{"report_id":"6808658e-228d-4fbf-a952-28f2d663be6d","version":6,"status":"done","tags":["microsoft","phishing"],"date":"2024-04-16T09:58:10Z","url":{"schema":"http","addr":"t5.emails.virginatlantic.com/r/?id=h1156f0e5,23add98e,23ade7cf\u0026p1=Vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t","fqdn":"t5.emails.virginatlantic.com","domain":"virginatlantic.com","tld":"com"},"ip":{"addr":"52.19.118.92","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"final":{"url":{"schema":"https","addr":"vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t","fqdn":"vermilionenergy.btuijkoi.com","domain":"btuijkoi.com","tld":"com"},"title":"on"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T20:03:20Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"t5.emails.virginatlantic.com","ip":{"addr":"52.19.118.92","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"1998-10-22","domain_rank":0,"first_seen":"2023-10-21 11:40:30","last_seen":"2024-03-03 20:14:37","alert_count":1,"request_count":1,"received_data":671,"sent_data":589,"comment":"","tags":null,"fingerprints":null},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":0,"first_seen":"2021-10-20 07:02:03","last_seen":"2024-04-15 08:04:48","alert_count":0,"request_count":2,"received_data":41347,"sent_data":913,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21 19:28:02","last_seen":"2024-04-16 07:40:18","alert_count":0,"request_count":1,"received_data":31464,"sent_data":422,"comment":"","tags":null,"fingerprints":null},{"fqdn":"vermilionenergy.btuijkoi.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":3,"received_data":16239,"sent_data":1597,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-31T21:22:00.637826Z","times_seen":476170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d1048a66fc11ea28c3cb1488fac82c62","sha1":"f055707cf91f637ec19bf5e65bf378857e798469","sha256":"8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370","sha512":"b7860e6dde1626b7babd4e2b2d61df0f027f2193b8432b9d13d8eabaf0e0c58ca1bb51cf8dff1d55ade43bff688497d03e0c9923bf3427d9828266c5a236a3e1","ssdeep":"768:jCPkLHbU1h3W2JE84YYwMxNS+ZCotOYdvqhwxZ5VWYaKAdY5wImQLWQ4:lHbeh3W2lnYwOSXQvS","tlshash":"2d032a583196793217ee44e0607ba743b3266a36b84ccc50d826dd7532bcddad233ba9","size":40614,"data":"","first_seen":"2024-04-04T12:45:54Z","last_seen":"2024-08-20T06:03:08.14488Z","times_seen":2083,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t","fqdn":"vermilionenergy.btuijkoi.com","domain":"btuijkoi.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T21:30:58.223913Z","times_seen":15976901,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"8290045c31005004c1773cd0501754d55030443330401d411d45d4444d7151c033d45c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-05-31T20:06:23.701215Z","times_seen":84732,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"t5.emails.virginatlantic.com/r/?id=h1156f0e5,23add98e,23ade7cf\u0026p1=Vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t","fqdn":"t5.emails.virginatlantic.com","domain":"virginatlantic.com","tld":"com"},"ip":{"addr":"52.19.118.92","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-04-16T09:57:45.165Z","timestamp":1713261465165,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"t.emails.virginatlantic.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 09 Oct 2023 00:00:00 GMT","end":"Wed, 06 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"BF:D4:2D:8E:CD:D7:E4:3E:64:24:E4:00:99:36:21:F3:09:5E:4A:C8","sha256":"16:B8:AF:2C:6E:F2:F0:F4:6B:D5:00:45:3A:9B:E5:5B:B5:33:EB:B4:B8:60:53:55:82:9D:B2:FF:1D:3F:BD:A9"}}},"request":{"raw":"GET /r/?id=h1156f0e5,23add98e,23ade7cf\u0026p1=Vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t HTTP/1.1\r\nHost: t5.emails.virginatlantic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 16 Apr 2024 09:57:45 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 17\r\nlocation: https://Vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t\r\nserver: Apache\r\nx-robots-tag: noindex\r\np3p: CP=\"CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV\"\r\nset-cookie: AMCV_30516EBF55FC098E7F000101%40AdobeOrg=MCMID%7C44134569901272596470405253322841260031; Domain=virginatlantic.com; Path=/; Expires=Sun, 11-May-2025 09:57:45 GMT\nnlid=1156f0e5|23add98e; Domain=virginatlantic.com; Path=/\nnllastdelid=23add98e; Domain=virginatlantic.com; Path=/; Expires=Sun, 11-May-2025 09:57:45 