{"sha1":"78:43:8E:47:13:1D:A2:D7:C4:EF:49:8E:9F:3D:8F:6A:6A:61:71:8C","sha256":"87:01:FB:CD:76:A3:B6:8F:3E:6D:F0:86:FE:D6:F9:A1:4F:18:9D:B4:3F:15:CB:0C:0E:5C:CD:53:D5:8C:59:90"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: s36ng5qwcxoerkf.izpelhtpwo.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://s36ng5qwcxoerkf.izpelhtpwo.ru/052ri/\r\nCookie: PHPSESSID=cpj2glejsmcna5u5n11kghbrs5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 29 Nov 2023 18:42:46 GMT\r\ncontent-type: text/html\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: BYPASS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=gpK4HYyMGL%2B8gc8FVn7xphRQz5QDAjXD4DKzhp%2Ftp2V%2Fsl67brfBSPIBVQVdIlggRRkL%2B6i15Ffcvfdu5TGFlcGVWaSWT34MR5l0uK9sDn0BxB%2BsMYp330jjom%2FZk56wC4Li799QhXZUSZZE6NYI0A%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82dcfe117d3e56c1-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1236,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (1274), with no line terminators","md5":"8c16945397b2ea2fa974494c910f6d08","sha1":"87289c714f1955cc0a4b8d0f5319bf0dcf771141","sha256":"16782bd72a33f1963efb1d59aa17f964a604235a255e51dd4aafe0e0587040c6","sha512":"c57c43f89f7120d957597532db1634c5085a982de4cf3a1e4251a6593af28262362cbb1163a81e47c2a46c0cada341839ac2824e25b94dfbc8c2c116b84f9f90","ssdeep":"","tlshash":"c621423ec1c1920a94171198f7d1b278265ac341db930fb4364d7068f6cd0ee56a3fc4","first_seen":"2023-04-05T04:31:49Z","last_seen":"2025-03-27T15:32:37.859784Z","times_seen":16264,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}