| mnww.swastablep.ru/favicon.ico |  172.67.148.222 | 404 Not Found | 9.9 kB |
URL GET HTTP/3mnww.swastablep.ru/favicon.ico IP172.67.148.222:443
Requested byhttps://mnww.swastablep.ru/XEOTNu/?qrc=pdudley@slurpmail.net CertificateIssuerGoogle Trust Services Subjectswastablep.ru Fingerprint0D:05:D6:69:4D:80:E1:26:98:81:F1:4F:FA:FF:84:E9:60:87:48:24 ValiditySun, 05 Jan 2025 20:27:05 GMT - Sat, 05 Apr 2025 21:24:45 GMT
Hash74d6c3d56e77384b2bf8f9310c5c3335 909a8c7a0213e5001e10ee30040a4d725739295d 428a17426b123c3592acfeccd2313d2b9e08c2beaa61a9ef5547996874b5a993
GET /favicon.ico HTTP/1.1
Host: mnww.swastablep.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mnww.swastablep.ru/XEOTNu/?qrc=pdudley@slurpmail.net
Cookie: XSRF-TOKEN=eyJpdiI6IktYNXJxd2xGTHJDb2RUaFpmenZFNkE9PSIsInZhbHVlIjoiMkhmU2NLTEpqelZtTjJpRXNyTlJ4Szk0WnV6d2hJT3ZENHV3b1hTbW9MSmRDSjFIVGhRaUs2S3BPcW9qS2RlVGhQU3NiMnozVVZacFBKcGFiWmxlVEdJY0J4NVMvL3FNVGpDZ1JkVnZHeEVqUjJ2aFJCNVB1MEZ0Y21ZOHF3VWwiLCJtYWMiOiJhYTdkYjU4NTY2M2M3OWFlMTdjMWMzYzBjYjliYThjZjcyZDkzMDNhYWM3Mzk3MzkyNzcwMGYwZDEwODBiMWQ4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IldwNTZTTEphN0V5KzFlRnhvb3VXdVE9PSIsInZhbHVlIjoiWGRaTzQyMEpSRkZpcm5qV3V3N3NLeG9uS2Q4MnlScmRMRFRNZ1lLcWs2NTNlc25tV1VZM1RUU2FINWE5bTc4OG1yZUYwaGowc3VrTFlYUUUrMTBwbEVMOXoxV3c0ZFErcktPVUtRL0FOUTRJdFp3V0NTTHlpZks4ajgxeFJNdHkiLCJtYWMiOiIyM2UwN2NkM2YwYTMxNDFhNGE2NDVkNGM1MGYyYTYwZDkxNDQxNjcyOTI2MmExMmY4ODhhYTIyZDYxMzg5NDhjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Sat, 15 Feb 2025 16:09:51 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
age: 179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1d688cJSNPDgb8DB%2BLG3%2FvnZv163Cuu%2BfDscb0EEIsIOUDp79m8xOqqZV5xBl3kJAoK6u9e9MStYQng9s%2FKmMxuh2TXu4ynC8QuUhn5K1omo46DuCGIjOLc7PaHFxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
priority: u=6,i=?0
server: cloudflare
cf-ray: 9126908f9ff8b4ed-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=74771&min_rtt=74691&rtt_var=28066&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2823&recv_bytes=2103&delivery_rate=38130&cwnd=220&unsent_bytes=0&cid=ed45dd98a4183407&ts=94&x=0", cfL4;desc="?proto=QUIC&rtt=5424&min_rtt=5308&rtt_var=2222&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4155&recv_bytes=1822&delivery_rate=94884&cwnd=12000&unsent_bytes=0&cid=0223b92bf5be2193&ts=3096&x=1", cfExtPri, cfHdrFlush;dur=0
|
| mnww.swastablep.ru/XEOTNu/?qrc=pdudley@slurpmail.net | 172.67.148.222 | 200 OK | 383 kB |
URL User Request GET HTTP/2mnww.swastablep.ru/XEOTNu/?qrc=pdudley@slurpmail.net IP172.67.148.222:443
CertificateIssuerGoogle Trust Services Subjectswastablep.ru Fingerprint0D:05:D6:69:4D:80:E1:26:98:81:F1:4F:FA:FF:84:E9:60:87:48:24 ValiditySun, 05 Jan 2025 20:27:05 GMT - Sat, 05 Apr 2025 21:24:45 GMT
File typeHTML document, ASCII text, with very long lines (65299) Size383 kB (382871 bytes) Hash9143263775f93f7aaa8a3926277ed0a3 f0d71d0933514ff2555dec07285a32f96865cbd8 7f91f3812cd06c12f1a620a57299d9e9ce5186c85c8911d5739be0547f5e5096
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
GET /XEOTNu/?qrc=pdudley@slurpmail.net HTTP/1.1
Host: mnww.swastablep.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Feb 2025 16:09:48 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbY4bPk2NiOlQT8HIiX6CPT7X2Crxvkq2XD2pmCJVAZpksJE81%2BsFc7A6pI7qmwAF0zn%2BmiFnAyqJKN8lmc8dG%2FD5WQN2O4cdexIG07gcIALlUAi8sLYUsy31ZB0OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6IktYNXJxd2xGTHJDb2RUaFpmenZFNkE9PSIsInZhbHVlIjoiMkhmU2NLTEpqelZtTjJpRXNyTlJ4Szk0WnV6d2hJT3ZENHV3b1hTbW9MSmRDSjFIVGhRaUs2S3BPcW9qS2RlVGhQU3NiMnozVVZacFBKcGFiWmxlVEdJY0J4NVMvL3FNVGpDZ1JkVnZHeEVqUjJ2aFJCNVB1MEZ0Y21ZOHF3VWwiLCJtYWMiOiJhYTdkYjU4NTY2M2M3OWFlMTdjMWMzYzBjYjliYThjZjcyZDkzMDNhYWM3Mzk3MzkyNzcwMGYwZDEwODBiMWQ4IiwidGFnIjoiIn0%3D; expires=Sat, 15-Feb-2025 18:09:47 GMT; Max-Age=7200; path=/; secure; samesite=none
laravel_session=eyJpdiI6IldwNTZTTEphN0V5KzFlRnhvb3VXdVE9PSIsInZhbHVlIjoiWGRaTzQyMEpSRkZpcm5qV3V3N3NLeG9uS2Q4MnlScmRMRFRNZ1lLcWs2NTNlc25tV1VZM1RUU2FINWE5bTc4OG1yZUYwaGowc3VrTFlYUUUrMTBwbEVMOXoxV3c0ZFErcktPVUtRL0FOUTRJdFp3V0NTTHlpZks4ajgxeFJNdHkiLCJtYWMiOiIyM2UwN2NkM2YwYTMxNDFhNGE2NDVkNGM1MGYyYTYwZDkxNDQxNjcyOTI2MmExMmY4ODhhYTIyZDYxMzg5NDhjIiwidGFnIjoiIn0%3D; expires=Sat, 15-Feb-2025 18:09:47 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 9126906f0fe3569d-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=74376&min_rtt=74284&rtt_var=27922&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2823&recv_bytes=1427&delivery_rate=38339&cwnd=251&unsent_bytes=0&cid=525cdf4a9a024e2c&ts=1560&x=0", cfL4;desc="?proto=TCP&rtt=6201&min_rtt=427&rtt_var=11540&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3201&recv_bytes=1154&delivery_rate=7489655&cwnd=247&unsent_bytes=0&cid=2363256819e1f99d&ts=2147&x=0"
X-Firefox-Spdy: h2
|