rgestates.com/tmp/auth/sf_rand_string_lowercase6/bC5ha2Vyc0BkZS5rcmFubmljaC1zb2xhci5jb20=
95.217.142.125200 OK 0 B URL User Request GET HTTP/2 rgestates.com/tmp/auth/sf_rand_string_lowercase6/bC5ha2Vyc0BkZS5rcmFubmljaC1zb2xhci5jb20=
IP 95.217.142.125:443
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.rgestates.com
Fingerprint05:FD:D3:52:79:15:A5:77:FE:82:69:04:F3:91:CC:36:B7:F1:74:5B
ValiditySun, 23 Apr 2023 06:49:16 GMT - Sat, 22 Jul 2023 06:49:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /tmp/auth/sf_rand_string_lowercase6/bC5ha2Vyc0BkZS5rcmFubmljaC1zb2xhci5jb20= HTTP/1.1
Host: rgestates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
refresh: 0;url=https://cnsskg.omenmy.ru/Ml.akers@de.krannich-solar.com
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
expires: Sun, 09 Jul 2023 19:25:08 GMT
content-length: 0
date: Fri, 09 Jun 2023 19:25:08 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
cnsskg.omenmy.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d4bc2457f150b55
188.114.96.1 42 B URL cnsskg.omenmy.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d4bc2457f150b55
IP 188.114.96.1:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d4bc2457f150b55 HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cnsskg.omenmy.ru/Ml.akers@de.krannich-solar.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:09 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 06 Jun 2023 11:54:00 GMT
etag: "647f1e58-2a"
server: cloudflare
cf-ray: 7d4bc246bfdcb515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 09 Jun 2023 21:25:09 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
cnsskg.omenmy.ru/ASSETS/img/BIMG-64837c9aee3f2.css
188.114.96.1200 OK 306 kB URL GET HTTP/3 cnsskg.omenmy.ru/ASSETS/img/BIMG-64837c9aee3f2.css
IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 306 kB (306493 bytes)
Hash 7d07c247e8dfd5bfaf9a7169b5c402bd
392cc7836ca5418f3e65cc67f5680b2a359399dc
345f500582fb5cfc20df5426c6b54bb0bcaa62eb0249a4a661dc9716a9edc006
Analyzer Verdict Alert quad9 Sinkholed
GET /ASSETS/img/BIMG-64837c9aee3f2.css HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: image/png
content-length: 306493
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 19:25:15 GMT
last-modified: Wed, 07 Jun 2023 13:57:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZj7ZRfIusx2%2FLhWgSpI8TkCtoFQjZ%2Byp1BkXWNbX2%2BQrsm%2Bole7yxQocAu6s9x%2F5g8JisMVMnr%2Bz%2FZyIpg8FOj2XicViNgqrnwlLSjgwly2XmP9rQvsi2KdxXldzYpRcDVU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4bc273ece7b515-OSL
alt-svc: h3=":443"; ma=86400
aadcdn.msauthimages.net/c1c6b6c8-1gxiiuz3fxnoecqt8t7q1yeqr0sfermpsrwlzvdf2ny/logintenantbranding/0/bannerlogo?ts=636857438906864615
152.199.23.72200 OK 6.0 kB URL GET HTTP/2 aadcdn.msauthimages.net/c1c6b6c8-1gxiiuz3fxnoecqt8t7q1yeqr0sfermpsrwlzvdf2ny/logintenantbranding/0/bannerlogo?ts=636857438906864615
IP 152.199.23.72:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D
ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 260x132, components 3\012- data
Hash da1ce92d54d58c0c0f75afb030b5cf34
7553f4e7ccd543c42fff49c6ef03702d8c1e26c9
62d30be18ed546fa4369b22298ef106f79549bf6f95dba3e4b073f1ea84ecdb6
GET /c1c6b6c8-1gxiiuz3fxnoecqt8t7q1yeqr0sfermpsrwlzvdf2ny/logintenantbranding/0/bannerlogo?ts=636857438906864615 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 15620
