{"report_id":"6a5f35c1-ba0e-4d15-91a2-9da353635db6","version":6,"status":"done","tags":["microsoft","phishing","outlook","suspicious"],"date":"2025-02-10T19:45:13Z","url":{"schema":"http","addr":"silomplanner.com/css/typec/Y3ZlbmNpbGxAc2x1cnBtYWlsLm5ldA==","fqdn":"silomplanner.com","domain":"silomplanner.com","tld":"com"},"ip":{"addr":"27.254.151.62","port":0,"asn":9891,"as":"CS LOXINFO Public Company Limited.","country":"Thailand","country_code":"TH"},"final":{"url":{"schema":"https","addr":"urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"title":"profile login"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-21T19:45:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"code.jquery.com","ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-02-05T02:23:07.868075Z","alert_count":0,"request_count":3,"received_data":94527,"sent_data":1291,"comment":"","tags":null,"fingerprints":null},{"fqdn":"urdw.rbkz7r.com","ip":{"addr":"172.67.192.243","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":21,"request_count":26,"received_data":681373,"sent_data":32566,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ok4static.oktacdn.com","ip":{"addr":"3.164.240.85","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2014-11-11","domain_rank":16592,"first_seen":"2018-06-15T05:36:50Z","last_seen":"2025-02-04T11:31:03.620705Z","alert_count":0,"request_count":8,"received_data":315777,"sent_data":4388,"comment":"","tags":null,"fingerprints":null},{"fqdn":"github.com","ip":{"addr":"140.82.121.4","port":443,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"domain_registered":"2007-10-09","domain_rank":1423,"first_seen":"2016-07-13T12:28:22Z","last_seen":"2025-02-05T02:22:45.536438Z","alert_count":0,"request_count":1,"received_data":4336,"sent_data":452,"comment":"","tags":null,"fingerprints":null},{"fqdn":"get.geojs.io","ip":{"addr":"104.26.1.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-02-18","domain_rank":17418,"first_seen":"2017-03-30T18:44:25Z","last_seen":"2025-02-08T18:58:41.771649Z","alert_count":0,"request_count":1,"received_data":1451,"sent_data":487,"comment":"","tags":null,"fingerprints":null},{"fqdn":"kiv7nripkncoyudscvjnrdjnsqak1yxjzqj8wfvw9r0kj6tfcehx.vividtrackz.ru","ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-01-22","domain_rank":0,"first_seen":"2025-02-10T19:45:13.459086Z","last_seen":"2025-02-10T19:45:13.459086Z","alert_count":2,"request_count":1,"received_data":1462,"sent_data":674,"comment":"","tags":null,"fingerprints":null},{"fqdn":"silomplanner.com","ip":{"addr":"27.254.151.62","port":0,"asn":9891,"as":"CS LOXINFO Public Company Limited.","country":"Thailand","country_code":"TH"},"domain_registered":"2004-05-13","domain_rank":0,"first_seen":"2015-02-20T08:33:36Z","last_seen":"2022-08-28T10:28:35Z","alert_count":0,"request_count":1,"received_data":586,"sent_data":441,"comment":"","tags":null,"fingerprints":null},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.94.41","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":0,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-02-05T02:31:39.61482Z","alert_count":0,"request_count":2,"received_data":17979,"sent_data":922,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-02-05T01:55:35.60778Z","alert_count":0,"request_count":2,"received_data":30036,"sent_data":926,"comment":"","tags":null,"fingerprints":null},{"fqdn":"objects.githubusercontent.com","ip":{"addr":"185.199.109.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2014-02-06","domain_rank":134060,"first_seen":"2021-11-01T21:34:29Z","last_seen":"2025-02-05T04:50:38.500537Z","alert_count":0,"request_count":1,"received_data":11088,"sent_data":889,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-02-10","alert":"Sinkholed","trigger":"vividtrackz.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Generic phishing","verdict":"phishing","severity":"medium","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Anti-debugging code","verdict":"suspicious","severity":"low","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ceb47c9aec663db93f532d46d449f628","sha1":"3e5875f03eab9e802e6b8896fa732320e74fcc6b","sha256":"1f9267baf221ebb6daff38776367c8c28a16aef798a9c8dfa8e0f2d2ee80e798","sha512":"bbb10b936f5e28b8c7eba46bbe7d02056b8996b88e3566143c2f28b2a58115240cae75b7b833d40b124eb8f7f6dd814424483c19ef57b2300ef4d54846b4f98f","ssdeep":"384:1bOW6TI6eVpjQAd6jk3ifisGixi21Q48PiWs:1b6Tmyaw421Q4/Ws","tlshash":"1f526196f4b618704afb21f775bb418439346126fd81c926f47cc85c5f30e8162bbaea","size":14473,"data":"","first_seen":"2025-02-10T19:45:17.567859Z","last_seen":"2025-02-10T19:45:17.567859Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1edc18c20c3a29847b2fd59a72181482","sha1":"896391f02672068b7c87e34ef9cc03fdd3dc371a","sha256":"e18e34a5c63763d39f8f49a6e3c03ca23427802c8af331b77fffbd2c708f07fd","sha512":"e8a55e5783b76f8fa081e695f860220c7ee5cdb1bc1cfd1a35b184ee126433fc6fab6e3b5a231223fa87c1adf36d813833028a5fbdfdcdb84fe4a7ae52d6f7dc","ssdeep":"","tlshash":"82416ad8e0f368a158bef2bd274fe995373524c7e008ea453c0c0d24bf94a6543a5e96","size":1894,"data":"","first_seen":"2025-02-10T19:45:17.569056Z","last_seen":"2025-02-10T19:45:17.569056Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a9b4917a75546b69f7458032bcaaeca","sha1":"098a1343f795cd3021e49bdf24f6c32b6ad24962","sha256":"6727f63d352d553bed1a8fe5614dd592d9bbef5381867ac3a62168bb256ac199","sha512":"416b9b9e4652db73c266c5b33234fd088b0c8a9b7bf0db827b0fc488cfcb120f3724c0be430905a981bb17d69e8f26eec49b098e8266a457e8e41aa05fd07613","ssdeep":"","tlshash":"c8519ed6f07168bd586dbbac679ef9d0363f3ec9d051a2443c0c0c25b384a59c3a5ea8","size":2189,"data":"","first_seen":"2025-02-10T19:45:17.570121Z","last_seen":"2025-02-10T19:45:17.570121Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"github.com/fent/randexp.js/releases/download/v0.4.3/randexp.min.js","fqdn":"github.com","domain":"github.com","tld":"com"},"ip":{"addr":"140.82.121.4","port":443,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c20a2be8ba900bc0a7118893a2b1072","sha1":"ff7766fde1f33882c6e1c481ceed6f6588ea764c","sha256":"b1c42acd0288c435e95e00332476781532ed002cac6f3dcee9110ced30b31500","sha512":"8f80ad8adc44845d24e13d56738a2ca2a73ee6fcdc187542ba4aaebbf8817935d053a2acfb0d425b9cc0c582b5091e1c9fe16b90b3aa682187645067c267fc41","ssdeep":"192:LRSvXVHfVj+WdqfkkoKhUBhMAcT6iuvBiFj0gba6qiG2pPj:LQvXVHXiNkMAcT6i+4mgPj","tlshash":"ce22a58932933026af5391b440bf140af2f69589d45cade8ab29d1e27d7290d46f7f38","size":10245,"data":"","first_seen":"2024-05-30T22:56:13Z","last_seen":"2026-04-03T18:49:36.598847Z","times_seen":52166,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ca03ad87885ab983541092b87adb299","sha1":"1a17f60bf776a8c468a185c1e8e985c41a50dc27","sha256":"8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762","sha512":"13c412bd66747822c6938926de1c52b0d98659b2ed48249471ec0340f416645ea9114f06953f1ae5f177db03a5d62f1fb5d321b2c4eb17f3a1c865b0a274dc5c","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpnS:vZYDc6lXJd1mZpZEdS","tlshash":"19231ac5a19c605152a774c40d7f704b7463352a070d8aacf668e9eeecfcaea9039d7c","size":48316,"data":"","first_seen":"2023-03-07T01:31:53Z","last_seen":"2026-04-03T20:25:10.423377Z","times_seen":149549,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9568d47f831b3a908fffc8aa9231541c","sha1":"f380adf904d8b9f1843862e7baed250e0102e4ed","sha256":"7e17f61048e95b5484f33aa8fb307716bff953083369de014e1aff05098dcd49","sha512":"38527d24b2aa5e7b0115c3d82bf83a84ccf809c8f6044082beee961a13cb9eb9f3671c07361ca62a1e02a27cc592d0554991b6a093023432fcdc50cd94885efb","ssdeep":"3072:s13zfQ5vqF3toF8dlJRzNXtjMVwVAZQ9s4HcOe/CSMeDHWaE:siFABXjVUc0EgHxE","tlshash":"fcd34be5962a155e8f74c979794b5b38fc363ee4a7e00bae1153f7399810efa80c10b1","size":131795,"data":"","first_seen":"2025-02-10T19:45:17.571442Z","last_seen":"2025-02-10T19:45:17.571442Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-03T20:30:31.132052Z","times_seen":444595,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09106ffb33fd598d6dac0536c17c0ee","sha1":"7dfc403b6b8b3b6c21a735fe1282026b66b1827f","sha256":"c0f009ea862434e2f422d8041768bf731e623e328dabed9724f22d4c7a8fdd76","sha512":"be4eae402970cbf39539eaf87551a2a8e611c3e0d45cbe79eea5eff529a07a37968dacada45d93cee2ab98403643bd1c8d269c9741a43b10f848637f86ec6458","ssdeep":"","tlshash":"12119aef34449a3e0dcf4c8ac3af83c43c9f0c00ad0a1041088fa9160918c80c47bc11","size":658,"data":"","first_seen":"2025-01-27T23:50:46.776769Z","last_seen":"2025-02-11T00:19:31.875518Z","times_seen":1997,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/345JuHAKDvhlwnwM6BSjw6ghI6r1kod0Gl67106","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea3027db2b0225c824bc7a709112c550","sha1":"7ca5ea7c0156ed79ddd1ad40171a16c72201e611","sha256":"fedda24538e439dfd5e3334adda0264ad658e2e6e1fc09d710747cf2865336f9","sha512":"d034521890ad9ed8d1fb4f7bcea5344c4a673f8a27568ca696ff4d463dc5c085861805459ce7df1a89d029ebf474bc88031ef028b174e74ee8a4b3572e78ebde","ssdeep":"1536:1LhCTuIFV5DBDg5MeBNW4mT9xOXoBWhtG5DYg5MuWAj4QZ1d0g4N+6rfXmifeuK:1LPIr9bRBsefj48itK","tlshash":"5fe3d65332609cda2746267f3126e9d0ec96194a72505ee9f00cfc38a4e5f5bfaf24b1","size":147974,"data":"","first_seen":"2025-02-05T01:27:18.163758Z","last_seen":"2025-02-11T00:21:59.977233Z","times_seen":1480,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":[{"md5":"a0ad01c4ef3c1fc4bec8b6218efd0070","sha1":"9700db1ceb5ae39e570fc5b579baa1308780fa00","sha256":"b7d73f250da84bb74fd9511cfdfe2292bb34aee2b5a9012d636075ca25403f3e","sha512":"3d8e12d54b8e411364ef0dc3f3ee664b8ff97e495e8e7176ecf1cb9299f365c9feb5454fdccd27602911783ceb68f0090739b3f3d671f0bb2aa663b7dc6354a5","ssdeep":"96:lkGLGx8LGEk8LGMmeFkQFoi47MutzZsT4iHigiEiKioiXHixtv6sZaJRyLLsXiAw:ucCalka7meFtFoi49oT4iHigiEiKioi6","tlshash":"59a1946b6ea70c128767a52a1add87c1383c130b6886809d7d5da9844f1ce6b38f57ec","size":4825,"data":"","first_seen":"2025-02-10T19:45:17.573968Z","last_seen":"2025-02-10T19:45:17.573968Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"write":[{"md5":"55d0813a558f7ce71206eed6f9029f96","sha1":"2a166e1f446aa0fdfb320c30819ae1f5776bf4bd","sha256":"17a4af13c58597972d79107ae999e53a734b9504693f67cafbeb6e91c8ca5aee","sha512":"15325b2d9004a3cfed39ed112122222c60b20212997f423300c53ead7363863b56e61bbe56b6d6eb9ed5d8fa79c2a90618811205b8ca9eb8db7e9b0ecd487680","ssdeep":"384:qWmPHoHVRZWppUZLtVUGrWalJuzslumallWzYgmtysQtM:acLZWMfrWalJytmallcu","tlshash":"aea3487ff11217bfa2d2ce9b36a36d5d22223c55c20f9305a05bb793b74237e1a42690","size":102111,"data":"","first_seen":"2025-02-10T19:45:17.57502Z","last_seen":"2025-02-10T19:45:17.57502Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"824a980bcd646ec54efe40827d22cd65","sha1":"e0fe8af72462d7d0f55d49055096ef706a788ff5","sha256":"b19e9e1578cdfea3683ac5842a46caa30850f9958a32ee60d1b7f30620568faf","sha512":"ae5d19b9ec0835485c834becb8037ea5d8e28da386e2ea867ea850f75a26bdb272bf2ffc08357d4a068a9612473f1b9444f554c5c535ecd97a1e315e3347cf3f","ssdeep":"192:/6atjXlaQkan7+iZluyzB8ia8DAoeo0oeoV:/XFXlaQkan7+8lrzmiasv1vV","tlshash":"91e18689ac1a5c8203b977396bee95d8ec3f17d754408142340cfd187fb816946eafe8","size":7395,"data":"","first_seen":"2025-02-10T19:45:17.576122Z","last_seen":"2025-02-10T19:45:17.576122Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"658a48cd6d96a265e9857b291b3b74c8","sha1":"095e3d527bddca5690c32bdbf0a064c1f995f48d","sha256":"693d756d8736ad722fd159254465a2585cfbafe6aab387351610f0282ab9399f","sha512":"f54ed3b2fa338af1d6646dc7f6dcf0618390174794c648ad0fa4179d66dde9f1335738f47e616b378e7fc289eab8f358a5fba9e70b7d4381504728dffeb4502e","ssdeep":"1536:VFVRa6P/ItJc94KKCTGRpzhxSylblQVcwW:fLa6P/IhpKiblQVcwW","tlshash":"4c93a31a20d5043a40b381f26a754b8efe66c55fc70a9214b6fc93d76ff6c02dd639a8","size":97358,"data":"","first_seen":"2025-02-10T19:45:17.576942Z","last_seen":"2025-02-10T19:45:17.576942Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"silomplanner.com/css/typec/Y3ZlbmNpbGxAc2x1cnBtYWlsLm5ldA==","fqdn":"silomplanner.com","domain":"silomplanner.com","tld":"com"},"ip":{"addr":"27.254.151.62","port":0,"asn":9891,"as":"CS LOXINFO Public Company Limited.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2025-02-10T19:44:44.03847952Z","timestamp":1739216684038,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /css/typec/Y3ZlbmNpbGxAc2x1cnBtYWlsLm5ldA== HTTP/1.1\r\nHost: silomplanner.