moob.financial/email/verification/z6p5aw/c2Jyb3duQGJveWRqb25lcy5iaXo=
66.29.130.45 0 B URL moob.financial/email/verification/z6p5aw/c2Jyb3duQGJveWRqb25lcy5iaXo=
IP 66.29.130.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
fortinet Phishing
GET /email/verification/z6p5aw/c2Jyb3duQGJveWRqb25lcy5iaXo= HTTP/1.1
Host: moob.financial
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 10 May 2023 15:57:10 GMT
Server: Apache
refresh: 0;url=https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7c53605f2d1b0b31
104.21.81.197 42 B URL jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7c53605f2d1b0b31
IP 104.21.81.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7c53605f2d1b0b31 HTTP/1.1
Host: jglnawygym6446e5fab58c5.dofiles.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 10 May 2023 15:57:11 GMT
content-type: image/gif
content-length: 42
last-modified: Fri, 28 Apr 2023 14:11:18 GMT
etag: "644bd406-2a"
server: cloudflare
cf-ray: 7c53605ffee0b500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Wed, 10 May 2023 17:57:11 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
challenges.cloudflare.com/turnstile/v0/b/3ad47aec/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 123 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/b/3ad47aec/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:443
Requested by https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (15754)
Size 123 kB (122909 bytes)
Hash 012921f5f9c5d1d44a5d0da2dfb1421b
1a495bc52d7cf99f125ffda0997a5c62ce4342ab
f2bc49dd58e7da098cbc217fa61f96755db19ce582d852d16176b0ae9eec1a65
GET /turnstile/v0/b/3ad47aec/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jglnawygym6446e5fab58c5.dofiles.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 10 May 2023 15:57:11 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c536060b8590b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/challenge-platform/h/b/pat/7c53605f2d1b0b31/1683734231268/d416f23bb33441f6c2f4f8f7bb9df5c0cf0663e15b60907e4558be9904415ef4/gZV3jG97rYKHKW3
104.21.81.197401 Unauthorized 1.1 kB URL GET HTTP/3 jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/challenge-platform/h/b/pat/7c53605f2d1b0b31/1683734231268/d416f23bb33441f6c2f4f8f7bb9df5c0cf0663e15b60907e4558be9904415ef4/gZV3jG97rYKHKW3
IP 104.21.81.197:443
Requested by https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
Certificate IssuerLet's Encrypt
Subjectdofiles.ru
FingerprintE2:F0:FD:C8:CB:ED:3C:D5:8B:BE:37:46:97:2A:D6:4E:E3:D5:62:04
ValidityMon, 24 Apr 2023 08:28:21 GMT - Sun, 23 Jul 2023 08:28:20 GMT
File type ASCII text, with very long lines (1093), with no line terminators
Hash 2622f7f4553603ffa08cd6b6287dcc4c
145691c763174992a0adcaadf4bda8e01de3212a
99dd980e198d6308ef5c51e056fd3f83e0c09d676b7e08efadfa601263354869
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/b/pat/7c53605f2d1b0b31/1683734231268/d416f23bb33441f6c2f4f8f7bb9df5c0cf0663e15b60907e4558be9904415ef4/gZV3jG97rYKHKW3 HTTP/1.1
