biophareg.com/wp-content/jhkn/Lp48s6tY/rBDHMz/YWwuYy55YXp6aWVAZXh4b25tb2JpbC5jb20=
192.185.166.227200 OK 0 B URL User Request GET HTTP/2 biophareg.com/wp-content/jhkn/Lp48s6tY/rBDHMz/YWwuYy55YXp6aWVAZXh4b25tb2JpbC5jb20=
IP 192.185.166.227:443
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subjectbiophareg.com
FingerprintEC:B2:9A:42:E8:BE:0C:D4:91:03:91:D1:D7:78:39:49:8F:84:16:40
ValidityTue, 18 Apr 2023 19:58:10 GMT - Mon, 17 Jul 2023 19:58:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /wp-content/jhkn/Lp48s6tY/rBDHMz/YWwuYy55YXp6aWVAZXh4b25tb2JpbC5jb20= HTTP/1.1
Host: biophareg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:08:40 GMT
server: nginx/1.23.2
content-type: text/html; charset=UTF-8
content-length: 0
refresh: 0;url=https://mii7v.ibnovtci.com/Mal.c.yazzie@exxonmobil.com
x-server-cache: false
X-Firefox-Spdy: h2
mii7v.ibnovtci.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d096740cb7eb509
188.114.97.1 42 B URL mii7v.ibnovtci.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d096740cb7eb509
IP 188.114.97.1:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d096740cb7eb509 HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mii7v.ibnovtci.com/Mal.c.yazzie@exxonmobil.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:41 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 30 May 2023 15:20:42 GMT
etag: "6476144a-2a"
server: cloudflare
cf-ray: 7d096741da481bfa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 01 Jun 2023 20:08:41 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d0967439af9b4eb
104.18.7.185 81 kB URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d0967439af9b4eb
IP 104.18.7.185:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c79283a903c6079c41964bed9d7b268b
9c7ec21aaf51e39ec34f49e5ea5a7d7ed27ea49d
29fa7fd80d4bd16d967df1918e31b70619cab0f911fc33cf153480b61f9732f9
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d0967439af9b4eb HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j3nwz/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:41 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7d096743fbd9b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mii7v.ibnovtci.com/cdn-cgi/challenge-platform/h/b/flow/ov1/517026833:1685640078:VgzCIgORKE7PAGQeTgoAepD-cbsF_0hebeTfPsGOAvE/7d096740cb7eb509/5a8b03f8e90bd4c
188.114.97.1 371 kB URL mii7v.ibnovtci.com/cdn-cgi/challenge-platform/h/b/flow/ov1/517026833:1685640078:VgzCIgORKE7PAGQeTgoAepD-cbsF_0hebeTfPsGOAvE/7d096740cb7eb509/5a8b03f8e90bd4c
IP 188.114.97.1:0
File type ASCII text, with very long lines (2640), with no line terminators
Size 371 kB (371085 bytes)
Hash 779b201e61e300975d6e3eb951fe1a80
a682cc21b9a99be66e37ac3ea45c11258376f7c6
44c288c55af2e59416413156466fe4cc02335513141a243977beabe65d147cc8
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/517026833:1685640078:VgzCIgORKE7PAGQeTgoAepD-cbsF_0hebeTfPsGOAvE/7d096740cb7eb509/5a8b03f8e90bd4c HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mii7v.ibnovtci.com/Mal.c.yazzie@exxonmobil.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: 5a8b03f8e90bd4c
Content-Length: 2788
Origin: https://mii7v.ibnovtci.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:45 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_chl_rc_m=;Expires=Wed, 31 May 2023 18:08:45 GMT;SameSite=Strict
