{"report_id":"645ae2c9-b4c7-4f2f-9a86-bcb1a76a3c85","version":6,"status":"done","tags":["phishing","microsoft","outlook"],"date":"2023-11-20T21:16:50Z","url":{"schema":"http","addr":"gtgassociates.co.tz/MONDAYAJE/4DD8KfW1YMNkL674WfLfy1toWAQh6O/8amq3mL468uBWlgZCkZhJPJfrRoWfjUzZ4M3AeebekkedTxe/ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","fqdn":"gtgassociates.co.tz","domain":"gtgassociates.co.tz","tld":"co.tz"},"ip":{"addr":"192.185.129.39","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"title":"Y97hk1d57oEVHjxjFEaqf7wMyJEHzLznGpKRPxZWifuFc"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T12:20:52Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.17.3.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":0,"first_seen":"2021-10-20 07:02:03","last_seen":"2023-11-19 21:12:47","alert_count":0,"request_count":1,"received_data":13250,"sent_data":435,"comment":"","tags":null,"fingerprints":null},{"fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-11-01","domain_rank":0,"first_seen":"2023-11-07 12:52:50","last_seen":"2023-11-20 02:43:31","alert_count":0,"request_count":11,"received_data":331974,"sent_data":8084,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msauthimages.net","ip":{"addr":"152.199.23.72","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"domain_registered":"2018-11-12","domain_rank":4795,"first_seen":"2019-08-14 20:34:06","last_seen":"2023-11-19 18:15:33","alert_count":0,"request_count":1,"received_data":78709,"sent_data":546,"comment":"","tags":null,"fingerprints":null},{"fqdn":"gtgassociates.co.tz","ip":{"addr":"192.185.129.39","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"2021-03-29","domain_rank":0,"first_seen":"2021-03-30 06:22:57","last_seen":"2023-11-20 02:43:29","alert_count":1,"request_count":1,"received_data":268,"sent_data":602,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":439,"first_seen":"2012-09-30 02:15:09","last_seen":"2023-11-19 18:12:10","alert_count":0,"request_count":1,"received_data":26134,"sent_data":467,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d1074fb6b65f4b9536871023e610d5a","sha1":"4c714779bcd18078513b46b165790086ba8dccb0","sha256":"b57f451d459d16b81d0fcacdb0c79d84f114df0ec897bcbff79d72addd7cf688","sha512":"fd0786f375bb1eed65022c9cc6a2456e975d3e07c7e562397ae1ac0a77f9021e089df0d5df80177c556d437b261921916f5c8c0fc8b00d7c1a20cacb64398c01","ssdeep":"","tlshash":"308000c0c0c0003cc00c00f0c030030c00c3c0c0c00c3000cc30c000300c300300300c","size":31,"data":"","first_seen":"2023-10-19T19:11:56Z","last_seen":"2024-08-21T04:06:21.260747Z","times_seen":26506,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/6522wNQ1sps/sc-NbG54H78DN5jerEG6RZSkKcJoWBAlAP9ZrF8JgPtoA0esh3QDLn7RBIaAiaYYvcH0cFXtEZdEoDlFwyJ","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5cf4e641bad315e58cd4a1865aeb0e7","sha1":"9fb8fb12ff85a9ae6ab8c268562b7c8223ed3b79","sha256":"afe464cdd674f9f4be654b2d4858845aa5582f3b8844b611a0e9be5114da7d1b","sha512":"7990d6caa7c07fd50b2ca9601e2e9fb0f2145fd881b4a2776e1cc6e8b742fc66e31e68877c86ae1a6deb9709ab3842847a1891204a6451ed357131b608bcedd5","ssdeep":"192:PHCmRbCCOZqV1AeZhBHAsdZXa8nE0aql84WNalyEXCXf5GKXniSftlpXB/58s2S3:59gzxnKaGKdXu9q/0AsCj3OGwD1o","tlshash":"c8e26673d31d0b7e42aa44ccacc79b4d9bc8691b1b0c0bf66e79567668cd4adbb201d0","size":31730,"data":"","first_seen":"2023-11-20T22:16:51Z","last_seen":"2023-11-20T22:16:51Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/62djWijV6Ny/jq-2I85Bp67nVLcPqC0mipJEU8Yk9I4RNzQo2N4ZHkVpL2IS2ng1ZbWQIvcWyl6Ut13x4kYcaTcknTZ8zYt","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a46fb81762396b7bf2020774a2fb4d9e","sha1":"fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7","sha256":"d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d","sha512":"40759595b05808dd911075918bdcc32fb91362019bdfca24827043b8e54116e6ebe7362050ec72182b66481f1dc8d4ec4c8942c984fd597659313d71ad60dc33","ssdeep":"1536:aLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6tv:+kn6x2xe9NK6nC6N","tlshash":"378319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:10:49Z","last_seen":"2026-05-20T20:32:30.985625Z","times_seen":61553,