Host: jglnawygym6446e5fab58c5.dofiles.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Wed, 10 May 2023 15:57:11 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g1BbyO7M0QfbC9Pj3u531wM8GY-FbYJB-RVi-mQRBXvQAImpnbG5hd3lneW02NDQ2ZTVmYWI1OGM1LmRvZmlsZXMucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA4rsahmFFVx2QGy_ap9QoeqGO_4LxWlFPbUODzU9Bo98w9mAJ4v4SezAZlSzuxZ-whSKnBsLI3W5_Ffqa5QZq-iwBI1406WdT_zTiNPDh2mFkXG_Im_OGmdqx5iLiI7Fuvm_js7sFgoX4L1MP7saxCY9qsWQ9-EaZmth2qzK0kjGxqoLmOUkCHHBEHpL31alMgPXC9Ww_OcA9ZXMUHyOOuAlOKZzqGmlDmPboz3OwCbKYt1cZ1V9FMz6IsOnZQp8OuYjAy44mpD1HmcYG3Zrn5YVxNqabY20_Wq5phFYl1453MSJlA6LedzIL9g40P14VWOgORWCdVGb0V6icMjuT5QIDAQAB, max-age=20
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkZ1moKQ%2FMugzveR3h7gJzYce3fonBG5XJksJ2ED3939E%2BFoKPCJhF3rY7Q37mF6s9kXVCeQ2oR16cgFgfV3OgRkUMZQxrfSLB8UAPWyKPMqm9TgtSPsYelY2nYLRRnoi1gbbaQyfpJ%2FfnrZzQlRqlTJ9H7v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c5360642dbeb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/challenge-platform/h/b/img/7c53605f2d1b0b31/1683734231258/nCmbWKNUkga2od6
104.21.81.197200 OK 61 B URL GET HTTP/3 jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/challenge-platform/h/b/img/7c53605f2d1b0b31/1683734231258/nCmbWKNUkga2od6
IP 104.21.81.197:443
Requested by https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
Certificate IssuerLet's Encrypt
Subjectdofiles.ru
FingerprintE2:F0:FD:C8:CB:ED:3C:D5:8B:BE:37:46:97:2A:D6:4E:E3:D5:62:04
ValidityMon, 24 Apr 2023 08:28:21 GMT - Sun, 23 Jul 2023 08:28:20 GMT
File type PNG image data, 10 x 9, 8-bit/color RGB, non-interlaced\012- data
Hash bc6a8329cf24d2cfe99a31987cea9fea
5e0dd8911a72b6866f470a848ba69f996af56db1
710270d1344b70c1c007f750ba63f4f9902df4bf9ae35e287a472699fde2e830
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/b/img/7c53605f2d1b0b31/1683734231258/nCmbWKNUkga2od6 HTTP/1.1
Host: jglnawygym6446e5fab58c5.dofiles.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 10 May 2023 15:57:11 GMT
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zzvPNl8AiDI%2Flk9ozyKMNeLF%2FZPgj5hBkNnp1iBOqdnehd%2FZGeqsUtlREbv%2FNV9YJ91GBMChM3L5oUNePMLvweq8i1bP0tANe3FpVh%2F%2BJj%2F%2F3SWv%2BuqGh9kQFD%2F81AOjrEVr7NwZvGaTRbXnXKvw5M415Dd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c536063acd4b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/950850125:1683731432:2rfj8wL0cgEaWH1Y_oLedN3t8zxfBbl-wUqqZKvYPH4/7c53605f2d1b0b31/7955f630470c8fa
104.21.81.197200 OK 7.8 kB URL POST HTTP/3 jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/950850125:1683731432:2rfj8wL0cgEaWH1Y_oLedN3t8zxfBbl-wUqqZKvYPH4/7c53605f2d1b0b31/7955f630470c8fa
IP 104.21.81.197:443
Requested by https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
Certificate IssuerLet's Encrypt
Subjectdofiles.ru
FingerprintE2:F0:FD:C8:CB:ED:3C:D5:8B:BE:37:46:97:2A:D6:4E:E3:D5:62:04
ValidityMon, 24 Apr 2023 08:28:21 GMT - Sun, 23 Jul 2023 08:28:20 GMT
File type ASCII text, with very long lines (7760), with no line terminators
Hash 873e9e1bdbb7441f92b832861965032a
da0c97f3409435b9487efd1ad8cc79741827509b
c9db961ac87dd6977f9ba8ea4bdc76378098ef62af5d034a4b7c4d9adcf64617