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 10 Feb 2025 19:44:43 GMT\r\nServer: Apache\r\nrefresh: 0;url= https://URDw.rbkz7r.com/sTy7I/#Xcvencill@slurpmail.net\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\nX-Frame-Options: SAMEORIGIN\r\nX-Xss-Protection: 1; mode=block\r\nReferrer-Policy: same-origin\r\nPermissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.406Z","timestamp":1739216693406,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo ECC Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Jun 2024 00:00:00 GMT","end":"Wed, 25 Jun 2025 23:59:59 GMT"},"fingerprint":{"sha1":"CD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5","sha256":"AB:77:AE:8B:01:C3:97:E7:80:17:A2:C0:A0:8D:8A:BE:C9:8A:77:1C:06:8C:B9:64:E1:7B:E5:9F:3B:E7:EC:FA"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Mon, 10 Feb 2025 19:44:45 GMT\r\nage: 2970220\r\nx-served-by: cache-lga21931-LGA, cache-osl6550-OSL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 500673, 78430\r\nx-timer: S1739216686.669974,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30875,"size_decoded":89501,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-03T20:30:31.132052Z","times_seen":444595,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/sTy7I/","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2025-02-10T19:44:45.71287329Z","timestamp":1739216685712,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /sTy7I/ HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-cache, private\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=0cNHTbz6qpSyM0qd%2FM1bpZPbnOQSKRignQbzWqLOWZIpJCr2wdsbSJMTiBfcKEmgvZqk3BWXpa3DZpJqoTuKxLWLZspjV6gGHfgsPwL3WMBk1nfCqRUUz9DtMKg9fw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nset-cookie: XSRF-TOKEN=eyJpdiI6Im5GRk9STzk4dWE3SUI5V2IyRERlNGc9PSIsInZhbHVlIjoiM3dwcklNR2QzUjJOVkJYNjRmU1JwdlBjVDFHNzdwK0VNeTdMQ290d0VaNTd3eWlGZktMVFZpSnNEb2YvNkRSTktqNEhZN05XQUczNG1WMmVQeDcwMVNrbmFXV0tyT3pRUHdvV3B4RUhaS29nVUZURDFlNU9aV3NuVWNrdGxyTWciLCJtYWMiOiJhMTMxYmNiNTIyZWViNTQwNTgzYTk3Y2NkODRjOTZmYTEyOTNiZDMxNjNlMWZkMWFmMmMzMTg5MWFlMjcwZTVlIiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 21:44:44 GMT; Max-Age=7200; path=/; secure; samesite=none\nlaravel_session=eyJpdiI6Ikhpb242MjhqU2Rra2p1UU80UUlZM1E9PSIsInZhbHVlIjoiNHVDL3pMOHFRYU8yQlo0aFdyNjJRVTQrbnJKSUpNSWhzMDlCSXJub0ZraFVtaVlyZUc4aTVlUTUvUndNMWprQWs0OW54OFVaS2JsZzRzNlB1WkRYTW42NE1mUFRNT1ZFSzRNZVJqOS9mNWlJY3M2MkRrWHJpczlGWEs5ZTJtQmYiLCJtYWMiOiJmZDlmZTRkMmU2N2RjMmZkOGVlN2NiZmU1ZGU5ZjNlM2Y0NWIwOWIxMmY5OTg4MGM0NjBlYmFiNmY5MDQ3YmRhIiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 21:44:44 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nserver: cloudflare\r\ncf-ray: 90fe98742e3256c1-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1604\u0026min_rtt=820\u0026rtt_var=859\u0026sent=4\u0026recv=6\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=1399\u0026delivery_rate=3531707\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=520a4c92f80dad59\u0026ts=356\u0026x=0\", cfL4;desc=\"?proto=TCP\u0026rtt=1653\u0026min_rtt=688\u0026rtt_var=530\u0026sent=7\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=3248\u0026recv_bytes=1259\u0026delivery_rate=2439079\u0026cwnd=242\u0026unsent_bytes=0\u0026cid=b9e60ca01dcdce0a\u0026ts=917\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38480,"size_decoded":368549,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (65400)","md5":"5b3790286723dafcc75656deb3897b0d","sha1":"31baa3bfd1856988dcb75407f1d1ddcc1da21ea7","sha256":"72e2dfcf29ff91912c77c4ecae9012785f3ad4a2e034c214b3b67802dddb1eeb","sha512":"aef07a5820b5c2cbe4051a054c3aea2b0e27829b963828488072d4debc24a33f3f491cdd4707505f9c81dae227e46f308704cf0bd9688ad3981a8ee10942c20b","ssdeep":"1536:sOTI0Pu/3r1C91TpN3CiqTI0Pu/3r1C91TpN3CiSLBxPLBxeg:sd0Pkb1CT9Ny80Pkb1CT9Ny1zt","tlshash":"3b74993e3b0709b1dae42e73e0b965479038e08228e24df993a559bde717e991cdc0dc","first_seen":"2025-02-10T19:45:17.539384Z","last_seen":"2025-02-10T19:45:17.539384Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"http","addr":"challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2025-02-10T19:44:45.712970496Z","timestamp":1739216685712,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 10 Feb 2025 19:44:45 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public\r\ncross-origin-resource-policy: cross-origin\r\nlocation: /turnstile/v0/g/8a57887573f2/api.js\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 90fe987d8b3a0b49-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenges.cloudflare.com/turnstile/v0/g/8a57887573f2/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2025-02-10T19:44:45.902218Z","timestamp":1739216685902,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /turnstile/v0/g/8a57887573f2/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://urdw.rbkz7r.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:45 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nlast-modified: Tue, 04 Feb 2025 13:03:14 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 90fe987dbb7a0b49-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17105,"size_decoded":48130,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (48129)","md5":"2f126aab3c36533f73de07e05b86c331","sha1":"263f8d2289c1043d39f174969a337c9ca18143f3","sha256":"c865599323be8bedd10dd96818b4702b66f95be7beee670e6e818ea15509b3b4","sha512":"cc1e6f2d3a4642a5908d212f122f44d51186a8b872d36a73680b4e2ccf15c838941d86912c8f243aa6ce047dd81213e53a1cb218d695dde134ae276cdceee81c","ssdeep":"768:nCbU/Cru5h5qaq75KvO0fV9/KFHWlzQylGTZjVsgVX2TwDBslY1L8ep7K1oiSJvU:4ru5h5qaq7gGYV9y0cyl42TQs3","tlshash":"94232b587266797317e980e0617ba34373297a39f94ccc509823c97526acecad133fb9","first_seen":"2025-02-04T18:52:03.622003Z","last_seen":"2025-02-12T14:27:13.299922Z","times_seen":1742,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.406Z","timestamp":1739216693406,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo ECC Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Jun 2024 00:00:00 GMT","end":"Wed, 25 Jun 2025 23:59:59 GMT"},"fingerprint":{"sha1":"CD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5","sha256":"AB:77:AE:8B:01:C3:97:E7:80:17:A2:C0:A0:8D:8A:BE:C9:8A:77:1C:06:8C:B9:64:E1:7B:E5:9F:3B:E7:EC:FA"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Mon, 10 Feb 2025 19:44:51 GMT\r\nage: 2970225\r\nx-served-by: cache-lga21931-LGA, cache-osl6550-OSL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 500673, 78431\r\nx-timer: S1739216692.529173,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30875,"size_decoded":89501,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-03T20:30:31.132052Z","times_seen":444595,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.434Z","timestamp":1739216693434,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Jan 2025 09:16:22 GMT","end":"Thu, 24 Apr 2025 10:16:21 GMT"},"fingerprint":{"sha1":"00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32","sha256":"E1:9E:09:57:22:18:8B:D8:DD:89:2B:13:1E:DE:9E:B5:D9:7F:4E:46:18:C4:8D:2B:07:E4:55:3D:8A:1F:5C:E6"}}},"request":{"raw":"GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:51 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 13972\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"61182885-3694\"\r\nlast-modified: Sat, 14 Aug 2021 20:33:09 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1649593\r\nexpires: Sat, 31 Jan 2026 19:44:51 GMT\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Ls5lq84655u%2FjspXwT47Psb4ZeUKjdjuWi25Jj8KDKMmDlrR%2FXzncEwIm7gdg%2B9IGU0LOwScB%2FOGWpXxqNMVBwSUbPHudNAYK3l84HbkEHfN9x%2FrQLY12WjEuiXijgNL%2F1DgCNO8\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 90fe98a20ee256a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13972,"size_decoded":48316,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (48316), with no line terminators","md5":"2ca03ad87885ab983541092b87adb299","sha1":"1a17f60bf776a8c468a185c1e8e985c41a50dc27","sha256":"8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762","sha512":"13c412bd66747822c6938926de1c52b0d98659b2ed48249471ec0340f416645ea9114f06953f1ae5f177db03a5d62f1fb5d321b2c4eb17f3a1c865b0a274dc5c","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpnS:vZYDc6lXJd1mZpZEdS","tlshash":"19231ac5a19c605152a774c40d7f704b7463352a070d8aacf668e9eeecfcaea9039d7c","first_seen":"2023-03-07T01:31:53Z","last_seen":"2026-04-03T20:25:10.423377Z","times_seen":149549,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.406Z","timestamp":1739216693406,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo ECC Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Jun 2024 00:00:00 GMT","end":"Wed, 25 Jun 2025 23:59:59 GMT"},"fingerprint":{"sha1":"CD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5","sha256":"AB:77:AE:8B:01:C3:97:E7:80:17:A2:C0:A0:8D:8A:BE:C9:8A:77:1C:06:8C:B9:64:E1:7B:E5:9F:3B:E7:EC:FA"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Mon, 10 Feb 2025 19:44:53 GMT\r\nage: 2970227\r\nx-served-by: cache-lga21931-LGA, cache-osl6550-OSL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 500673, 78432\r\nx-timer: S1739216693.409631,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30875,"size_decoded":89501,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-03T20:30:31.132052Z","times_seen":444595,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/GDSherpa-bold.woff","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.437Z","timestamp":1739216693437,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /GDSherpa-bold.woff HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:53 GMT\r\ncontent-type: font/woff\r\ncontent-length: 35970\r\ncontent-disposition: inline; filename=\"GDSherpa-bold.woff\"\r\ncache-control: max-age=14400\r\nlast-modified: Mon, 10 Feb 2025 19:00:54 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=NZR31WCys6BdfbBCweVaGLob9%2Bhx6C7ewWpBj3FhGGjqLzAIekHLsy1Uw%2FsLbNifHoBy%2B1%2FAtRZP4queDJZqwcSqeB9nV0wvPyh6tC4xvK%2FZPk75kkHTtznj5Tn4kQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 2639\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98ade92356be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=8317\u0026min_rtt=5608\u0026rtt_var=4038\u0026sent=5\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=2168\u0026delivery_rate=516405\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=4166facc8df724f6\u0026ts=621\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4130\u0026min_rtt=2237\u0026rtt_var=1129\u0026sent=110\u0026recv=48\u0026lost=0\u0026retrans=0\u0026sent_bytes=84407\u0026recv_bytes=24370\u0026delivery_rate=899561\u0026cwnd=26400\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=8344\u0026x=1\", cfExtPri, cfHdrFlush;dur=4\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35970,"size_decoded":35970,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 35970, version 1.0","md5":"496b7bbde91c7dc7cf9bbabbb3921da8","sha1":"2bd3c406a715ab52dad84c803c55bf4a6e66a924","sha256":"ae40a04f95df12b0c364f26ab691dc0c391d394a28bcdb4aeacfaca325d0a798","sha512":"e02b40fea8f77292b379d7d792d9142b32dfcb887655a2d1781441227dd968589bfc5c00691b92e824f7edb47d11eba325ade67ad08a4af31a3b0ddf4bb8b967","ssdeep":"768:GJiLCleIZlcBvahjeheOQKskmCp9sE9gBkGgvU+7aAXDqWOtU:GJo9IgMKsQzJ9gBkZbuAXDqWV","tlshash":"a4f2d09831594c2aacbd58232b71d9df21e38f61ba42029ba193e4cd9c4714dbb1e47f","first_seen":"2023-05-09T17:48:02Z","last_seen":"2026-04-03T14:38:11.334972Z","times_seen":90449,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.434Z","timestamp":1739216693434,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Jan 2025 09:16:22 GMT","end":"Thu, 24 Apr 2025 10:16:21 GMT"},"fingerprint":{"sha1":"00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32","sha256":"E1:9E:09:57:22:18:8B:D8:DD:89:2B:13:1E:DE:9E:B5:D9:7F:4E:46:18:C4:8D:2B:07:E4:55:3D:8A:1F:5C:E6"}}},"request":{"raw":"GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:53 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 13972\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"61182885-3694\"\r\nlast-modified: Sat, 14 Aug 2021 20:33:09 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1649595\r\nexpires: Sat, 31 Jan 2026 19:44:53 GMT\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=apX%2FgrD3YnSSZBIbw0iCZ0lXvc7Pgqhcu0z2AChjd8by3bvv1%2F2d8Cffi5Hdsu2%2Blvugd8Be1NuXc9HIqHRJLIfiBhfMMC%2ByLQEvCamlkVgacW3LeY29D%2FaSwHlbvZNfF0NKnSNK\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 90fe98ade80756a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13972,"size_decoded":48316,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (48316), with no line terminators","md5":"2ca03ad87885ab983541092b87adb299","sha1":"1a17f60bf776a8c468a185c1e8e985c41a50dc27","sha256":"8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762","sha512":"13c412bd66747822c6938926de1c52b0d98659b2ed48249471ec0340f416645ea9114f06953f1ae5f177db03a5d62f1fb5d321b2c4eb17f3a1c865b0a274dc5c","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpnS:vZYDc6lXJd1mZpZEdS","tlshash":"19231ac5a19c605152a774c40d7f704b7463352a070d8aacf668e9eeecfcaea9039d7c","first_seen":"2023-03-07T01:31:53Z","last_seen":"2026-04-03T20:25:10.423377Z","times_seen":149549,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/GDSherpa-regular.woff2","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.438Z","timestamp":1739216693438,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /GDSherpa-regular.woff2 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:53 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 28584\r\ncontent-disposition: inline; filename=\"GDSherpa-regular.woff2\"\r\ncache-control: max-age=14400\r\nlast-modified: Mon, 10 Feb 2025 19:00:53 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Ss%2BbOC8TlO5HfOpprk50dGybJRJ82NvUu0p4Fst7xrRORdV6CvWKbJzZ9am%2BQclmfcbHNPE1cyx5YyI7jxQ5taPJMST1eVHL3Wx%2FGwWymDFEY10FDTLkAzDg%2FxA5tg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 2640\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98ade92556be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=13825\u0026min_rtt=4960\u0026rtt_var=7626\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=2173\u0026delivery_rate=583870\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=51c83833c877f14c\u0026ts=928\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=3881\u0026min_rtt=2237\u0026rtt_var=1055\u0026sent=179\u0026recv=50\u0026lost=0\u0026retrans=0\u0026sent_bytes=162721\u0026recv_bytes=24461\u0026delivery_rate=1740062\u0026cwnd=52800\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=8348\u0026x=1\", cfExtPri, cfHdrFlush;dur=2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28584,"size_decoded":28584,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28584, version 