cf-chl-out: Wwa5U48qlCi/B+6FFPWHXRBWw4Pgx9FXGuBe6+eLTEb1mVTv8LOORMgwrr6ks0cnnLB4RDdOzNKHfxyfLUtEYg==$cEGaF7Xkjb/QGAJxbX48dw==
cf-chl-out-s: VS177zxj7tf70SCD6Rhrc6GSFs3gRmULOjXSr32o8adse0MIulvEuPvLpoVa03bd$Fw5wx8KLZ835Gk9BjUKFjA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8j1gXE8ark%2Bv1mfWzXkwYie%2BzF6MYffrJGpIPrQG6GGvdC2r%2BZ%2BFug7DKwGOwvkiff17dvQsbKey0Ty05ltZxevVvCRQtP4%2FJUGajZvqJA13EAhyV7pxKyMAt0hZ9k2lMJRLcWI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d09675a78851bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mii7v.ibnovtci.com/favicon.ico
188.114.97.1404 Not Found 1.2 kB URL GET HTTP/3 mii7v.ibnovtci.com/favicon.ico
IP 188.114.97.1:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1276), with no line terminators
Hash 24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
GET /favicon.ico HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 01 Jun 2023 18:08:46 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwU9KRhmgl0%2Bro85yE5y6%2FL9aVzb4ydnS%2Fh8nJ6VjL1JgubpYM6HClhLKz9%2Bbr3ua3xWuk%2BIYkuz5ctaPe59auZ0DEoMiqsCtTK0s%2BSbn3aq6cMwAvuFnM09ryvNGhgVCbdVGD0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d09676128061bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mii7v.ibnovtci.com/Mal.c.yazzie@exxonmobil.com
188.114.97.1302 Found 24 kB URL User Request POST HTTP/3 mii7v.ibnovtci.com/Mal.c.yazzie@exxonmobil.com
IP 188.114.97.1:443
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
POST /Mal.c.yazzie@exxonmobil.com HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mii7v.ibnovtci.com/Mal.c.yazzie@exxonmobil.com?__cf_chl_tk=Fa2q4UDUiTLVE70LuEJGyGmpuXbsr4Yn6Tb3NQ9PjdE-1685642921-0-gaNycGzNDWU
Content-Type: application/x-www-form-urlencoded
Content-Length: 3595
Origin: https://mii7v.ibnovtci.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 01 Jun 2023 18:08:45 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
set-cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; path=/; expires=Fri, 31-May-24 18:08:45 GMT; domain=.ibnovtci.com; HttpOnly; Secure; SameSite=None
PHPSESSID=0b640811600895496b696172ad58147b; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5za%2FtXiboBAuri2FJ47DKJFA0v%2B6BsZ9m8cKl1IHXo0O%2BlR2a9HPUHVoF8%2BRAAzyz%2Bygr%2Bg8HAoetEV2Sl%2BPv6pV3oOBpxj0wNe679QA7PX46QRk%2BL6CluFU0YIyNrpoOvUQKo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d09675b79b31bfa-OSL
alt-svc: h3=":443"; ma=86400
mii7v.ibnovtci.com/boot/3be4381c5e5480b339cbb1b86be3897b6478deadc0cb0
188.114.97.1200 OK 51 kB URL GET HTTP/3 mii7v.ibnovtci.com/boot/3be4381c5e5480b339cbb1b86be3897b6478deadc0cb0
IP 188.114.97.1:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type ASCII text, with very long lines (50758)
Hash 67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /boot/3be4381c5e5480b339cbb1b86be3897b6478deadc0cb0 HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 18:08:45 GMT
last-modified: Tue, 30 May 2023 20:34:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81vgOb3KNaEfhNQ9z%2FiKRWt3UNcmVIrPmJ2I3MGLaZIljb%2Fe1doMNwm5I7iQs0w3Iy2xOU37K1yWTgz7sSMszIZMcsjs%2FICKyiS5tj%2FyUCn7dBm0AL5rNDSCFim1BGJ29CNanqU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d09675f0dde1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios@1.4.0/dist/axios.min.js
104.16.125.175200 OK 32 kB URL GET HTTP/2 unpkg.com/axios@1.4.0/dist/axios.min.js