cache-control: public, max-age=86400
content-md5: 2hzpLVTVjAwPda+wMLXPNA==
content-type: image/*
date: Fri, 09 Jun 2023 19:25:17 GMT
etag: 0x8D692776AE44092
last-modified: Thu, 14 Feb 2019 12:24:51 GMT
server: ECAcc (ska/F7A7)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5e0ea99b-101e-0076-2be3-9aa88e000000
x-ms-version: 2009-09-19
content-length: 6046
X-Firefox-Spdy: h2
cnsskg.omenmy.ru/favicon.ico
188.114.96.1404 Not Found 1.2 kB URL GET HTTP/3 cnsskg.omenmy.ru/favicon.ico
IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1276), with no line terminators
Hash 24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlrKYXsmZ72sprPwltPNqNsqgjMrIquCih193VoW53sGvx3FEMecXMaUDFQ5fQePssMljOHzVBdDrz6XvN4yKta7j2i9luUQPy8Y9p%2FrHkVPIxVWVUPi%2FPEz9Eu230sJA9wD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4bc2725a3eb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cnsskg.omenmy.ru/api-as1f?email=l.akers@de.krannich-solar.com&data=background
188.114.96.1200 OK 92 B URL GET HTTP/3 cnsskg.omenmy.ru/api-as1f?email=l.akers@de.krannich-solar.com&data=background
IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash aad95e38685adbbb015b6b0f98f29d05
1ab311ced4a357d1d8be3823afec705f4b86bf22
6ad391cad1edcbf2e5be960da87b5ee958e0ed1b244d51ad811da09ee12b4827
GET /api-as1f?email=l.akers@de.krannich-solar.com&data=background HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9PHh0jQ0QvCi3um4aIKdcoFVR4zvKanfQpOO1nED4OE%2FzFBjUSeKfJVlsTHafHOHnM%2FTMhKfU%2FYqOnmMmjJoaXym72KTH%2F6jasp0ufPXwyQv5kgZ8m%2FwOgTRWJIi772zN9w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc2727a85b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cnsskg.omenmy.ru/Ml.akers@de.krannich-solar.com
188.114.96.1302 Found 24 kB URL User Request POST HTTP/3 cnsskg.omenmy.ru/Ml.akers@de.krannich-solar.com
IP 188.114.96.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
POST /Ml.akers@de.krannich-solar.com HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cnsskg.omenmy.ru/Ml.akers@de.krannich-solar.com?__cf_chl_tk=mg0j_SA5Yi2D4vx9qVBwqENbxS4CxHHCntdAImBiQV4-1686338709-0-gaNycGzNC6U
Content-Type: application/x-www-form-urlencoded
Content-Length: 3147
Origin: https://cnsskg.omenmy.ru
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
set-cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; path=/; expires=Sat, 08-Jun-24 19:25:14 GMT; domain=.omenmy.ru; HttpOnly; Secure; SameSite=None
PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvWCOwLlbuAqgwstDL32vc8hhNgU0yPdPdwyo%2F0Z7%2Bjn8USTSErbWE%2BxXUeJIBBB1ydUoQAsS25jCRbYSxWhsWoVW4Kg73ZjHOi%2Bo0WdyN3au6ZAwLuHIsEDaJRk%2BVkha6sy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc2640cdfb515-OSL
alt-svc: h3=":443"; ma=86400
cnsskg.omenmy.ru/2
188.114.96.1200 OK 39 kB IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /2 HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZt9EBSDvHy0iSS958AS4FJMvDBL8HOXQ6AtgBCUBkGxVGu9Lvwt1f3mPzmlLsgO5zii7yHEvIGL2vbFfM4H%2BcM7JymQb0LW3N9q7xZz8z2aSxGn%2FKjphTMnda%2BtmP5ZwjSi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc271f9aeb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
188.114.96.1200 OK 24 kB URL User Request GET HTTP/3 cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
IP 188.114.96.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (22448)
Hash 35eb6419aee2d473c2b04232931a4f26
53fd00066e18179b28ce67c5f6b4dc489868be7c