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/950850125:1683731432:2rfj8wL0cgEaWH1Y_oLedN3t8zxfBbl-wUqqZKvYPH4/7c53605f2d1b0b31/7955f630470c8fa HTTP/1.1
Host: jglnawygym6446e5fab58c5.dofiles.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
Content-type: application/x-www-form-urlencoded
CF-Challenge: 7955f630470c8fa
Content-Length: 16896
Origin: https://jglnawygym6446e5fab58c5.dofiles.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 10 May 2023 15:57:13 GMT
content-type: text/plain; charset=UTF-8
cf_chl_gen: KkMzMBaVuhoVPtNZN87Lg9NpqrItOSw6mFnzRu+El7II92Gc143WrjeeyC361JMW$e2K/lajcbiOcid6WbH2AMA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5DNOcWMoH9USXcq9U0MjYj4DRvtVqSq%2FWcDAujFNOM2qTKOWjiLsroy%2FDm%2B8jqLJF9UgcQQTHWYb%2FFkeNYSKMAzmh87SUc6oqupluXGqJSGU1Q0yyvFKJhyfU%2FjhefqKOC3583F80Kpx7xVhZ7cWsJzGRI5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c53606cbba6b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7c53606d2d441c0a/1683734233467/b537bc9779f6284f8d1ac05472e3d1b4c5997fdeffefd3e7d1549a639f868a36/o_rh2phiFGl8lQA
104.18.6.185401 Unauthorized 1 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7c53606d2d441c0a/1683734233467/b537bc9779f6284f8d1ac05472e3d1b4c5997fdeffefd3e7d1549a639f868a36/o_rh2phiFGl8lQA
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tv64u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type very short file (no magic)
Hash ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/7c53606d2d441c0a/1683734233467/b537bc9779f6284f8d1ac05472e3d1b4c5997fdeffefd3e7d1549a639f868a36/o_rh2phiFGl8lQA HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tv64u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Wed, 10 May 2023 15:57:15 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gtTe8l3n2KE-NGsBUcuPRtMWZf97_79Pn0VSaY5-GijYAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA4rsahmFFVx2QGy_ap9QoeqGO_4LxWlFPbUODzU9Bo98w9mAJ4v4SezAZlSzuxZ-whSKnBsLI3W5_Ffqa5QZq-iwBI1406WdT_zTiNPDh2mFkXG_Im_OGmdqx5iLiI7Fuvm_js7sFgoX4L1MP7saxCY9qsWQ9-EaZmth2qzK0kjGxqoLmOUkCHHBEHpL31alMgPXC9Ww_OcA9ZXMUHyOOuAlOKZzqGmlDmPboz3OwCbKYt1cZ1V9FMz6IsOnZQp8OuYjAy44mpD1HmcYG3Zrn5YVxNqabY20_Wq5phFYl1453MSJlA6LedzIL9g40P14VWOgORWCdVGb0V6icMjuT5QIDAQAB, max-age=20
server: cloudflare
cf-ray: 7c536078e9f91c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/718773158:1683731494:q3qvdkYr81z1dvhEwxzfvmx6CyPHAT7nI-pzSCPAfWM/7c53606d2d441c0a/3b6681dba168c17
104.18.6.185200 OK 13 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/718773158:1683731494:q3qvdkYr81z1dvhEwxzfvmx6CyPHAT7nI-pzSCPAfWM/7c53606d2d441c0a/3b6681dba168c17
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tv64u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (13208), with no line terminators
Hash 796569de8f86f37e99a51e31a24d7a69
4b93fe98b1da36cc5b565e17eca044474bd611c7
619be26ad826e287fbce4a7d5875028f8f9d0d23848b9a9f0b8afb56cbfa9184
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/718773158:1683731494:q3qvdkYr81z1dvhEwxzfvmx6CyPHAT7nI-pzSCPAfWM/7c53606d2d441c0a/3b6681dba168c17 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tv64u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3b6681dba168c17