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoIk5rdmVvTGtzRmxxR1lyZSIpLmdldEF0dHJpYnV0ZSgiVE1DRXVvWW5DWUFxTXdXIikpKSkpO0hqeE5EcW15eVNqbVhKZ2dienljPSJIR2hLcWZCb2puYVpXaVYiOw==","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d37116766546c55f9e18db42a601c7e","sha1":"a00128424774e42a003548afdadd8a37bc0deb9c","sha256":"82547d43cbd9f2a428eed4b5fa115439b61e27d8faec7d911c4e05d82b88ab60","sha512":"95a0dbc22493d027ae27d19fb0be6f34e75b7e5ce8fa8987f20ee33dc9bb684978a60648cafd691b6f683fd665b59c3e0fa1ffb67c319c838cc61e1db6a41cd9","ssdeep":"","tlshash":"21c08c7a850372be6e3f0ad4462486de1e9c66b8a81e2e001c8ea90039dc9eb1906491","size":163,"data":"","first_seen":"2024-08-20T18:35:07.60825Z","last_seen":"2024-08-20T18:35:07.60825Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":[{"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-20T21:07:03.663249Z","times_seen":713057,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"write":[{"md5":"62fa45ac45aa8914e83bab4759a0788f","sha1":"5b910db6fb638e772f7339cab9460c7999f84d8e","sha256":"227e2b02df46fe57ca9bcaf3e949c46a27088cdfe0b92068795d8e345193258c","sha512":"72b88136c59b1ead520a894c6a41a6dfe7aec9d549f1a9900306bac76268b18645f13ea6f47c97ea48bf1d94cec312f31a4114050f80f77198da289193b6c1ae","ssdeep":"","tlshash":"2f717dbaf872a032a33b97c32192935478b150e6e57af00353ee937416ecc537547d68","size":3692,"data":"","first_seen":"2024-08-20T18:35:07.610197Z","last_seen":"2024-08-20T18:35:07.610197Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a27c88365ce7cd8f68390c4c024e29e1","sha1":"1d15a8d192608f93096ef8d9aa623c360dbb7351","sha256":"0ca2b3df8f04565300bafcd6c929a1d310d2a761ff9f8dda200f3f6cffab50ce","sha512":"1ce1d149845e13e3f312f848dcbd973d241a0815da5aa7202a2db68160a84a21e9585bc115a3020ffc995139a8a25f44c0f28f51e5f9a9099753708e937d6584","ssdeep":"","tlshash":"e671c264acf3509185cbd30cbbe0ed861be0b1a3919a5656bb4c874ec7857ec8957f02","size":3574,"data":"","first_seen":"2023-11-07T13:07:13Z","last_seen":"2024-08-20T20:33:21.268002Z","times_seen":72071,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"4705429a9448137621cad6bdc357ac64","sha1":"d329de9ce53eeef092b14166c19bfd457dc2b5d4","sha256":"1c1bc5987d3883e88e81a196d5669d41c067d8297a6a1bcce4961ec497d8489c","sha512":"15b8355fc5455fafdad23b11a35d8473a0cc6eb047e01be055421dd9ca922776ebfff175ba5ebbc7922d96177079e6acd93a99bb0c7b54291cc12381c081f7f7","ssdeep":"","tlshash":"c221d0c504464d4257f0a3748bdb620ee6ab44a30a92d3c5b09c94613f6574e9bfeeca","size":1148,"data":"","first_seen":"2024-08-20T18:35:07.611557Z","last_seen":"2024-08-20T18:35:07.611557Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"feadb418b40515ba2372aca592247983","sha1":"69508f21d2c7e5989ff088c3893441debe070ac8","sha256":"ae777d5e21ffb568b50112c9d5ea63ac5e7e8efe91eddbaa69477842e3edf015","sha512":"8e2a62c10932740a9d2351d2c65c5ddde37a33f95b6d1416c49ec10e76719837c72772ec38c607bcbfb4618ea5c37be0f6d75c0e6b55b5a20b16841b0eba8390","ssdeep":"192:4wPpOMnBWP5PbnU83fcwmVTDbUy74KuB5Ht0+OfNbd0:Z3+9bnffcwmVDUy7wdt0+Os","tlshash":"fd3290e0c8b6553783b3ecda5891672bb1ebd20dddd21d0453ec62e98fcad40b812da5","size":11328,"data":"","first_seen":"2024-08-20T18:35:07.612628Z","last_seen":"2024-08-20T18:35:07.612628Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"http","addr":"gtgassociates.co.tz/MONDAYAJE/4DD8KfW1YMNkL674WfLfy1toWAQh6O/8amq3mL468uBWlgZCkZhJPJfrRoWfjUzZ4M3AeebekkedTxe/ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","fqdn":"gtgassociates.co.tz","domain":"gtgassociates.co.tz","tld":"co.tz"},"ip":{"addr":"192.185.129.39","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-20T21:16:34.154584937Z","timestamp":1700514994154,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /MONDAYAJE/4DD8KfW1YMNkL674WfLfy1toWAQh6O/8amq3mL468uBWlgZCkZhJPJfrRoWfjUzZ4M3AeebekkedTxe/ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20= HTTP/1.1\r\nHost: gtgassociates.co.tz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nrefresh: 0;url=https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/#daldrich@havenparkmgmt.com\r\nx-content-type-options: nosniff\r\ncontent-length: 0\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Mon, 20 Nov 2023 