1.66","md5":"17081510f3a6f2f619ec8c6f244523c7","sha1":"87f34b2a1532c50f2a424c345d03fe028db35635","sha256":"2c7292014e2ef00374aeb63691d9f23159a010455784ee0b274ba7db2bcca956","sha512":"e27976f77797ad93160af35714d733fd9e729a9981d8a6f555807981d08d8175e02692aa5ea6e59cebd33895f5f6a3575692565fdd75667630dab158627a1005","ssdeep":"768:8n53CNftp4NM/2qxGvtAG9fvpWYSTvlj6OIqrd1xUseRc:85SNfQS2ntfxvpWYSTcfMERc","tlshash":"b4d2e0ed44d2c62988f7638902690111f27898ffe52d7db3c19da0b27245d7ea3a8b09","first_seen":"2023-04-09T18:51:15Z","last_seen":"2026-04-03T20:25:50.08621Z","times_seen":100342,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/GDSherpa-bold.woff2","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.437Z","timestamp":1739216693437,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /GDSherpa-bold.woff2 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:53 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 28000\r\ncontent-disposition: inline; filename=\"GDSherpa-bold.woff2\"\r\ncache-control: max-age=14400\r\nlast-modified: Mon, 10 Feb 2025 19:00:52 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=pM1BKcJOrYPDTAQpi1KFeEyR7l2%2BJ3xQfHf%2FoegrGpFTdJSTKBaLVvBuoM5w%2BkYGdkqI52r2MVO9kjvJ8cUZSsJXrmAfKMLcStBBr0p6r0atPNIvy7hhxexP%2BO7K5A%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 2641\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98ade91f56be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=13831\u0026min_rtt=13365\u0026rtt_var=5945\u0026sent=5\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2822\u0026recv_bytes=2170\u0026delivery_rate=169356\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=8170729b9461b53a\u0026ts=916\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4130\u0026min_rtt=2237\u0026rtt_var=1129\u0026sent=132\u0026recv=48\u0026lost=0\u0026retrans=0\u0026sent_bytes=109921\u0026recv_bytes=24370\u0026delivery_rate=899561\u0026cwnd=26400\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=8345\u0026x=1\", cfExtPri, cfHdrFlush;dur=2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28000,"size_decoded":28000,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28000, version 1.66","md5":"a4bca6c95fed0d0c5cc46cf07710dcec","sha1":"73b56e33b82b42921db8702a33efd0f2b2ec9794","sha256":"5a51d246af54d903f67f07f2bd820ce77736f8d08c5f1602db07469d96dbf77f","sha512":"60a058b20fcb4f63d02e89225a49226ccd7758c21d9162d1b2f4b53bba951b1c51d3d74c562029f417d97f1fca93f25fdd2bc0501f215e3c1ef076810b54dd06","ssdeep":"768:NDT1rKvlJOE1AgLlnGj8H58AJUcl5I17ML7FfNHubNIphqb:NDtKvyAhjHeACcl21YL7KNW+","tlshash":"cfc2f1878fd02879a72dfeb80252903197d00de93fea42318d99b70fe683987515e272","first_seen":"2023-04-09T13:59:19Z","last_seen":"2026-04-03T20:17:59.048286Z","times_seen":94558,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/GDSherpa-regular.woff","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.438Z","timestamp":1739216693438,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /GDSherpa-regular.woff HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:53 GMT\r\ncontent-type: font/woff\r\ncontent-length: 36696\r\ncontent-disposition: inline; filename=\"GDSherpa-regular.woff\"\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nlast-modified: Mon, 10 Feb 2025 19:00:52 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=GXJm5meq8bbYeyTG7QVmeYNWEapKq9Cf0QCx4W1uWX%2B%2FFwTROAKDix0apL5AxyAbQlBnXLKsaH9A8sTSSDHQFos%2FCfenI7iG1jfbgYyY8euPswEpWrTY4swoD5br0g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 2640\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98ade92656be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=15274\u0026min_rtt=14953\u0026rtt_var=6250\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2824\u0026recv_bytes=2170\u0026delivery_rate=165240\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=2a12c5608d279598\u0026ts=911\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4130\u0026min_rtt=2237\u0026rtt_var=1129\u0026sent=109\u0026recv=48\u0026lost=0\u0026retrans=0\u0026sent_bytes=83521\u0026recv_bytes=24370\u0026delivery_rate=899561\u0026cwnd=26400\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=8344\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36696,"size_decoded":36696,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 36696, version 1.0","md5":"a69e9ab8afdd7486ec0749c551051ff2","sha1":"c34e6aa327b536fb48d1fe03577a47c7ee2231b8","sha256":"fd78a1913db912221b8ead1e62fad47d1ff0a9fa6cd88d3b128a721ad91d2faf","sha512":"9a0e4297282542b8813f9cc85b2ccb09663ce281f64503f9a5284631881da9aacf7649553bf1423d941f01b97e6bc3ba50ab13e55e4b7b61c5aa0a4adf4d390f","ssdeep":"768:lvJo4KciQZYjebVq19lKPtHAQ/l4rj2bqkiHShpeSUOR4OqWOgaU:lhH3rVq1PKP432tSSh4SUORHqWcU","tlshash":"31f2f15d76443e8cf06a245836ad2dd6a423171247138f8709de72bbd14f120f65aaff","first_seen":"2023-05-09T17:48:02Z","last_seen":"2026-04-03T14:38:11.342242Z","times_seen":90380,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/GDSherpa-vf.woff2","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.438Z","timestamp":1739216693438,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /GDSherpa-vf.woff2 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:53 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 43596\r\ncontent-disposition: inline; filename=\"GDSherpa-vf.woff2\"\r\ncache-control: max-age=14400\r\nlast-modified: Mon, 10 Feb 2025 19:00:52 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ag5%2B6jfGLejNUr%2BtbDcCY1Ss0%2BZCyH2ntgBmtbbHP7EGjNnW72aNaWkc14BLDKK5%2Bm3FDb4MsHGn824fYNBLdxlIJs%2BJw6K7QTsyLP%2FelCBP7WGzoApUFW1sagVZCQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 2641\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98ade92856be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=13728\u0026min_rtt=13313\u0026rtt_var=5824\u0026sent=5\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2824\u0026recv_bytes=2168\u0026delivery_rate=174048\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=dc9f2b916cc92429\u0026ts=633\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4130\u0026min_rtt=2237\u0026rtt_var=1129\u0026sent=120\u0026recv=48\u0026lost=0\u0026retrans=0\u0026sent_bytes=96407\u0026recv_bytes=24370\u0026delivery_rate=899561\u0026cwnd=26400\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=8344\u0026x=1\", cfExtPri, cfHdrFlush;dur=4\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43596,"size_decoded":43596,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43596, version 1.0","md5":"2a05e9e5572abc320b2b7ea38a70dcc1","sha1":"d5fa2a856d5632c2469e42436159375117ef3c35","sha256":"3efcb941aaddaf4aea08dab3fb97d3e904aa1b83264e64b4d5bda53bc7c798ec","sha512":"785ab5585b8a9ed762d70578bf13a6a69342441e679698fd946e3616ef5688485f099f3dc472975ef5d9248afaad6da6779813b88aa1db60abe2cc065f47eb5f","ssdeep":"768:b0nfc/3Osy1fo0tBBFF/GGXfN2ZHKTBUwL+BR49qCow3Z3HuvJ5+xXtTgXHk6/:b0fU3OdhFF/xNOoZc49ow3Z3HO+xX1mf","tlshash":"e2130258592578a9eb43bd49f00c6e64c296b3d8f5832b62334a04f0bff651620fe797","first_seen":"2023-04-18T03:10:28Z","last_seen":"2026-04-03T14:38:11.33698Z","times_seen":91843,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/GDSherpa-vf2.woff2","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.439Z","timestamp":1739216693439,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /GDSherpa-vf2.woff2 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:53 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 93276\r\ncontent-disposition: inline; filename=\"GDSherpa-vf2.woff2\"\r\ncache-control: max-age=14400\r\nlast-modified: Mon, 10 Feb 2025 19:00:54 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=kcI1831p%2FB5ZvRAnuC2CRYbJnzSGLCqnpmPsWt7F2xNM8v8xLv5ORUMjZ6rdUmHXhfBH9vT%2B4Ky1COUwL240ovj9yBQ5SIrLmOFePNdckYNRzS38HDgxoGhQUdAOZQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 2638\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98ade92a56be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=2068\u0026min_rtt=1969\u0026rtt_var=937\u0026sent=5\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=2168\u0026delivery_rate=1048136\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=86aac9e094c4ff15\u0026ts=1142\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=3545\u0026min_rtt=2237\u0026rtt_var=1176\u0026sent=200\u0026recv=52\u0026lost=0\u0026retrans=0\u0026sent_bytes=186539\u0026recv_bytes=24551\u0026delivery_rate=729342\u0026cwnd=64800\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=8350\u0026x=1\", cfExtPri, cfHdrFlush;dur=1\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93276,"size_decoded":93276,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 93276, version 1.0","md5":"bcd7983ea5aa57c55f6758b4977983cb","sha1":"ef3a009e205229e07fb0ec8569e669b11c378ef1","sha256":"6528a0bf9a836a53dfd8536e1786ba6831c9d1faa74967126fddf5b2081b858c","sha512":"e868a2702ca3b99e1abbcbd40b1c90b42a9d26086a434f1cbae79dfc072216f2f990fec6265a801bc4f96db0431e8f0b99eb0129b2ee7505b3fdfd9bb9bafe90","ssdeep":"1536:Dy7KSLv+MMqDeeIgDFSxpuQP7ObnKSWBO61LlRzSSAT6YmkSzOu7Be0OB53jIH4I:Dy7JD+net+puI7ObKHVhTSSlYmk4OuWa","tlshash":"d293029c71ec79c19e00616e94c92535f89fdab0f049d3fa9a4ed85b927c369e343b10","first_seen":"2023-05-01T02:20:29Z","last_seen":"2026-04-03T14:38:11.338063Z","times_seen":91677,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/sTy7I/","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2025-02-10T19:44:53.505221576Z","timestamp":1739216693505,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /sTy7I/ HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6ImdVYzJwWmdEZjlzR290L1AyYlBTRUE9PSIsInZhbHVlIjoiSEVpekg1WmdEeHFmN3NBbVdvMGttMnlGTEU1U0s2QlJ0UjFtV0ZyK2cyNk9jOXd2L29wS2V0V01GN09Bb3U4bXY2a0dFNWh3SGYxWEJ6K1JSN25kemN0MEZqVy9iU2srNGRCd2hrY2tkS3l1RkVmVkczSTRRd3o1QThaa3E5S3ciLCJtYWMiOiI1YTk1NGMxYzc0MjA2MWQ4MjliYWU1MDU3NGIwMmU2YzBiYzRiNTA1OTRkZTk4ZTdlOGMwNzU5M2QzMjI0NGVjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InpIbzVESTVLWXpsU1pLckcycDFuc3c9PSIsInZhbHVlIjoiczlUMXY0M0R2VFdmSWVsVVdRNVpGakloOFRWaHo0Vm5FMXpuTmNwYXBoMnI2NnhTbmMwZCs0UjU5NGl6Z1FxeHgrT2pPU0piRVgxWG8xVTdWdWtBWUpSSGhkbDlMTzRBa29lQ0xmWUp4dFJ0aE43cDVPTXlDQUtHTEdyU1FldlgiLCJtYWMiOiI3NGMzZDZmYmExYzgwMzA0Njk0MTZmZGY1Mzk5MmUxYjhmOGEyZWIxNGY0NDEwOWQ0NDUxYzkzZTA5MGYxZGYyIiwidGFnIjoiIn0%3D\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:51 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-cache, private\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=AS3akzJGgtzq26yjNSYuQiS0fNzXb%2F%2F%2FmPuElAR4QkuL%2BubDRTon%2BVS1%2FWGiyMzW760HZ7G1LzYlDQtxYNKIygPsdErtIdAOMDKrABSz3IF2kcOn%2FRrogZyE7Rh97g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IjRrbXV2bEV5S2d1T3dqVzRxcXhyeXc9PSIsInZhbHVlIjoianFoREUwTjZSbmtsb0NNbkl1UHd2SE03ZVNjMzI3czBkSURvZy95cjA1ZEc4Nm9SK1hjOFNnTzJZRkdlaHk5aklpNGc5a2w1UUJTOHN6c2s4RHFWRWh3ZWxkeUQ0MS9CeWJmWC8wbEV0MUdRMElOSFBUZlRlTXhBUVZHZy9YMXoiLCJtYWMiOiJmODA4NWEzMWY3MmM3ZjU3NWI5ZmUyMmViMjFhNDNmYjcxZDZlMjc2N2Y2NGRiMTBjZTNhZTU4NTM3YmM3MjE5IiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 21:44:51 GMT; Max-Age=7200; path=/; secure; samesite=none\nlaravel_session=eyJpdiI6IlByUUVXejUrRFJ1MHhUUFN1RDJNdEE9PSIsInZhbHVlIjoiWTM3YTFybHl5cUxab3pRYjBXb2ZmQ0lOcFZvdXR1MUI2aFBoU1F3VXl5WW4xaCszaEFiNWtvRmR3TzMrSWtqUHp0UXVtSSsyOU9zNFZmQ0JoSzBDRmxhS2JZckFsZjdsVUlQOHdSb0FaK1NIU2FabzNVQWx2enBQWjMxbkhuSHEiLCJtYWMiOiIzZjAyZDAwNGVmZGZkOTlkOWVjMDAwMjcyOWZkZmI4MzU4Y2Y4OWQ0N2Q0ZTE3OWNiZmE0NTM0NjM1YmVkODM3IiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 21:44:51 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\npriority: u=1,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe989bebcd56be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=3035\u0026min_rtt=2761\u0026rtt_var=1583\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2824\u0026recv_bytes=2152\u0026delivery_rate=584696\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=12434bce9e5bde26\u0026ts=669\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=6343\u0026min_rtt=4101\u0026rtt_var=2582\u0026sent=15\u0026recv=9\u0026lost=0\u0026retrans=0\u0026sent_bytes=5691\u0026recv_bytes=3689\u0026delivery_rate=300\u0026cwnd=12000\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=6414\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8622,"size_decoded":15373,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (9905), with CRLF line terminators","md5":"365dc4f782f88e4a2c57630893d2f3e6","sha1":"14f73a86e0f1848782f509ef26de62470f3d5504","sha256":"c010bef583bcbde56b6e35e931db4a3abd04ea8702e82890eebb92890385cc92","sha512":"b8c0df2b8d77925eec88cb8bab66ab9c77b080ab3b833683e837d5d601dc19612d583a58152268626912a287ed70fa8602ead8042dd560fcd36b9811cbf79782","ssdeep":"384:E+ROIA6LAHdgHAx0MFp7EorY1qmZodlrflrG:E0Rpe69ZAlrflrG","tlshash":"b4628f37c7134431ab34fe817a3f8ed5893d89af10d04542e84f98417d62fb626a2eb9","first_seen":"2025-02-10T19:45:17.547319Z","last_seen":"2025-02-10T19:45:17.547319Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7","fqdn":"ok4static.oktacdn.com","domain":"oktacdn.com","tld":"com"},"ip":{"addr":"3.164.240.85","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.448Z","timestamp":1739216693448,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.oktacdn.com","organization":"Okta, Inc."},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 02 Dec 2024 00:00:00 GMT","end":"Fri, 02 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5","sha256":"71:C0:94:09:81:5A:DD:BE:41:D4:27:16:CB:BB:73:BD:A1:E1:22:3A:D2:6C:C1:26:F0:EC:4B:ED:3D:64:26:3B"}}},"request":{"raw":"GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1\r\nHost: ok4static.oktacdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 10796\r\nserver: nginx\r\nlast-modified: Tue, 23 Feb 2021 04:20:08 GMT\r\nstrict-transport-security: max-age=315360000; includeSubDomains\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ndate: Wed, 29 Jan 2025 00:59:17 GMT\r\nexpires: Thu, 29 Jan 2026 00:59:17 GMT\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\netag: \"12bdacc832185d0367ecc23fd24c86ce\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 454b04b563cd5c3b9a4496e3ea346390.