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":17,"size_decoded":17,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"edf537e37d4549950774190c58f93b76","sha1":"4e2078632eccec8993f151be9338bbcb88ce6f58","sha256":"afff9c63cfeacd26e5d4000edf576f1386d6729dca783eb45004f484a73a3514","sha512":"086b7b7a07f837f40038d0ba0724240ee66c0319524baaa9cde4405db6712a0a129ab3f40ad4886fdb77cad78503697af8945b82dbeebdc13ff71a7c3ac5361b","ssdeep":"","tlshash":"786000020000082020832802280008020000008808b0020800282b2002882223000202","first_seen":"2023-04-11T15:33:14Z","last_seen":"2025-02-27T15:25:40.670806Z","times_seen":16650,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":246,"dns":54,"connect":38,"send":0,"wait":34,"receive":0,"ssl":148},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t","date":"2024-04-16T09:57:45.953Z","timestamp":1713261465953,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/api.js?render=explicit HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vermilionenergy.btuijkoi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 16 Apr 2024 09:57:45 GMT\r\ncontent-length: 0\r\ncache-control: max-age=300, public\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nlocation: /turnstile/v0/b/bcc5fb0a8815/api.js?render=explicit\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 875350223d8b712e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T21:30:58.223913Z","times_seen":15976901,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":6,"dns":2,"connect":1,"send":0,"wait":8,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t","date":"2024-04-16T09:57:45.948Z","timestamp":1713261465948,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 11 Jul 2023 00:00:00 GMT","end":"Sun, 14 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"D2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D","sha256":"B1:CA:3A:23:BA:70:1D:18:3F:EC:99:D7:BE:6D:B2:FD:66:5F:5C:A7:7D:7F:C1:FC:16:D1:FD:89:4B:CC:15:34"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vermilionenergy.btuijkoi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Tue, 16 Apr 2024 09:57:46 GMT\r\nage: 5719085\r\nx-served-by: cache-lga21931-LGA, cache-hel1410034-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 22, 32362\r\nx-timer: S1713261466.051446,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30875,"size_decoded":89501,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-31T21:22:00.637826Z","times_seen":476170,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":84,"dns":31,"connect":26,"send":0,"wait":27,"receive":10,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t","fqdn":"vermilionenergy.btuijkoi.com","domain":"btuijkoi.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-04-16T09:57:45.454Z","timestamp":1713261465454,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btuijkoi.com","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Apr 2024 21:11:48 GMT","end":"Sat, 13 Jul 2024 21:11:47 GMT"},"fingerprint":{"sha1":"70:99:CF:A2:79:1C:56:E5:DB:67:1F:46:A9:FE:F3:9C:68:6E:2F:CE","sha256":"B4:87:00:DA:F2:8B:95:D6:80:E9:F0:82:1A:0E:21:7C:D4:05:BC:5B:A1:2B:13:9A:B5:06:1B:42:30:19:52:74"}}},"request":{"raw":"GET /Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t HTTP/1.1\r\nHost: vermilionenergy.btuijkoi.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 16 Apr 2024 09:57:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=86001ee9487f6b3da84caa52714f994a; path=/\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ixQSLCRmml8j3N5PY02uQ5%2Bvau20oxuM8Z5U6fxxhKJ2C5nli08IPDu3BMsIlIUUPCVLDxfnCg1z%2BfTCtPi0AdjegOPVYdCmLRpREkanWlFmxSR97bTFlnCvrqlzBIu8cqbD1PWbAIv561Pf%2Bv06\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8753501f3c49b4f3-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6775,"size_decoded":6734,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3820), with CRLF line terminators","md5":"b809068591da520034698e3d906c69a0","sha1":"6a065111709ea4f66788571d9541295c00153df3","sha256":"c5bba752110e5c526c1c1a33b904eb71e588d818c225a194f22b7506d5ffe999","sha512":"791e5c85e7a1715bd6e8c8a303593b198af842572eb2ab265025dac3c13de562ea2b5aafbf24b9cf9e512e1603711777ed65b15b6677e59916bb5829b989e831","ssdeep":"96:pg2T07u7i6XZqw2j/3Uk6S/L57+q7r0au4mS:6X7gi6XZqhz/L57+q7yY","tlshash":"b6d131c879d1b01503b781727abf1a4ff9368a4a964ec504f19c96c2bff6e2cc817954","first_seen":"2024-04-16T11:58:16Z","last_seen":"2024-08-20T04:19:07.220582Z","times_seen":18,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":255,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vermilionenergy.btuijkoi.com/style.css","fqdn":"vermilionenergy.btuijkoi.com","domain":"btuijkoi.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t","date":"2024-04-16T09:57:45.955Z","timestamp":1713261465955,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btuijkoi.com","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Apr 2024 21:11:48 GMT","end":"Sat, 13 Jul 2024 21:11:47 GMT"},"fingerprint":{"sha1":"70:99:CF:A2:79:1C:56:E5:DB:67:1F:46:A9:FE:F3:9C:68:6E:2F:CE","sha256":"B4:87:00:DA:F2:8B:95:D6:80:E9:F0:82:1A:0E:21:7C:D4:05:BC:5B:A1:2B:13:9A:B5:06:1B:42:30:19:52:74"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: vermilionenergy.btuijkoi.