21:16:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T21:55:54.511319Z","times_seen":15503966,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"http","addr":"cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"cdn.jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-20T21:16:36.294728741Z","timestamp":1700514996294,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.0.2\r\nx-jsd-version-type: version\r\netag: W/\"260c5-fByeBXPlzqi603M74vxjqoxo6o0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Mon, 20 Nov 2023 21:16:34 GMT\r\nage: 14038236\r\nx-served-by: cache-fra-eddf8230097-FRA, cache-bma1661-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 25360\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":25360,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65306)","md5":"abe91756d18b7cd60871a2f47c1e8192","sha1":"7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d","sha256":"7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b","sha512":"bac54101debafcda5535f0607b5f60c2cda3e896629e771ad76ac07b697e77e4242d4f5f886d363b55fc43a85ea48a6bfc460a66f2b1fc8f56b27ba326e3a604","ssdeep":"1536:d0bwW83RipVVsEBpy0cuJcf22RWb5CyVUpz600I4fM:d0bwlyVUpz600I4fM","tlshash":"09e3a3d7f581241dd4a7c259a0d1bffd052f4586e3025babb0277bb88b8a6c70963e4c","first_seen":"2023-04-05T03:16:49Z","last_seen":"2026-05-20T20:33:56.290672Z","times_seen":96768,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-20T21:16:36.378574451Z","timestamp":1700514996378,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /turnstile/v0/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 20 Nov 2023 21:16:34 GMT\r\nvary: accept-encoding\r\nlocation: /turnstile/v0/g/9914b343/api.js\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, public\r\nserver: cloudflare\r\ncf-ray: 8293b6fb5d3d712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":12961,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"947f5184241faa00f008391a78c7c49f","sha1":"82a745cfb8426300d155f168a1d0ebf465e1b4d3","sha256":"9e863c54c25e6b52b8ceb6f0bfad7e339b0ae531ba8b50b7930894c0dc2ac178","sha512":"2d09600f6e2725fd6bd6b03d8c4785f70b22906d0a9e2baa9b3236815b694f86cfe80e1b8c0543b5c90c8e12fa0dd700890463a8da9e8163db0aeaee37f0591a","ssdeep":"384:RAjsEppR3qjmerx8rjD2XeIaf2yOUVsHG:RrEzwjmerGjDCafSUam","tlshash":"3642c0b30daf7f1537f064da92f1eb271c6284e0feaa4109589d25507ecc2a48f2402e","first_seen":"2023-11-20T21:31:13Z","last_seen":"2023-11-20T22:16:51Z","times_seen":6,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/6522wNQ1sps/sc-NbG54H78DN5jerEG6RZSkKcJoWBAlAP9ZrF8JgPtoA0esh3QDLn7RBIaAiaYYvcH0cFXtEZdEoDlFwyJ","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","date":"2023-11-20T21:16:40.301Z","timestamp":1700515000301,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uaoaaiyoff.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 01 Nov 2023 20:53:49 GMT","end":"Tue, 30 Jan 2024 20:53:48 GMT"},"fingerprint":{"sha1":"57:1E:DB:48:D4:DE:5F:73:08:24:E5:CD:85:69:3C:06:64:90:3F:45","sha256":"3F:D6:87:60:D5:79:A3:05:27:E6:75:F6:56:53:49:84:ED:44:FE:82:CA:F4:40:B3:41:FA:7A:FD:80:60:55:56"}}},"request":{"raw":"GET /1b3sw/6522wNQ1sps/sc-NbG54H78DN5jerEG6RZSkKcJoWBAlAP9ZrF8JgPtoA0esh3QDLn7RBIaAiaYYvcH0cFXtEZdEoDlFwyJ HTTP/1.1\r\nHost: 0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=\r\nCookie: PHPSESSID=4jqqhlq6ve5uvadoeqklqqt01g\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:16:38 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=6C0y2wAub20MGrpwInOnIFn7V8uYIMWHgsMhoPu0aimALQUJtREHW%2BpO09css49AX3P2LELB0ZVENLD5m83SLCTRb889Aw13lIN4VNgX59fTWSoSWRUSDK1QihtVSOR0tm9GMVLqdbgPgB0u6iQTtw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b714af175691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":81983,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (9001), with CRLF line terminators","md5":"b5cf4e641bad315e58cd4a1865aeb0e7","sha1":"9fb8fb12ff85a9ae6ab8c268562b7c8223ed3b79","sha256":"afe464cdd674f9f4be654b2d4858845aa5582f3b8844b611a0e9be5114da7d1b","sha512":"7990d6caa7c07fd50b2ca9601e2e9fb0f2145fd881b4a2776e1cc6e8b742fc66e31e68877c86ae1a6deb9709ab3842847a1891204a6451ed357131b608bcedd5","ssdeep":"192:PHCmRbCCOZqV1AeZhBHAsdZXa8nE0aql84WNalyEXCXf5GKXniSftlpXB/58s2S3:59gzxnKaGKdXu9q/0AsCj3OGwD1o","tlshash":"c8e26673d31d0b7e42aa44ccacc79b4d9bc8691b1b0c0bf66e79567668cd4adbb201d0","first_seen":"2023-11-20T22:16:51Z","last_seen":"2023-11-20T22:16:51Z","times_seen":1,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/67OVhPGOQ43/e-KJBqzCpU9wvcbxR261TuG4Zj4biixWwEa5F4ljrbDXsYt8hSyXdgy7dUixha7Q9Lmtt4JUpu6FX8KrIA","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","date":"2023-11-20T21:16:40.298Z","timestamp":1700515000298,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uaoaaiyoff.