8c6b0bc3da12549bf03c2777a96512fa6502d06b916ee231b1ae8a024441763a
Analyzer Verdict Alert quad9 Sinkholed
GET /beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cnsskg.omenmy.ru/Ml.akers@de.krannich-solar.com?__cf_chl_tk=mg0j_SA5Yi2D4vx9qVBwqENbxS4CxHHCntdAImBiQV4-1686338709-0-gaNycGzNC6U
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FT3EA9aa6Yb6%2Fcv%2B9Dr5O6MoCPxFVfzGsktVFGA9OuAbknRun5VTDNyIymry8V1QEZxbtIUrFxpdCyRQzAXgN6LPvT3BMhalxX%2FWvx86LfD7EFOeOZPwHjjZcTWInB5csN0j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc26fce48b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cnsskg.omenmy.ru/jq/1a075e8969fd60c5f44402730599af4664837c9a5cb7c
188.114.96.1200 OK 86 kB URL GET HTTP/3 cnsskg.omenmy.ru/jq/1a075e8969fd60c5f44402730599af4664837c9a5cb7c
IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer Verdict Alert quad9 Sinkholed
GET /jq/1a075e8969fd60c5f44402730599af4664837c9a5cb7c HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 19:25:14 GMT
last-modified: Wed, 07 Jun 2023 13:57:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l940Rimf9wpoOHuhJb90sD51OHzb48mJLHnqNWZu37PtQQ8iZrYGNu6HXBUVFB9MsY7hT2bY7ila8pKhNpV8S0Z9FILNwqOlZMPjlLD3DUK2yufc2s1Qaho7V4ld4zwov3a4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc270cfccb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios/dist/axios.min.js
104.16.123.175302 Found 32 kB URL GET HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.123.175:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.4.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H2GSQDB30118BRB3YJQQGDEF-fra
cf-cache-status: HIT
age: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4bc270e9dbb50f-OSL
X-Firefox-Spdy: h2
unpkg.com/axios@1.4.0/dist/axios.min.js
104.16.123.175200 OK 32 kB URL GET HTTP/2 unpkg.com/axios@1.4.0/dist/axios.min.js
IP 104.16.123.175:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (31803)
Hash 6470a918ba1fd4b8d0882df0269ddb82
97814fdab64aa7d1b30f082f9eb272d4b1ce18a2
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e
GET /axios@1.4.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cnsskg.omenmy.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7c62-l4FP2rZKp9GzDwgvnrJy1LHOGKI"
via: 1.1 fly.io
fly-request-id: 01GZP8TZEXW4PFCT61FHX2WRTS-fra
cf-cache-status: HIT
age: 3037808
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4bc270f9f7b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
cnsskg.omenmy.ru/o/1a075e8969fd60c5f44402730599af4664837c9ab32e4
188.114.96.1200 OK 3.7 kB URL GET HTTP/3 cnsskg.omenmy.ru/o/1a075e8969fd60c5f44402730599af4664837c9ab32e4
IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3695), with no line terminators
Hash d633a913e6f3b1f45774b9874dfc85e0
5ba1344048578062c93cfddfdf8458477eaca476
c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714
Analyzer Verdict Alert quad9 Sinkholed
GET /o/1a075e8969fd60c5f44402730599af4664837c9ab32e4 HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 19:25:14 GMT
last-modified: Wed, 07 Jun 2023 13:57:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGousV%2BoqsvxM4JbY1z4TN5lHj52XPsKpMGBxKGllVC03gUB9MX%2BFpLXZVxOBNQdrVS4NZNgrbphWqBHuCS8lGnfEl8TNAlAz1ttVXGaAHixkC1MrWxy23HMd%2FWKxjSLFTo9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc2726a5db515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cnsskg.omenmy.ru/ic/1a075e8969fd60c5f44402730599af4664837c9ab32bb
