{"report_id":"6a7a31f9-17d4-4bdf-a24c-dfebcf9f7729","version":6,"status":"done","tags":["microsoft","phishing"],"date":"2024-02-27T15:06:29Z","url":{"schema":"http","addr":"sinowaeve.com/work/frme/image/newdocs/files/644/ljo/YWx4QGZsb29ybWF4dXNhLmNvbQ==","fqdn":"sinowaeve.com","domain":"sinowaeve.com","tld":"com"},"ip":{"addr":"188.241.39.200","port":0,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"star.phydraca.com/eridisto/#alx@floormaxusa.com","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"title":"Sign in to your Microsoft account"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T22:57:29Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"aadcdn.msauth.net","ip":{"addr":"13.107.213.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":1421,"first_seen":"2018-11-19 11:50:03","last_seen":"2024-02-27 05:24:59","alert_count":0,"request_count":1,"received_data":1454,"sent_data":491,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.socket.io","ip":{"addr":"143.204.55.70","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2010-04-18","domain_rank":62068,"first_seen":"2015-03-23 23:14:03","last_seen":"2024-02-27 06:53:52","alert_count":0,"request_count":1,"received_data":46488,"sent_data":414,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sinowaeve.com","ip":{"addr":"188.241.39.200","port":0,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"domain_registered":"2023-05-21","domain_rank":0,"first_seen":"2023-11-17 04:47:54","last_seen":"2024-02-27 14:55:50","alert_count":0,"request_count":1,"received_data":257,"sent_data":534,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21 19:28:02","last_seen":"2024-02-27 05:09:20","alert_count":0,"request_count":1,"received_data":31465,"sent_data":411,"comment":"","tags":null,"fingerprints":null},{"fqdn":"star.phydraca.com","ip":{"addr":"172.67.188.118","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2024-02-04","domain_rank":0,"first_seen":"2024-02-07 16:27:01","last_seen":"2024-02-25 01:35:24","alert_count":31,"request_count":29,"received_data":785098,"sent_data":23035,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msftauth.net","ip":{"addr":"152.199.23.37","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":1455,"first_seen":"2018-11-19 11:50:32","last_seen":"2024-02-27 08:20:08","alert_count":0,"request_count":3,"received_data":11097,"sent_data":1499,"comment":"","tags":null,"fingerprints":null},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.17.2.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":0,"first_seen":"2021-10-20 07:02:03","last_seen":"2024-02-27 05:13:35","alert_count":0,"request_count":7,"received_data":419018,"sent_data":3963,"comment":"","tags":null,"fingerprints":null},{"fqdn":"logincdn.msauth.net","ip":{"addr":"13.107.213.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":2330,"first_seen":"2019-04-23 03:13:28","last_seen":"2024-02-27 06:59:39","alert_count":0,"request_count":1,"received_data":987,"sent_data":499,"comment":"","tags":null,"fingerprints":null},{"fqdn":"adfs.heart.org","ip":{"addr":"69.152.183.140","port":443,"asn":7018,"as":"ATT-INTERNET4","country":"United States","country_code":"US"},"domain_registered":"1995-01-12","domain_rank":0,"first_seen":"2016-10-10 20:42:57","last_seen":"2024-02-27 06:54:33","alert_count":1,"request_count":1,"received_data":6905,"sent_data":437,"comment":"","tags":null,"fingerprints":null},{"fqdn":"httpbin.org","ip":{"addr":"3.230.23.0","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2011-06-12","domain_rank":352975,"first_seen":"2013-07-23 00:01:27","last_seen":"2024-02-27 07:00:02","alert_count":1,"request_count":1,"received_data":276,"sent_data":464,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-02-21","alert":"Office365","trigger":"star.phydraca.com/eridisto/","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-02-21","alert":"Office365","trigger":"star.phydraca.com/eridisto/","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"911a15f314acf4b2113a23884509d4a5","sha1":"ce30a83418ddd193600a2849cd2447581389ad61","sha256":"3b4df96b929f22909645e6dcd8ef2683b79f062bdf86ad7eef560622ec5cb48e","sha512":"a40c43b0ecb2d49e1baaafb0c809f9100c32674c0d130cd297a1da14689f7372675d22ea3288d04f6c191c7201ba36aa03c209afb513a6a676b211a786ee33c5","ssdeep":"","tlshash":"55f0a7786d204a3c354d560a2b7eb2a868cf7e02241391193acf5d2e1731fd5c0b9cd0","size":445,"data":"","first_seen":"2024-02-20T14:30:24Z","last_seen":"2024-08-20T09:20:04.713297Z","times_seen":201,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"star.phydraca.com/eridisto/myscr182210.js","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5bb041e7ab1cd8653abfedcc01c52fe0","sha1":"0bed4248cfeceafe907946bff365e30832eb0ddc","sha256":"159631431552fe440f2beeac68015c575ba6af7ebd514cc71ca973698567695c","sha512":"6a2d19da88737f0195a6c9592d0f3fcb52bf771ca7cbcbc063ec561a2ef905a168edb33b43c7f278936c6784d491148d2005bf7fc61a743c0b1b67dd13af6473","ssdeep":"1536:XkMuuOXdKeqA2X25RWKxOig0+xOTH155zFUA:0HuOXdiA2X25RWKxOig0+xOTH1551","tlshash":"f5737c345e44cf70816f578f91969d08413ce68bf740ae8f49a617877288fabf8b3958","size":73793,"data":"","first_seen":"2024-02-20T14:30:24Z","last_seen":"2024-08-20T09:20:04.698639Z","times_seen":201,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4kvgx/0x4AAAAAAARbNTbUwdRvgt_K/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7be149e6f7d4b981ccfaff99defc1080","sha1":"1c5763cc0c2db26d10c4edb7e7b64297e4bd2a90","sha256":"102ae23d2de65a571b2d08b7057128ec33fc99089b224632bca335543649f92f","sha512":"5d306f670dc0160be1d1cdeb3c8d1f44e605b5c22678482a855599fa38d8ac47439270df9efc7ac313fd66003520dde0dc5273696a79dabff5aa330e98b74196","ssdeep":"","tlshash":"9051d8fa99f94241556e9025070f23455935136f0cccb9787f4dc90eafac8af11b1bd6","size":3084,"data":"","first_seen":"2024-08-20T08:47:00.435037Z","last_seen":"2024-08-20T08:47:00.435037Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"star.phydraca.com/eridisto/#alx@floormaxusa.com","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c6914d08e921fd932a0be1be0e1cf4f","sha1":"7621bc83e401bb8675f5783f31e13816791bd37b","sha256":"f2d1c49f53ad2bedbb54b6ad29f17ea493d7da967f7487c7dd1493ffa7cd5bcc","sha512":"e4814ac33cf6c8e3398e83236acfa731ba06168fa13f33e3a11f0cdebb7bbaff01085fe581aac3718a46c4ec29d04cbca6ed7fcf41cfa4131f6c8aec46a15a16","ssdeep":"768:0CFtCHnWW/i+s3hPbBL3eDTeJwKNgQOYfGM10/38nZC5XZzz8FkNcX8xKJ:oHnWai+s3hPbd3eDTeJFgQl11WQ","tlshash":"88032a983196787267ee41e0307ba743732a6e3ae44c8c40d857dc2535bce9ad237f69","size":39035,"data":"","first_seen":"2024-02-27T13:32:11Z","last_seen":"2024-08-20T08:47:57.135607Z","times_seen":1465,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/js/pages-head-top-web.min.js?cb=1709046360000","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1954d0481da7791af7987f636d420ba8","sha1":"4362a037d5c00a8b104447a36c71c235c9eaaa41","sha256":"fe263d6fb4996f7a47af852d2fe3b925dbd1d9be3cdb599c9fb9ad0d60489b78","sha512":"fccbffd37b72e84b361192a2b82eeafcd2174f611945a8f91164f10c6670323f2d352e135feae31a9196700eadf42d978d15347c5d6e20e585104616499fbcfb","ssdeep":"","tlshash":"d7f0282c3d25f9a09d7d356e34bad5bd3da100162500e25389cfac2ce0b3fc84ca54d0","size":604,"data":"","first_seen":"2024-02-08T17:55:30Z","last_seen":"2024-08-20T10:00:15.608509Z","times_seen":1582,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-05T14:43:50.675854Z","times_seen":445348,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/js/pages-head-web.min.js?cb=36","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7868bd3413a2c1f410e1a91a321e1a21","sha1":"f862e452e034c8aba8475cc05ce03f0ed4477323","sha256":"19d579be8fba42faa84899a6cf82bcb80c667eb42f43db16a7d7b0c7fc54ef19","sha512":"0370614f6929d4446457ddb483e1befccd7baaf5ae1810da944c916ab638f0f15fbc587ac7ac7614cc7ed21e1283aea76f65f031765c3e038b59bee63e5412d3","ssdeep":"384:YAoeHpjGZU03GOkgXrUb9Z9WxtwNpAyZWx30trJbLoxiI3K:9ZHpjGZU03GOPXrUb9Z9Wxtw1qarJPoW","tlshash":"f682a5403fb0915d2be72f76762e3090f9b5194a6e80a460d269fc682eb5732f8f1731","size":18368,"data":"","first_seen":"2024-02-08T17:55:30Z","last_seen":"2024-08-20T10:00:15.601621Z","times_seen":1581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.socket.io/4.6.0/socket.io.min.js","fqdn":"cdn.socket.io","domain":"socket.io","tld":"io"},"ip":{"addr":"143.204.55.70","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"80f5b8c6a9eeac15de93e5a112036a06","sha1":"f7174635137d37581b11937fc90e9cb325077bce","sha256":"0401de33701f1cad16ecf952899d23990b6437d0a5b7335524edf6bdfb932542","sha512":"b976a5f02202439d94c6817d037c813fa1945c6bb93762284d97ff61718c5b833402f372562034663a467fdbaa46990de24cb1e356392340e64d034e4ba1b4e4","ssdeep":"384:1ZS0CCnasl8gRR/PoPez+iCMN0Fkiw2Jh4RWdRGhAjbp2ChPL8cYRGv5MRUK6np9:/CCnVl7tUkBxkdRGOfDiY5C5MAn5GY2","tlshash":"1423a488f2a1b06187e37165443f110ba27a746964c9c18cf639d9f19eb8ece7123f79","size":45806,"data":"","first_seen":"2023-04-05T03:09:50Z","last_seen":"2026-04-03T09:57:49.448884Z","times_seen":39623,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/js/pages.min.js?cb=36","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"183084543d3f8bd265a12607453be437","sha1":"43080c73185b72badf05b751589d169a5c20eb9b","sha256":"b2d8c3fa549e7d10c8884bc4f7e5d4a1ccd69146d7ba59cab3beea855da75dd3","sha512":"21fb9d21ff0f4456287c32320d9bda64e705589b0ec3c8c115ff321197d63fe7d43afd810f7d144c0a989f7720124dc0b11ddcb99c201a9dc194f4548b3c0c35","ssdeep":"3072:FlfiXwhZ0ito2zZNMWCww/0nRnAC2k4cSUcU:eghZ0ito2zZNvuUcU","tlshash":"cfa373572fc05a9e27460a7e3273b5b0d4553615f9c10e8e942cad3822e2b17faf64b3","size":102962,"data":"","first_seen":"2024-02-06T07:46:37Z","last_seen":"2024-08-20T10:11:04.738601Z","times_seen":775,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=85c1548dce5e56a9","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"00988276fa1750b8c405b007cf8200c1","sha1":"5f00fe15965c82fce765673b135022ed47d50bb8","sha256":"816e4753815fc20cc22d79ceac9e20f255cb1c6ceb2c54e4c1f060b031c1204f","sha512":"6416fd18af83cea5c6918da8e2336ff15689029dd4b84b958b391a45b103de25a9369f558f5afbc642a01f9f990fbb36656dcc161530bb80b57915d8af323d7c","ssdeep":"3072:T/7HwuDF4jScl5jzwEEtmfj7Zs3qMOwxSn1tp:bFCjeEEt4Ns6SxG13","tlshash":"b40471cc67c1b86615233d38b0273716b0af5d016d7c18deea00b5d42af661e92e66ef","size":180832,"data":"","first_seen":"2024-08-20T08:47:00.426735Z","last_seen":"2024-08-20T08:47:11.57275Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":[{"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-05T14:44:47.000304Z","times_seen":666993,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"write":[{"md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","size":39,"data":"","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-05T14:48:02.551013Z","times_seen":750450,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"cf0706ee92a52e06dafb088277ca629a","sha1":"c0786e004d35f9da6801a3d25bc35e3d5b8ec460","sha256":"216e6ee991c63059d1c16061d80eeeb2169fb38b64bb71b0a842b5056e77fe0b","sha512":"11ced11845de8bf6451eb6fbc36fc36b93b6d5475b340b00770d1246dd13c5590c9ad4f98318dbaca526349452c2277f0f5220c4e3212ded81c649f4af99c3a5","ssdeep":"","tlshash":"c2a012883d05c0742d8045c47ce0d014605620520200dd3882c0101849223885d01100","size":83,"data":"","first_seen":"2024-02-20T14:30:24Z","last_seen":"2024-08-20T09:20:04.714541Z","times_seen":201,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"576a6c3035e1fa6175c5322d61ad8f7a","sha1":"fc611492167aa1ec339a9d2331640884e7d2f392","sha256":"b526a5f62dd85594f51cefdde53f62183c2c69a1baecd76fdc6474f8d1372b2f","sha512":"622127f3f8ac762c62ea2614c69f2753259197041d7b8bff5dc9eb4ee14347b8aea5f134d47be13d39c6d3b903c48bf1bc077738ee25369d954f34640ba1403f","ssdeep":"96:+RiQx4iC63HZr5k9ZBDZU4coP9uhYWWNuCL3D0vF4vQ:+RMGHSxPQhYX3Wb","tlshash":"4391b459e9218924d57bccb623b057b8f84a91034703e31836e6230b4fe3fe94696fc8","size":4250,"data":"","first_seen":"2024-08-20T08:47:00.439626Z","last_seen":"2024-08-20T08:47:00.439626Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"393ab90cc5629fb2d655a905888caca0","sha1":"50de0718461984001d38a3bc699c5bb8572caf67","sha256":"0bf60aaa96d4c6edc371efb1033717488b49df496ed1ad4afb138b0f1bccbf8d","sha512":"f1c48c93c7f63a1ee7ae4fca85b1c0f4f18fec6209751433b4bc2e8a07ea02e63b495168c84d7815010fc849f77fd0b6b68f8aa5fbfc41a009156bc118b93b31","ssdeep":"","tlshash":"5571d060acf3509185cbd30cfbe0ed861be0b1a3919a5a56bb4c874ec7857ec8957f02","size":3573,"data":"","first_seen":"2024-02-27T13:34:16Z","last_seen":"2024-08-20T08:47:57.279782Z","times_seen":2397,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"sinowaeve.com/work/frme/image/newdocs/files/644/ljo/YWx4QGZsb29ybWF4dXNhLmNvbQ==","fqdn":"sinowaeve.com","domain":"sinowaeve.com","tld":"com"},"ip":{"addr":"188.241.39.200","port":0,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-02-27T15:06:02.623446253Z","timestamp":1709046362623,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /work/frme/image/newdocs/files/644/ljo/YWx4QGZsb29ybWF4dXNhLmNvbQ== HTTP/1.1\r\nHost: sinowaeve.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 27 Feb 2024 15:06:02 GMT\r\nServer: Apache\r\nrefresh: 0;url=https://star.phydraca.com/eridisto/#alx@floormaxusa.com\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:03.522Z","timestamp":1709046363522,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 11 Jul 2023 00:00:00 GMT","end":"Sun, 14 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"D2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D","sha256":"B1:CA:3A:23:BA:70:1D:18:3F:EC:99:D7:BE:6D:B2:FD:66:5F:5C:A7:7D:7F:C1:FC:16:D1:FD:89:4B:CC:15:34"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Tue, 27 Feb 2024 15:06:03 GMT\r\nage: 1503982\r\nx-served-by: cache-lga21931-LGA, cache-hel1410023-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 30, 472770\r\nx-timer: S1709046364.588294,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30875,"size_decoded":89501,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-05T14:43:50.675854Z","times_seen":445348,"resource_available":true,"data":null}},"time_used":135,"timings":{"blocked":42,"dns":1,"connect":13,"send":0,"wait":37,"receive":10,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"star.phydraca.com/eridisto/","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-02-27T15:06:04.575184596Z","timestamp":1709046364575,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /eridisto/ HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=T%2B95apiV%2FDHpF4qj9fZejah7I7VA1qt5DRhpQmbhTYU1X5B%2FAwxFsCXygptE0hZeBpFDoZKR5xPFl%2BKZ%2Ffd0cdd8LkIDY9y0vi8sONM%2BuvLlVNubZrLxkj22H226JwbRom52dg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 85c154595ca67131-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":10293,"size_decoded":828,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"a2a2c3dc29692d293c2cf5436b241e8c","sha1":"0d3f01dd87f681862b90f94a8d986e17196ce1e8","sha256":"7d464d2f2c19a0e5d5e140555410873dbc2a6adf80d84f2baf9c6ff29191a68b","sha512":"4f32236c562f6975f8edf08a6455655548cfb767fbaf581bbba71b70412e63a8e43d31bbdab009bb97c67820e892e356b66a6df6bc5b48cbdc53dbcfad5b4eb7","ssdeep":"","tlshash":"7f01f18adc5c8acd56957552659fc3516ce84910c392eb987c5fa3013b91f7dc0f0a70","first_seen":"2024-08-20T08:47:00.402935Z","last_seen":"2024-08-20T08:47:00.402935Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-02-21","alert":"Office365","trigger":"star.phydraca.com/eridisto/","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/fonts/GDSherpa-bold.woff2","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:10.335Z","timestamp":1709046370335,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/fonts/GDSherpa-bold.woff2 HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://star.phydraca.com/eridisto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:10 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 28000\r\nlast-modified: Thu, 24 Aug 2023 19:00:16 GMT\r\netag: \"6d60-603afd6abb000\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nage: 1\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=5iB31VY04w19eZ%2BXnDOrqkUK7eHzzQpspmLjnaVQgZp0H%2BwERIxf%2BUdacm9PNkhwNCQ91LuCbW7zDfkBkrEw3Dn3RHfEI%2BXVDUOnBdDVaNSy9i5t0vQmVg0exLqX\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c154868b4156b9-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28000,"size_decoded":28000,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28000, version 1.66","md5":"a4bca6c95fed0d0c5cc46cf07710dcec","sha1":"73b56e33b82b42921db8702a33efd0f2b2ec9794","sha256":"5a51d246af54d903f67f07f2bd820ce77736f8d08c5f1602db07469d96dbf77f","sha512":"60a058b20fcb4f63d02e89225a49226ccd7758c21d9162d1b2f4b53bba951b1c51d3d74c562029f417d97f1fca93f25fdd2bc0501f215e3c1ef076810b54dd06","ssdeep":"768:NDT1rKvlJOE1AgLlnGj8H58AJUcl5I17ML7FfNHubNIphqb:NDtKvyAhjHeACcl21YL7KNW+","tlshash":"cfc2f1878fd02879a72dfeb80252903197d00de93fea42318d99b70fe683987515e272","first_seen":"2023-04-09T13:59:19Z","last_seen":"2026-04-05T14:15:42.306075Z","times_seen":94608,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/fonts/GDSherpa-bold.woff","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:10.339Z","timestamp":1709046370339,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/fonts/GDSherpa-bold.woff HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://star.phydraca.com/eridisto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:10 GMT\r\ncontent-type: font/woff\r\ncontent-length: 35970\r\nlast-modified: Thu, 24 Aug 2023 19:00:22 GMT\r\netag: \"8c82-603afd7073d80\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=dZHLGKPkp2yCEBzvS9o%2Fld7%2FZ9%2FDbw8ikWXGmw6xs%2F1G2W02w0x%2BKu9WrHRSEyPbUsVsnLM%2FzfslDk54%2FBxDcEq0I6bxnkLgR%2Fy9uf0hLoGZ4IbF7nxZsFRmi4wP\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c154868b4656b9-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35970,"size_decoded":35970,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 35970, version 1.0","md5":"496b7bbde91c7dc7cf9bbabbb3921da8","sha1":"2bd3c406a715ab52dad84c803c55bf4a6e66a924","sha256":"ae40a04f95df12b0c364f26ab691dc0c391d394a28bcdb4aeacfaca325d0a798","sha512":"e02b40fea8f77292b379d7d792d9142b32dfcb887655a2d1781441227dd968589bfc5c00691b92e824f7edb47d11eba325ade67ad08a4af31a3b0ddf4bb8b967","ssdeep":"768:GJiLCleIZlcBvahjeheOQKskmCp9sE9gBkGgvU+7aAXDqWOtU:GJo9IgMKsQzJ9gBkZbuAXDqWV","tlshash":"a4f2d09831594c2aacbd58232b71d9df21e38f61ba42029ba193e4cd9c4714dbb1e47f","first_seen":"2023-05-09T17:48:02Z","last_seen":"2026-04-03T14:38:11.334972Z","times_seen":90449,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/fonts/GDSherpa-regular.woff2","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:10.342Z","timestamp":1709046370342,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/fonts/GDSherpa-regular.woff2 HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://star.phydraca.com/eridisto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:10 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 28584\r\nlast-modified: Thu, 24 Aug 2023 19:00:24 GMT\r\netag: \"6fa8-603afd725c200\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=gzQ5%2F%2FFBgMzkOo6Ep0SzY0jD5uidpnuldR6xzrhe73yL8CeLQ8EPFsg2Bv3fBAj%2BcQ%2FK%2BQ0tippLemS6Ly%2F7k4pshx%2FXwuecq%2FOiijgU0%2FvkTTGUeF6TrJ4teT36\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c154869b4f56b9-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28584,"size_decoded":28584,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28584, version 1.66","md5":"17081510f3a6f2f619ec8c6f244523c7","sha1":"87f34b2a1532c50f2a424c345d03fe028db35635","sha256":"2c7292014e2ef00374aeb63691d9f23159a010455784ee0b274ba7db2bcca956","sha512":"e27976f77797ad93160af35714d733fd9e729a9981d8a6f555807981d08d8175e02692aa5ea6e59cebd33895f5f6a3575692565fdd75667630dab158627a1005","ssdeep":"768:8n53CNftp4NM/2qxGvtAG9fvpWYSTvlj6OIqrd1xUseRc:85SNfQS2ntfxvpWYSTcfMERc","tlshash":"b4d2e0ed44d2c62988f7638902690111f27898ffe52d7db3c19da0b27245d7ea3a8b09","first_seen":"2023-04-09T18:51:15Z","last_seen":"2026-04-05T14:39:52.603638Z","times_seen":100733,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/fonts/GDSherpa-regular.woff","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:10.343Z","timestamp":1709046370343,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/fonts/GDSherpa-regular.woff HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://star.phydraca.com/eridisto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:10 GMT\r\ncontent-type: font/woff\r\ncontent-length: 36696\r\nlast-modified: Thu, 24 Aug 2023 19:00:28 GMT\r\netag: \"8f58-603afd762cb00\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=5Mny6sO5Vu%2Bkr8jvhNcedQ9TufNzeu3suSIz5KT27owVRMhHSjI1fuDNf0X5sxW58imRyaZb3irUa8QTR%2ByfFwZIHJ1TMubJyDv%2BoiYlhI7AKyjQh4TG4v83z8S1\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c154869b5156b9-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36696,"size_decoded":36696,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 36696, version 1.0","md5":"a69e9ab8afdd7486ec0749c551051ff2","sha1":"c34e6aa327b536fb48d1fe03577a47c7ee2231b8","sha256":"fd78a1913db912221b8ead1e62fad47d1ff0a9fa6cd88d3b128a721ad91d2faf","sha512":"9a0e4297282542b8813f9cc85b2ccb09663ce281f64503f9a5284631881da9aacf7649553bf1423d941f01b97e6bc3ba50ab13e55e4b7b61c5aa0a4adf4d390f","ssdeep":"768:lvJo4KciQZYjebVq19lKPtHAQ/l4rj2bqkiHShpeSUOR4OqWOgaU:lhH3rVq1PKP432tSSh4SUORHqWcU","tlshash":"31f2f15d76443e8cf06a245836ad2dd6a423171247138f8709de72bbd14f120f65aaff","first_seen":"2023-05-09T17:48:02Z","last_seen":"2026-04-03T14:38:11.342242Z","times_seen":90380,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/fonts/GDSherpa-vf.woff2","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:10.351Z","timestamp":1709046370351,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/fonts/GDSherpa-vf.woff2 HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://star.phydraca.com/eridisto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:10 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 43596\r\nlast-modified: Thu, 24 Aug 2023 19:00:36 GMT\r\netag: \"aa4c-603afd7dcdd00\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=W1S3%2BVVicQ1%2B6ngNcI0w3tfxadLWXR30j7JvGzPj43G4BDGhRr6mtgebzV8b3RGA0fXC2VTADoJzW%2BNj2vN5N3%2BoeTBL%2F%2Fzbd76TvYVMIffjrz4LvbyT0Ir%2BLMAS\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c154869b5256b9-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43596,"size_decoded":43596,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43596, version 1.0","md5":"2a05e9e5572abc320b2b7ea38a70dcc1","sha1":"d5fa2a856d5632c2469e42436159375117ef3c35","sha256":"3efcb941aaddaf4aea08dab3fb97d3e904aa1b83264e64b4d5bda53bc7c798ec","sha512":"785ab5585b8a9ed762d70578bf13a6a69342441e679698fd946e3616ef5688485f099f3dc472975ef5d9248afaad6da6779813b88aa1db60abe2cc065f47eb5f","ssdeep":"768:b0nfc/3Osy1fo0tBBFF/GGXfN2ZHKTBUwL+BR49qCow3Z3HuvJ5+xXtTgXHk6/:b0fU3OdhFF/xNOoZc49ow3Z3HO+xX1mf","tlshash":"e2130258592578a9eb43bd49f00c6e64c296b3d8f5832b62334a04f0bff651620fe797","first_seen":"2023-04-18T03:10:28Z","last_seen":"2026-04-03T14:38:11.33698Z","times_seen":91843,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/fonts/GDSherpa-vf2.woff2","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:10.362Z","timestamp":1709046370362,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/fonts/GDSherpa-vf2.woff2 HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://star.phydraca.com/eridisto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:10 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 93276\r\nlast-modified: Thu, 24 Aug 2023 19:00:32 GMT\r\netag: \"16c5c-603afd79fd400\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nage: 1\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=%2B5gQK4GHEVJvEjdbLqQBcMJWuHRCm7rsMLe%2B%2FZNg5WbJhRqwHybQLtDdtFKvAt1LJ1OnAtIV1w1%2BrTSHN0WgSSGapBN%2FnCcBFTNdZQC14U60Z4ZEa%2FSxTO1G27un\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c154869b5956b9-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93276,"size_decoded":93276,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 93276, version 1.0","md5":"bcd7983ea5aa57c55f6758b4977983cb","sha1":"ef3a009e205229e07fb0ec8569e669b11c378ef1","sha256":"6528a0bf9a836a53dfd8536e1786ba6831c9d1faa74967126fddf5b2081b858c","sha512":"e868a2702ca3b99e1abbcbd40b1c90b42a9d26086a434f1cbae79dfc072216f2f990fec6265a801bc4f96db0431e8f0b99eb0129b2ee7505b3fdfd9bb9bafe90","ssdeep":"1536:Dy7KSLv+MMqDeeIgDFSxpuQP7ObnKSWBO61LlRzSSAT6YmkSzOu7Be0OB53jIH4I:Dy7JD+net+puI7ObKHVhTSSlYmk4OuWa","tlshash":"d293029c71ec79c19e00616e94c92535f89fdab0f049d3fa9a4ed85b927c369e343b10","first_seen":"2023-05-01T02:20:29Z","last_seen":"2026-04-03T14:38:11.338063Z","times_seen":91677,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/back.png","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.507Z","timestamp":1709046371507,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/back.png HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nCookie: XSRF-TOKEN=eyJpdiI6IkQ4dzUxSWYrSFlTajZCUkppYmFzcXc9PSIsInZhbHVlIjoiM1NER0NXdHBGdjl1Rmx3ZkFTZ0lyRHBua2dJajNzV1BLL2ZVT2lvZUJma2dQU2hLQ1A0VkRqUkZvYS9ZaTVieVlzK3lCODFCTkY3NWo2dEY0SWhMNFhkelE2M0FWUVU3ZXpSMTgrdGh3bWN2LzgwQ29qNjBzc0xmQzlyK1drQ1ciLCJtYWMiOiI1NWQ2ODc0ZTg0YWQwNTgzYzFmMjg4MTNiZjc3ZDY3NDMzYjM3ZTdkOTcyY2E5MGY1ZWQ4ZmY3M2M4YzNjNzNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndVU3FVOTIyM3Joc2xnankrR0pEQVE9PSIsInZhbHVlIjoiOVVINDlvUjNIUitLZWlPdjN2TFRRd01wekZzVEZGbU5IWXExcXNGSytxTERVM1Zva1ZuKy9SMGxDRDBSdFB1Wkg4WlVxdFk4YmJNNnFPcmMwWi9ObGhraVRVcy93bmZPOVE0Ty95ajc2cG1xL3VDcVV4WmVPUzA3Z0Vxbm9OY3UiLCJtYWMiOiIwZGZjOTc5OGNjNzAyNmJkMzBiZDk2NDlmZjNjZmQxODc2MWMzNWFlOGViYTA5MmFjNzU2MzMyZmUyZTI2MzhlIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 231\r\nlast-modified: Sun, 19 Mar 2023 06:20:16 GMT\r\netag: \"e7-5f73acdc5a800\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=hVnuDurmtKOAIStRxtfbzUZtf9ICtSpgG6x5cmA%2BCNeNfpuym89FuGPSLi0rToMB4N7paJp0KFJ0BrD%2BEpz3aCyUKHY8%2FscHVrGymWZkYYxjA9FWc%2FZbuOELwQsQ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c1548ddbde56b9-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":231,"size_decoded":231,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"547988bac5584b4608466d761e16f370","sha1":"c11bb71049702528402a31027f200184910a7e23","sha256":"70e32b2db3f079bb0295a85a0db15ed9e5926294dd947938d6cfa595f5ab18b4","sha512":"c4a76f6e94982d1cc02c2b67523a334e76bfde525c1014d32db9e7eca0fa39a06f291ecfa94c8c6a49d488ea3acf9c10ddf3cad9515562010440863d0f08fba3","ssdeep":"","tlshash":"0cd097e26a88297fc39f223b29051a21ec8a7131a020f10c3812c238a501a285082ee2","first_seen":"2023-07-01T14:36:17Z","last_seen":"2026-03-27T16:17:14.976054Z","times_seen":19421,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/key.png","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.519Z","timestamp":1709046371519,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/key.png HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nCookie: XSRF-TOKEN=eyJpdiI6IkQ4dzUxSWYrSFlTajZCUkppYmFzcXc9PSIsInZhbHVlIjoiM1NER0NXdHBGdjl1Rmx3ZkFTZ0lyRHBua2dJajNzV1BLL2ZVT2lvZUJma2dQU2hLQ1A0VkRqUkZvYS9ZaTVieVlzK3lCODFCTkY3NWo2dEY0SWhMNFhkelE2M0FWUVU3ZXpSMTgrdGh3bWN2LzgwQ29qNjBzc0xmQzlyK1drQ1ciLCJtYWMiOiI1NWQ2ODc0ZTg0YWQwNTgzYzFmMjg4MTNiZjc3ZDY3NDMzYjM3ZTdkOTcyY2E5MGY1ZWQ4ZmY3M2M4YzNjNzNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndVU3FVOTIyM3Joc2xnankrR0pEQVE9PSIsInZhbHVlIjoiOVVINDlvUjNIUitLZWlPdjN2TFRRd01wekZzVEZGbU5IWXExcXNGSytxTERVM1Zva1ZuKy9SMGxDRDBSdFB1Wkg4WlVxdFk4YmJNNnFPcmMwWi9ObGhraVRVcy93bmZPOVE0Ty95ajc2cG1xL3VDcVV4WmVPUzA3Z0Vxbm9OY3UiLCJtYWMiOiIwZGZjOTc5OGNjNzAyNmJkMzBiZDk2NDlmZjNjZmQxODc2MWMzNWFlOGViYTA5MmFjNzU2MzMyZmUyZTI2MzhlIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 727\r\nlast-modified: Sun, 19 Mar 2023 06:20:16 GMT\r\netag: \"2d7-5f73acdc5a800\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=GIUOB8McxihMS2XMZL12tusU4y8uIrEP6rXSUk8%2F%2BEPygP4x3Dk1NSD2S7IKpjYklhIMN3xIKnz2uPhGvaNt1AZf4yaPFWV7Pb0sr6sKMa6mBT7RRES53dpANNF3\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c1548debe656b9-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":727,"size_decoded":727,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"839cb0f55c3d2d5c2f740bda95cb2878","sha1":"93f6fa3a2da8b7184d4b5c5f2065872793370c2e","sha256":"40ecb8832f6a9a8aaa0cc6e1287e867a4fca38433d091d86c6cab1f28fbab652","sha512":"ecbca8ab21bf3302c88f933cfd248cff5553afe152a170f554c27fd67bdc3e7d8ce79e202561fd0658e41820681eb90f74e38fd09390c517afb34d2c1b65a096","ssdeep":"","tlshash":"860115c7471c28edd8791de1d9964a07463df431406923122e26937445375899f756f0","first_seen":"2023-07-01T14:36:17Z","last_seen":"2026-03-26T19:37:03.08631Z","times_seen":19511,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/godaddy-logo.png","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.548Z","timestamp":1709046371548,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/godaddy-logo.png HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nCookie: XSRF-TOKEN=eyJpdiI6IkQ4dzUxSWYrSFlTajZCUkppYmFzcXc9PSIsInZhbHVlIjoiM1NER0NXdHBGdjl1Rmx3ZkFTZ0lyRHBua2dJajNzV1BLL2ZVT2lvZUJma2dQU2hLQ1A0VkRqUkZvYS9ZaTVieVlzK3lCODFCTkY3NWo2dEY0SWhMNFhkelE2M0FWUVU3ZXpSMTgrdGh3bWN2LzgwQ29qNjBzc0xmQzlyK1drQ1ciLCJtYWMiOiI1NWQ2ODc0ZTg0YWQwNTgzYzFmMjg4MTNiZjc3ZDY3NDMzYjM3ZTdkOTcyY2E5MGY1ZWQ4ZmY3M2M4YzNjNzNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndVU3FVOTIyM3Joc2xnankrR0pEQVE9PSIsInZhbHVlIjoiOVVINDlvUjNIUitLZWlPdjN2TFRRd01wekZzVEZGbU5IWXExcXNGSytxTERVM1Zva1ZuKy9SMGxDRDBSdFB1Wkg4WlVxdFk4YmJNNnFPcmMwWi9ObGhraVRVcy93bmZPOVE0Ty95ajc2cG1xL3VDcVV4WmVPUzA3Z0Vxbm9OY3UiLCJtYWMiOiIwZGZjOTc5OGNjNzAyNmJkMzBiZDk2NDlmZjNjZmQxODc2MWMzNWFlOGViYTA5MmFjNzU2MzMyZmUyZTI2MzhlIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 49602\r\nlast-modified: Thu, 24 Aug 2023 04:40:52 GMT\r\netag: \"c1c2-603a3d5377d00\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Mo9KdRqyOuvrBptBGTa0iPXKDKmE42XmyTha4gOPpMQQHje9yVMP7qIh7vBB6EIABu7m9BSsyXPWTpeSlME6RczJMGmOLjJnTuinFy3t2MEBlAHNDe7p3cvGy0Nd\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c1548debfc56b9-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49602,"size_decoded":49602,"mime_type":"image/png","magic":"PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced","md5":"db783743cd246ff4d77f4a3694285989","sha1":"b9466716904457641b7831868b47162d8d378d41","sha256":"5913b1ec0fc58ab2bec576804b9e9b566a584ea3d21a1bf74a7b40051a447fdc","sha512":"e6f36c52996b6bf8b07c7a102def2d555a1d35fa12f1a2016edd8f3c86c33dd3545513b436ab6b4ef1d1cad8a5ca5d352ba587eee605638640b258c3976d9033","ssdeep":"768:eKE36up1D3cLJg7zmjprNBQqJCoklwCeFrpKZ00PIwoftXEsQsV1kZ8IHml446Xe:KqupJ9+aqyqCz+0ALcmDIHnjL2p","tlshash":"3723f111ed16c8604810199e8c72a9f7b9fa7036daed4df4070d866b00d3e1958be9f6","first_seen":"2023-08-31T15:31:22Z","last_seen":"2024-09-19T22:48:49.40105Z","times_seen":19259,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/info","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.150Z","timestamp":1709046371150,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"POST /web6/info HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 34\r\nOrigin: https://star.phydraca.