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 01 Nov 2023 20:53:49 GMT","end":"Tue, 30 Jan 2024 20:53:48 GMT"},"fingerprint":{"sha1":"57:1E:DB:48:D4:DE:5F:73:08:24:E5:CD:85:69:3C:06:64:90:3F:45","sha256":"3F:D6:87:60:D5:79:A3:05:27:E6:75:F6:56:53:49:84:ED:44:FE:82:CA:F4:40:B3:41:FA:7A:FD:80:60:55:56"}}},"request":{"raw":"GET /1b3sw/67OVhPGOQ43/e-KJBqzCpU9wvcbxR261TuG4Zj4biixWwEa5F4ljrbDXsYt8hSyXdgy7dUixha7Q9Lmtt4JUpu6FX8KrIA HTTP/1.1\r\nHost: 0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=\r\nCookie: PHPSESSID=4jqqhlq6ve5uvadoeqklqqt01g\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:16:38 GMT\r\ncontent-type: image/svg+xml\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=sTy59vaAgXg07GggNAo5x3%2BWQUxcy1WSHSOgCf3844Os5pvOUpXjed5cwwyIEqMyUCJNL07PNyoMueG3kYjAHMtvIUOyvvaYKcHhr2DVpdmeLtsDfhoG6KVP3y%2FSbRwbml6qwxQjckFWXs2qs4ZITA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b714af105691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1195,"size_decoded":0,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (1223), with no line terminators","md5":"4d4431f7f2c9e77ac897947028b22b4d","sha1":"494f62f0e60b54173d774cd05f88afa128fddf41","sha256":"d4c8fcb784b4dca3f3829900966f7ccc4dcb7c78fcccd0f980391d5266906d93","sha512":"c2dca872e0628bc57731f000941427d80a384cdc75b714a181133f1904ec3f46b5494b5fadd644be4476d899b7a339d5adf3eb0382e2ab6b9e48aace59e0897a","ssdeep":"","tlshash":"","first_seen":"2023-11-20T22:16:51Z","last_seen":"2023-11-20T22:16:51Z","times_seen":1,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/6DqGHAvxfsU/fi-C79L18HZVzpy3HERRmX7pD6grmz6cO4JYXKW8bv6J7IdS3DhgegN60y65t1ieyan9rvZHqMZned3J9tP","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","date":"2023-11-20T21:16:40.893Z","timestamp":1700515000893,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uaoaaiyoff.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 01 Nov 2023 20:53:49 GMT","end":"Tue, 30 Jan 2024 20:53:48 GMT"},"fingerprint":{"sha1":"57:1E:DB:48:D4:DE:5F:73:08:24:E5:CD:85:69:3C:06:64:90:3F:45","sha256":"3F:D6:87:60:D5:79:A3:05:27:E6:75:F6:56:53:49:84:ED:44:FE:82:CA:F4:40:B3:41:FA:7A:FD:80:60:55:56"}}},"request":{"raw":"GET /1b3sw/6DqGHAvxfsU/fi-C79L18HZVzpy3HERRmX7pD6grmz6cO4JYXKW8bv6J7IdS3DhgegN60y65t1ieyan9rvZHqMZned3J9tP HTTP/1.1\r\nHost: 0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=\r\nCookie: PHPSESSID=4jqqhlq6ve5uvadoeqklqqt01g\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:16:39 GMT\r\ncontent-type: image/svg+xml\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=oZ50fOqOZvjsWk9QAHG6Vs5PIyN92vHaSBVz3QO2r4I51pa2r78VUcASbnhzZI943VrsU5F9Q%2BxY6UTHDOz%2BnQUmnEhJvTNE%2F52QwIsdWeuVE%2FXDK8jK5NwlwcE0y58TYqurljIOx9PE6Z7ucAyb8g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b7186b525691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":728,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (814), with no line terminators","md5":"73e232524704fab76162aeee539823db","sha1":"98947976e27fe3168693d6cab3faa36aeea5b104","sha256":"7ca01fb21e721c982720d96a01d36cffa09f741350ed43a2b3b78a99e685b561","sha512":"4c7f172881d9ea8af44694849215645ec8bcb8e4b45f81e7802584ab896d9c357d8d705c289020d869721604a2cccc23fdf34a89fa3ad57d56995ae7dae270de","ssdeep":"","tlshash":"","first_seen":"2023-11-20T22:16:51Z","last_seen":"2023-11-20T22:16:51Z","times_seen":1,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":238,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-20T21:16:40.170Z","timestamp":1700515000170,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uaoaaiyoff.