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: 8umWDRZJC4lvn7Y6xv7Kdqax1O2hf3aN1IRpcSh6uasbh5iEeKX16A==\r\nage: 1104336\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10796,"size_decoded":10796,"mime_type":"image/png","magic":"PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced","md5":"12bdacc832185d0367ecc23fd24c86ce","sha1":"4422f316eb4d8c8d160312bb695fd1d944cbff12","sha256":"877ae491d9aac5c6ef82a8430f9f652ace8a0dbc7294bd112aad49bd593769d0","sha512":"36c319ac7f75202190e7a59f3f3c92892a71d5f17663e672319a745b6574bcfde7c89b35f480cb15a193924dacb9d67f8ca1e1bc2bf33fc5ccbfa152cc7ba2d0","ssdeep":"192:aPzBBDKs07GiH528urXXSjD4/voR3Euri/in9Q28oLaIAQLdCYXQIDeoIdv60:aPVBQ7P5nIyjD+oRnr4inJdANuGdC0","tlshash":"7122af89d5a7d9387f3ff18c00be1fcb46f8a1f9760608b93989875d0641d9c188c499","first_seen":"2023-05-04T21:28:17Z","last_seen":"2026-03-28T17:39:33.499647Z","times_seen":38422,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":41,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"github.com/fent/randexp.js/releases/download/v0.4.3/randexp.min.js","fqdn":"github.com","domain":"github.com","tld":"com"},"ip":{"addr":"140.82.121.4","port":443,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.433Z","timestamp":1739216693433,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"github.com","organization":""},"issuer":{"commonName":"Sectigo ECC Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Thu, 05 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E4:33:71:DD:D6:91:4A:75:B6:1F:9E:4F:74:6D:9B:F0:DD:26:FC:3A","sha256":"B8:BB:81:87:68:33:87:39:42:04:5A:8D:F8:F0:62:19:E0:06:02:EB:CB:43:84:C7:AB:C2:4F:18:37:9C:87:F5"}}},"request":{"raw":"GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/1.1\r\nHost: github.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: GitHub.com\r\ndate: Mon, 10 Feb 2025 19:42:57 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With\r\nlocation: https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Credential=releaseassetproduction%2F20250210%2Fus-east-1%2Fs3%2Faws4_request\u0026X-Amz-Date=20250210T194257Z\u0026X-Amz-Expires=300\u0026X-Amz-Signature=e90a799dfe03cac6ebd6f455c3ef0d9877310d916b06d1867d9c258d1d32214c\u0026X-Amz-SignedHeaders=host\u0026response-content-disposition=attachment%3B%20filename%3Drandexp.min.js\u0026response-content-type=application%2Foctet-stream\r\ncache-control: no-cache\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nx-frame-options: deny\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/\r\ncontent-length: 0\r\nx-github-request-id: 8856:B0C75:F98A07:1004C31:67AA5735\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":71,"dns":0,"connect":21,"send":0,"wait":20,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-02-10T19:44:52.216Z","timestamp":1739216692216,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/sTy7I/\r\nCookie: XSRF-TOKEN=eyJpdiI6IitzZVlEcDZWR1NFOE9XSE5yVVhYM3c9PSIsInZhbHVlIjoiNkJvay9JU0l4K1lzS2lNRVlZVWg3KzlVamllcE9JQUJPQVFPTlZFTnZjREVoRFBraEpPRzFlYTJiaGd5bk56aGx4NlBnUHZSeWEzaU1WMjVwOW5xN3NqYis5Z2lRYVBRamRlYkNLQUxDaTZzRlFjOXdoRnhWZVBHMm5vQmdGaUEiLCJtYWMiOiJjOGE4YmVhNGMwZDA4NTFiNmQ3MmQ2ZDU2NTkzYTc1YWViZDMxZjBmNTdkOWY2YTNiODljYjhlYTk0ZWI0ZDE0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InppN0x5ZVI3Z3ByVFBGeklBZWZPa3c9PSIsInZhbHVlIjoiTTZlRmlvYlk0Q2pFZW10bG0zOXdZY0JQVU12NjBxb1hBZVBTZWx5eE1zSGVCVU9UbWpjZmFmNmxLYW01b3ZOTi84bGFvZUhyTWw2Q0Y2VlUxMXUwNVNRREZPMUsxUnN5b215YXVSUWlTZFhVOHNFN0xCTjFnbWhTVStEN1RmdEkiLCJtYWMiOiJmYWRkYmZiZDA1NjljNWY1NmE0MzY1OTM2YjBjMGQ1M2MzOTRlNzQ4ODRmMDk3ZDkxNDMxYzA2NmU3M2UxNWVhIiwidGFnIjoiIn0%3D\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-cache, private\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=eNjZhU%2Fla09AQpdTVkHy1qEIBUy5ekNa6pvcOxQoSL1BXYynwChmLtXN8vnntXrzXtoXXS0pDkhnuCHFoBmvIMxtMBp9XD8kd4waS%2B37BWEukSkc54fOlZx6pK9KLw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 21:44:52 GMT; Max-Age=7200; path=/; secure; samesite=none\nlaravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 21:44:52 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\npriority: u=1,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98a668e556be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1444\u0026min_rtt=1040\u0026rtt_var=1198\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=2248\u0026delivery_rate=677426\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=83a212ea568319a9\u0026ts=355\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4970\u0026min_rtt=2253\u0026rtt_var=2570\u0026sent=33\u0026recv=17\u0026lost=0\u0026retrans=0\u0026sent_bytes=18591\u0026recv_bytes=6731\u0026delivery_rate=628640\u0026cwnd=12000\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=7760\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":71497,"size_decoded":143052,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (52489), with CRLF line terminators","md5":"c34507658c1295fde68c7d9bfabc9507","sha1":"b435d5315b8ae8029c8070240eec4c12357e10e0","sha256":"2453f6cc660ab3fe2f70d7e2d7f86a8fb424fb0d9e1992280fa3b9b902c77758","sha512":"e7ec425c718e0852ab6752e6b16df47a091e0f0948f8dbc980f3f3d3fa18a38c62faa7a97390b04e4f49263a9a931a66f2d791f08202064a7bb3082c5f20f937","ssdeep":"3072:113zfQ5vqF3toF8dlJRzNXtjMVwVAZQ9s4HcOe/CSMeDHWaB:1iFABXjVUc0EgHxB","tlshash":"bae35be59629155e8f78c5797a4b5b3cfc363de4a7e00b9e2153e7399920efa80c10b0","first_seen":"2025-02-10T19:45:17.549188Z","last_seen":"2025-02-10T19:45:17.549188Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1182,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":639,"receive":543,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Anti-debugging code","verdict":"suspicious","severity":"low","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"ok4static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2","fqdn":"ok4static.oktacdn.com","domain":"oktacdn.com","tld":"com"},"ip":{"addr":"3.164.240.85","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:54.064Z","timestamp":1739216694064,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.oktacdn.com","organization":"Okta, Inc."},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 02 Dec 2024 00:00:00 GMT","end":"Fri, 02 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5","sha256":"71:C0:94:09:81:5A:DD:BE:41:D4:27:16:CB:BB:73:BD:A1:E1:22:3A:D2:6C:C1:26:F0:EC:4B:ED:3D:64:26:3B"}}},"request":{"raw":"GET /assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2 HTTP/1.1\r\nHost: ok4static.oktacdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://urdw.rbkz7r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ok4static.oktacdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/font-woff2\r\ncontent-length: 20416\r\ndate: Mon, 27 Jan 2025 07:42:18 GMT\r\nserver: nginx\r\nlast-modified: Tue, 07 Nov 2023 18:56:28 GMT\r\netag: \"d99a7377dabb55772ca9f986b0a04b57\"\r\nx-amz-meta-sha1sum: 2b5fcd8431953c44e410d0489899e74f6d2cfecc\r\nexpires: Tue, 27 Jan 2026 07:42:18 GMT\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\nstrict-transport-security: max-age=315360000; includeSubDomains\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 454b04b563cd5c3b9a4496e3ea346390.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: djaSUv2ZYlhIWIkHBtXbbCKWlRIfNBw2rHjam6y5NrhUqDJ4t26dMQ==\r\nage: 1252956\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20416,"size_decoded":20416,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20416, version 2.197","md5":"d99a7377dabb55772ca9f986b0a04b57","sha1":"2b5fcd8431953c44e410d0489899e74f6d2cfecc","sha256":"affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149","sha512":"cb80ebc6424029c45e86ddf6c18eb43284605678ede88119301cc6493c21e282cace48fd849fc14e5d73c6aecf83645cc3a58051d5d8e22197e09912a41e3130","ssdeep":"384:e/Apz8weEie675kzn2XOvHNE18xEZJymoDyV+5uxfv3CBi3n9SDonvPsp:eFvhQL2XgE1mBDg+E/CBi39SDoHsp","tlshash":"d592d00d9a200f9581271db08a0b434edbb8e0575e4dedddf083312bde81259d25aafb","first_seen":"2023-04-17T18:58:51Z","last_seen":"2026-03-31T09:46:55.1833Z","times_seen":36470,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ok4static.oktacdn.com/assets/loginpage/font/assets/proximanova-sbold-webfont.41acb8650115f83780fc.woff2","fqdn":"ok4static.oktacdn.com","domain":"oktacdn.com","tld":"com"},"ip":{"addr":"3.164.240.85","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:54.071Z","timestamp":1739216694071,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.oktacdn.com","organization":"Okta, Inc."},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 02 Dec 2024 00:00:00 GMT","end":"Fri, 02 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5","sha256":"71:C0:94:09:81:5A:DD:BE:41:D4:27:16:CB:BB:73:BD:A1:E1:22:3A:D2:6C:C1:26:F0:EC:4B:ED:3D:64:26:3B"}}},"request":{"raw":"GET /assets/loginpage/font/assets/proximanova-sbold-webfont.41acb8650115f83780fc.woff2 HTTP/1.1\r\nHost: ok4static.oktacdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://urdw.rbkz7r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ok4static.oktacdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/font-woff2\r\ncontent-length: 20328\r\ndate: Mon, 27 Jan 2025 06:31:17 GMT\r\nserver: nginx\r\nlast-modified: Tue, 07 Nov 2023 18:54:23 GMT\r\netag: \"27429b092c0595aa8803b611bd7508f3\"\r\nx-amz-meta-sha1sum: dd4beda27e8057403b27d1276ca9d68902692615\r\nexpires: Tue, 27 Jan 2026 06:31:17 GMT\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\nstrict-transport-security: max-age=315360000; includeSubDomains\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 454b04b563cd5c3b9a4496e3ea346390.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: 95BFc_5hKSmdzrAHmHZwptL4jO4rwUB9ZY1K8lBS3qd4HsGQVlqfnA==\r\nage: 1257217\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20328,"size_decoded":20328,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20328, version 2.197","md5":"27429b092c0595aa8803b611bd7508f3","sha1":"dd4beda27e8057403b27d1276ca9d68902692615","sha256":"9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be","sha512":"fadcfba214fde02b18de1e0e61c530fe79bb87d0a717460e38e30afbea110d5527fdb742c8848e7dfd29c8e3704282da856fa8c57763de56b2dfb2c1d0ff5ea5","ssdeep":"384:nQidB583dJ5Awv63j62xbjAwHG+SBHOB+hKhi9327cC3cENZ0L:l7q5AwvIBhjVH6OUkI2P10L","tlshash":"0992e11376eeff8b75d364a31025d217ce4d23292e11b0e5e3a1be85d690ef582bc960","first_seen":"2023-05-02T22:15:23Z","last_seen":"2026-03-31T09:46:55.17612Z","times_seen":4462,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ok4static.oktacdn.com/assets/loginpage/font/assets/proximanova-light-webfont.aba797dabec6686294a9.woff2","fqdn":"ok4static.oktacdn.com","domain":"oktacdn.com","tld":"com"},"ip":{"addr":"3.164.240.85","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:54.073Z","timestamp":1739216694073,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.oktacdn.com","organization":"Okta, Inc."},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 02 Dec 2024 00:00:00 GMT","end":"Fri, 02 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5","sha256":"71:C0:94:09:81:5A:DD:BE:41:D4:27:16:CB:BB:73:BD:A1:E1:22:3A:D2:6C:C1:26:F0:EC:4B:ED:3D:64:26:3B"}}},"request":{"raw":"GET /assets/loginpage/font/assets/proximanova-light-webfont.aba797dabec6686294a9.woff2 HTTP/1.1\r\nHost: ok4static.oktacdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://urdw.rbkz7r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ok4static.oktacdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/font-woff2\r\ncontent-length: 20052\r\ndate: Mon, 27 Jan 2025 06:31:17 GMT\r\nserver: nginx\r\nlast-modified: Tue, 07 Nov 2023 18:58:19 GMT\r\netag: \"3bf194f33d52c87ea38f13e04fd41950\"\r\nx-amz-meta-sha1sum: 28b8b4bd234dde07b7ee63a6d32c6f275f03eca1\r\nexpires: Tue, 27 Jan 2026 06:31:17 GMT\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\nstrict-transport-security: max-age=315360000; includeSubDomains\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 454b04b563cd5c3b9a4496e3ea346390.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: UbvHuhEN_pJuuQtnT-A5R2azu3I4IUz5btzQQbdJM5Zf4cbnH8tX4A==\r\nage: 1257217\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20052,"size_decoded":20052,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20052, version 2.197","md5":"3bf194f33d52c87ea38f13e04fd41950","sha1":"28b8b4bd234dde07b7ee63a6d32c6f275f03eca1","sha256":"018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b","sha512":"704e1bbdc896ef6d9c0a39e540a8d543215c40f8b9b5ebb98049a2e376168ded4fdb1bbb784eda5c0da22acf57e54e00747c0236c66642dd8bbc3ecd3da8035c","ssdeep":"384:CLxkj9mZ4+wTZm1PIAp2tntff2Qu0KCfJjcRJPMXuosChm:+xkjkgTZm1PstfflJIRJPnox4","tlshash":"3b92d0994c485a029c891d3a94a539747cacc173706940f68ce467de73c38437cdeef8","first_seen":"2023-05-02T22:15:23Z","last_seen":"2026-03-31T09:46:55.185034Z","times_seen":4554,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/img/ui/forms/checkbox-sign-in-widget.png","fqdn":"ok4static.oktacdn.com","domain":"oktacdn.com","tld":"com"},"ip":{"addr":"3.164.240.85","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:54.064Z","timestamp":1739216694064,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.oktacdn.com","organization":"Okta, Inc."