188.114.96.1200 OK 17 kB URL GET HTTP/3 cnsskg.omenmy.ru/ic/1a075e8969fd60c5f44402730599af4664837c9ab32bb
IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Analyzer Verdict Alert quad9 Sinkholed
GET /ic/1a075e8969fd60c5f44402730599af4664837c9ab32bb HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:17 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 19:25:15 GMT
last-modified: Wed, 07 Jun 2023 13:57:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWv8heiqhIfuIyWnnpa6NZM%2FN6Kcy%2BiqNDn7hKDfdXukjLwjGZIXtlX2zY%2BRs8zuf4wvhbPmDXaMxVgMa0hHMOpW3AeyEIWsGlXbUYhTDRXxbtVOWgGxp1%2FMFVd5p9W58h3R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc2752e99b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cnsskg.omenmy.ru/Ml.akers@de.krannich-solar.com
188.114.96.1403 Forbidden 7.7 kB URL User Request GET HTTP/2 cnsskg.omenmy.ru/Ml.akers@de.krannich-solar.com
IP 188.114.96.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7874), with no line terminators
Hash 23eda694dc13c01c3ee448564d22a468
873bc4069689d6e4dc4c664247439aafa5d3450b
c81d03aa1f75a5603f65231d1d0e790d5c7cce7f5a2a410de3bb9d1985731860
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /Ml.akers@de.krannich-solar.com HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 09 Jun 2023 19:25:09 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RluQGjJN02JBMbcopeaRC3gzizO6HB8QmYXPgWdqsZdLxhrq%2Fie6IzDdHXC16yuFPVD3LfSeKapV7eoj%2Ftn%2FYF4PICim67qRR84V4ZRh1Wn1mKD1itasRk6PyOxlbnB7qiwr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4bc2457f150b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cnsskg.omenmy.ru/e/1a075e8969fd60c5f44402730599af4664837c9ab32eb
188.114.96.1200 OK 513 B URL GET HTTP/3 cnsskg.omenmy.ru/e/1a075e8969fd60c5f44402730599af4664837c9ab32eb
IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (529), with no line terminators
Hash adc405f5fd089662209870ca5d2106f7
3a8b776df84bf251afc6ddd802cc5bbeddfb0e36
e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49
Analyzer Verdict Alert quad9 Sinkholed
GET /e/1a075e8969fd60c5f44402730599af4664837c9ab32eb HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 19:25:14 GMT
last-modified: Wed, 07 Jun 2023 13:57:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNCuGEXzuuxVoEBqBLMvZcmzSy2ervHnbhoR5CKKg%2B4qcpVSWXtdPUyI%2Fw2de2z4TOxEc93WKTafPFMXhciqD4cfZeuHkW626ubMpmQM8d19FaaDFeXdiHTMmQF7BIYVf0Nb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc2726a60b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cnsskg.omenmy.ru/api-as1f?email=l.akers@de.krannich-solar.com&data=logo
188.114.96.1200 OK 168 B URL GET HTTP/3 cnsskg.omenmy.ru/api-as1f?email=l.akers@de.krannich-solar.com&data=logo
IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash ab6019d708ef01cfde03ba550ad71d9c
bfafd9bf0203a1bbfe6937b6e4b87f8746abfbfc
fd454ac827b484a6c706932beefbd46153ecec9b98dfb720cfb0b1a5ad7fc805
GET /api-as1f?email=l.akers@de.krannich-solar.com&data=logo HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:17 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ggLyAedtJ6JygW0WcYZA5t%2BGVRY6mQSkxU9f5qMCAwF3FAilYQ6Ib9jyZ5kBQmDUxnpiKe0hJI5Ke3O7P2yFaBReQQSj1E%2BQJ58eHY3mRb%2FPicUoueqOLzwi%2BTAI8BIxg%2F2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc2727a82b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cnsskg.omenmy.ru/boot/1a075e8969fd60c5f44402730599af4664837c9a5cb81