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 01 Nov 2023 20:53:49 GMT","end":"Tue, 30 Jan 2024 20:53:48 GMT"},"fingerprint":{"sha1":"57:1E:DB:48:D4:DE:5F:73:08:24:E5:CD:85:69:3C:06:64:90:3F:45","sha256":"3F:D6:87:60:D5:79:A3:05:27:E6:75:F6:56:53:49:84:ED:44:FE:82:CA:F4:40:B3:41:FA:7A:FD:80:60:55:56"}}},"request":{"raw":"GET /1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20= HTTP/1.1\r\nHost: 0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/\r\nCookie: PHPSESSID=4jqqhlq6ve5uvadoeqklqqt01g\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:16:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=wryPE%2BbfHP44jl8KiM%2BIDJmS5VMkjTbZh%2BZZf331p%2BGPhBZLixX5suEOtdkN%2FLyOozGUOodpslxJJeOOfRyqaM%2FR06BXin%2FCQsHlYyO4D6ZMhYIXoD51HasDl5J0NVErLEV2OE8uIWIPgJAWPjt2Gw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b713ddd75691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15413,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (15413), with no line terminators","md5":"e98494ef3467064065660d440937fa0b","sha1":"e5bca2b2ab052b1ecc24c9380258e25e725cb63e","sha256":"271e8ae7ece4f13bc12e741fd8d17f5168c0ceee436e9eb42458cae8609e47c9","sha512":"707abe0198a387866c044765332f0c42d94126e1a9ccf70be384ed5f71988b3cf20d5e83c252da1957a74381f87a8e07161be69a94ff28957abea5c6bccf522a","ssdeep":"384:5pwP6ULJS3E4q3rSx1X+TM2W0dfM2gEq9JxlaGwxjdTV42RMbCYmJ46rPscaU6al:AP6ULE3/k1MDaGSx2oscwaY/3w","tlshash":"de62076aed9019d897b5fb18f27219bb3434bacc0051cc2082771edadc39635afdd228","first_seen":"2023-11-20T22:16:51Z","last_seen":"2023-11-20T22:16:51Z","times_seen":1,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/6PCdCslrTqC/si-ul891eQPIE2qPcshat3fFDgI82psWAWCh1u96pMJ6k1DPjAcO9AWZD310TD1vRBuMax5YOZAk7umX7Sr","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","date":"2023-11-20T21:16:40.299Z","timestamp":1700515000299,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uaoaaiyoff.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 01 Nov 2023 20:53:49 GMT","end":"Tue, 30 Jan 2024 20:53:48 GMT"},"fingerprint":{"sha1":"57:1E:DB:48:D4:DE:5F:73:08:24:E5:CD:85:69:3C:06:64:90:3F:45","sha256":"3F:D6:87:60:D5:79:A3:05:27:E6:75:F6:56:53:49:84:ED:44:FE:82:CA:F4:40:B3:41:FA:7A:FD:80:60:55:56"}}},"request":{"raw":"GET /1b3sw/6PCdCslrTqC/si-ul891eQPIE2qPcshat3fFDgI82psWAWCh1u96pMJ6k1DPjAcO9AWZD310TD1vRBuMax5YOZAk7umX7Sr HTTP/1.1\r\nHost: 0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=\r\nCookie: PHPSESSID=4jqqhlq6ve5uvadoeqklqqt01g\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:16:38 GMT\r\ncontent-type: image/svg+xml\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=UMfIzzSg2i4qt%2BmzJlmOGd2NwU5FvzFA2R8ou04%2B7Zez%2Fx9CHTrMssmimu%2BWM%2FiGD9KdpCXeCqiJnlOL0VAFr4fKo6tv2hJnqKpDN6hUn39jgVN3SAPxDuRbGFrIGOiMn5Fxc0%2Bp%2FQcVaIMLQsWAkA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b714af115691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2471,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (2507), with no line terminators","md5":"eaddbb8987aa4e3b6daf09839c06e1b1","sha1":"c2fcee25ef38151cd2d63e40d17c88878ad2b50e","sha256":"fa39f33bec21cf361a112bdf5d28e22f95e0a5f1f017c09afa49740dfe85599a","sha512":"2cbd733cac0076d169f2b7b1c29c84c106d212200006b59716db8f5939117295eb8f0de3b0e398d92d80cc5f31651de543f60e133ecc5c9b219276d9b695eee3","ssdeep":"","tlshash":"","first_seen":"2023-11-20T22:16:51Z","last_seen":"2023-11-20T22:16:51Z","times_seen":1,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/6JmgoWGy4Lp/lg-KRvjMq3HJIjxSw06KhOqaoh508woKfHLXOW7k3tJ9fZMACNYTW6MAhbYedzdBOhsqWKvyVw7valAC462","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","date":"2023-11-20T21:16:40.297Z","timestamp":1700515000297,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uaoaaiyoff.