IP 104.16.125.175:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (31803)
Hash 6470a918ba1fd4b8d0882df0269ddb82
97814fdab64aa7d1b30f082f9eb272d4b1ce18a2
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e
GET /axios@1.4.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mii7v.ibnovtci.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:08:45 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7c62-l4FP2rZKp9GzDwgvnrJy1LHOGKI"
via: 1.1 fly.io
fly-request-id: 01GZP8TZEXW4PFCT61FHX2WRTS-fra
cf-cache-status: HIT
age: 2342017
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d09675f4946b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
mii7v.ibnovtci.com/jq/3be4381c5e5480b339cbb1b86be3897b6478deadc0caa
188.114.97.1200 OK 86 kB URL GET HTTP/3 mii7v.ibnovtci.com/jq/3be4381c5e5480b339cbb1b86be3897b6478deadc0caa
IP 188.114.97.1:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jq/3be4381c5e5480b339cbb1b86be3897b6478deadc0caa HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:46 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 18:08:46 GMT
last-modified: Tue, 30 May 2023 20:34:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBdhPsNb%2Bjl9Dnj4H%2F%2B3BBZ0Hc7RINEktNJNJpw%2B8f0DL5UUepQWEG5Qx0dlsSUwg3ZCEX5oGlImZJZQIjv2lMBeAhApkyFFV7N0jXxyGhiTddzqoOLYuCfTQgY6qoEtGNuk24U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d09675f0ddb1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mii7v.ibnovtci.com/o/3be4381c5e5480b339cbb1b86be3897b6478deae32831
188.114.97.1200 OK 3.7 kB URL GET HTTP/3 mii7v.ibnovtci.com/o/3be4381c5e5480b339cbb1b86be3897b6478deae32831
IP 188.114.97.1:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3695), with no line terminators
Hash d633a913e6f3b1f45774b9874dfc85e0
5ba1344048578062c93cfddfdf8458477eaca476
c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714
GET /o/3be4381c5e5480b339cbb1b86be3897b6478deae32831 HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 18:08:46 GMT
last-modified: Tue, 30 May 2023 20:34:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSznEFUh6Qtebpj033RmcrB0agN6yZWzhWkCyvf43o1WLviXy4A1la%2FgsGMMWyvV%2BmXnLk6w6w2VUG32MlgBEetl4yut5FnPWMRlaQdoQYnd67hkPtc8LL%2BQRwhxVrCvG%2FyDEZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d096761280b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mii7v.ibnovtci.com/Mal.c.yazzie@exxonmobil.com
188.114.97.1403 Forbidden 8.1 kB URL User Request GET HTTP/2 mii7v.ibnovtci.com/Mal.c.yazzie@exxonmobil.com
IP 188.114.97.1:443
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8259), with no line terminators
Hash 446d0931dffd73e7d06addba88d2e2cb
a27f97442d3ec57b3c183ab275a7e94881eebdc9
54787ebc6b9e4d51363e6cf50d9f95547704abf916528fa3369b7213547ea47d
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /Mal.c.yazzie@exxonmobil.com HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 01 Jun 2023 18:08:41 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Dc7ApNVPI%2B0fXr0vLIDNqcWz39iTXaixGeU%2F%2F7sIIF%2BVnWKZVOuJJzxRlyyUgDT4or3A4bCbM68wreSDIdOorvBq3oMnj98a%2Bu60LARBuIIb3hc4etLGKncME8KAie9Wlkx8ME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d096740cb7eb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
mii7v.ibnovtci.com/APP-XJJZBP/3be4381c5e5480b339cbb1b86be3897b6478deae32776
188.114.97.1200 OK 105 kB URL GET HTTP/3 mii7v.ibnovtci.com/APP-XJJZBP/3be4381c5e5480b339cbb1b86be3897b6478deae32776