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nCookie: XSRF-TOKEN=eyJpdiI6Im9tT1RXY1JkL1dhWU5JTmRKY1dNYnc9PSIsInZhbHVlIjoid2FwbHFYWXZ1ZmhZM0RZV2lNSXV1ZHV5QW0xOEpkQXZxVjMraERzMlBKMU9MUkw5YURDZTk2OVBHakVGU2l3RndOVmNRQy9wTGhJMVZ0MGlGNndqT2hEdFZUOGV6S3ptck90Yyt6RTFGM3BvS1cvaEpmV3FxbGVhSjNaY3J4enQiLCJtYWMiOiIzOWVjZjIxZDMxNzE3MWJhMDdjMGMwMDJlNjQ4ZGEwNTgwZDcxZWMzMDA3NGRhYWRhNGEyYmNiYTNkZTZmN2UxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlhZE5RbnN4ZmZ6bGRjbEN2RnFaZGc9PSIsInZhbHVlIjoidEpzc0xuZG01UGIzM3FSZUliMEdsNWp3dSs5SjlOQW5RcGpoaWsyMUU0M08rSUhUTUE4bTdCOEJIZEgxYW0zL0JCZkFYdnJ6SHBpZXY1N1I5clA2RnlRcmtkT1RBNTJiZzhtbHNjOG1GWnpGWjlMbHVWMllpd1NTaEdTZTIxRFMiLCJtYWMiOiI2N2RhZWVkN2ZmY2MxOWE0MjgxMjRhMTRkYjc5Yjk4NzBmNTM0MmMyZDc4NDIxZTdhMjU5MWE0N2FiM2U2YzY5IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-cache, private\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Z2sDvskJEXyh9MfcHJTyylQ2vHREwp%2Fp2paeyDiin%2FpA11lwdeG1lwh9TLPvNF7ACO4mytnfrXjeATfnc5%2FKS0q%2BoP3SQskv8RI082Jgnmc8%2FaV56LndvL0rrbH7\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IkQ4dzUxSWYrSFlTajZCUkppYmFzcXc9PSIsInZhbHVlIjoiM1NER0NXdHBGdjl1Rmx3ZkFTZ0lyRHBua2dJajNzV1BLL2ZVT2lvZUJma2dQU2hLQ1A0VkRqUkZvYS9ZaTVieVlzK3lCODFCTkY3NWo2dEY0SWhMNFhkelE2M0FWUVU3ZXpSMTgrdGh3bWN2LzgwQ29qNjBzc0xmQzlyK1drQ1ciLCJtYWMiOiI1NWQ2ODc0ZTg0YWQwNTgzYzFmMjg4MTNiZjc3ZDY3NDMzYjM3ZTdkOTcyY2E5MGY1ZWQ4ZmY3M2M4YzNjNzNlIiwidGFnIjoiIn0%3D; expires=Tue, 27-Feb-2024 17:06:11 GMT; Max-Age=7200; path=/; secure; samesite=none\nlaravel_session=eyJpdiI6IndVU3FVOTIyM3Joc2xnankrR0pEQVE9PSIsInZhbHVlIjoiOVVINDlvUjNIUitLZWlPdjN2TFRRd01wekZzVEZGbU5IWXExcXNGSytxTERVM1Zva1ZuKy9SMGxDRDBSdFB1Wkg4WlVxdFk4YmJNNnFPcmMwWi9ObGhraVRVcy93bmZPOVE0Ty95ajc2cG1xL3VDcVV4WmVPUzA3Z0Vxbm9OY3UiLCJtYWMiOiIwZGZjOTc5OGNjNzAyNmJkMzBiZDk2NDlmZjNjZmQxODc2MWMzNWFlOGViYTA5MmFjNzU2MzMyZmUyZTI2MzhlIiwidGFnIjoiIn0%3D; expires=Tue, 27-Feb-2024 17:06:11 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nserver: cloudflare\r\ncf-ray: 85c1548ba97456b9-OSL\r\ncontent-encoding: br\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35873,"size_decoded":36403,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (309), with CRLF line terminators","md5":"b18e8b9fb6769caab6cfd57f746f42d5","sha1":"9b00f4539253611667c5c0f6b82a5de8bf778f61","sha256":"99f9855d3450e59d19edefb64ec47d15ccd1520d5ee83f2a5c91d3bf876eb361","sha512":"789e2cc5355e132acae1edc2f7472624a182eb7667fa54d14ffe48c6810d8dd7f025fcfc457b2f13e6f9574093962da431b0fee14bae2afaad77447d3788f0b4","ssdeep":"384:/xDHTm/IfGeuGUN4WxrBzmAqvSLfszGSQZU:5LTm/IfG+o4aBKSfsN","tlshash":"eff23f6150d4242b42b381e6ad711b8efea2824bcb4b964632fc9bdb1ff7c0acd47511","first_seen":"2023-11-13T01:09:20Z","last_seen":"2024-08-20T19:50:04.33791Z","times_seen":958,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/godaddy-microsoftlogo.png","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.557Z","timestamp":1709046371557,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/godaddy-microsoftlogo.png HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nCookie: XSRF-TOKEN=eyJpdiI6IkQ4dzUxSWYrSFlTajZCUkppYmFzcXc9PSIsInZhbHVlIjoiM1NER0NXdHBGdjl1Rmx3ZkFTZ0lyRHBua2dJajNzV1BLL2ZVT2lvZUJma2dQU2hLQ1A0VkRqUkZvYS9ZaTVieVlzK3lCODFCTkY3NWo2dEY0SWhMNFhkelE2M0FWUVU3ZXpSMTgrdGh3bWN2LzgwQ29qNjBzc0xmQzlyK1drQ1ciLCJtYWMiOiI1NWQ2ODc0ZTg0YWQwNTgzYzFmMjg4MTNiZjc3ZDY3NDMzYjM3ZTdkOTcyY2E5MGY1ZWQ4ZmY3M2M4YzNjNzNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndVU3FVOTIyM3Joc2xnankrR0pEQVE9PSIsInZhbHVlIjoiOVVINDlvUjNIUitLZWlPdjN2TFRRd01wekZzVEZGbU5IWXExcXNGSytxTERVM1Zva1ZuKy9SMGxDRDBSdFB1Wkg4WlVxdFk4YmJNNnFPcmMwWi9ObGhraVRVcy93bmZPOVE0Ty95ajc2cG1xL3VDcVV4WmVPUzA3Z0Vxbm9OY3UiLCJtYWMiOiIwZGZjOTc5OGNjNzAyNmJkMzBiZDk2NDlmZjNjZmQxODc2MWMzNWFlOGViYTA5MmFjNzU2MzMyZmUyZTI2MzhlIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 70712\r\nlast-modified: Thu, 24 Aug 2023 03:58:16 GMT\r\netag: \"11438-603a33cde0600\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=PP6APud2vwZsPK5w9dxSaPE8ehNaJJs9I2y58eG%2F9ly%2B8Z%2BW1dDaZBiDV5dMEhiyWCDn5%2BUPTSw9hzOOrHWKgGmmNB0liigkPRqi8P%2B3YnEHUCENmXdW08AwML3o\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c1548dfc0c56b9-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":70712,"size_decoded":70712,"mime_type":"image/png","magic":"PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced","md5":"f70ff06d19498d80b130ec78176fd3ff","sha1":"9d8a3b74c5164ff7ae2c7930b6d7b14707b404fc","sha256":"df6dbab5251e56b405e48aaf57d3cd4188f073ffba71131fa6cd26e6742923ae","sha512":"543151693c3751a7e6b1b6a9ea77b83cfd049bc320ee75b666514076f4c0218e9dc23da5e6c932b2b8670aa1be1d4e9a91a889f5c6f0d7b9f9c9fe6694609b31","ssdeep":"768:lBgPNoDCQcgEBtp8Y/fYous0+W/+hVNpTrP19NhgtJ+6qcHaDCzGoSRug:lBgC+Qoju/szW/SNDaJ+6qc6DESR5","tlshash":"fa636faae3705033b0ec262530275b4b41151cbb35aaec4880d3b86f576bfba3d35d66","first_seen":"2023-08-31T15:31:22Z","last_seen":"2026-04-05T07:16:53.798917Z","times_seen":19357,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/officelogo.png","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.603Z","timestamp":1709046371603,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/officelogo.png HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/web6/assets/pages/entoraid.css?cb=1709046364120\r\nCookie: XSRF-TOKEN=eyJpdiI6IkQ4dzUxSWYrSFlTajZCUkppYmFzcXc9PSIsInZhbHVlIjoiM1NER0NXdHBGdjl1Rmx3ZkFTZ0lyRHBua2dJajNzV1BLL2ZVT2lvZUJma2dQU2hLQ1A0VkRqUkZvYS9ZaTVieVlzK3lCODFCTkY3NWo2dEY0SWhMNFhkelE2M0FWUVU3ZXpSMTgrdGh3bWN2LzgwQ29qNjBzc0xmQzlyK1drQ1ciLCJtYWMiOiI1NWQ2ODc0ZTg0YWQwNTgzYzFmMjg4MTNiZjc3ZDY3NDMzYjM3ZTdkOTcyY2E5MGY1ZWQ4ZmY3M2M4YzNjNzNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndVU3FVOTIyM3Joc2xnankrR0pEQVE9PSIsInZhbHVlIjoiOVVINDlvUjNIUitLZWlPdjN2TFRRd01wekZzVEZGbU5IWXExcXNGSytxTERVM1Zva1ZuKy9SMGxDRDBSdFB1Wkg4WlVxdFk4YmJNNnFPcmMwWi9ObGhraVRVcy93bmZPOVE0Ty95ajc2cG1xL3VDcVV4WmVPUzA3Z0Vxbm9OY3UiLCJtYWMiOiIwZGZjOTc5OGNjNzAyNmJkMzBiZDk2NDlmZjNjZmQxODc2MWMzNWFlOGViYTA5MmFjNzU2MzMyZmUyZTI2MzhlIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 1400\r\nlast-modified: Sun, 19 Mar 2023 06:20:16 GMT\r\netag: \"578-5f73acdc5a800\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=LOpBcBdc7hqAmwTbrXHVmVzcZ%2FxN0fSHCSjNACQUn9Pt3UWR%2BnZ9E99vhUYG3OW%2F9ZnhRQfwjzE%2BKf2FESlOno1sajZhVKpZBat6J4ISR6JJ5T5rXDDEoOAKOj2S\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c1548e4c8256b9-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1400,"size_decoded":1400,"mime_type":"image/png","magic":"PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced","md5":"333ee830e5ab72c41dd9126a27b4d878","sha1":"12d8d66ebb3076f3d6069e133c3212f97c8774e1","sha256":"8702292cbc365e9f0488143e2b309b85efe09c61fd2e0a2e21c53735a309313c","sha512":"3413ed624241877c1d44fee23fd37745cb214c12ae73facfafa07b47fa1cb9e5daa3cb7f542564e04075ffe8ba744c962fbdd78f08a643a90c0ec1118c05bbf8","ssdeep":"","tlshash":"7521e964bab8a520130e30a09d305d1ad47f42ec99189e4e71c4e00a334ca094b5d83b","first_seen":"2023-07-01T14:36:17Z","last_seen":"2026-03-26T19:37:03.077896Z","times_seen":17815,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aadcdn.msftauth.net/shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg","fqdn":"aadcdn.msftauth.net","domain":"msftauth.net","tld":"net"},"ip":{"addr":"152.199.23.37","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.523Z","timestamp":1709046371523,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msftauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Fri, 01 Dec 2023 00:00:00 GMT","end":"Sun, 01 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B","sha256":"CA:EA:26:E0:08:53:1A:CF:E2:11:03:C4:9E:16:75:E1:E6:E8:F6:5D:84:D4:EC:7A:69:6B:E9:52:FA:83:33:BC"}}},"request":{"raw":"GET /shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg HTTP/1.1\r\nHost: aadcdn.msftauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\nage: 23440604\r\ncache-control: public, max-age=31536000\r\ncontent-md5: rp+/fadJKxLUo+jgFmYTeQ==\r\ncontent-type: image/svg+xml\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\netag: 0x8DB5C3F4721247A\r\nlast-modified: Wed, 24 May 2023 10:11:44 GMT\r\nserver: ECAcc (ska/F697)\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: cf4cbdca-101e-0042-0c5d-942f4a000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 190\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":190,"size_decoded":270,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"40eb39126300b56bf66c20ee75b54093","sha1":"83678d94097257eb474713dec49e8094f49d2e2a","sha256":"765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4","sha512":"9c9cd1752a404e71772003469550d3b4eff8346a4e47be131bb2b9cb8dd46dbef4863c52a63a9c63989f9abee775cb63c111add7afa9d4dfc7a4d95ae30f9c6e","ssdeep":"","tlshash":"10d05b765358f94cd108859505d4355111d7b08479df4029f7861529b4067d7fd34b5e","first_seen":"2023-04-29T00:14:17Z","last_seen":"2026-04-05T10:46:41.430001Z","times_seen":43475,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":57,"dns":1,"connect":9,"send":0,"wait":11,"receive":1,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/85c15460386e56a9/1709046364593/rsa5t21D8y7ykjk","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-02-27T15:06:11.598712791Z","timestamp":1709046371598,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/i/85c15460386e56a9/1709046364593/rsa5t21D8y7ykjk HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4kvgx/0x4AAAAAAARbNTbUwdRvgt_K/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:05 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\ncf-ray: 