Content-Length: 17424
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 10 May 2023 15:57:15 GMT
content-type: text/plain; charset=UTF-8
cf_chl_gen: QVkq0LDy9+qt5/Hc4dYbQSHr2Dfoys+Z2wW2RATalP+r4HAlkYMH24qMfOS21rFM$zq2r4Led16td89JK4cuNLw==
server: cloudflare
cf-ray: 7c5360799ac01c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
jglnawygym6446e5fab58c5.dofiles.ru/favicon.ico
104.21.81.197403 Forbidden 7.0 kB URL GET HTTP/3 jglnawygym6446e5fab58c5.dofiles.ru/favicon.ico
IP 104.21.81.197:443
Requested by https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
Certificate IssuerLet's Encrypt
Subjectdofiles.ru
FingerprintE2:F0:FD:C8:CB:ED:3C:D5:8B:BE:37:46:97:2A:D6:4E:E3:D5:62:04
ValidityMon, 24 Apr 2023 08:28:21 GMT - Sun, 23 Jul 2023 08:28:20 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7178), with no line terminators
Hash fcdd687bc9bb20adb53525843d45aa99
3cd0a1bc95dd8ad839e5cc1eedf5a3138dab5983
449c09096710fadd29085294e330c49d179f0af1c7e8ff25f69c179d1f25c4ed
GET /favicon.ico HTTP/1.1
Host: jglnawygym6446e5fab58c5.dofiles.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 10 May 2023 15:57:11 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkoNAGvu4ga2J553SCbNIhCQiRIAufWVcEC%2FdaCgk49h5kVfgTHMQSBjNYLolpouOfD7KNAVWob1on6Iem09ZZFlx1AMHtHDY6TxdoxgEE9agitqASz7GXPOUd9EUbMqTuJewONX4jTllaU4elWCBXgiNsC6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5360604f50b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
jglnawygym6446e5fab58c5.dofiles.ru/favicon.ico
104.21.81.197403 Forbidden 7.0 kB URL GET HTTP/3 jglnawygym6446e5fab58c5.dofiles.ru/favicon.ico
IP 104.21.81.197:443
Requested by https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
Certificate IssuerLet's Encrypt
Subjectdofiles.ru
FingerprintE2:F0:FD:C8:CB:ED:3C:D5:8B:BE:37:46:97:2A:D6:4E:E3:D5:62:04
ValidityMon, 24 Apr 2023 08:28:21 GMT - Sun, 23 Jul 2023 08:28:20 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7200), with no line terminators
Hash b91c6b58ddf6ded11d959ccf08e02270
e0abbfa24c2d2060ffbe819a9c5579da64351692
19234503d3bf460d13d0475a1cf301bc9541dceadaa671c19f97622fb534d744
GET /favicon.ico HTTP/1.1
Host: jglnawygym6446e5fab58c5.dofiles.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 10 May 2023 15:57:11 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhGs9DOADjoDcpiuPo3cEK33bJx3SpFJyNGDcFbPMMPlaO6vHw%2BLS02u%2FOzUwtz%2FxwSqIrezu32GbneI3cvFg%2FaQlfTFOYhowzMAKo2MwQcMS6UFKV0ueIVhvN8ZeA8Vj5sYMCL7iDmn7DI%2F6VdV5DfvV76E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5360608fb9b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7c53605f2d1b0b31
104.21.81.197200 OK 150 kB URL GET HTTP/3 jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7c53605f2d1b0b31
IP 104.21.81.197:443
Requested by https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
Certificate IssuerLet's Encrypt
Subjectdofiles.ru
FingerprintE2:F0:FD:C8:CB:ED:3C:D5:8B:BE:37:46:97:2A:D6:4E:E3:D5:62:04
ValidityMon, 24 Apr 2023 08:28:21 GMT - Sun, 23 Jul 2023 08:28:20 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (149571 bytes)