IP 188.114.97.1:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (105369 bytes)
Hash 8e6b0f88563f9c33f78bce65cf287df7
ef7765cd2a7d64ed27dd7344702597aff6f8c397
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a
GET /APP-XJJZBP/3be4381c5e5480b339cbb1b86be3897b6478deae32776 HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:46 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 18:08:46 GMT
last-modified: Tue, 30 May 2023 20:34:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSf2LHBi51EfjeSOHlolpJBlH2VY0rPDJ2oX4dPhZc85IVGZ517%2FBn2AVgso0Dm6UHuhZ%2FfMV6z7ymvDdvVy%2BSEM28pKIDjfss0dFX1EbBk6h2ssIPoOlx0cUHI4dbTdsNRdy7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d09676158441bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
188.114.97.1200 OK 24 kB URL User Request GET HTTP/3 mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
IP 188.114.97.1:443
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (22448)
Hash 407063a40e346fe99429381859d8173b
07f7d46c26ac44eab86013bf54007110b4091a67
7fab445d8c1f48716007ebeec3633c18596935b210b190ba0d8266019654e3cd
GET /beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mii7v.ibnovtci.com/Mal.c.yazzie@exxonmobil.com?__cf_chl_tk=Fa2q4UDUiTLVE70LuEJGyGmpuXbsr4Yn6Tb3NQ9PjdE-1685642921-0-gaNycGzNDWU
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:45 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D837Gsl8%2BbwgYNA8NcFg34QYp2FZ%2F0hrE5jlz9EtDUmAQUFWwKKMw8%2Blq6Rbctf24ihn7e44MqYIatqs%2FW48b%2BVVieYw0mLpvlHJ2ZLon67NVbg2doIfNSNEeDhAAxc0ld%2F%2FuCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d09675dfca31bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aadcdn.msauthimages.net/dbd5a2dd-bx-wdrdljhf5hde09z5dghpttzd0ynysqcifetqr1cg/logintenantbranding/0/bannerlogo?ts=635678298130509802
152.199.23.72200 OK 6.0 kB URL GET HTTP/2 aadcdn.msauthimages.net/dbd5a2dd-bx-wdrdljhf5hde09z5dghpttzd0ynysqcifetqr1cg/logintenantbranding/0/bannerlogo?ts=635678298130509802
IP 152.199.23.72:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D
ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT
File type PNG image data, 281 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 418f2f84edbf26ba00991659b049b48d
c76316f77719e964b92f3453f116ca8b4b0aef83
92cfb01e07a7ad32d3448dee5520df597f86c84b8b27375c54874c03ac613982
GET /dbd5a2dd-bx-wdrdljhf5hde09z5dghpttzd0ynysqcifetqr1cg/logintenantbranding/0/bannerlogo?ts=635678298130509802 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 39106
cache-control: public, max-age=86400
content-md5: QY8vhO2/JroAmRZZsEm0jQ==
content-type: image/png
date: Thu, 01 Jun 2023 18:08:47 GMT
etag: 0x8D2620B5005AAC4
last-modified: Thu, 21 May 2015 18:30:13 GMT
server: ECAcc (ska/F732)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f78b9414-901e-00ce-6159-94e616000000
x-ms-version: 2009-09-19
content-length: 6033
X-Firefox-Spdy: h2
unpkg.com/axios/dist/axios.min.js
104.16.125.175302 Found 32 kB URL GET HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.125.175:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 01 Jun 2023 18:08:45 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.4.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H1W1YETFPZ6YCK1G0BR1DVRR-arn
cf-cache-status: HIT
age: 432
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d09675f2928b500-OSL
X-Firefox-Spdy: h2