85c1546b491756a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":6648,"size_decoded":6648,"mime_type":"image/png","magic":"PNG image data, 82 x 13, 8-bit/color RGB, non-interlaced","md5":"febbb35a44481755b18640e51273fa62","sha1":"9c76f8fb751051afea8bf4a8e2aa415f31f4c421","sha256":"66478cd7199ae3f15b838042b3a50c7739d459eec4fc31769b6be98a891d5606","sha512":"5bde85ba122d80724e893ba5f7c292ba6efb25986c5dc5b287bcde81fdd2fb6aff064d016c209b8db2cf307378f994e328e083f7e1407b4a60b8fda2b2312705","ssdeep":"192:0wJpWtOYeVMVeS0wWhIA3rQyIloKZJ1M+1:0SWtneOQhwWH3rQyIR53","tlshash":"5ad1affb14749d18ec84d7601599cb3ab0e37b26d73070a83ab0a2604d0ca53a963d65","first_seen":"2024-08-20T08:47:00.412211Z","last_seen":"2024-08-20T08:47:00.412211Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg","fqdn":"aadcdn.msftauth.net","domain":"msftauth.net","tld":"net"},"ip":{"addr":"152.199.23.37","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.537Z","timestamp":1709046371537,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msftauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Fri, 01 Dec 2023 00:00:00 GMT","end":"Sun, 01 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B","sha256":"CA:EA:26:E0:08:53:1A:CF:E2:11:03:C4:9E:16:75:E1:E6:E8:F6:5D:84:D4:EC:7A:69:6B:E9:52:FA:83:33:BC"}}},"request":{"raw":"GET /shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg HTTP/1.1\r\nHost: aadcdn.msftauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\nage: 22878263\r\ncache-control: public, max-age=31536000\r\ncontent-md5: XHrPYKKsqlxUvysuxtSE2A==\r\ncontent-type: image/svg+xml\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\netag: 0x8DB5C3F4A98E9BB\r\nlast-modified: Wed, 24 May 2023 10:11:50 GMT\r\nserver: ECAcc (ska/F6F3)\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: 3afb7c4b-e01e-0039-1e7a-99c6de000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 1173\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1173,"size_decoded":2905,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fe87496cc7a44412f7893a72099c120a","sha1":"a0c1458c08a815df63d3cb0406d60be6607ca699","sha256":"55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1","sha512":"e527c6cd2a3d79ca828a9126e8ff7009a540aa764082750d4fa8207c2b8439ca1fdc4459e935d708dc59dcffe55fe45188eb5e266d1b745fca7588501bc0117d","ssdeep":"","tlshash":"3451db770328eede9190e7881b65b20eb7f4896474bb81d08f879c46ec06bb7913cd60","first_seen":"2023-05-04T15:09:09Z","last_seen":"2026-04-04T19:07:31.138704Z","times_seen":89834,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":49,"dns":2,"connect":22,"send":0,"wait":15,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"star.phydraca.com//web6socket/socket.io/?type=User\u0026appnum=1\u0026EIO=4\u0026transport=websocket","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-02-27T15:06:11.612587827Z","timestamp":1709046371612,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET //web6socket/socket.io/?type=User\u0026appnum=1\u0026EIO=4\u0026transport=websocket HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://star.phydraca.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: W7dVF4kB9CrPaTyv503KAw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: XSRF-TOKEN=eyJpdiI6Im9tT1RXY1JkL1dhWU5JTmRKY1dNYnc9PSIsInZhbHVlIjoid2FwbHFYWXZ1ZmhZM0RZV2lNSXV1ZHV5QW0xOEpkQXZxVjMraERzMlBKMU9MUkw5YURDZTk2OVBHakVGU2l3RndOVmNRQy9wTGhJMVZ0MGlGNndqT2hEdFZUOGV6S3ptck90Yyt6RTFGM3BvS1cvaEpmV3FxbGVhSjNaY3J4enQiLCJtYWMiOiIzOWVjZjIxZDMxNzE3MWJhMDdjMGMwMDJlNjQ4ZGEwNTgwZDcxZWMzMDA3NGRhYWRhNGEyYmNiYTNkZTZmN2UxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlhZE5RbnN4ZmZ6bGRjbEN2RnFaZGc9PSIsInZhbHVlIjoidEpzc0xuZG01UGIzM3FSZUliMEdsNWp3dSs5SjlOQW5RcGpoaWsyMUU0M08rSUhUTUE4bTdCOEJIZEgxYW0zL0JCZkFYdnJ6SHBpZXY1N1I5clA2RnlRcmtkT1RBNTJiZzhtbHNjOG1GWnpGWjlMbHVWMllpd1NTaEdTZTIxRFMiLCJtYWMiOiI2N2RhZWVkN2ZmY2MxOWE0MjgxMjRhMTRkYjc5Yjk4NzBmNTM0MmMyZDc4NDIxZTdhMjU5MWE0N2FiM2U2YzY5IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Tue, 27 Feb 2024 15:06:11 GMT\r\nConnection: upgrade\r\nSec-WebSocket-Accept: SrQNOuHmbYSy7gO3CyZ3zZlVudg=\r\nUpgrade: websocket\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=B3d9QFkLuXj1bQAdb%2FydgzsQCB2HwNsJ6V4WLhO9NQUsyVQu4zfqQMZPRlbgURCLOjiXYboHqpowsz%2BjfvQSoQPCiOVmaeL8FeeBSQNLiT10xkH%2BW22IitgooujfDXkHRnj6Zw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 85c1548bcd8a0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"logincdn.msauth.net/shared/1.0/content/images/picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg","fqdn":"logincdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.213.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.546Z","timestamp":1709046371546,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"identitycdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Wed, 17 Jan 2024 06:03:21 GMT","end":"Sat, 11 Jan 2025 06:03:21 GMT"},"fingerprint":{"sha1":"15:1B:3E:26:F4:4A:EE:1C:C2:40:74:BB:BD:AE:20:E4:35:B0:40:40","sha256":"AC:24:E6:88:D8:FE:59:EA:EF:44:D0:B7:70:8D:48:73:51:1F:AA:EF:FA:64:15:B9:CE:26:00:26:35:1A:FA:E1"}}},"request":{"raw":"GET /shared/1.0/content/images/picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg HTTP/1.1\r\nHost: logincdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 212\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 24 May 2023 10:22:52 GMT\r\netag: 0x8DB5C40D4C9EED2\r\nx-ms-request-id: b9175558-b01e-0021-73c3-685faf000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20240227T150611Z-02ycw01bq16qb7uartbb2wycvs00000001p0000000006qy9\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":212,"size_decoded":268,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"59759b80e24a89c8cd029b14700e646d","sha1":"651b1921c99e143d3c242de3faacfb9ad51dbb53","sha256":"b02b5df3ecd59d6cd90c60878683477532cbfc24660028657f290bdc7bc774b5","sha512":"0812da742877dd00a2466911a64458b15b4910b648a5e98a4acf1d99e1220e1f821aaf18bde145df185d5f72f5a4b2114ea264f906135f3d353440f343d52d2e","ssdeep":"","tlshash":"f6d02bf0c2b8f40c8304d61513f874e025fa74c8819d091cf5c0361668449e7bcb93be","first_seen":"2023-08-10T00:42:40Z","last_seen":"2026-04-04T19:07:31.172937Z","times_seen":40607,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":60,"dns":1,"connect":53,"send":0,"wait":24,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.213.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.601Z","timestamp":1709046371601,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Mon, 29 Jan 2024 00:00:00 GMT","end":"Wed, 29 Jan 2025 23:59:59 GMT"},"fingerprint":{"sha1":"EB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47","sha256":"8B:CD:29:8A:2C:57:31:10:4F:88:1A:73:86:C7:58:AC:8C:86:1A:F0:25:A0:7C:6A:23:87:0D:D4:C7:F4:6B:7D"}}},"request":{"raw":"GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 673\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 24 May 2023 10:11:46 GMT\r\netag: 0x8DB5C3F47E260FD\r\nx-ms-request-id: 3edc8eb5-001e-0066-57b6-685db0000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20240227T150611Z-6wc14p3zc15wf9rpgzds54tau400000001dg00000000b0sh\r\nx-fd-int-roxy-purgeid: 4554691\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":673,"size_decoded":1864,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc3d32a696895f78c19df6c717586a5d","sha1":"9191cb156a30a3ed79c44c0a16c95159e8ff689d","sha256":"0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68","sha512":"8d4f38907f3423a86d90575772b292680f7970527d2090fc005f9b096cc81d3f279d59ad76eafca30c3d4bbaf2276bbaa753e2a46a149424cf6f1c319ded5a64","ssdeep":"","tlshash":"4e310059c51d3566ec04c3aceae1d468315e71efa8a581c961849b3f95b0dce0eccb70","first_seen":"2023-04-12T23:20:27Z","last_seen":"2026-04-05T10:57:35.005129Z","times_seen":102176,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":27,"dns":5,"connect":26,"send":0,"wait":21,"receive":2,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adfs.heart.org/adfs/portal/logo/logo.png","fqdn":"adfs.heart.org","domain":"heart.org","tld":"org"},"ip":{"addr":"69.152.183.140","port":443,"asn":7018,"as":"ATT-INTERNET4","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.575Z","timestamp":1709046371575,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adfs.heart.org","organization":"American Heart Association, Inc"},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 May 2023 00:00:00 GMT","end":"Wed, 15 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"11:D1:74:EB:5A:DF:CB:58:DE:8A:EE:06:70:FD:78:6D:A5:F4:22:58","sha256":"60:A8:80:14:75:76:75:09:29:1B:F8:61:40:FF:99:51:43:06:B3:A2:29:F2:71:AE:41:53:0A:CC:48:D6:81:BD"}}},"request":{"raw":"GET /adfs/portal/logo/logo.png HTTP/1.1\r\nHost: adfs.heart.