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 01 Nov 2023 20:53:49 GMT","end":"Tue, 30 Jan 2024 20:53:48 GMT"},"fingerprint":{"sha1":"57:1E:DB:48:D4:DE:5F:73:08:24:E5:CD:85:69:3C:06:64:90:3F:45","sha256":"3F:D6:87:60:D5:79:A3:05:27:E6:75:F6:56:53:49:84:ED:44:FE:82:CA:F4:40:B3:41:FA:7A:FD:80:60:55:56"}}},"request":{"raw":"GET /1b3sw/6JmgoWGy4Lp/lg-KRvjMq3HJIjxSw06KhOqaoh508woKfHLXOW7k3tJ9fZMACNYTW6MAhbYedzdBOhsqWKvyVw7valAC462 HTTP/1.1\r\nHost: 0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=\r\nCookie: PHPSESSID=4jqqhlq6ve5uvadoeqklqqt01g\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:16:38 GMT\r\ncontent-type: image/svg+xml\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=4iKRnXYzsodeWO1maU2scNHxYaBnxOMhlzGlIsgPrBUwfBVfds9UdVbSlmDj%2FmZWgI9ZmrLhdfb%2BGriGA6fYrQ0qqvsSW8Mj5pz4YhufI2u5%2Fb5TLq%2FOnEEY4XdnGc2ohVjTtRFuhpRq7HDAXdi6yA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b714af0b5691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5747,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , Unicode text, UTF-8 text, with very long lines (5880), with no line terminators","md5":"210701b7ed23f6c688db552c52354aa4","sha1":"81c87826621e983176e10a519e632e58efa73068","sha256":"452aa9feda2171aabf287bdd3a84e8a64d6583cc464ea6472b985be92ba77bb5","sha512":"2c789fbfa26196474a73974c3121fce94e481c78969a92fd7e6fa80dea107e26398b0b0da1703a05e358ca19a6a2e6918dfe306052709704abe00a039682434e","ssdeep":"","tlshash":"","first_seen":"2023-11-20T22:16:51Z","last_seen":"2023-11-20T22:16:51Z","times_seen":1,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/6A9GFlwaeQa/bg-5a0UMkzM2qhrakqS761dffY8mKmJwKLI40bMjIbuoXbGoSmpIr9xesiDoZ8CZUQRP5LIAOXMYkiKOMIQ","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","date":"2023-11-20T21:16:40.667Z","timestamp":1700515000667,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uaoaaiyoff.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 01 Nov 2023 20:53:49 GMT","end":"Tue, 30 Jan 2024 20:53:48 GMT"},"fingerprint":{"sha1":"57:1E:DB:48:D4:DE:5F:73:08:24:E5:CD:85:69:3C:06:64:90:3F:45","sha256":"3F:D6:87:60:D5:79:A3:05:27:E6:75:F6:56:53:49:84:ED:44:FE:82:CA:F4:40:B3:41:FA:7A:FD:80:60:55:56"}}},"request":{"raw":"GET /1b3sw/6A9GFlwaeQa/bg-5a0UMkzM2qhrakqS761dffY8mKmJwKLI40bMjIbuoXbGoSmpIr9xesiDoZ8CZUQRP5LIAOXMYkiKOMIQ HTTP/1.1\r\nHost: 0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=\r\nCookie: PHPSESSID=4jqqhlq6ve5uvadoeqklqqt01g\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:16:38 GMT\r\ncontent-type: image/svg+xml\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=jm5FsgjIrpVbULhpcWXfkxC66%2F6ENpkiqwpOIblmfIeOjhK50hm97Oy8bwt3e8g1WnOI7y3dMtRLh7%2FM6h6T0FCmH9znNNgvsI0LVeaiglSWHotCMHvFIyFS4t%2FfEoBBQUvU%2BJyFxOzz45V7UUXkFQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b716f9d25691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16500,"size_decoded":0,"mime_type":"image/svg+xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T21:55:54.511319Z","times_seen":15503966,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/65xsDMuONym/st-4qnakfdIuM7py2XYbDH1cMhM0xILhgInuoT1He1lHixIWyaFlcS606Pv93LXb37SFWvl6Ce4vKEEMWUb","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","date":"2023-11-20T21:16:40.292Z","timestamp":1700515000292,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uaoaaiyoff.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 01 Nov 2023 20:53:49 GMT","end":"Tue, 30 Jan 2024 20:53:48 GMT"},"fingerprint":{"sha1":"57:1E:DB:48:D4:DE:5F:73:08:24:E5:CD:85:69:3C:06:64:90:3F:45","sha256":"3F:D6:87:60:D5:79:A3:05:27:E6:75:F6:56:53:49:84:ED:44:FE:82:CA:F4:40:B3:41:FA:7A:FD:80:60:55:56"}}},"request":{"raw":"GET /1b3sw/65xsDMuONym/st-4qnakfdIuM7py2XYbDH1cMhM0xILhgInuoT1He1lHixIWyaFlcS606Pv93LXb37SFWvl6Ce4vKEEMWUb HTTP/1.1\r\nHost: 0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=\r\nCookie: PHPSESSID=4jqqhlq6ve5uvadoeqklqqt01g\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:16:38 