188.114.96.1200 OK 51 kB URL GET HTTP/3 cnsskg.omenmy.ru/boot/1a075e8969fd60c5f44402730599af4664837c9a5cb81
IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type ASCII text, with very long lines (50758)
Hash 67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Analyzer Verdict Alert quad9 Sinkholed
GET /boot/1a075e8969fd60c5f44402730599af4664837c9a5cb81 HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 19:25:14 GMT
last-modified: Wed, 07 Jun 2023 13:57:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAvVnuhOi%2FWA8YoDgyLsgVQ6BMczZB%2BHolV0Z2M%2BrXMjnho%2Fkcv7JkRXAhpQbEswMuQTb1D3N9DzL9Q2savAsm59jfFpxnCSja%2FYCahJzoSiY7HB53weNgsvftfS0fsbUYPg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc270cfcdb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cnsskg.omenmy.ru/jm/1a075e8969fd60c5f44402730599af4664837c9a5cb87
188.114.96.1200 OK 6.1 kB URL GET HTTP/3 cnsskg.omenmy.ru/jm/1a075e8969fd60c5f44402730599af4664837c9a5cb87
IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type ASCII text, with very long lines (6175), with no line terminators
Hash 0b3cd9bfcbe6444742df90b00f63efc3
0c978b0541c9659215908034b6299f78135c935c
2065edfabc7924bff8e65b4b4ade30bb341d70ab350518bfbad98e1d4f35266f
Analyzer Verdict Alert quad9 Sinkholed
GET /jm/1a075e8969fd60c5f44402730599af4664837c9a5cb87 HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 19:25:14 GMT
last-modified: Wed, 07 Jun 2023 13:57:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIVnN%2B8I6YbzzPh9LgZJx27nhdGHZH%2Frsp5Q3SsG5VvXZ4TFhGtuP7fGwZJ3kuYrCTpJyKUnmvtoNgVjHWYteLOvBBuAyb4qbimixKVYREu5X4Ke9l%2BLCX1YkbpmFmSpipeE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc270cfd0b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cnsskg.omenmy.ru/APP-1YZAFF/1a075e8969fd60c5f44402730599af4664837c9ab32c0
188.114.96.1200 OK 105 kB URL GET HTTP/3 cnsskg.omenmy.ru/APP-1YZAFF/1a075e8969fd60c5f44402730599af4664837c9ab32c0
IP 188.114.96.1:443
Requested by https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Certificate IssuerGoogle Trust Services LLC
Subjectomenmy.ru
Fingerprint5B:0F:7E:70:ED:95:D4:24:0D:01:71:DA:FB:B5:79:F4:4D:09:C6:FF
ValidityThu, 25 May 2023 10:26:14 GMT - Wed, 23 Aug 2023 10:26:13 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (105369 bytes)
Hash 8e6b0f88563f9c33f78bce65cf287df7
ef7765cd2a7d64ed27dd7344702597aff6f8c397
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a
Analyzer Verdict Alert quad9 Sinkholed
GET /APP-1YZAFF/1a075e8969fd60c5f44402730599af4664837c9ab32c0 HTTP/1.1
Host: cnsskg.omenmy.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cnsskg.omenmy.ru/beebb091955c06fa68b3eb8afc0bae5164837c9a4fccdPASbeebb091955c06fa68b3eb8afc0bae5164837c9a4fccf
Cookie: cf_clearance=8_W0IQn_VXQS699XkEc2QJ8MGUzhTdaYYAZ2eZLc2zg-1686338709-0-160; PHPSESSID=66b84330c8b6d67b780e625f60f5ae1b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 19:25:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 19:25:14 GMT
last-modified: Wed, 07 Jun 2023 13:57:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hr27Tgu7WNRBvWQBKyKHaZbQu3tQRU%2FTW4VZYz6RJG8HuK6y%2BU2p7jvhoZp5Dd9UjhRrey%2Fk%2FeNiVjh02uvnCk5iFjPP7uxTyNMAfpSwY9oyTdDgVHy7%2B7l5hXsAgxLMmf21"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4bc2728a91b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400