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 6428\r\nContent-Type: image/png\r\nExpires: Thu, 28 Mar 2024 14:06:11 GMT\r\nETag: 3A5EEEA11E1041DB96B81498AB69C050DD045D9E56C69E19BD98430BA752165F\r\nServer: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0\r\nStrict-Transport-Security: max-age = 31536000\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;\r\nDate: Tue, 27 Feb 2024 15:06:11 GMT\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6428,"size_decoded":6428,"mime_type":"image/png","magic":"PNG image data, 260 x 32, 8-bit/color RGBA, non-interlaced","md5":"d3f69be16baf7acef2e7f4dd03729866","sha1":"e11aa0084b93253a24dd3ed57ddde66d27c84d2b","sha256":"3a5eeea11e1041db96b81498ab69c050dd045d9e56c69e19bd98430ba752165f","sha512":"f48f413b3f64f55d17ba538f7000ab233e6c7e6a6390d38810ca4af809ed3643209f0ff2952c466e7d9265f8a9b9d90dc39e946fa6dd8ba9243ec33ea6545de1","ssdeep":"96:yknmWaKUh5wRHLDw0Rch6YKKTlz5AgcYbWpGx2mhRnmU3KHHVSmLPmlPOglLVBvl:yknr/HRchvLl9ArYKpGx2GmvHVrqtbdl","tlshash":"05d13b44afc180015137f50e57d4988bef6371e96a8c998a7c8c8e774f701f18e67176","first_seen":"2023-08-31T15:31:22Z","last_seen":"2024-08-21T07:41:51.655243Z","times_seen":17474,"resource_available":false,"data":null}},"time_used":900,"timings":{"blocked":377,"dns":11,"connect":124,"send":0,"wait":127,"receive":0,"ssl":257},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/eridisto/myscr182210.js","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:03.453Z","timestamp":1709046363453,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /eridisto/myscr182210.js HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:03 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Wed, 07 Feb 2024 12:23:10 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 4472\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=v%2BE1gDBjUYFlkyMsgPH6ArSx5j4kCKP241OBWnWRQPRigYye2NFzQyEWD0gXDvQfJO8oClaIemv5hj8Kr1YE86eml18gnGGO7fEmQpwKo1Nla9jkat4W6BdczHj6zd8w%2BcDE1g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 85c1545b9df456b9-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21396,"size_decoded":73793,"mime_type":"text/javascript","magic":"ASCII text","md5":"5bb041e7ab1cd8653abfedcc01c52fe0","sha1":"0bed4248cfeceafe907946bff365e30832eb0ddc","sha256":"159631431552fe440f2beeac68015c575ba6af7ebd514cc71ca973698567695c","sha512":"6a2d19da88737f0195a6c9592d0f3fcb52bf771ca7cbcbc063ec561a2ef905a168edb33b43c7f278936c6784d491148d2005bf7fc61a743c0b1b67dd13af6473","ssdeep":"1536:XkMuuOXdKeqA2X25RWKxOig0+xOTH155zFUA:0HuOXdiA2X25RWKxOig0+xOTH1551","tlshash":"f5737c345e44cf70816f578f91969d08413ce68bf740ae8f49a617877288fabf8b3958","first_seen":"2024-02-20T14:30:24Z","last_seen":"2024-08-20T09:20:04.698639Z","times_seen":201,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"httpbin.org/ip","fqdn":"httpbin.org","domain":"httpbin.org","tld":"org"},"ip":{"addr":"3.230.23.0","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:14.655Z","timestamp":1709046374655,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"httpbin.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Thu, 21 Sep 2023 00:00:00 GMT","end":"Fri, 18 Oct 2024 23:59:59 GMT"},"fingerprint":{"sha1":"14:0C:C7:A8:EC:FA:7F:9C:9D:D2:B8:7E:C9:B8:93:3A:A1:11:F6:01","sha256":"31:A3:45:E8:53:CE:C8:DA:48:78:03:01:A1:EE:EB:0B:B6:A8:CE:0C:BA:96:95:EA:94:BC:2B:68:42:EA:7F:B5"}}},"request":{"raw":"GET /ip HTTP/1.1\r\nHost: httpbin.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://star.phydraca.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:14 GMT\r\ncontent-type: application/json\r\ncontent-length: 31\r\nserver: gunicorn/19.9.0\r\naccess-control-allow-origin: https://star.phydraca.com\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31,"size_decoded":31,"mime_type":"application/json","magic":"JSON text data","md5":"421fbb31f37428f936586985bd35b7ef","sha1":"df617524b5cf0200e58b7ed3ce98c102fb952ca4","sha256":"f0c09e029405dd8f7f6574163ea5018413c7e621b7a69e6fb2ee223efdc32ddf","sha512":"bfa2aa2f01642f720055b5f031c882bd6098b61f579aa4f0825dc585405209bb868848886f780793c3d008cffaad43a9cca275144a05e8c9d2475fef9f7f4fe8","ssdeep":"","tlshash":"218004150700041144cc415dc305d70117c00c1dc507d0514d7137454514f340500135","first_seen":"2023-04-19T23:45:40Z","last_seen":"2026-04-05T00:38:14.457986Z","times_seen":13953,"resource_available":false,"data":null}},"time_used":698,"timings":{"blocked":300,"dns":1,"connect":94,"send":0,"wait":95,"receive":1,"ssl":200},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/info","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.150Z","timestamp":1709046371150,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"POST /web6/info HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 33\r\nOrigin: https://star.phydraca.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nCookie: XSRF-TOKEN=eyJpdiI6Im9tT1RXY1JkL1dhWU5JTmRKY1dNYnc9PSIsInZhbHVlIjoid2FwbHFYWXZ1ZmhZM0RZV2lNSXV1ZHV5QW0xOEpkQXZxVjMraERzMlBKMU9MUkw5YURDZTk2OVBHakVGU2l3RndOVmNRQy9wTGhJMVZ0MGlGNndqT2hEdFZUOGV6S3ptck90Yyt6RTFGM3BvS1cvaEpmV3FxbGVhSjNaY3J4enQiLCJtYWMiOiIzOWVjZjIxZDMxNzE3MWJhMDdjMGMwMDJlNjQ4ZGEwNTgwZDcxZWMzMDA3NGRhYWRhNGEyYmNiYTNkZTZmN2UxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlhZE5RbnN4ZmZ6bGRjbEN2RnFaZGc9PSIsInZhbHVlIjoidEpzc0xuZG01UGIzM3FSZUliMEdsNWp3dSs5SjlOQW5RcGpoaWsyMUU0M08rSUhUTUE4bTdCOEJIZEgxYW0zL0JCZkFYdnJ6SHBpZXY1N1I5clA2RnlRcmtkT1RBNTJiZzhtbHNjOG1GWnpGWjlMbHVWMllpd1NTaEdTZTIxRFMiLCJtYWMiOiI2N2RhZWVkN2ZmY2MxOWE0MjgxMjRhMTRkYjc5Yjk4NzBmNTM0MmMyZDc4NDIxZTdhMjU5MWE0N2FiM2U2YzY5IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: application/json\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=X5c%2FDSkTd%2FBSrA6paXSA2h4Gu2oENtCi4MbSfrZCp0YkrLEAdsO7LM4IiZOiZG8TZCPfYcoe8wlUPO3fiUjqaDkEaxCzJiVTOmGbMucj%2FWh2cV8ZrDcCVmyMR7Gf\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IjdRRE44SHJzeW83QVlUemdPR2xsY3c9PSIsInZhbHVlIjoidEpxaTEza1U4QVlqY2wrNk9tcXV5NEtITEtEMDVWV005elNLdXJKWlBiRTVGQ21KWE5nUnZVUjM3KzhOeFJyaGVUczdnNlBGU3U0bkUzVmxISE52aGUzNmpDNllHcUIxQ0lWR3lRaVE5SnlBcXAzNjlvczNsSUszeXg2YVhTSmciLCJtYWMiOiIyYmJlMDRjNzgyZTRiYjgzNjcxYzMxNmM0ODE1MWEyZjk2ZjU1MTg0MzBjZmM2MDgyZjNhOWUzMDZiNzhlMDA5IiwidGFnIjoiIn0%3D; expires=Tue, 27-Feb-2024 17:06:11 GMT; Max-Age=7200; path=/; secure; samesite=none\nlaravel_session=eyJpdiI6InJaVUNDTFVkcm4xZ09rWE53UXd5VlE9PSIsInZhbHVlIjoiQmhqMjFDR2tiVCtyTGVYdGRIM29FRWh3ekxQTWJIR01ZV2o1Ni9qRm43QmZBU2dmRnJva1RFNHBmeW1vS3FURXlzUGlBWTFtLzBzOHovZ0FLMlNwbFJkdVZNZ05vdnVnZUR0UEhkODU5TjFJZXYwakJlY2NnTldZdEFKUklrVTQiLCJtYWMiOiJmMDY3ZjZjM2MzZjU1MzkyMzE1NTE5ZjAxZDE3NDIxYTAyMzdjZjI1NmQ3YjhiYTkzNTM4ZmQzMmM1ZjdhN2QyIiwidGFnIjoiIn0%3D; expires=Tue, 27-Feb-2024 17:06:11 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nserver: cloudflare\r\ncf-ray: 85c1548ba97156b9-OSL\r\ncontent-encoding: br\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9565,"size_decoded":91,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"a2f34ca5e0995b045fe450a03081e413","sha1":"a12ecc45a251cfc27c60ebc4083e7b512367e461","sha256":"25d5f415ae93ed1d6d30a42f8615e6c5e0e69756d2aaafaeb3a5df19c7f18b87","sha512":"3c13ca03412794be3be7c914c1173171c7c896ef35ba18693dd21c4f56deb77739726f5429a7ced5517ecd684caf8b53ecbe72db0ae5caac7b98a18606f8d34f","ssdeep":"","tlshash":"9cb0127614c81403b25462c513d1600b751663930616c829c254a5109da63490029015","first_seen":"2023-10-22T15:28:59Z","last_seen":"2025-01-29T01:33:08.00374Z","times_seen":1979,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/a0d8959cb7d0/api.js?render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:03.564Z","timestamp":1709046363564,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/g/a0d8959cb7d0/api.js?render=explicit HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://star.phydraca.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:03 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 85c1545c38c8b52d-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39035,"size_decoded":39035,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (39034)","md5":"2c6914d08e921fd932a0be1be0e1cf4f","sha1":"7621bc83e401bb8675f5783f31e13816791bd37b","sha256":"f2d1c49f53ad2bedbb54b6ad29f17ea493d7da967f7487c7dd1493ffa7cd5bcc","sha512":"e4814ac33cf6c8e3398e83236acfa731ba06168fa13f33e3a11f0cdebb7bbaff01085fe581aac3718a46c4ec29d04cbca6ed7fcf41cfa4131f6c8aec46a15a16","ssdeep":"768:0CFtCHnWW/i+s3hPbBL3eDTeJwKNgQOYfGM10/38nZC5XZzz8FkNcX8xKJ:oHnWai+s3hPbd3eDTeJFgQl11WQ","tlshash":"88032a983196787267ee41e0307ba743732a6e3ae44c8c40d857dc2535bce9ad237f69","first_seen":"2024-02-27T13:32:11Z","last_seen":"2024-08-20T08:47:57.135607Z","times_seen":1465,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4kvgx/0x4AAAAAAARbNTbUwdRvgt_K/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:04.193Z","timestamp":1709046364193,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4kvgx/0x4AAAAAAARbNTbUwdRvgt_K/auto/normal HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ncontent-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndocument-policy: js-profiling\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver: cloudflare\r\ncf-ray: 85c15460386e56a9-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":74897,"size_decoded":74897,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (40811)","md5":"f2d130b03aaa1d11c9c60713c5592af4","sha1":"b239541e0661adea9a76ebc73ae60920678b9180","sha256":"784d341d83182583f6aba643fb7e7b6ab62cf77cb3ebd77814d9de46e9bea6b7","sha512":"b108f3e00f5d00572bec57ec444bc6fafc4995c467a46a1223120860a3fa5e904f39f29471b7bd6ec5885c726898b9a1893f52def17b05f17881c4c9baa87bf2","ssdeep":"1536:3aJfcyI6+2ecnfIedWeOnCgw1EkWCziqRW4a4YYPqi1Pt2MYE1lDaHy7YYXYVtty:ofTmG9pkrw6EfD97YYXYjtgMkCOsU1yc","tlshash":"4273f7d9cebc2d19ab029729b0ce51e3632d63471516e599b4cca280cfed14e26f0f79","first_seen":"2024-08-20T08:47:00.419879Z","last_seen":"2024-08-20T08:47:00.419879Z","times_seen":1,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/cloudfavicon.ico","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:10.656Z","timestamp":1709046370656,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/cloudfavicon.ico HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:10 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\nlast-modified: Wed, 16 Aug 2023 06:22:46 GMT\r\netag: W/\"86be-6030452e8b980\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=ePCEWfPSNpvig8302KfiEMMDEIqE2YwyNqD6quqWmdH5L%2FAwz%2FbRk5VDPFtziCX92J9jiStzmgIs4aprxkEQwaIlRl3ORd7B5i2XS6L%2F%2FpY1wbo3EUbK3AF1%2BuHU\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 82\r\nserver: cloudflare\r\ncf-ray: 85c154889df656b9-OSL\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34494,"size_decoded":34494,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"88415acda09a4cbd9d87543c3ba78180","sha1":"2dec4705e9ab399efdc6eef36e079aa31d1df8d9","sha256":"20cccc47c1bac9d2ef36b6a1c58af58c5c169ad5ca084080f0392b86f949641c","sha512":"77d0d7e0c85a1cad6a22372f2d3904c0842628ce7f1adac9a2a0cbf3b566ce8148527b0e7ede2bb068f5d005917b3f95c2a25d031d0d4d7a6a5a117cefa83b24","ssdeep":"96:4KOr5hOo0Qhk2fAewTq/iwa2R7Qz8pz4DopTPGFsbN:qbl626uRg8pvF","tlshash":"e3f2e7886a03cca8b5877be0cd3795fd031f6c2ad86418df216b7d49bb79f12a055e12","first_seen":"2023-05-08T14:11:31Z","last_seen":"2026-03-23T01:13:31.606707Z","times_seen":39976,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg","fqdn":"aadcdn.msftauth.net","domain":"msftauth.net","tld":"net"},"ip":{"addr":"152.199.23.37","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.535Z","timestamp":1709046371535,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msftauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Fri, 