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t\r\nCookie: PHPSESSID=86001ee9487f6b3da84caa52714f994a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 16 Apr 2024 09:57:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 15 Apr 2024 00:34:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=4%2FOf46CPeMSjKt%2FdEu%2B4oauhIS5nK8DYH4vtxXr00FxDeqx4fvbC7py%2B2TegnaP0zwg8BYufsnpTHUm%2FA304zpNuAS9n1FZiTQCUVqP2LBXXzTrel82NhMhXe31KCfTek85f8RuukFefWIr1t0%2BF\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 875350222e1e56cc-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4210,"size_decoded":4210,"mime_type":"text/css","magic":"ASCII text, with very long lines (4215), with no line terminators","md5":"846cbff10057d33e9574f2cbbc5e8255","sha1":"8c9862bb420c2256d34a5eabf061b470f2687b19","sha256":"c835b1183e7b37a91a0f53cb018d8ec9e26eb5dd0d0d7349eaadf0f3a5324e45","sha512":"bc7e92dee412d08e285998dbbfd43cfe598beab8dc96fbda0763d790916ac3ec47210943e8457d7e19b1f17f6990403ea649a7e9839d5115ec3b09c2cb30b605","ssdeep":"48:sc+17gESlBdSqkavuSpDk5vXHgomMNZs7ulIWfcSOCOyY4XCFob5:XSEd9/6APuZsdC5b5","tlshash":"7b91209889b8903cdd1263279bcc478c12299003ad230dbd771e249787d6bfc23e7b25","first_seen":"2024-04-05T20:24:33Z","last_seen":"2024-11-07T00:07:30.609498Z","times_seen":752,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vermilionenergy.btuijkoi.com/logo.svg","fqdn":"vermilionenergy.btuijkoi.com","domain":"btuijkoi.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t","date":"2024-04-16T09:57:45.957Z","timestamp":1713261465957,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btuijkoi.com","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Apr 2024 21:11:48 GMT","end":"Sat, 13 Jul 2024 21:11:47 GMT"},"fingerprint":{"sha1":"70:99:CF:A2:79:1C:56:E5:DB:67:1F:46:A9:FE:F3:9C:68:6E:2F:CE","sha256":"B4:87:00:DA:F2:8B:95:D6:80:E9:F0:82:1A:0E:21:7C:D4:05:BC:5B:A1:2B:13:9A:B5:06:1B:42:30:19:52:74"}}},"request":{"raw":"GET /logo.svg HTTP/1.1\r\nHost: vermilionenergy.btuijkoi.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t\r\nCookie: PHPSESSID=86001ee9487f6b3da84caa52714f994a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 16 Apr 2024 09:57:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 15 Apr 2024 00:34:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=mWymQs6dfMaOoW%2F%2F8o6f3iJiAloW45yePOX%2FrR7eNd4lsJHAFCHIRfYH8gtKizl2OGEyO8R2GxPKV8F1zQ8dyITlWIo9PQ5Z74pdECx2%2F4SlmRRxoHqvp58VkW%2ByfF29ZgUJVVrHdkKAFm6kbpi%2F\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 875350222e2a56cc-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3202,"size_decoded":3202,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"139acb17c8f845685c1ddbb0d43aa08c","sha1":"3ee29155a52f1138e4e3b87bb0555878e996154f","sha256":"a39f3d7ce2a6ee2813680e1844dd05fd5364b75c17addc25d231d4f1ed62ec88","sha512":"8ecb32de5fce74b96ebaefba4163cf4ba3c9019196d9e374f8bc91a3c6b256bdcf4b028554f57667b2501307a4f166510dfdd19265cdf8e87e4a1e364db7ac8c","ssdeep":"","tlshash":"82611e7a4214dbbd1d83c58edf3ad4751b0f65eab3aa229548ffcb71b0970c8c906814","first_seen":"2024-02-28T08:33:42Z","last_seen":"2025-04-01T00:28:15.282832Z","times_seen":303,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vermilionenergy.btuijkoi.com/Y3Zvcm5icm9ja0B2ZXJtaWxpb25lbmVyZ3kuY29t","date":"2024-04-16T09:57:45.975Z","timestamp":1713261465975,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/b/bcc5fb0a8815/api.js?render=explicit HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vermilionenergy.btuijkoi.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 16 Apr 2024 09:57:45 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 875350225dc0712e-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40614,"size_decoded":40614,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (40613)","md5":"d1048a66fc11ea28c3cb1488fac82c62","sha1":"f055707cf91f637ec19bf5e65bf378857e798469","sha256":"8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370","sha512":"b7860e6dde1626b7babd4e2b2d61df0f027f2193b8432b9d13d8eabaf0e0c58ca1bb51cf8dff1d55ade43bff688497d03e0c9923bf3427d9828266c5a236a3e1","ssdeep":"768:jCPkLHbU1h3W2JE84YYwMxNS+ZCotOYdvqhwxZ5VWYaKAdY5wImQLWQ4:lHbeh3W2lnYwOSXQvS","tlshash":"2d032a583196793217ee44e0607ba743b3266a36b84ccc50d826dd7532bcddad233ba9","first_seen":"2024-04-04T12:45:54Z","last_seen":"2024-08-20T06:03:08.14488Z","times_seen":2083,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}