Hash bfc63a613e45a073dd9ac62550220ba3
8cfbccb946341e656f40e7b1e07c8d4629b0db0f
cef255d70f2bcb32600b0f8bcc9f9cd5767e1c8e6d598cc5cba0a8b9fee9dd67
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7c53605f2d1b0b31 HTTP/1.1
Host: jglnawygym6446e5fab58c5.dofiles.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz?__cf_chl_rt_tk=4E4mwMbQ2OwRrwo_bYbcGLO7Qruiqz8at1VvnIzH8g0-1683734230-0-gaNycGzNDXs
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 10 May 2023 15:57:11 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsJ%2BksHf7%2B1CxPE6gCaWXmuYrYP3KeD4WGQPW%2BA3wNc59F1B3o0N4jE5AdKYUXpABGFQU57a%2F13KUGeyOY7x%2BI1n8Wd%2BSNBUZeFJ5SRzxLaAIGrP5xFPnrBUbB7kX5hw%2BB7zk9%2BkcoJ13%2Fq94YUrmUXt6g4r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c5360600f03b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/950850125:1683731432:2rfj8wL0cgEaWH1Y_oLedN3t8zxfBbl-wUqqZKvYPH4/7c53605f2d1b0b31/7955f630470c8fa
104.21.81.197200 OK 146 kB URL POST HTTP/3 jglnawygym6446e5fab58c5.dofiles.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/950850125:1683731432:2rfj8wL0cgEaWH1Y_oLedN3t8zxfBbl-wUqqZKvYPH4/7c53605f2d1b0b31/7955f630470c8fa
IP 104.21.81.197:443
Requested by https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
Certificate IssuerLet's Encrypt
Subjectdofiles.ru
FingerprintE2:F0:FD:C8:CB:ED:3C:D5:8B:BE:37:46:97:2A:D6:4E:E3:D5:62:04
ValidityMon, 24 Apr 2023 08:28:21 GMT - Sun, 23 Jul 2023 08:28:20 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 146 kB (146216 bytes)
Hash 16fa2ceecf543900762bdf302377ccd0
ea71d0f43962bbde4cf68e90f368db207fa352c0
d43fc8158c83d3efed5467d9f1e3890fca2c147d6f52e8aa6a2715399e796f43
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/950850125:1683731432:2rfj8wL0cgEaWH1Y_oLedN3t8zxfBbl-wUqqZKvYPH4/7c53605f2d1b0b31/7955f630470c8fa HTTP/1.1
Host: jglnawygym6446e5fab58c5.dofiles.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jglnawygym6446e5fab58c5.dofiles.ru/Msbrown@boydjones.biz
Content-type: application/x-www-form-urlencoded
CF-Challenge: 7955f630470c8fa
Content-Length: 1849
Origin: https://jglnawygym6446e5fab58c5.dofiles.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 10 May 2023 15:57:11 GMT
content-type: text/plain; charset=UTF-8
cf_chl_gen: k60mlwBWZkgYrGOqWSASrs2I++lb4auK53pNjFbMDg3HFJRbyuhi8Gi292c2FxyeM4KMg3DE/dANX1oMPP2juD8PoIuI0eYCFgFVMcJkiB+fkwMxPKRz0/mDryx+vd9PTdg3N2KdYir0xYe+e55GBi3/+vcmuoZrryrZsJJ7uKlZmyZVDyBpG7UmYw5/PNprd5fZErlMwb/BEBZy6VN45sBLqGlvYEGYnrBp12Hydw+Bh45tZKmOzRMVQQPnydEKCgxwRjTbzCzTLMdcmPFy6CJqnAe7UQMaXvyEP1CyF7JMH/bAalZL+RnDwicVmzlgojpeBxSNsycXiwNCt7jMrEPw6OC9/+T0xakOD8K19WhtPCFeSVy3Tmfh1RMcLlhz+13edkXVo0lSEY+Sbgy2+u3o/Ct41t++XrDkrqHkzL0td41OaaO/xzbBuS/KW0N7xNaKQPg25ls5Dba6Di5cQw==$HsvvWhiNUJ/71arIyhD+2w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKV8irngakchDfbu3FH8cEdfQTPMJX73zqws%2FzpgSYKRaoagkbYc%2BwrJN%2B%2F%2FfiPPmiNTVbg8nWZqcXp8r%2Ffcg2g4jSnNeCPQlNXaWyxpfr5OfoRjloS%2BrK0cc0V%2Bi1Ni3oKVv1JH9%2Ffee5xtFAPVNg15xj5P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c53606148c1b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400