01 Dec 2023 00:00:00 GMT","end":"Sun, 01 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B","sha256":"CA:EA:26:E0:08:53:1A:CF:E2:11:03:C4:9E:16:75:E1:E6:E8:F6:5D:84:D4:EC:7A:69:6B:E9:52:FA:83:33:BC"}}},"request":{"raw":"GET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1\r\nHost: aadcdn.msftauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\nage: 23447068\r\ncache-control: public, max-age=31536000\r\ncontent-md5: nTculR1Fom7eLci0F6rk+A==\r\ncontent-type: image/svg+xml\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\netag: 0x8DB5C3F4ADC079A\r\nlast-modified: Wed, 24 May 2023 10:11:51 GMT\r\nserver: ECAcc (ska/F7B6)\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: 9d35d246-701e-009b-604e-944da7000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 2407\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7390,"size_decoded":7390,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bca9b46fee32162356ba5b4783e614dc","sha1":"cc09ee862df9bf86e545f9dfdf2fbd4facfa71f5","sha256":"fb48e7087def752683bc9a9fe4035acf2419cebbe8b17a16e5c81699a06f6fec","sha512":"ae7f8bc5b83d440a727e230138a3a633b7d5a73c123ae0db661081a7f4f13fb4155bc55aaac65ca7dfb0d76c619cf21e99e1a56e876253d67fe8a59c2d0a15ec","ssdeep":"192:8dEMK4RwdEdEMK4RwIwm6xiD7x9m9t6EQ3FabrItDWOO6Dcy:8dEMVwudEMVwIwtxiDHmP6lFeItDWOOe","tlshash":"dbe187d532f9e1e85482bbfd6681f17c3e1339fa7a32d99083d65c18dc8a00c45adca2","first_seen":"2023-05-10T21:54:10Z","last_seen":"2025-04-06T10:50:06.515793Z","times_seen":21752,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":48,"dns":3,"connect":22,"send":0,"wait":13,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"star.phydraca.com/eridisto/","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-02-27T15:06:03.082Z","timestamp":1709046363082,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /eridisto/ HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=T%2B95apiV%2FDHpF4qj9fZejah7I7VA1qt5DRhpQmbhTYU1X5B%2FAwxFsCXygptE0hZeBpFDoZKR5xPFl%2BKZ%2Ffd0cdd8LkIDY9y0vi8sONM%2BuvLlVNubZrLxkj22H226JwbRom52dg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 85c154595ca67131-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":828,"size_decoded":828,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (900), with no line terminators","md5":"b5ed02823c2a7a03b491aa756a7f0a8f","sha1":"7d81445dc269e7b575ce45f3dad12aa3287defb0","sha256":"3ea937b5a29fe8b99d55b25cfb3f4d4303f0e3303a312fb4aa7fac6968efa96a","sha512":"3d83b583af4c90791e3bc55a5cc3a7f96613fbf3faa890d2fe6e44bb5560ee415be0811336aef678533d55703bc5ffcd141bc352e2f59355d3ab043db3f182ad","ssdeep":"","tlshash":"42117a9e4e48fdf8ce8c60155c9f8d5f1854094782d1ea582d5fe408c8eff6a0090770","first_seen":"2024-08-20T08:47:00.422415Z","last_seen":"2024-08-20T08:47:00.422415Z","times_seen":1,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":13,"dns":0,"connect":1,"send":0,"wait":183,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-02-21","alert":"Office365","trigger":"star.phydraca.com/eridisto/","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/cloudfavicon.ico","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:03.839Z","timestamp":1709046363839,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/cloudfavicon.ico HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:03 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\nlast-modified: Wed, 16 Aug 2023 06:22:46 GMT\r\netag: W/\"86be-6030452e8b980\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=ePCEWfPSNpvig8302KfiEMMDEIqE2YwyNqD6quqWmdH5L%2FAwz%2FbRk5VDPFtziCX92J9jiStzmgIs4aprxkEQwaIlRl3ORd7B5i2XS6L%2F%2FpY1wbo3EUbK3AF1%2BuHU\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 75\r\nserver: cloudflare\r\ncf-ray: 85c1545df8bd56b9-OSL\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34494,"size_decoded":34494,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"88415acda09a4cbd9d87543c3ba78180","sha1":"2dec4705e9ab399efdc6eef36e079aa31d1df8d9","sha256":"20cccc47c1bac9d2ef36b6a1c58af58c5c169ad5ca084080f0392b86f949641c","sha512":"77d0d7e0c85a1cad6a22372f2d3904c0842628ce7f1adac9a2a0cbf3b566ce8148527b0e7ede2bb068f5d005917b3f95c2a25d031d0d4d7a6a5a117cefa83b24","ssdeep":"96:4KOr5hOo0Qhk2fAewTq/iwa2R7Qz8pz4DopTPGFsbN:qbl626uRg8pvF","tlshash":"e3f2e7886a03cca8b5877be0cd3795fd031f6c2ad86418df216b7d49bb79f12a055e12","first_seen":"2023-05-08T14:11:31Z","last_seen":"2026-03-23T01:13:31.606707Z","times_seen":39976,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/js/pages-head-web.min.js?cb=36","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:04.127Z","timestamp":1709046364127,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/js/pages-head-web.min.js?cb=36 HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:04 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Thu, 08 Feb 2024 16:23:02 GMT\r\netag: W/\"47c0-610e139b34580-gzip\"\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nage: 120\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=hz9r7py3NJHvulYfU28vwbk7lS%2FYvLKGs%2F3blbnovXQsDY0nXl6XILLYRQblHf4LyxcihlihQq6WQTn0w5POGVeDBGzSoXVtHNeN3u8v%2BJxJydWzLCISfygZ03K2\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\ncf-ray: 85c1545fca9456b9-OSL\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18368,"size_decoded":18368,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (18368), with no line terminators","md5":"7868bd3413a2c1f410e1a91a321e1a21","sha1":"f862e452e034c8aba8475cc05ce03f0ed4477323","sha256":"19d579be8fba42faa84899a6cf82bcb80c667eb42f43db16a7d7b0c7fc54ef19","sha512":"0370614f6929d4446457ddb483e1befccd7baaf5ae1810da944c916ab638f0f15fbc587ac7ac7614cc7ed21e1283aea76f65f031765c3e038b59bee63e5412d3","ssdeep":"384:YAoeHpjGZU03GOkgXrUb9Z9WxtwNpAyZWx30trJbLoxiI3K:9ZHpjGZU03GOPXrUb9Z9Wxtw1qarJPoW","tlshash":"f682a5403fb0915d2be72f76762e3090f9b5194a6e80a460d269fc682eb5732f8f1731","first_seen":"2024-02-08T17:55:30Z","last_seen":"2024-08-20T10:00:15.601621Z","times_seen":1581,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/godaddy-left.png","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.550Z","timestamp":1709046371550,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/godaddy-left.png HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nCookie: XSRF-TOKEN=eyJpdiI6IkQ4dzUxSWYrSFlTajZCUkppYmFzcXc9PSIsInZhbHVlIjoiM1NER0NXdHBGdjl1Rmx3ZkFTZ0lyRHBua2dJajNzV1BLL2ZVT2lvZUJma2dQU2hLQ1A0VkRqUkZvYS9ZaTVieVlzK3lCODFCTkY3NWo2dEY0SWhMNFhkelE2M0FWUVU3ZXpSMTgrdGh3bWN2LzgwQ29qNjBzc0xmQzlyK1drQ1ciLCJtYWMiOiI1NWQ2ODc0ZTg0YWQwNTgzYzFmMjg4MTNiZjc3ZDY3NDMzYjM3ZTdkOTcyY2E5MGY1ZWQ4ZmY3M2M4YzNjNzNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndVU3FVOTIyM3Joc2xnankrR0pEQVE9PSIsInZhbHVlIjoiOVVINDlvUjNIUitLZWlPdjN2TFRRd01wekZzVEZGbU5IWXExcXNGSytxTERVM1Zva1ZuKy9SMGxDRDBSdFB1Wkg4WlVxdFk4YmJNNnFPcmMwWi9ObGhraVRVcy93bmZPOVE0Ty95ajc2cG1xL3VDcVV4WmVPUzA3Z0Vxbm9OY3UiLCJtYWMiOiIwZGZjOTc5OGNjNzAyNmJkMzBiZDk2NDlmZjNjZmQxODc2MWMzNWFlOGViYTA5MmFjNzU2MzMyZmUyZTI2MzhlIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 29796\r\nlast-modified: Thu, 24 Aug 2023 05:10:06 GMT\r\netag: \"7464-603a43dc36780\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=S3IhX7I9kJQxRMME5S7r3IpJJzybAZpZ%2BXulizGqCa6hJ2CwZ4CDjORaqJM7dCVJMoeNQ7KjR3zu0pNjtOhA5q7xQqz%2B%2FSuMwPdkxPrg%2FgCSx10jkJBMRKkn4ThL\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 85c1548dfc0456b9-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29796,"size_decoded":29796,"mime_type":"image/png","magic":"PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced","md5":"210433a8774859368f3a7b86d125a2a7","sha1":"408bacddc39f12cad285579c102fe4a629862d88","sha256":"9c6addfc339ce1c1d262290ab4cc2de8d38d4b54b11a8e85afd44fbb0acc2561","sha512":"6cbf6492bba0734ece1b595743b7a251d3c98425a36d5bf87ebfad17be979a23adee556fb074ef6d284052f6412aceda4e179fb7dfa0ba1103610cc01113a1a3","ssdeep":"768:uEV6Q9wDBC1MNazNsMYCUPwRGMSU6Ub1W:uKpiOZ7YCpRRXk","tlshash":"5ed2f15b83d84025e529abd165032d22c383fd70329224625e75f9b4f2fe4dcc7e5b25","first_seen":"2023-08-31T15:31:22Z","last_seen":"2025-02-06T19:33:12.284439Z","times_seen":22277,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/js/pages.min.js?cb=36","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.585Z","timestamp":1709046371585,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/js/pages.min.js?cb=36 HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nCookie: XSRF-TOKEN=eyJpdiI6IkQ4dzUxSWYrSFlTajZCUkppYmFzcXc9PSIsInZhbHVlIjoiM1NER0NXdHBGdjl1Rmx3ZkFTZ0lyRHBua2dJajNzV1BLL2ZVT2lvZUJma2dQU2hLQ1A0VkRqUkZvYS9ZaTVieVlzK3lCODFCTkY3NWo2dEY0SWhMNFhkelE2M0FWUVU3ZXpSMTgrdGh3bWN2LzgwQ29qNjBzc0xmQzlyK1drQ1ciLCJtYWMiOiI1NWQ2ODc0ZTg0YWQwNTgzYzFmMjg4MTNiZjc3ZDY3NDMzYjM3ZTdkOTcyY2E5MGY1ZWQ4ZmY3M2M4YzNjNzNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndVU3FVOTIyM3Joc2xnankrR0pEQVE9PSIsInZhbHVlIjoiOVVINDlvUjNIUitLZWlPdjN2TFRRd01wekZzVEZGbU5IWXExcXNGSytxTERVM1Zva1ZuKy9SMGxDRDBSdFB1Wkg4WlVxdFk4YmJNNnFPcmMwWi9ObGhraVRVcy93bmZPOVE0Ty95ajc2cG1xL3VDcVV4WmVPUzA3Z0Vxbm9OY3UiLCJtYWMiOiIwZGZjOTc5OGNjNzAyNmJkMzBiZDk2NDlmZjNjZmQxODc2MWMzNWFlOGViYTA5MmFjNzU2MzMyZmUyZTI2MzhlIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Thu, 01 Feb 2024 01:31:52 GMT\r\netag: W/\"19232-61047f5c03200-gzip\"\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nage: 1\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=ceVS49kbLLgcVZoTmQzPtt8SxCX%2B%2FVV%2BaHuh2w4dUEnC5DNN7fo5We%2FKhHbWSH52UZnx3LzJHiDpAx0RjycGoiPdwL1BZVJXzRDFfiB%2BpRYMdyb8M93XSLkewmn7\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\ncf-ray: 85c1548e0c2b56b9-OSL\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102962,"size_decoded":102962,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4kvgx/0x4AAAAAAARbNTbUwdRvgt_K/auto/normal","date":"2024-02-27T15:06:11.910Z","timestamp":1709046371910,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4kvgx/0x4AAAAAAARbNTbUwdRvgt_K/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: image/png\r\ncache-control: max-age=2629800, public\r\nserver: cloudflare\r\ncf-ray: 