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=CuLh1284ats5pbVgUEUc8sI16pd0%2BWBXQ6F8mZZ3Is1wzJX%2BRM%2F%2FUZiC%2BNBfivMxYcmxf4uWoA4KCr5aRf83PeUnS5%2BybikPjxnLFAAUcfDkD4orfmBb%2FtmWHASHz4cItm%2BkPrz1Rf0vI1yVTEdnSA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b7149f025691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":96562,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"11f4f8cae1bfb32cab3fd4b72155779c","sha1":"dd9a1accfa0a82218d305302ebc80addbc5e5e2c","sha256":"8211bcfd34ea82e461a36eb0b6f6291d2d7af35461f7a3fda85a3d0526e94f99","sha512":"3523498071d3e86210af12ce1ae568e9cdc3b7e6a07ae2e8a9e1e3aaa382a61c41feac19b7e0a3e71abb5566d5588a2cdb4a42177ed0e442a0c75efa15c70e09","ssdeep":"1536:kUBtw+kraazA/PWrF7qvEAFiQcpm9t9Rw/5x:k7kJw/j","tlshash":"4593b6d059203c259037873561c1bd8b66216502f637babff6222db9cf9968b0f31f89","first_seen":"2023-11-20T22:16:51Z","last_seen":"2023-11-20T22:16:51Z","times_seen":1,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/6jy4hEcS55x/bg-W705fVqe9a5Hqk1NiBqnSiMqXrqs76rKvhdo0s4SxUk66lYA9QboVO90KhCpIM4AcK7wq93K6UA19gP9","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","date":"2023-11-20T21:16:40.665Z","timestamp":1700515000665,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uaoaaiyoff.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 01 Nov 2023 20:53:49 GMT","end":"Tue, 30 Jan 2024 20:53:48 GMT"},"fingerprint":{"sha1":"57:1E:DB:48:D4:DE:5F:73:08:24:E5:CD:85:69:3C:06:64:90:3F:45","sha256":"3F:D6:87:60:D5:79:A3:05:27:E6:75:F6:56:53:49:84:ED:44:FE:82:CA:F4:40:B3:41:FA:7A:FD:80:60:55:56"}}},"request":{"raw":"GET /1b3sw/6jy4hEcS55x/bg-W705fVqe9a5Hqk1NiBqnSiMqXrqs76rKvhdo0s4SxUk66lYA9QboVO90KhCpIM4AcK7wq93K6UA19gP9 HTTP/1.1\r\nHost: 0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=\r\nCookie: PHPSESSID=4jqqhlq6ve5uvadoeqklqqt01g\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:16:38 GMT\r\ncontent-type: image/svg+xml\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=IVOA4exGbq%2BkQwYNaJaq%2BO7Wz1EKbv0WD32W8xpMqv86%2Friwk7Ei3RSUimXoNn80LuOh9mKI4bRG8B8HQvFmKP0Lqu4qFcgx1TZU3LG9ORg3%2Bqk82l5kkY6pX5sOb7qqo021xuI6piO3jgV8kBv4bQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b716f9d15691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16500,"size_decoded":0,"mime_type":"image/svg+xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T21:55:54.511319Z","times_seen":15503966,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauthimages.net/dbd5a2dd-uoqjhttblonxuhg7zatwokljqveqvandon4te9zwmgm/logintenantbranding/0/illustration?ts=637438387445131712","fqdn":"aadcdn.msauthimages.net","domain":"msauthimages.net","tld":"net"},"ip":{"addr":"152.199.23.72","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","date":"2023-11-20T21:16:41.132Z","timestamp":1700515001132,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msauthimages.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure TLS Issuing CA 02","organization":"Microsoft Corporation"},"validity":{"start":"Wed, 08 Mar 2023 11:16:34 GMT","end":"Sat, 02 Mar 2024 11:16:34 GMT"},"fingerprint":{"sha1":"6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D","sha256":"E5:FB:43:84:42:E5:D9:D8:29:91:B4:27:99:47:7F:D1:AD:4E:11:B8:F5:ED:1C:AB:BC:FB:75:9F:B0:41:53:98"}}},"request":{"raw":"GET /dbd5a2dd-uoqjhttblonxuhg7zatwokljqveqvandon4te9zwmgm/logintenantbranding/0/illustration?ts=637438387445131712 HTTP/1.1\r\nHost: aadcdn.msauthimages.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding\r\ncache-control: public, max-age=86400\r\ncontent-md5: A4mLzPf6QXG2SqZUi/vi9g==\r\ncontent-type: image/*\r\ndate: Mon, 20 Nov 2023 21:16:39 GMT\r\netag: 0x8D8A2D60A03D4D7\r\nlast-modified: Thu, 17 Dec 2020 21:52:24 GMT\r\nserver: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: 17add730-201e-0046-70f6-1b7765000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 78090\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":78090,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 972, 8-bit/color RGBA, non-interlaced\\012- data","md5":"03898bccf7fa4171b64aa6548bfbe2f6","sha1":"826d368716e785a5ef1bea4ebd4ad385ce2d01cb","sha256":"88269571b0c8ad6f1b8a2daa3ef0e7dff4944227e58558708fdde17b8dcd38d5","sha512":"2f9cd2bfda99971f8994f80d6c69c35531c357d6d07bc40ab44ec904993d8411151ffc2b58df15acdb102391aa934e64f3fc16427b0fdb2e73d9f9bf3b29a381","ssdeep":"1536:edqHjAHMfz7IBMvTGTjlVyDM8RvcgRzClMumS2vceCOJIVT2f4rx:JHksfzEBg6nkUKzClMF8lVT7","tlshash":"7a73d088b721491ae21cb63f82d38925b3e51e6848dca3170f7bf18d2d90a7e8d465c6","first_seen":"2023-06-12T21:25:21Z","last_seen":"2024-08-21T08:30:57.623696Z","times_seen":32,"resource_available":false,"data":null}},"time_used":761,"timings":{"blocked":27,"dns":2,"connect":7,"send":0,"wait":696,"receive":12,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/62djWijV6Ny/jq-2I85Bp67nVLcPqC0mipJEU8Yk9I4RNzQo2N4ZHkVpL2IS2ng1ZbWQIvcWyl6Ut13x4kYcaTcknTZ8zYt","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","date":"2023-11-20T21:16:40.295Z","timestamp":1700515000295,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uaoaaiyoff.