},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 02 Dec 2024 00:00:00 GMT","end":"Fri, 02 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5","sha256":"71:C0:94:09:81:5A:DD:BE:41:D4:27:16:CB:BB:73:BD:A1:E1:22:3A:D2:6C:C1:26:F0:EC:4B:ED:3D:64:26:3B"}}},"request":{"raw":"GET /assets/js/sdk/okta-signin-widget/7.18.0/img/ui/forms/checkbox-sign-in-widget.png HTTP/1.1\r\nHost: ok4static.oktacdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3141\r\ndate: Sun, 09 Feb 2025 15:15:39 GMT\r\nserver: nginx\r\nlast-modified: Tue, 14 May 2024 21:49:26 GMT\r\netag: \"7846b2f8c6d0a7ca69fdd3d3c294e92d\"\r\nx-amz-meta-sha1sum: e0bb021ffdf93c68fef44de2a3b08f378b6fb50a\r\nexpires: Mon, 09 Feb 2026 15:15:39 GMT\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\nstrict-transport-security: max-age=315360000; includeSubDomains\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 454b04b563cd5c3b9a4496e3ea346390.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: KdXlhWfLle4ozKbotxZTkaSQkH7hd1Gp5YsJxTz0yhF8rEQO50la7Q==\r\nage: 102555\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3141,"size_decoded":3141,"mime_type":"image/png","magic":"PNG image data, 50 x 1155, 8-bit/color RGBA, non-interlaced","md5":"7846b2f8c6d0a7ca69fdd3d3c294e92d","sha1":"e0bb021ffdf93c68fef44de2a3b08f378b6fb50a","sha256":"40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665","sha512":"c08600b8b07d56bb502f9aed5ce2bab59b33105c1ccf595413bc7158368fa06c73bc2d22c7cc99d1efd10fd7c599cee92163dec3d2312bfd98dbf69457c59de7","ssdeep":"","tlshash":"b951f8f530f1b901b224a7a4ba10c65203e04fe647da0eb25a406f2df3a0c57d6d26ab","first_seen":"2023-05-09T00:44:14Z","last_seen":"2026-04-03T20:28:17.568045Z","times_seen":6488,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/cbS6DHGLJ4FPhlZh6UXc7qsStN768tnL1bzOC0JlFplvGvd","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2025-02-10T19:44:54.099282826Z","timestamp":1739216694099,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"POST /cbS6DHGLJ4FPhlZh6UXc7qsStN768tnL1bzOC0JlFplvGvd HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://urdw.rbkz7r.com/sTy7I/\r\nContent-Type: multipart/form-data; boundary=---------------------------17194348891032988760416372550\r\nContent-Length: 917\r\nOrigin: https://urdw.rbkz7r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6Im5GRk9STzk4dWE3SUI5V2IyRERlNGc9PSIsInZhbHVlIjoiM3dwcklNR2QzUjJOVkJYNjRmU1JwdlBjVDFHNzdwK0VNeTdMQ290d0VaNTd3eWlGZktMVFZpSnNEb2YvNkRSTktqNEhZN05XQUczNG1WMmVQeDcwMVNrbmFXV0tyT3pRUHdvV3B4RUhaS29nVUZURDFlNU9aV3NuVWNrdGxyTWciLCJtYWMiOiJhMTMxYmNiNTIyZWViNTQwNTgzYTk3Y2NkODRjOTZmYTEyOTNiZDMxNjNlMWZkMWFmMmMzMTg5MWFlMjcwZTVlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ikhpb242MjhqU2Rra2p1UU80UUlZM1E9PSIsInZhbHVlIjoiNHVDL3pMOHFRYU8yQlo0aFdyNjJRVTQrbnJKSUpNSWhzMDlCSXJub0ZraFVtaVlyZUc4aTVlUTUvUndNMWprQWs0OW54OFVaS2JsZzRzNlB1WkRYTW42NE1mUFRNT1ZFSzRNZVJqOS9mNWlJY3M2MkRrWHJpczlGWEs5ZTJtQmYiLCJtYWMiOiJmZDlmZTRkMmU2N2RjMmZkOGVlN2NiZmU1ZGU5ZjNlM2Y0NWIwOWIxMmY5OTg4MGM0NjBlYmFiNmY5MDQ3YmRhIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:50 GMT\r\ncontent-type: application/json\r\ncache-control: no-cache, private\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=9DWA0794SexEmodabkVmCToPBZdVBLOKbHgLyaEeXgROczoWZhWYvobwwgeGIQGMjwkA98L7ySnH%2FcUIQeXmNpi8fNZmSIBQ99Phc2ik4kvMmjb%2BVdDF9%2BlJxN3hAw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nset-cookie: XSRF-TOKEN=eyJpdiI6ImdVYzJwWmdEZjlzR290L1AyYlBTRUE9PSIsInZhbHVlIjoiSEVpekg1WmdEeHFmN3NBbVdvMGttMnlGTEU1U0s2QlJ0UjFtV0ZyK2cyNk9jOXd2L29wS2V0V01GN09Bb3U4bXY2a0dFNWh3SGYxWEJ6K1JSN25kemN0MEZqVy9iU2srNGRCd2hrY2tkS3l1RkVmVkczSTRRd3o1QThaa3E5S3ciLCJtYWMiOiI1YTk1NGMxYzc0MjA2MWQ4MjliYWU1MDU3NGIwMmU2YzBiYzRiNTA1OTRkZTk4ZTdlOGMwNzU5M2QzMjI0NGVjIiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 21:44:50 GMT; Max-Age=7200; path=/; secure; samesite=none\nlaravel_session=eyJpdiI6InpIbzVESTVLWXpsU1pLckcycDFuc3c9PSIsInZhbHVlIjoiczlUMXY0M0R2VFdmSWVsVVdRNVpGakloOFRWaHo0Vm5FMXpuTmNwYXBoMnI2NnhTbmMwZCs0UjU5NGl6Z1FxeHgrT2pPU0piRVgxWG8xVTdWdWtBWUpSSGhkbDlMTzRBa29lQ0xmWUp4dFJ0aE43cDVPTXlDQUtHTEdyU1FldlgiLCJtYWMiOiI3NGMzZDZmYmExYzgwMzA0Njk0MTZmZGY1Mzk5MmUxYjhmOGEyZWIxNGY0NDEwOWQ0NDUxYzkzZTA5MGYxZGYyIiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 21:44:50 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe989409f156be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1797\u0026min_rtt=1533\u0026rtt_var=763\u0026sent=5\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=3183\u0026delivery_rate=1889106\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=abfe770fef6cdfb1\u0026ts=657\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=6433\u0026min_rtt=4101\u0026rtt_var=3203\u0026sent=11\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=4034\u0026recv_bytes=2750\u0026delivery_rate=144838\u0026cwnd=12000\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=5429\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1824,"size_decoded":20,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"5820854f62a6eb3d38ba7ba0d1b3ea75","sha1":"639df0b84fe699b4a290a713fd6b9a94bd4deb95","sha256":"912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d","sha512":"4452c0a26fa81357f95bf6160c3f5d35ff39f62e03d5faa1e69eb9dfdcb2c83eda4235463ee4065dceb534cc497891a05535467337ad84693e5fa48c317dbbbb","ssdeep":"","tlshash":"f67000020000208008803c0000000a203ae00aa0822a00c0802c00288e08088f08a000","first_seen":"2023-03-13T15:21:35Z","last_seen":"2026-04-03T19:48:03.293619Z","times_seen":88347,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/opsp0dRadphNDnLIumnvNbXMhDMAO8FfmwTpY045131","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.442Z","timestamp":1739216693442,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /opsp0dRadphNDnLIumnvNbXMhDMAO8FfmwTpY045131 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 892\r\ncontent-disposition: inline; filename=\"opsp0dRadphNDnLIumnvNbXMhDMAO8FfmwTpY045131\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=wT6lBGZtyi4W6nCSTS4M4J250V3dJFXmKhPtZhoyBKn2d9ptkUZzaBIR3bYubPT4JFIUMjKeMXmD%2BH%2FaY9JbhUmQ556o%2BMQdouw0jXAZfnFpkq%2BeP1A6fNUw9ZxHrw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98adf92f56be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1974\u0026min_rtt=1256\u0026rtt_var=1907\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=1\u0026sent_bytes=4198\u0026recv_bytes=2191\u0026delivery_rate=443084\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=3353229bf8d35680\u0026ts=586\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=3825\u0026min_rtt=2218\u0026rtt_var=1334\u0026sent=371\u0026recv=63\u0026lost=0\u0026retrans=0\u0026sent_bytes=381768\u0026recv_bytes=27935\u0026delivery_rate=637699\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=9445\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":892,"size_decoded":892,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"41d62ca205d54a78e4298367482b4e2b","sha1":"839aae21ed8ecfc238fdc68b93ccb27431cd5393","sha256":"20a4a780db0bcc047015a0d8037eb4eb58b3e5cb338673799c030a3e1b626b40","sha512":"82b9806490a0db493da16466738437b9bb54b979075db58c89ca0d192d780ddb5ed888e10ce76a53d48d30d5013791cac7ab468d85b61d32766140dd53dc9044","ssdeep":"","tlshash":"a41120296b6053c8e7156bbc60c11f92ebbdb9124712627782c093366b489c6255c2d2","first_seen":"2025-01-27T17:47:42.408008Z","last_seen":"2025-09-19T23:18:03.480147Z","times_seen":36702,"resource_available":false,"data":null}},"time_used":1112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1111,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/ij94MQfmUwRPN6JxSXq7FAFYPyPZu1DD0SukssiYklHH7OdIApNhyc0nBXhgnVRef208","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.449Z","timestamp":1739216693449,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /ij94MQfmUwRPN6JxSXq7FAFYPyPZu1DD0SukssiYklHH7OdIApNhyc0nBXhgnVRef208 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 25216\r\ncontent-disposition: inline; filename=\"ij94MQfmUwRPN6JxSXq7FAFYPyPZu1DD0SukssiYklHH7OdIApNhyc0nBXhgnVRef208\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=EMOKEzlAKxbP4ThetlWH6hNqDYIhV8ZVq8ldoV%2Bir9KR5IjPWXp8LCxx8IVK06mdlxiKnT77jWx8AKArsBke63VWZaTvOvawdsKuDaMdWB4z34Dy4Y8bkJBILvOnHg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98adf93656be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1499\u0026min_rtt=1128\u0026rtt_var=688\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2824\u0026recv_bytes=2216\u0026delivery_rate=2567375\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=f61533af4e0a87f4\u0026ts=315\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=3358\u0026min_rtt=2218\u0026rtt_var=782\u0026sent=353\u0026recv=61\u0026lost=0\u0026retrans=0\u0026sent_bytes=361777\u0026recv_bytes=27845\u0026delivery_rate=42107792\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=9196\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25216,"size_decoded":25216,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f9a795e2270664a7a169c73b6d84a575","sha1":"0fbb60ab27ab88c064eb347d0722c8ed4cf5e8b8","sha256":"d00203b2eea6e418c31baafa949ada5349a9f9b7e99fa003aec7406822693740","sha512":"e17c8d922f52c8ab36d9c0a7dc41d32735cf1680ea653056308c6d23255fdbe40b96c68f0e7f8b3b521b6acb080cd825f94320364b0a70141606a4449d980517","ssdeep":"768:BTwdm3bbEPDrEQT87zOyJ0WsnoU+RBshw:64LQXEN7DJGSRBs","tlshash":"35b2afbf1ad14f30c51a6435a2ef6d51f7cde3186f900ae895b046519b2e9bacf2d80c","first_seen":"2025-01-27T17:47:42.413017Z","last_seen":"2025-09-19T23:18:03.462271Z","times_seen":37027,"resource_available":false,"data":null}},"time_used":1133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":859,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/opkMSbL6M9fLMQXwSXzFYI6d1G9Z4PEw2Yuvp4QGexPrAukiTZuWAlYDSSShzKmKTcd240","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.450Z","timestamp":1739216693450,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /opkMSbL6M9fLMQXwSXzFYI6d1G9Z4PEw2Yuvp4QGexPrAukiTZuWAlYDSSShzKmKTcd240 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9648\r\ncontent-disposition: inline; filename=\"opkMSbL6M9fLMQXwSXzFYI6d1G9Z4PEw2Yuvp4QGexPrAukiTZuWAlYDSSShzKmKTcd240\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Tm6gW3Wq9Z54lpLpYk6%2B6WbrMlDmBhXeyHRyjrPUyoLlzu2vd1RYB53byZO9rDIfuARtzbBeo77KAyAcPQU5n7xGwH8Y9plXNoBte1EEPjTGVTHGMIFAAWpgvuXOBg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98adf93756be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1089\u0026min_rtt=1004\u0026rtt_var=547\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2822\u0026recv_bytes=2218\u0026delivery_rate=1715639\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=452c2237489e9ef3\u0026ts=615\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=3856\u0026min_rtt=2218\u0026rtt_var=862\u0026sent=387\u0026recv=65\u0026lost=0\u0026retrans=0\u0026sent_bytes=399524\u0026recv_bytes=28025\u0026delivery_rate=179842\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=9471\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9648,"size_decoded":9648,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4946eb373b18d178c93d473489673bb6","sha1":"16477acb73b63ca251d37401249e7e4515febd24","sha256":"666bc574c9f3fb28a8ac626fa8105c187c2a313736494a06bd5a937473673c92","sha512":"f684b90b748dc8399f76c5d8f94af6c4e6869143f18d19ce435b25eaa14e9647b120467bdd0795895676dc0cccdeabf82beb2f46ce2c5bf4c58ed9c134f30c48","ssdeep":"192:gwTgBYruFELhYmwd93mjW0l9OsENOLWcXdN4CLrHZfTtjOZgYM5cWjAaP6:gwTgBxaYmo5mS0l9OsuOL3NNVLlfTtjE","tlshash":"4a12af6f53b87b4cece19e3e4c48d73398fde91606176ac54a81a0c8d3988573a5228e","first_seen":"2025-01-27T17:47:42.409718Z","last_seen":"2025-09-19T23:18:03.495565Z","times_seen":37083,"resource_available":false,"data":null}},"time_used":1133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/uvpV7eAJdzSY6Rjf3sopRriUr7pAW6Ug6jTs5012122","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.440Z","timestamp":1739216693440,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /uvpV7eAJdzSY6Rjf3sopRriUr7pAW6Ug6jTs5012122 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 644\r\ncontent-disposition: inline; filename=\"uvpV7eAJdzSY6Rjf3sopRriUr7pAW6Ug6jTs5012122\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=fiTT5fdzaBRCAWTcC%2BxidTWnBy17%2BiJgpynmhxbOh3th8oMYWApAL5zaV5uRFN8yKSy9Y4wOTjcsbUF06pYig1%2FvuRJSoe86QozBtqdzP43VZEdKkcrGlGXN91eDjQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98adf92d56be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=6323\u0026min_rtt=1039\u0026rtt_var=4119\u0026sent=4\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=2191\u0026delivery_rate=2698974\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=215bd788f5acb9d2\u0026ts=629\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=3863\u0026min_rtt=2218\u0026rtt_var=548\u0026sent=401\u0026recv=67\u0026lost=0\u0026retrans=0\u0026sent_bytes=414311\u0026recv_bytes=28115\u0026delivery_rate=6052978\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=9502\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":644,"size_decoded":644,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"541b83c2195088043337e4353b6fd60d","sha1":"f09630596b6713217984785a64f6ea83e91b49c5","sha256":"2658b8874f0d2a12e8726df78ac8954324c3bbe4695e66bdef89195fde64322f","sha512":"b2ae42ba9d3a63d3acb179051b005f2589f147d94f044616ae5dc5705e873f16057c56934262841191263b4c35804ef188bd38cf69cce0f4b2cf76c05f17b8ad","ssdeep":"","tlshash":"f4f00e3613a40b4ce5643ff860d10f03f37c7e22cb17aa66c10082221f049c86c9c2ca","first_seen":"2025-01-27T17:47:42.408787Z","last_seen":"2025-09-19T23:18:03.500571Z","times_seen":37683,"resource_available":false,"data":null}},"time_used":1172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/uvkvw24wtUHFHQPbBtOlDRiEJcph9EHF7k9fVwQjN3RPhomnW6kMlvv9YtGJxK64RlM5KKd78PAZ8gh259","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.451Z","timestamp":1739216693451,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /uvkvw24wtUHFHQPbBtOlDRiEJcph9EHF7k9fVwQjN3RPhomnW6kMlvv9YtGJxK64RlM5KKd78PAZ8gh259 