mii7v.ibnovtci.com/api-as1f?email=al.c.yazzie@exxonmobil.com&data=logo
188.114.97.1200 OK 168 B URL GET HTTP/3 mii7v.ibnovtci.com/api-as1f?email=al.c.yazzie@exxonmobil.com&data=logo
IP 188.114.97.1:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash e7de774572b91a5c34b7d78bcaa76404
d2ef9e050015fc04e4d9758d8b0baa450a84d7c2
7b87e3619b3724618fd3b045baf592d11cc10a1f01eaa719a0d7a09ba9debfed
GET /api-as1f?email=al.c.yazzie@exxonmobil.com&data=logo HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:47 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DJCqQtlauGzo%2BnOIeAPRT2mwLYfW91O3V57DBP7k8lUSUc2IMA%2B2U70BU6RxnA7qEz1tglZzYrc%2F2Tp%2FcVx%2F4sOahgrxhC%2FPt7s6JOCm8ArE6nUAUFSVzbSh%2FSbEBDfNqKKGOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d09676138131bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mii7v.ibnovtci.com/api-as1f?email=al.c.yazzie@exxonmobil.com&data=background
188.114.97.1200 OK 176 B URL GET HTTP/3 mii7v.ibnovtci.com/api-as1f?email=al.c.yazzie@exxonmobil.com&data=background
IP 188.114.97.1:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash e4b7f6bddcce59f6ba0517babd9920ef
bbda783d88f4001f324b254e5945a0f884013af9
75c10cbd6ba8def99549e67530cb11ffab5603396a1a60b96aea7a64522fc85f
GET /api-as1f?email=al.c.yazzie@exxonmobil.com&data=background HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:48 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VCkE4%2FoZyvAYwQY7UkQtbHqadhLMrmlmcXI7SiIwp9kpL5369rYetMotaQp8XjvJxzWCbmbeWVYQafBTkeoCUqccBgH5Sxb5UpsmsnYaqmO6ITmjFwjXwVPOXkh5pspH32FyM4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d096761381f1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aadcdn.msauthimages.net/dbd5a2dd-bx-wdrdljhf5hde09z5dghpttzd0ynysqcifetqr1cg/logintenantbranding/0/illustration?ts=635678298162092693
152.199.23.72200 OK 346 kB URL GET HTTP/2 aadcdn.msauthimages.net/dbd5a2dd-bx-wdrdljhf5hde09z5dghpttzd0ynysqcifetqr1cg/logintenantbranding/0/illustration?ts=635678298162092693
IP 152.199.23.72:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D
ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 136x132, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x063ee299", baseline, precision 8, 1496x1122, components 3\012- data
Size 346 kB (346338 bytes)
Hash 2d85d0702b9cc19bbea73c67118af9a2
80c3cc008cf85663b4e083c8b43f95eddf6d6811
44312826b804435b4d042475cbe6f37967667437a57bd35f10f72b62ccef3132
GET /dbd5a2dd-bx-wdrdljhf5hde09z5dghpttzd0ynysqcifetqr1cg/logintenantbranding/0/illustration?ts=635678298162092693 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 39107
cache-control: public, max-age=86400
content-md5: LYXQcCucwZu+pzxnEYr5og==
content-type: image/jpeg
date: Thu, 01 Jun 2023 18:08:48 GMT
etag: 0x8D2620B51AC8ACC
last-modified: Thu, 21 May 2015 18:30:16 GMT
server: ECAcc (ska/F69B)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 523273b6-801e-0095-1159-94e16a000000
x-ms-version: 2009-09-19
content-length: 346338
X-Firefox-Spdy: h2
mii7v.ibnovtci.com/jm/3be4381c5e5480b339cbb1b86be3897b6478deadc0cb2
188.114.97.1200 OK 6.1 kB URL GET HTTP/3 mii7v.ibnovtci.com/jm/3be4381c5e5480b339cbb1b86be3897b6478deadc0cb2
IP 188.114.97.1:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type ASCII text, with very long lines (6175), with no line terminators
Hash 0b3cd9bfcbe6444742df90b00f63efc3
0c978b0541c9659215908034b6299f78135c935c