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 01 Nov 2023 20:53:49 GMT","end":"Tue, 30 Jan 2024 20:53:48 GMT"},"fingerprint":{"sha1":"57:1E:DB:48:D4:DE:5F:73:08:24:E5:CD:85:69:3C:06:64:90:3F:45","sha256":"3F:D6:87:60:D5:79:A3:05:27:E6:75:F6:56:53:49:84:ED:44:FE:82:CA:F4:40:B3:41:FA:7A:FD:80:60:55:56"}}},"request":{"raw":"GET /1b3sw/62djWijV6Ny/jq-2I85Bp67nVLcPqC0mipJEU8Yk9I4RNzQo2N4ZHkVpL2IS2ng1ZbWQIvcWyl6Ut13x4kYcaTcknTZ8zYt HTTP/1.1\r\nHost: 0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=\r\nCookie: PHPSESSID=4jqqhlq6ve5uvadoeqklqqt01g\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:16:38 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=BhQ1qkiZJZRk8w9SnPcdcr8CPvpLW6nXB72Dnn11cFWdnfGCXANPGe4%2FfMfBT9VYF7aUMvMCSdn8RHMUajLGTJOCMTf4BMvej35kpD6%2FuVSful9pTzWlc973Qzvv%2BS7wmz4M1dxrn2qzNX7rjKZR7w%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b7149f075691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86927,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65450), with CRLF line terminators","md5":"a46fb81762396b7bf2020774a2fb4d9e","sha1":"fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7","sha256":"d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d","sha512":"40759595b05808dd911075918bdcc32fb91362019bdfca24827043b8e54116e6ebe7362050ec72182b66481f1dc8d4ec4c8942c984fd597659313d71ad60dc33","ssdeep":"1536:aLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6tv:+kn6x2xe9NK6nC6N","tlshash":"378319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:10:49Z","last_seen":"2026-05-20T20:32:30.985625Z","times_seen":61553,"resource_available":true,"data":null}},"time_used":328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/3qivrzRDwxFKBtyiMY9jGDxXVJ","fqdn":"0jgvx94smaw1iz2.uaoaaiyoff.ru","domain":"uaoaaiyoff.ru","tld":"ru"},"ip":{"addr":"172.67.214.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=","date":"2023-11-20T21:16:40.756Z","timestamp":1700515000756,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uaoaaiyoff.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 01 Nov 2023 20:53:49 GMT","end":"Tue, 30 Jan 2024 20:53:48 GMT"},"fingerprint":{"sha1":"57:1E:DB:48:D4:DE:5F:73:08:24:E5:CD:85:69:3C:06:64:90:3F:45","sha256":"3F:D6:87:60:D5:79:A3:05:27:E6:75:F6:56:53:49:84:ED:44:FE:82:CA:F4:40:B3:41:FA:7A:FD:80:60:55:56"}}},"request":{"raw":"POST /1b3sw/3qivrzRDwxFKBtyiMY9jGDxXVJ HTTP/1.1\r\nHost: 0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 41\r\nOrigin: https://0jgvx94smaw1iz2.uaoaaiyoff.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0jgvx94smaw1iz2.uaoaaiyoff.ru/1b3sw/0QLRDKyE4lRyKLkXk8nns9z5EA9O2mRIdtMPWBlfhCNWRz9DtEMcfHUhCwIzreDPvJHGubWHob6S2Z9f2MlYDjyUqD5?id=ZGFsZHJpY2hAaGF2ZW5wYXJrbWdtdC5jb20=\r\nCookie: PHPSESSID=4jqqhlq6ve5uvadoeqklqqt01g\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:16:39 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=ONF9in3pMyXNaKj1dSs%2Fu1aEgWftU3a%2FO%2Bc0TjBmW3zRfy3Sn0UZKG1AYzWxZoOUT2YMGq%2BT5VVwEWnkV5aSqfGD%2FoOYV%2FNEGf2ojYt6oniozaTIMIZPgDL3bVsphafApqQO5XTvjaurcVnpxKtWbg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b7178a7b5691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":220,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"c390ebdea3798e696a9750b329937059","sha1":"41f70f9055c5d3914612fe52d17c1d14144f6838","sha256":"4a06a05a755b8bdd3c827f10967d941d0272983d2adffeb5c1c334610f59bd33","sha512":"586aa53d40e864d6fd7c26994c72a4cc070107dae8846c3395a521d6046a1462950a5bd91ca0391be2b437dfc2f368736987fc87e46d570343b65f9598a0a023","ssdeep":"","tlshash":"bdd097aaca25e0017041608e10763da8869e3007d882effbb3398320c7990b235e7258","first_seen":"2023-07-20T16:44:16Z","last_seen":"2023-11-20T22:16:51Z","times_seen":6,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":367,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}