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17842\r\ncontent-disposition: inline; filename=\"uvkvw24wtUHFHQPbBtOlDRiEJcph9EHF7k9fVwQjN3RPhomnW6kMlvv9YtGJxK64RlM5KKd78PAZ8gh259\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=jguVwY%2FVh9uytMcCfvvUIRLkhg9DhggNKLPVvAM3Rx5oWcX5UGMBYZzUniyBLsDEX6fNsozUWlyizaDXtCDjSroThv8e1C6Vo8c3IJIT5GGcd%2BLKnxbPN%2FPZePTIOA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98adf93956be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1165\u0026min_rtt=974\u0026rtt_var=747\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2822\u0026recv_bytes=2230\u0026delivery_rate=1157474\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=b4794861cc9b7b19\u0026ts=610\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=5739\u0026min_rtt=2218\u0026rtt_var=3263\u0026sent=409\u0026recv=71\u0026lost=0\u0026retrans=0\u0026sent_bytes=421744\u0026recv_bytes=28295\u0026delivery_rate=201538\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=9894\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17842,"size_decoded":17842,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4b52ecdc33382c9dca874f551990e704","sha1":"8f3bf8e41cd4cdddb17836b261e73f827b84341b","sha256":"cce050cc3b150c0b370751021bb15018ee2b64ac369e230fe3b571a9b00d4342","sha512":"ac3d3c82bad9147ae5f083ed49c81a744f672ddfbb262135aa3f2c6601f8dffea11d8e323cef025c36d76c6f2515aa6814b622cf504ca01d13346e9ea989048f","ssdeep":"384:EwTZQ74B48VtrMvbt0sAvPTMaf+j5s8OYbqarRbjy5Qg1AR/kf63z/:hTa4B4mtYztAvPTMFhOYb3Rbu571AJa6","tlshash":"6c8218ba77256ca7e25c2bb77afd731b8062d78480681d92740f038aaf3913693901f5","first_seen":"2025-01-27T17:47:42.411749Z","last_seen":"2025-09-19T23:18:03.455649Z","times_seen":36919,"resource_available":false,"data":null}},"time_used":1845,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1554,"receive":291,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/klpIIpMnrpbm72dd9CYFBFlhglfSNVCpEPuruS4bRqrFr4e4TmhcBiIu2wYADcB688wuLSroyz230","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:54.061Z","timestamp":1739216694061,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /klpIIpMnrpbm72dd9CYFBFlhglfSNVCpEPuruS4bRqrFr4e4TmhcBiIu2wYADcB688wuLSroyz230 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1298\r\ncontent-disposition: inline; filename=\"klpIIpMnrpbm72dd9CYFBFlhglfSNVCpEPuruS4bRqrFr4e4TmhcBiIu2wYADcB688wuLSroyz230\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=7OEBI3Cq%2Fprup1BNjClrG2w4MmFFMihh9MoDYRJ3KcnWaqXkrkdAz6rhU7AQyixw9kOCIV6BBxJAf014YBqtXwt5SszIF99kCLf7nontugF1ae6kTKGuJfUsx8ZNvA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98b1eeb356be-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1505\u0026min_rtt=1349\u0026rtt_var=819\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2822\u0026recv_bytes=2225\u0026delivery_rate=1113417\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=cf528d85985d326e\u0026ts=638\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4372\u0026min_rtt=2218\u0026rtt_var=727\u0026sent=461\u0026recv=83\u0026lost=0\u0026retrans=0\u0026sent_bytes=475410\u0026recv_bytes=28837\u0026delivery_rate=766714\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=11526\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1298,"size_decoded":1298,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"32ca2081553e969f9fdd4374134521ad","sha1":"7b09924c4c3d8b6e41fe38363e342da098be4173","sha256":"216fc342a469aa6a005b2eacc24622095e5282d3e9f1ae99ce54c27b92ec3587","sha512":"f75749c6344fcd7bf06872a3678bb2eb4cae2ddc31cc5d1ee73efba843705577841667733a83163af4336ec8a32df93e7a36155bd6282d7bb86159644975948c","ssdeep":"","tlshash":"53210aba23a84b4df0121e3016c04b92b7b5b9329ad693938106cf330f964cd7c6c08e","first_seen":"2025-01-27T17:47:42.419846Z","last_seen":"2025-09-19T23:18:03.501321Z","times_seen":33195,"resource_available":false,"data":null}},"time_used":2559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/121ZJLBMrO1aNDabzIfevo6716","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.435Z","timestamp":1739216693435,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /121ZJLBMrO1aNDabzIfevo6716 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:54 GMT\r\ncontent-type: text/css;charset=UTF-8\r\ncontent-disposition: inline; filename=\"121ZJLBMrO1aNDabzIfevo6716\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ENv%2FjbcUzc76pOtDooHIGGxbet%2FUpRoNgbFe6xTAbOpOWdrZWbaGwbbf0827Lv6zEGYLiyPWFyzeKrr%2FjEj7CSLnpKarFvKsUAVz1VZpZ0lne9AFbl%2BMH6TC3y2Shg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98ade91556be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=2034\u0026min_rtt=1645\u0026rtt_var=1395\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=2167\u0026delivery_rate=608787\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=a40344f29adb991e\u0026ts=608\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=3435\u0026min_rtt=2218\u0026rtt_var=739\u0026sent=366\u0026recv=62\u0026lost=0\u0026retrans=0\u0026sent_bytes=376359\u0026recv_bytes=27890\u0026delivery_rate=59678\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=9221\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6183,"size_decoded":26765,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (26765), with no line terminators","md5":"1a862a89d5633fac83d763886726740d","sha1":"e5ce3aa454c992a13fd406a9647d7afbf831051f","sha256":"5c22fd904edb792331a7307ddf4a790e0d1318924f6d8e7362fa6b55d5ab6fbb","sha512":"3bfab627dc0ebfae1176098c870b4d2747518e7ea91646303276191a4a846d47b2e80bb1ee2fa67271130eccbc8b1152778c99917fc6c63ea45a184bd673bf0d","ssdeep":"768:wC8nBSz2omXX44PL5K9kdY8xbXoEYW+8SX:whnBSz2omXo4PL5K9kdY8xb+Ww","tlshash":"19c2976072003369f127c237b1d26a8e21399592e5b75b7df836b5a8cfe60421b3365f","first_seen":"2025-02-05T01:42:00.41842Z","last_seen":"2025-05-03T07:23:57.60526Z","times_seen":14904,"resource_available":false,"data":null}},"time_used":1173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":897,"receive":276,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"get.geojs.io/v1/ip/geo.json","fqdn":"get.geojs.io","domain":"geojs.io","tld":"io"},"ip":{"addr":"104.26.1.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:56.054Z","timestamp":1739216696054,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geojs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 31 Dec 2024 05:30:37 GMT","end":"Mon, 31 Mar 2025 06:30:13 GMT"},"fingerprint":{"sha1":"55:74:AA:F3:7A:AF:02:8B:48:DB:6E:73:EB:A1:95:20:EC:13:2D:8E","sha256":"F3:11:CA:7B:EA:10:B5:7F:44:4F:CA:98:D8:B9:99:4B:43:38:32:0B:07:11:72:DA:F3:BD:75:B1:00:D9:D8:F8"}}},"request":{"raw":"GET /v1/ip/geo.json HTTP/1.1\r\nHost: get.geojs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://urdw.rbkz7r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:56 GMT\r\ncontent-type: application/json\r\nx-request-id: 4b9c174995b0b2258fc716c67bad0f30-ASH\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ngeojs-backend: ash-01\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=dQex0lYuC2Rvm2cV5suzBvNnCgoQXmmOsAUCNZuCPFVbGBh1%2BjT4OH1agrWTKZe2%2Fwyz9E%2Bod8iCcZhAkV3TBT7cO5A6ozmMexWLOf8ODj9%2B16e7fNK58%2FGtpJfjlg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 90fe98be99140b45-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=3484\u0026min_rtt=3403\u0026rtt_var=876\u0026sent=7\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=3243\u0026recv_bytes=1247\u0026delivery_rate=1266103\u0026cwnd=245\u0026unsent_bytes=0\u0026cid=e0ac601a68485620\u0026ts=144\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":330,"size_decoded":330,"mime_type":"application/json","magic":"troff or preprocessor input, ASCII text, with very long lines (388), with no line terminators","md5":"accc5b46235a3a983e58ed41ab1fcd44","sha1":"d6d7933237424819e78bae1457768463f9c5f4b4","sha256":"8d156808938d27a86d45a081fc20d7d551dfdd4788c5cceacd522c9530fd227d","sha512":"160c6ff729a82084409419cae82f8e87a16effc8be14aa107429f7e30c43fd893a74ebbe9ae21e7f83c48165cbd1db3aa90c9a73e6e64701595533aa0c8b67a2","ssdeep":"","tlshash":"6be0d85fd8a8de1bcc688d5e17341d7f05d8821c40d83e401ef8ea55414f07427f9786","first_seen":"2025-02-10T17:47:32.541036Z","last_seen":"2025-02-11T05:45:08.690649Z","times_seen":64,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":40,"dns":22,"connect":4,"send":0,"wait":134,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Credential=releaseassetproduction%2F20250210%2Fus-east-1%2Fs3%2Faws4_request\u0026X-Amz-Date=20250210T194257Z\u0026X-Amz-Expires=300\u0026X-Amz-Signature=e90a799dfe03cac6ebd6f455c3ef0d9877310d916b06d1867d9c258d1d32214c\u0026X-Amz-SignedHeaders=host\u0026response-content-disposition=attachment%3B%20filename%3Drandexp.min.js\u0026response-content-type=application%2Foctet-stream","fqdn":"objects.githubusercontent.com","domain":"objects.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.109.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.563Z","timestamp":1739216693563,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":"GitHub, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 15 Mar 2024 00:00:00 GMT","end":"Fri, 14 Mar 2025 23:59:59 GMT"},"fingerprint":{"sha1":"97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28","sha256":"09:01:0C:CE:9B:72:21:55:C7:E6:86:B0:77:39:D3:D2:DC:06:05:DE:A1:A4:98:4A:0B:96:5E:18:77:77:26:B5"}}},"request":{"raw":"GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Credential=releaseassetproduction%2F20250210%2Fus-east-1%2Fs3%2Faws4_request\u0026X-Amz-Date=20250210T194257Z\u0026X-Amz-Expires=300\u0026X-Amz-Signature=e90a799dfe03cac6ebd6f455c3ef0d9877310d916b06d1867d9c258d1d32214c\u0026X-Amz-SignedHeaders=host\u0026response-content-disposition=attachment%3B%20filename%3Drandexp.min.js\u0026response-content-type=application%2Foctet-stream HTTP/1.1\r\nHost: objects.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Tue, 07 Dec 2021 16:38:45 GMT\r\netag: \"0x8D9B9A009499A1E\"\r\nserver: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: d91f6eaf-e01e-0032-2f18-13e122000000\r\nx-ms-version: 2023-11-03\r\nx-ms-creation-time: Tue, 17 Aug 2021 14:57:31 GMT\r\nx-ms-blob-content-md5: bCCivoupALwKcRiJOisQcg==\r\nx-ms-lease-status: unlocked\r\nx-ms-lease-state: available\r\nx-ms-blob-type: BlockBlob\r\ncontent-disposition: attachment; filename=randexp.min.js\r\nx-ms-server-encrypted: true\r\nvia: 1.1 varnish, 1.1 varnish\r\nfastly-restarts: 1\r\naccept-ranges: bytes\r\ndate: Mon, 10 Feb 2025 19:44:53 GMT\r\nage: 5712\r\nx-served-by: cache-iad-kiad7000045-IAD, cache-osl6546-OSL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 15362, 1113\r\nx-timer: S1739216694.576588,VS0,VE0\r\ncontent-length: 10245\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10245,"size_decoded":10245,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (10017)","md5":"6c20a2be8ba900bc0a7118893a2b1072","sha1":"ff7766fde1f33882c6e1c481ceed6f6588ea764c","sha256":"b1c42acd0288c435e95e00332476781532ed002cac6f3dcee9110ced30b31500","sha512":"8f80ad8adc44845d24e13d56738a2ca2a73ee6fcdc187542ba4aaebbf8817935d053a2acfb0d425b9cc0c582b5091e1c9fe16b90b3aa682187645067c267fc41","ssdeep":"192:LRSvXVHfVj+WdqfkkoKhUBhMAcT6iuvBiFj0gba6qiG2pPj:LQvXVHXiNkMAcT6i+4mgPj","tlshash":"ce22a58932933026af5391b440bf140af2f69589d45cade8ab29d1e27d7290d46f7f38","first_seen":"2024-05-30T22:56:13Z","last_seen":"2026-04-03T18:49:36.598847Z","times_seen":52166,"resource_available":true,"data":null}},"time_used":409,"timings":{"blocked":9,"dns":1,"connect":2,"send":0,"wait":389,"receive":1,"ssl":4},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/favicon.ico","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:56.821Z","timestamp":1739216696821,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6ImRDL2piZnppck1uVlNUcldvU0YrVkE9PSIsInZhbHVlIjoieHQ5L0JsZDVFV1MxM0pualhHSzlrekE3NzYwVm1Yamg3ZldSSEhZcHFFZ0JVL3c4eWloMFlIbXcyTVBEbmk4d3E2WFgxSjlvU1NydnJQeFpaenNjUFNpMEh3Yy8zSXJDbkNHYW1VRnpwdUpXMm8rR3BxNjd2cjFUTVNJWFpvZ20iLCJtYWMiOiJmNGYwNmViNzIwNTQyMTE2ZTc3NGU5ZWY5ZDI2OGZhM2FhNTQ4NDU5YjZmMDg0OGY1Yzk2MTlkYTc2MmE3NzA3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImkzODdJbnNSQUhqK3VPQjRkUURWMGc9PSIsInZhbHVlIjoiNmVyWGJ3cStuYm9ZRWNRVlJtbThnTXJuNFNKL2M0dm5KNEFTWmtiRklhM2xnc2FkakVlOTBiUFpEZDd6aVdtNitUTXpzMUpMTXcrZWlvb3FxVEJkVFVKRTNlYjFTRjhXRm1UOVkrTzZoVXE2YkZCdDhSanA5NVVwcDlEUHBERFQiLCJtYWMiOiI4ZjU0OWY3N2VjNzNiNGFlYzMxNzJkZTNjZDRjYTU4Yzk4YjFjZWM5ZWY5YzEzYTg1ODc1OTUzYmJlZmUzYzkyIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 10 Feb 2025 19:44:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=wH5uCMnpgMMB%2Fy%2BGJkjlORLrrtLclCwAPQVz0H4xwwQjiNkHYC3UClB43cvjJiMMgUTFMbwqFD%2BHfKKmninWEgMDtArK9arNg7O6U47ry0Hlk30Eje3PMmyAORVyJg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 2646\r\npriority: u=6,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98c32c2656be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=2261\u0026min_rtt=1926\u0026rtt_var=1393\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=2097\u0026delivery_rate=628199\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=067fcb67e7faed5e\u0026ts=607\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4333\u0026min_rtt=2218\u0026rtt_var=623\u0026sent=465\u0026recv=85\u0026lost=0\u0026retrans=0\u0026sent_bytes=477673\u0026recv_bytes=29804\u0026delivery_rate=519560\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=11742\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kiv7nripkncoyudscvjnrdjnsqak1yxjzqj8wfvw9r0kj6tfcehx.vividtrackz.ru/hWKVCJmJGQyKKbgSensaIbhuwJqGUNRHFFOZNJEZDLOBWCVNXBMRFLUXUJNNKIWAWTNTUSUFIZLGCZHLCBMOTZrsUkFLJU3410uwx40","fqdn":"kiv7nripkncoyudscvjnrdjnsqak1yxjzqj8wfvw9r0kj6tfcehx.vividtrackz.ru","domain":"vividtrackz.ru","tld":"ru"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:56.259Z","timestamp":1739216696259,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vividtrackz.