2065edfabc7924bff8e65b4b4ade30bb341d70ab350518bfbad98e1d4f35266f
GET /jm/3be4381c5e5480b339cbb1b86be3897b6478deadc0cb2 HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:46 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 18:08:45 GMT
last-modified: Tue, 30 May 2023 20:34:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbP2gcQcXedjuZKZo0afOVGA9v2aJqYMubUwRCJsO0VGA38p%2F%2FTGemanEYSMhAQa9uyBdEcxALdoMTB0RlZftQf1uMordo2HZjlhQqkOFS1O8%2BIRRTORELeUgB50QcTtkZTAmgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d09675f0de11bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mii7v.ibnovtci.com/2
188.114.97.1200 OK 39 kB IP 188.114.97.1:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2 HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:46 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtwCQyRe55ZeiahUdtQsPyM1jdks9NhKxgWVZvR%2BtZWIlsVf2B1xhIJtU51UEDBdUsxut9%2FM47NQd5YApIpY%2Bou6J4Tk6U0dcQC%2BRiddDNqV386v%2FH00fL3pd%2FrDEoy6Hy8o7Iw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0967608f4c1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mii7v.ibnovtci.com/e/3be4381c5e5480b339cbb1b86be3897b6478deae3283d
188.114.97.1200 OK 513 B URL GET HTTP/3 mii7v.ibnovtci.com/e/3be4381c5e5480b339cbb1b86be3897b6478deae3283d
IP 188.114.97.1:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (529), with no line terminators
Hash adc405f5fd089662209870ca5d2106f7
3a8b776df84bf251afc6ddd802cc5bbeddfb0e36
e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49
GET /e/3be4381c5e5480b339cbb1b86be3897b6478deae3283d HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 18:08:46 GMT
last-modified: Tue, 30 May 2023 20:34:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ciob48ihlVmpW2OQFYblxsaQlxPe%2BXnc%2BykbOhBOAuggP3OJ0iluBS0xKZqP6EgAbzYZqMgz8NDUiCnA1VqoAb9bilj%2Bu44bm9MMu3UeM5swHZumNvKe9WMOK%2BYWlNwSmjdBXU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d096761280f1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mii7v.ibnovtci.com/ic/3be4381c5e5480b339cbb1b86be3897b6478deae32768
188.114.97.1200 OK 17 kB URL GET HTTP/3 mii7v.ibnovtci.com/ic/3be4381c5e5480b339cbb1b86be3897b6478deae32768
IP 188.114.97.1:443
Requested by https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Certificate IssuerLet's Encrypt
Subjectibnovtci.com
FingerprintA4:28:9B:1B:5B:27:F6:A3:39:05:3D:A3:1E:9A:D7:43:C2:26:10:1F
ValidityTue, 30 May 2023 18:55:18 GMT - Mon, 28 Aug 2023 18:55:17 GMT
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ic/3be4381c5e5480b339cbb1b86be3897b6478deae32768 HTTP/1.1
Host: mii7v.ibnovtci.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mii7v.ibnovtci.com/beebb091955c06fa68b3eb8afc0bae516478deadb0778PASbeebb091955c06fa68b3eb8afc0bae516478deadb077b
Cookie: cf_clearance=hOr2nChdyzbN2f9IOjBRwA89huD1FK7A5QRE1TErKCQ-1685642921-0-160; PHPSESSID=0b640811600895496b696172ad58147b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 18:08:46 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 18:08:46 GMT
last-modified: Tue, 30 May 2023 20:34:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaxG7M%2FxNfJqOke%2BGWNLjdzrcjVsQv6yUL8SrxU47UiqBd4RpiLf1CYx3Px2FHbFAODZRnS4hkn57g1pyUjnjdehL%2BychhDcPsSUHNU1HT%2FvVfh2rqldCcb5W%2FjKCmtXalJq9Ec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0967637af01bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400