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Jan 2025 22:25:39 GMT","end":"Wed, 23 Apr 2025 23:23:13 GMT"},"fingerprint":{"sha1":"66:7D:C2:15:FF:5A:64:58:96:43:59:46:73:0C:E7:3C:96:C1:75:27","sha256":"35:2D:78:F2:FF:2F:BD:0C:96:6F:A8:F7:11:33:C4:B7:A5:38:C4:39:DC:F5:86:F9:F0:7B:97:8F:52:0C:8A:96"}}},"request":{"raw":"POST /hWKVCJmJGQyKKbgSensaIbhuwJqGUNRHFFOZNJEZDLOBWCVNXBMRFLUXUJNNKIWAWTNTUSUFIZLGCZHLCBMOTZrsUkFLJU3410uwx40 HTTP/1.1\r\nHost: kiv7nripkncoyudscvjnrdjnsqak1yxjzqj8wfvw9r0kj6tfcehx.vividtrackz.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nContent-Length: 103\r\nOrigin: https://urdw.rbkz7r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:57 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Origin\r\naccess-control-allow-origin: https://urdw.rbkz7r.com\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=neTSI%2F3D6UkMaTMz5dz2EgYoUbZC6GUcMHiVC%2FbyrDiYQtG83bz0yetz4la6vivrk0c6BVCCN8Bp6NHj%2F%2FRIi4dt9NjunZScfmlC8Phn687vsk%2FrBZzIl2PONr6XWMl4QGwJJqFvnsIWewGKxaBNjGeFG5Tz7uZK0gMYzSXT%2FDYKp3aCX7N7KN9ECQbodAL%2FA14r8I%2Fc\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 90fe98bff8d156c7-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=2012\u0026min_rtt=723\u0026rtt_var=827\u0026sent=7\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=3186\u0026recv_bytes=1387\u0026delivery_rate=2293558\u0026cwnd=244\u0026unsent_bytes=0\u0026cid=e43863c1f81d19d4\u0026ts=769\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":536,"size_decoded":536,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (536), with no line terminators","md5":"b700a2408fff4601b18b91dd7b1adf0f","sha1":"294a42cbff29c06fe6bff0cc3d5d6b93f7fda3dc","sha256":"23731d6f86bfade6b1fd1acf5985785e9e1cb0f155f662cf89464d7a6f2c04b6","sha512":"7f1c6139275ac268dca430a91a35177adfa7e1e46114a3cf084605db02294b3450e6f9ee4de7ad18353483dbcfdbaa20c83c2cdccac7603024797d5fe53779df","ssdeep":"","tlshash":"fdf075afb211b0845a0d8108c05b9f836d804e311b012fa986d8b32d8d8bed240573bb","first_seen":"2025-01-27T23:50:46.76269Z","last_seen":"2026-04-03T17:36:17.512584Z","times_seen":29651,"resource_available":false,"data":null}},"time_used":870,"timings":{"blocked":55,"dns":40,"connect":2,"send":0,"wait":760,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-02-10","alert":"Sinkholed","trigger":"vividtrackz.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css","fqdn":"ok4static.oktacdn.com","domain":"oktacdn.com","tld":"com"},"ip":{"addr":"3.164.240.85","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.447Z","timestamp":1739216693447,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.oktacdn.com","organization":"Okta, Inc."},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 02 Dec 2024 00:00:00 GMT","end":"Fri, 02 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5","sha256":"71:C0:94:09:81:5A:DD:BE:41:D4:27:16:CB:BB:73:BD:A1:E1:22:3A:D2:6C:C1:26:F0:EC:4B:ED:3D:64:26:3B"}}},"request":{"raw":"GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/1.1\r\nHost: ok4static.oktacdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx\r\nlast-modified: Tue, 14 May 2024 21:48:24 GMT\r\nx-amz-meta-sha1sum: 7b5499b46660a0348cc2b22cae927dcc3fda8b20\r\nstrict-transport-security: max-age=315360000; includeSubDomains\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ndate: Wed, 29 Jan 2025 17:13:28 GMT\r\nexpires: Thu, 29 Jan 2026 17:13:28 GMT\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\netag: W/\"0329c939fca7c78756b94fbcd95e322b\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 454b04b563cd5c3b9a4496e3ea346390.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: wmqzMZupJbQs5o5jO-T-q3LWlE_LdUd8eWX9hiUV528KN15RaJNZvQ==\r\nage: 1045885\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":222931,"size_decoded":222931,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":47,"dns":31,"connect":12,"send":0,"wait":39,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/klQ1VLLxlmCyN0H1bJZA12Sf5aAzBd7njDwdYXijdevGCU6B7h61ClQhaEkS3imwx220","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:54.060Z","timestamp":1739216694060,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /klQ1VLLxlmCyN0H1bJZA12Sf5aAzBd7njDwdYXijdevGCU6B7h61ClQhaEkS3imwx220 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:57 GMT\r\ncontent-type: image/svg+xml\r\ncontent-disposition: inline; filename=\"klQ1VLLxlmCyN0H1bJZA12Sf5aAzBd7njDwdYXijdevGCU6B7h61ClQhaEkS3imwx220\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=qS5ZQKrTinURBJQkFN01TnyYDE2%2BYBGXUSiezALZ4ZFlLaHVRYs2%2FHpPM2p3mogM4X788wFtG3h3RGcEP8CnMse3LOjtBYRHkySujDiVaxFchO3ixT9B8W3JSVbDtA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98b1eeb256be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=860\u0026min_rtt=829\u0026rtt_var=374\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2824\u0026recv_bytes=2216\u0026delivery_rate=2674053\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=7e6a48ec364c1e22\u0026ts=635\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4468\u0026min_rtt=2218\u0026rtt_var=737\u0026sent=466\u0026recv=86\u0026lost=0\u0026retrans=0\u0026sent_bytes=478519\u0026recv_bytes=29850\u0026delivery_rate=24043\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=12209\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1864,"size_decoded":1864,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4b5c228b4faba433d06ec569ed855b2d","sha1":"a7d3882b93e332460e7c59510a6a811ef011983f","sha256":"eb19d76cd1fad39abf0f2778991883a5cf9ff560117ce8f7c64124e71471b4ed","sha512":"bb88e91a51d760531b2b8349102a757795c6aa66e94ce7aae8edde47485c07a2ae12428ce2b76804a877fd8bc986ca2469bd6302b9904765b52f1110a87050d9","ssdeep":"","tlshash":"b441df1adb15e532ec05c3aeea74cca9311ab1ed6ce944c57dc6c33fa2605fe4688390","first_seen":"2023-05-02T01:14:44Z","last_seen":"2025-04-06T10:50:06.513586Z","times_seen":21399,"resource_available":false,"data":null}},"time_used":3244,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/abZgyXkFrs9KRRcd28","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.436Z","timestamp":1739216693436,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /abZgyXkFrs9KRRcd28 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:54 GMT\r\ncontent-type: text/css;charset=UTF-8\r\ncontent-disposition: inline; filename=\"abZgyXkFrs9KRRcd28\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=A66L6nPHQzuuhTwEn5HKMA52xZh9LsycCVSdujEMg5RthkhZ%2F0jPb4%2FrS9z9Trq9wbrGItnMgYr33W2r2VGsir5qevmQCUaG0K5r0VXm6OvaZy%2BhEQUGQ13Kpz1qfQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98ade91c56be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=881\u0026min_rtt=830\u0026rtt_var=414\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=2159\u0026delivery_rate=2329847\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=15042c159873c026\u0026ts=607\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=3811\u0026min_rtt=2218\u0026rtt_var=1028\u0026sent=373\u0026recv=64\u0026lost=0\u0026retrans=0\u0026sent_bytes=383546\u0026recv_bytes=27980\u0026delivery_rate=111357\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=9459\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35786,"size_decoded":35786,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with CRLF line terminators","md5":"38501e3fbbbd89b56aa5ba35de1a32fe","sha1":"d9b31981b6f834e8480ba28fbc1cff1be772f589","sha256":"a1ca6b381cb01968851c98512c6e7f6c5309a49f7a16b864813135cbff82a85b","sha512":"1547937aa9b366e76de44933ef48ef60e3d043245e8e3e01c97dfc2981f6b1f61463d9d30992fbcf2ca25fc1b7b32ff808b9789cfb965d74455522fc58e0c08c","ssdeep":"192:hToogIexLQ5WKTCFBwCIZtJ8FtX2+UBRkf1WcrScuH9Ye3YdersR8Q5oqWjfuogF:h0DKAaZtJsOodwuhx5P6mqjDggJkLRn","tlshash":"07f2ac86255066385f3a277bf3ab00aceb6882b347961564b4bcb454cffc6e410d2d9f","first_seen":"2025-01-27T17:47:42.420764Z","last_seen":"2026-01-31T00:55:03.975062Z","times_seen":44016,"resource_available":false,"data":null}},"time_used":1423,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1131,"receive":292,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/ef8gCgFJdVLFtwGwdk5dQd6mX5TlIBxBL6DuvgeeRXXVGiQgUTxkgf78147","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.443Z","timestamp":1739216693443,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /ef8gCgFJdVLFtwGwdk5dQd6mX5TlIBxBL6DuvgeeRXXVGiQgUTxkgf78147 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:54 GMT\r\ncontent-type: image/svg+xml\r\ncontent-disposition: inline; filename=\"ef8gCgFJdVLFtwGwdk5dQd6mX5TlIBxBL6DuvgeeRXXVGiQgUTxkgf78147\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=EMBqv9evaB2q78ALbdfeLY2Cp8xJ8XBdUBorGYw9PNYOt8tb%2FaHdzwaH27i9BEGiB%2BUyGOeB75ppBoBKmk5%2BNCmtjQ5uPOJtBsoZ2bJ%2B09F%2FPeWb3DBeAcUfqyKH8g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98adf93156be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=2247\u0026min_rtt=1568\u0026rtt_var=1946\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=1\u0026sent_bytes=4200\u0026recv_bytes=2207\u0026delivery_rate=406285\u0026cwnd=214\u0026unsent_bytes=0\u0026cid=52493728e4c009d6\u0026ts=568\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=3825\u0026min_rtt=2218\u0026rtt_var=1334\u0026sent=370\u0026recv=63\u0026lost=0\u0026retrans=0\u0026sent_bytes=380713\u0026recv_bytes=27935\u0026delivery_rate=637699\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=9432\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":270,"size_decoded":270,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0c09c5ea7c28d6feb4d124957dde0a0d","sha1":"1b9efde2d8f0e2a3d9d5315117e597c2d622fc5e","sha256":"b3c39d2c15327b7ae68940502a2d7bf457fe521e075e6e671d0340edc58bcb3a","sha512":"01161867b3ca0386b132618e04fa09bd0dea1e14a8445001e0683f7a2689deb555bed1c31ec69813d0542284e281cc629c323cb8f56899de0b027e46f651a5ca","ssdeep":"","tlshash":"f0d02bb56358bd4d812ca1d20bd031612147b08cb6ef6038dbcd04243404c7bbda8f38","first_seen":"2023-05-12T00:56:48Z","last_seen":"2025-04-06T09:35:55.879922Z","times_seen":19857,"resource_available":false,"data":null}},"time_used":1098,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1098,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css","fqdn":"ok4static.oktacdn.com","domain":"oktacdn.com","tld":"com"},"ip":{"addr":"3.164.240.85","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.448Z","timestamp":1739216693448,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.oktacdn.com","organization":"Okta, Inc."},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 02 Dec 2024 00:00:00 GMT","end":"Fri, 02 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5","sha256":"71:C0:94:09:81:5A:DD:BE:41:D4:27:16:CB:BB:73:BD:A1:E1:22:3A:D2:6C:C1:26:F0:EC:4B:ED:3D:64:26:3B"}}},"request":{"raw":"GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/1.1\r\nHost: ok4static.oktacdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx\r\nlast-modified: Thu, 14 Mar 2024 00:03:58 GMT\r\nx-amz-meta-sha1sum: 4301f0d2b729ae22adece657d79eccaa25f429b1\r\nstrict-transport-security: max-age=315360000; includeSubDomains\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ndate: Fri, 31 Jan 2025 02:19:39 GMT\r\nexpires: Sat, 31 Jan 2026 02:19:39 GMT\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\netag: W/\"e0d37a504604ef874bad26435d62011f\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 454b04b563cd5c3b9a4496e3ea346390.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: yyXg8jCNaGeYtwKdV7rJoahzAfjb6BlhscbZkGv8fxBOI_JMnd9_OA==\r\nage: 926714\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10498,"size_decoded":10498,"mime_type":"text/css","magic":"ASCII text, with very long lines (10450)","md5":"e0d37a504604ef874bad26435d62011f","sha1":"4301f0d2b729ae22adece657d79eccaa25f429b1","sha256":"c39ff65e2a102e644eb0bf2e31d2bad3d18f7afb25b3b9ba7a4d46263a711179","sha512":"ef838fd58e0d12596726894ab9418c1fbe31833c187c3323ebfd432970eb1593363513f12114e78e008012cdef15b504d603afe4bb10ae5c47674045acc5221e","ssdeep":"192:x9iW+rIadfLTcaTO5BrwjnwSrQ1kPmqQmMjmtmumobU8:x9KVLbw6jqON","tlshash":"0a22724186196412409b6f13f0dabac27f0a221df52292bffb3d496cddea8561730f39","first_seen":"2024-03-14T18:17:02Z","last_seen":"2026-04-02T17:06:44.933822Z","times_seen":48189,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":42,"dns":32,"connect":10,"send":0,"wait":15,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/yz6roz869gGWmHhCBc9W7nWXxrsfRRmbfvO3Ck3dQiMd2n7h0n1fljs90180","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.445Z","timestamp":1739216693445,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /yz6roz869gGWmHhCBc9W7nWXxrsfRRmbfvO3Ck3dQiMd2n7h0n1fljs90180 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:55 GMT\r\ncontent-type: image/svg+xml\r\ncontent-disposition: inline; filename=\"yz6roz869gGWmHhCBc9W7nWXxrsfRRmbfvO3Ck3dQiMd2n7h0n1fljs90180\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=feVkEKUleRplFxd5KI9l6qG%2BhfubKJELN28F3%2B01poSzByGncL59BLXm%2FubeW%2BVqMLOJyPzwSIFh133LeVWYEQFdgshYiDO4wzpK8U%2BeT7ShHPIQw5%2Bfgi9aQjdAeQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98adf93356be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=720\u0026min_rtt=660\u0026rtt_var=229\u0026sent=4\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=2208\u0026delivery_rate=4197101\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=88512fded125a89a\u0026ts=620\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4364\u0026min_rtt=2218\u0026rtt_var=2842\u0026sent=430\u0026recv=75\u0026lost=0\u0026retrans=0\u0026sent_bytes=444969\u0026recv_bytes=28476\u0026delivery_rate=2213858\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=10332\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2905,"size_decoded":2905,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e924de0d471df54b6280f3dc8b187cb8","sha1":"857f03226070b502a9e06b4249710ec10be4c9e9","sha256":"24ce135a31ce83ac3d62471fcc0e1a82ce6f1533c993ee59ca4e110d5f2fae33","sha512":"cd4e7a7bd510fc76aaa8efe77f8d78db1b4051b7a27ad9d9e23e620d0c51c7f2e2c0446610340040c75b0c82442f92c099d091788a1b783d65e429b141dcb3ee","ssdeep":"","tlshash":"5d51ec770368eede9190e3881b21b21eb3a4896474fb81d08f879d46ec066b7927cd60","first_seen":"2023-05-07T13:54:23Z","last_seen":"2025-04-06T10:50:06.516306Z","times_seen":22460,"resource_available":false,"data":null}},"time_used":1997,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1997,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/rvR5M9IcMBU8KABZSWh3kUFKJILrUgQkN3cbHX8k2v6YCMnZVY5bwehIA25y9y","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:54.045Z","timestamp":1739216694045,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"POST /rvR5M9IcMBU8KABZSWh3kUFKJILrUgQkN3cbHX8k2v6YCMnZVY5bwehIA25y9y HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 55\r\nOrigin: https://urdw.rbkz7r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:56 GMT\r\ncontent-type: application/json\r\ncache-control: no-cache, private\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=bcISxNfpw4sRZUM%2BIoYvpngdwewSGWr0sBpf1ZhmmW9bhjYo6eZ3YBR9rkQsLWLZ3f7flwmvuLluApeJ0TzjTI2p%2BdGaPgjw9k4iVipdgjfdjLAFlZ3Mw9uAN8QAUw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nset-cookie: XSRF-TOKEN=eyJpdiI6ImRDL2piZnppck1uVlNUcldvU0YrVkE9PSIsInZhbHVlIjoieHQ5L0JsZDVFV1MxM0pualhHSzlrekE3NzYwVm1Yamg3ZldSSEhZcHFFZ0JVL3c4eWloMFlIbXcyTVBEbmk4d3E2WFgxSjlvU1NydnJQeFpaenNjUFNpMEh3Yy8zSXJDbkNHYW1VRnpwdUpXMm8rR3BxNjd2cjFUTVNJWFpvZ20iLCJtYWMiOiJmNGYwNmViNzIwNTQyMTE2ZTc3NGU5ZWY5ZDI2OGZhM2FhNTQ4NDU5YjZmMDg0OGY1Yzk2MTlkYTc2MmE3NzA3IiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 21:44:56 GMT; Max-Age=7200; path=/; secure; samesite=none\nlaravel_session=eyJpdiI6ImkzODdJbnNSQUhqK3VPQjRkUURWMGc9PSIsInZhbHVlIjoiNmVyWGJ3cStuYm9ZRWNRVlJtbThnTXJuNFNKL2M0dm5KNEFTWmtiRklhM2xnc2FkakVlOTBiUFpEZDd6aVdtNitUTXpzMUpMTXcrZWlvb3FxVEJkVFVKRTNlYjFTRjhXRm1UOVkrTzZoVXE2YkZCdDhSanA5NVVwcDlEUHBERFQiLCJtYWMiOiI4ZjU0OWY3N2VjNzNiNGFlYzMxNzJkZTNjZDRjYTU4Yzk4YjFjZWM5ZWY5YzEzYTg1ODc1OTUzYmJlZmUzYzkyIiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 21:44:56 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98b1ce7356be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1451\u0026min_rtt=1387\u0026rtt_var=649\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2822\u0026recv_bytes=2377\u0026delivery_rate=1522607\u0026cwnd=248\u0026unsent_bytes=0\u0026cid=b458364fa50dc597\u0026ts=627\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4540\u0026min_rtt=2218\u0026rtt_var=806\u0026sent=457\u0026recv=81\u0026lost=0\u0026retrans=0\u0026sent_bytes=472422\u0026recv_bytes=28747\u0026delivery_rate=1595538\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=11514\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2988,"size_decoded":2988,"mime_type":"application/json","magic":"troff or preprocessor input, ASCII text, with very long lines (3003), with no line terminators","md5":"5dda5db434121a6b11c0223359b361eb","sha1":"81dab784ab46b141d414310d1ae139cac6338785","sha256":"23f355631f3c954254969818bf6dfdad573e8f724f0181caee088c7020164019","sha512":"d4e08533bf8b2790ab53355df7d5efc140a4642f33e34041bb4a824f79a9ee76956d8614ab6350fae64211b8fc106dc8604181ab62132e5f5289323555f2fd34","ssdeep":"","tlshash":"da5192638c4f2c528b389e5326dd45d28c1c17cdace701ec865ffac4856a02f65e61ee","first_seen":"2025-02-09T15:05:40.750021Z","last_seen":"2025-02-28T20:21:15.482118Z","times_seen":376,"resource_available":false,"data":null}},"time_used":2563,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2563,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/rsqUKXguj8t4tADqZXk7HUmwsNgh2fKozBeDAO1oYFhPk6BNoEz8Wef197","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.446Z","timestamp":1739216693446,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /rsqUKXguj8t4tADqZXk7HUmwsNgh2fKozBeDAO1oYFhPk6BNoEz8Wef197 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:54 GMT\r\ncontent-type: image/svg+xml\r\ncontent-disposition: inline; filename=\"rsqUKXguj8t4tADqZXk7HUmwsNgh2fKozBeDAO1oYFhPk6BNoEz8Wef197\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=DxvKSBHQByv7tWaTYBhoE9t%2B3jJi7SRhXCgsPo0pp2GcgozMPAT7QDGFqVHU8HLLUaYKOCGZsushC8IGouLQOCVtdYLZyeFPUtRq8xeIq%2B3JG1gKLi5cVQvn%2B9B4%2Fg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98adf93556be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1998\u0026min_rtt=1141\u0026rtt_var=2142\u0026sent=6\u0026recv=8\u0026lost=0\u0026retrans=1\u0026sent_bytes=4198\u0026recv_bytes=2206\u0026delivery_rate=363453\u0026cwnd=250\u0026unsent_bytes=0\u0026cid=bd0312ffe1b606ac\u0026ts=637\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=3863\u0026min_rtt=2218\u0026rtt_var=548\u0026sent=397\u0026recv=67\u0026lost=0\u0026retrans=0\u0026sent_bytes=410450\u0026recv_bytes=28115\u0026delivery_rate=6052978\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=9494\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":268,"size_decoded":268,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1318aafc1fb9ded0c623e5b9a557e6df","sha1":"0917cdd7633cd1642b02b2b785416ec7e5106dcc","sha256":"d86660a84daa211b121ec9fe0df83d6b945f61b888384391eabc7d6b4e941dc4","sha512":"a81f1cfdc923effa9e7afe6899bbe1114bbc25b197db0a282d366f409507714ecbf7c5ead82c86f62115953f11b80ea96da244e42bfb063b7e5c23e538395d2a","ssdeep":"","tlshash":"05d0c2f0a0a0f54d8308e25a16a4a4b025aa749801ee042ca4a2071a21084efb8e4638","first_seen":"2023-09-01T07:29:56Z","last_seen":"2025-04-05T02:13:18.209121Z","times_seen":19072,"resource_available":false,"data":null}},"time_used":1160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/345JuHAKDvhlwnwM6BSjw6ghI6r1kod0Gl67106","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.452Z","timestamp":1739216693452,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /345JuHAKDvhlwnwM6BSjw6ghI6r1kod0Gl67106 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:55 GMT\r\ncontent-type: application/javascript\r\ncontent-disposition: inline; filename=\"345JuHAKDvhlwnwM6BSjw6ghI6r1kod0Gl67106\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=2wXaY2HOZ2CkhjGk3%2Fofoc1%2BcC0dlr2cRsNsYPvSoIxCcmjLsb6tDk9R6GsxI8xLZbwjNTAA%2F0BqG%2Fq4Q89dMqotvNlYQpe7neOILGDZ2OJzI2YZSsdRdcEje2V3oA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98adf93c56be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=2497\u0026min_rtt=1711\u0026rtt_var=2214\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=1\u0026sent_bytes=4198\u0026recv_bytes=2151\u0026delivery_rate=354207\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=4218bb94c66fbd5d\u0026ts=317\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4997\u0026min_rtt=2218\u0026rtt_var=3103\u0026sent=420\u0026recv=73\u0026lost=0\u0026retrans=0\u0026sent_bytes=434817\u0026recv_bytes=28386\u0026delivery_rate=5436120\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=10062\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":147974,"size_decoded":147974,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":2539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1721,"receive":818,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/img/security/default.png","fqdn":"ok4static.oktacdn.com","domain":"oktacdn.com","tld":"com"},"ip":{"addr":"3.164.240.85","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:54.063Z","timestamp":1739216694063,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.oktacdn.com","organization":"Okta, Inc."},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 02 Dec 2024 00:00:00 GMT","end":"Fri, 02 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5","sha256":"71:C0:94:09:81:5A:DD:BE:41:D4:27:16:CB:BB:73:BD:A1:E1:22:3A:D2:6C:C1:26:F0:EC:4B:ED:3D:64:26:3B"}}},"request":{"raw":"GET /assets/js/sdk/okta-signin-widget/7.18.0/img/security/default.png HTTP/1.1\r\nHost: ok4static.oktacdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 1800\r\ndate: Sun, 09 Feb 2025 18:54:24 GMT\r\nserver: nginx\r\nlast-modified: Tue, 14 May 2024 21:49:26 GMT\r\netag: \"04eeeba5b3538c4524d8e6828ba2c405\"\r\nx-amz-meta-sha1sum: 8db73b75bc7547a90aebd1377852ea3bf7cbc5ea\r\nexpires: Mon, 09 Feb 2026 18:54:24 GMT\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\nstrict-transport-security: max-age=315360000; includeSubDomains\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 454b04b563cd5c3b9a4496e3ea346390.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: 0MEmrwgsbIoBDKJYY7v20J0tnRYDR2NYaHXWBmWB5ymLZoJdYPqREg==\r\nage: 89430\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1800,"size_decoded":1800,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"04eeeba5b3538c4524d8e6828ba2c405","sha1":"8db73b75bc7547a90aebd1377852ea3bf7cbc5ea","sha256":"da75c3f3ce27c081541dfb59edd7e756fefe054a9e0e976356c4b0d3778bb434","sha512":"c5e00c512c3533da77fd403a45b91a9a791a42e487a3466742440a67157e623c45961e414f40c5e1e35aa811ba54b37c4a5106ea73bdc311eb03415a8b117b44","ssdeep":"","tlshash":"1831c98cb95094636245880529fe041b68134dd2e9f0f09d3d4f981314b61fe889f8e7","first_seen":"2023-05-17T19:50:24Z","last_seen":"2026-04-02T03:09:41.425256Z","times_seen":4423,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urdw.rbkz7r.com/ijfSPOR8eueVEfqepWDRs2yzkWUsApPAK29cfXG78163","fqdn":"urdw.rbkz7r.com","domain":"rbkz7r.com","tld":"com"},"ip":{"addr":"172.67.192.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT","date":"2025-02-10T19:44:53.444Z","timestamp":1739216693444,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbkz7r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Jan 2025 05:22:52 GMT","end":"Wed, 16 Apr 2025 06:21:35 GMT"},"fingerprint":{"sha1":"C0:B5:A0:FD:A3:8C:D8:CC:02:B2:15:C6:42:59:A4:EF:7B:D9:6E:7B","sha256":"A0:80:A3:11:3B:C6:3A:49:F7:5D:C9:39:7A:21:3E:C9:14:EE:2E:BE:9C:0D:A4:3D:4A:2B:44:89:D4:BC:9F:D1"}}},"request":{"raw":"GET /ijfSPOR8eueVEfqepWDRs2yzkWUsApPAK29cfXG78163 HTTP/1.1\r\nHost: urdw.rbkz7r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://urdw.rbkz7r.com/uezvphkslajnbpjdqauuew2l7u9h4bervt7ramdf1lte?DCXHUTPJJYIJRUSXXTJFTT\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFTeGJJenFsNTdtNXhJTEFJY3luMGc9PSIsInZhbHVlIjoiRUFITmpoRUlUV0lYYzJDMW9jN2JyaEJDQ3RRMnBtMmJFT3MrSkMyQWt5OGZBNzZUdStodmZOU2p1NXFIRmZLTldkOExGeFpMVjRPdVVieVlEZy9sOGtmSHhmbXMzUWpudnhFckllNnNTY3RhdlcxYmRXTkpRdFczN0VWdVVPaDYiLCJtYWMiOiIyMjUxNWU4YjRiM2JkOTQyNGRmNzZlM2NjNzhmMDk1NjAyMGU4MTc1NzNhYTQwZTllNmY3MDQ0ZGVlNzFlOGU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRqRlJlZmMzZ2FpZTErbGhYK2ZNcmc9PSIsInZhbHVlIjoiOFFGTzV2RlVPMmNoWGtNb3NBZWtUM1lydk9PVDE3L1UxWFVYSUx4RS9OczZqeGVzcHc3ODJsTnNFSE9nUTRpcGtNa0d4OW5HUkx5UlM0ZWhsQTJDSm5VL2xrdyswd0ZpTzZhVE9sQnlEYXIzZFdrL2JKeGNtMEFZSlU1SHdVU0YiLCJtYWMiOiJlODhkMWI1MGUxYzJiYmJhZTAzYzEyZWI4YjNhMTFlMzA4NTU1MWQ1YmExMDFjZTdlZDQwOTdiOTRkN2ZhNjY2IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 10 Feb 2025 19:44:54 GMT\r\ncontent-type: image/svg+xml\r\ncontent-disposition: inline; filename=\"ijfSPOR8eueVEfqepWDRs2yzkWUsApPAK29cfXG78163\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=yoe1bxEudd0woydf7gX9OOCJvetPRvXJ2BjJ%2BwL9Jwwo%2Fo9%2F8fiIgecwco6HbXGfWioAoUeCYZIztdyXEaaQUMcZA%2Fe%2BBdQxuS%2BHj9L2NYDXVa5PMDYnmOyLlgkuLg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 90fe98adf93256be-OSL\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=2310\u0026min_rtt=1855\u0026rtt_var=1605\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2823\u0026recv_bytes=2192\u0026delivery_rate=527024\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=a51a88918c94ab92\u0026ts=652\u0026x=0\", cfL4;desc=\"?proto=QUIC\u0026rtt=4355\u0026min_rtt=2218\u0026rtt_var=1208\u0026sent=403\u0026recv=69\u0026lost=0\u0026retrans=0\u0026sent_bytes=415836\u0026recv_bytes=28205\u0026delivery_rate=613671\u0026cwnd=211200\u0026unsent_bytes=0\u0026cid=7bab2d468a517a97\u0026ts=9625\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7390,"size_decoded":7390,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bca9b46fee32162356ba5b4783e614dc","sha1":"cc09ee862df9bf86e545f9dfdf2fbd4facfa71f5","sha256":"fb48e7087def752683bc9a9fe4035acf2419cebbe8b17a16e5c81699a06f6fec","sha512":"ae7f8bc5b83d440a727e230138a3a633b7d5a73c123ae0db661081a7f4f13fb4155bc55aaac65ca7dfb0d76c619cf21e99e1a56e876253d67fe8a59c2d0a15ec","ssdeep":"192:8dEMK4RwdEdEMK4RwIwm6xiD7x9m9t6EQ3FabrItDWOO6Dcy:8dEMVwudEMVwIwtxiDHmP6lFeItDWOOe","tlshash":"dbe187d532f9e1e85482bbfd6681f17c3e1339fa7a32d99083d65c18dc8a00c45adca2","first_seen":"2023-05-10T21:54:10Z","last_seen":"2025-04-06T10:50:06.515793Z","times_seen":21752,"resource_available":false,"data":null}},"time_used":1293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}}]}