85c1549069f756a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61,"size_decoded":61,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced","md5":"9246cca8fc3c00f50035f28e9f6b7f7d","sha1":"3aa538440f70873b574f40cd793060f53ec17a5d","sha256":"c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84","sha512":"a2098304d541df4c71cde98e4c4a8fb1746d7eb9677ceba4b19ff522efdd981e484224479fd882809196b854dbc5b129962dba76198d34aaecf7318bd3736c6b","ssdeep":"","tlshash":"a5a002e763957d7bd94b133756651151f8324514171305458805d475161736c81c4a82","first_seen":"2023-08-25T15:09:14Z","last_seen":"2025-05-14T12:12:43.698394Z","times_seen":189286,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=85c1548dce5e56a9","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4kvgx/0x4AAAAAAARbNTbUwdRvgt_K/auto/normal","date":"2024-02-27T15:06:11.912Z","timestamp":1709046371912,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=85c1548dce5e56a9 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4kvgx/0x4AAAAAAARbNTbUwdRvgt_K/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nserver: cloudflare\r\ncf-ray: 85c1549069fd56a9-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":180832,"size_decoded":180832,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"00988276fa1750b8c405b007cf8200c1","sha1":"5f00fe15965c82fce765673b135022ed47d50bb8","sha256":"816e4753815fc20cc22d79ceac9e20f255cb1c6ceb2c54e4c1f060b031c1204f","sha512":"6416fd18af83cea5c6918da8e2336ff15689029dd4b84b958b391a45b103de25a9369f558f5afbc642a01f9f990fbb36656dcc161530bb80b57915d8af323d7c","ssdeep":"3072:T/7HwuDF4jScl5jzwEEtmfj7Zs3qMOwxSn1tp:bFCjeEEt4Ns6SxG13","tlshash":"b40471cc67c1b86615233d38b0273716b0af5d016d7c18deea00b5d42af661e92e66ef","first_seen":"2024-08-20T08:47:00.426735Z","last_seen":"2024-08-20T08:47:11.57275Z","times_seen":2,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:03.524Z","timestamp":1709046363524,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/api.js?render=explicit HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 27 Feb 2024 15:06:03 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, public\r\nlocation: /turnstile/v0/g/a0d8959cb7d0/api.js?render=explicit\r\nvary: accept-encoding\r\nserver: cloudflare\r\ncf-ray: 85c1545c18a7b52d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":39035,"size_decoded":39035,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":14,"dns":0,"connect":1,"send":0,"wait":8,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/css/pages-godaddy.css?cb=36","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:10.330Z","timestamp":1709046370330,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/css/pages-godaddy.css?cb=36 HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:10 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 04 Feb 2024 19:24:48 GMT\r\netag: W/\"954d-610934c622000-gzip\"\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nage: 1\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=wMwznuJzwdfAKEzc%2FmsNGTMjIpsX8GXBMgsS1VAAnIjrVMndVrqfMhdvz%2FpxHB%2FHDgBLz3%2BF3%2Fp%2FZKbz6vEjHBOp7mkxTrN6IZoW4%2F4VDFmaGCPkEqam%2Fgu4Wcqq\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\ncf-ray: 85c154868b3d56b9-OSL\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38221,"size_decoded":38221,"mime_type":"text/css","magic":"ASCII text, with very long lines (1437), with CRLF line terminators","md5":"0a40b289b9ecb589387f31cbd2807033","sha1":"dbb02f7d438a952b55cab142749c648cd6417af5","sha256":"c17e32e67edc46c2720b01a4a716996809ad8335c875f6980319a1440de6c245","sha512":"faca0a6d1d4202a89b79c81baba0317438d140917e29eead72cc3a0b3e9b4e096ab3b2989bb3c16cf2d8747ff487170afd0b67d88cc251d72c9f4933476e0362","ssdeep":"192:XoogIexLQ5WKTCFBwCIZtJ8FtX2+UBRkfeWcrScuH9Ye3YdersR8Q5oqWjfHogxp:QDKAaZtJs5odwHhx5P6mqjDggJkLLn","tlshash":"c403cf86155062385f36277bf3bb00aceb6d827356961664b4bcb444cff86e410e1eaf","first_seen":"2023-11-09T15:46:52Z","last_seen":"2024-08-20T20:16:30.359257Z","times_seen":23017,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/validatecaptcha","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:10.376Z","timestamp":1709046370376,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"POST /web6/validatecaptcha HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 672\r\nOrigin: https://star.phydraca.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: application/json\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=lkNl%2By7l2fa2vjM8dHr6D7kV5BrBCNfRdtKuqGd%2B8%2F0%2FGPf2jMuUl096qh8NRaspqacN4v50ErAjJq9KaOI4Sugp6OnfRSrQc%2FZqSD2RO9vdlLwWDng2WX82mZRS\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nset-cookie: XSRF-TOKEN=eyJpdiI6Im9tT1RXY1JkL1dhWU5JTmRKY1dNYnc9PSIsInZhbHVlIjoid2FwbHFYWXZ1ZmhZM0RZV2lNSXV1ZHV5QW0xOEpkQXZxVjMraERzMlBKMU9MUkw5YURDZTk2OVBHakVGU2l3RndOVmNRQy9wTGhJMVZ0MGlGNndqT2hEdFZUOGV6S3ptck90Yyt6RTFGM3BvS1cvaEpmV3FxbGVhSjNaY3J4enQiLCJtYWMiOiIzOWVjZjIxZDMxNzE3MWJhMDdjMGMwMDJlNjQ4ZGEwNTgwZDcxZWMzMDA3NGRhYWRhNGEyYmNiYTNkZTZmN2UxIiwidGFnIjoiIn0%3D; expires=Tue, 27-Feb-2024 17:06:10 GMT; Max-Age=7200; path=/; secure; samesite=none\nlaravel_session=eyJpdiI6IjlhZE5RbnN4ZmZ6bGRjbEN2RnFaZGc9PSIsInZhbHVlIjoidEpzc0xuZG01UGIzM3FSZUliMEdsNWp3dSs5SjlOQW5RcGpoaWsyMUU0M08rSUhUTUE4bTdCOEJIZEgxYW0zL0JCZkFYdnJ6SHBpZXY1N1I5clA2RnlRcmtkT1RBNTJiZzhtbHNjOG1GWnpGWjlMbHVWMllpd1NTaEdTZTIxRFMiLCJtYWMiOiI2N2RhZWVkN2ZmY2MxOWE0MjgxMjRhMTRkYjc5Yjk4NzBmNTM0MmMyZDc4NDIxZTdhMjU5MWE0N2FiM2U2YzY5IiwidGFnIjoiIn0%3D; expires=Tue, 27-Feb-2024 17:06:10 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nserver: cloudflare\r\ncf-ray: 85c15486ab6656b9-OSL\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20,"size_decoded":20,"mime_type":"application/json","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"0b35866f4a3aa4d34ce5dda2d14c2cd8","sha1":"d2b80911f09c3106fdf0df9920f983945d644083","sha256":"493851374626d927bfe1c7d084fa977a0e636c03f163fda258ab6b638edc2f0d","sha512":"323300597a34fcbc1973fff56a643331f6dd9851d80feafe1c7691589bc9577100319688b3f19787d2e49342f0a3c25b18f7f82b14e7ea7e1c7720f9794b7061","ssdeep":"","tlshash":"9670000a280280c2a883a08000220c30a8080800802a028882080028ca088a0a8ca000","first_seen":"2023-04-05T14:51:23Z","last_seen":"2025-04-06T22:37:18.338685Z","times_seen":31862,"resource_available":false,"data":null}},"time_used":779,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":778,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"wss","addr":"star.phydraca.com//web6socket/socket.io/?type=User\u0026appnum=1\u0026EIO=4\u0026transport=websocket","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.139Z","timestamp":1709046371139,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET //web6socket/socket.io/?type=User\u0026appnum=1\u0026EIO=4\u0026transport=websocket HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://star.phydraca.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: W7dVF4kB9CrPaTyv503KAw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: XSRF-TOKEN=eyJpdiI6Im9tT1RXY1JkL1dhWU5JTmRKY1dNYnc9PSIsInZhbHVlIjoid2FwbHFYWXZ1ZmhZM0RZV2lNSXV1ZHV5QW0xOEpkQXZxVjMraERzMlBKMU9MUkw5YURDZTk2OVBHakVGU2l3RndOVmNRQy9wTGhJMVZ0MGlGNndqT2hEdFZUOGV6S3ptck90Yyt6RTFGM3BvS1cvaEpmV3FxbGVhSjNaY3J4enQiLCJtYWMiOiIzOWVjZjIxZDMxNzE3MWJhMDdjMGMwMDJlNjQ4ZGEwNTgwZDcxZWMzMDA3NGRhYWRhNGEyYmNiYTNkZTZmN2UxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlhZE5RbnN4ZmZ6bGRjbEN2RnFaZGc9PSIsInZhbHVlIjoidEpzc0xuZG01UGIzM3FSZUliMEdsNWp3dSs5SjlOQW5RcGpoaWsyMUU0M08rSUhUTUE4bTdCOEJIZEgxYW0zL0JCZkFYdnJ6SHBpZXY1N1I5clA2RnlRcmtkT1RBNTJiZzhtbHNjOG1GWnpGWjlMbHVWMllpd1NTaEdTZTIxRFMiLCJtYWMiOiI2N2RhZWVkN2ZmY2MxOWE0MjgxMjRhMTRkYjc5Yjk4NzBmNTM0MmMyZDc4NDIxZTdhMjU5MWE0N2FiM2U2YzY5IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Tue, 27 Feb 2024 15:06:11 GMT\r\nConnection: upgrade\r\nSec-WebSocket-Accept: SrQNOuHmbYSy7gO3CyZ3zZlVudg=\r\nUpgrade: websocket\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=B3d9QFkLuXj1bQAdb%2FydgzsQCB2HwNsJ6V4WLhO9NQUsyVQu4zfqQMZPRlbgURCLOjiXYboHqpowsz%2BjfvQSoQPCiOVmaeL8FeeBSQNLiT10xkH%2BW22IitgooujfDXkHRnj6Zw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 85c1548bcd8a0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":487,"timings":{"blocked":-1,"dns":15,"connect":16,"send":0,"wait":443,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/pages/entoraid.css?cb=1709046364120","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:10.321Z","timestamp":1709046370321,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/pages/entoraid.css?cb=1709046364120 HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:10 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 07 Feb 2024 12:21:50 GMT\r\netag: W/\"4fd-610c9bd42b380-gzip\"\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Q%2BLegvEjg%2BRTCvJY7SrBviHkF%2BD7yIA%2FpL8OmPtU%2F1q%2BqL1AzAn%2Br1xXmgfHjvE4Z01KZPVR1cYvLACKuKCtAn%2BanVsj6ifkPs%2FHUukYDQuMnJsDyoImb%2FD36zpU\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncf-ray: 85c154867b2256b9-OSL\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1277,"size_decoded":1277,"mime_type":"text/css","magic":"ASCII text, with very long lines (1320), with no line terminators","md5":"f01289b3d1a61700b9be2f304ec9c8ba","sha1":"e566c68bc2cd481307fe280f59e701e55ec2ae81","sha256":"7233555de534a69a13ebd1e089834e8d4a6a360df6392bfe8345c31fb5a2437e","sha512":"3c73b8c83afb82b389c76507f4b2ebe5298d712328e66b1f4b91a0fa4080bf73985f8d4c0e6913a869e48108f2b2a28892f03c800a1c5a3b3fbfa7830e1be7b8","ssdeep":"","tlshash":"3d21026ae6865cbf751b9f692bf12784132db040c0258b3c3b3e71b3638909460773a6","first_seen":"2023-11-14T19:39:32Z","last_seen":"2024-08-20T19:37:29.53362Z","times_seen":6006,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":546,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/js/pages-head-top-web.min.js?cb=1709046360000","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:03.725Z","timestamp":1709046363725,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/js/pages-head-top-web.min.js?cb=1709046360000 HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:04 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Thu, 08 Feb 2024 16:24:11 GMT\r\netag: W/\"25c-610e13dd020c0-gzip\"\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Fg%2FQKOD5LLxym7w0E78arKyb1RvEvFMAkA%2FrD2TwfGavVRVYGE0zAzv3IX5r8R58oAFVqF83SFS09w%2FdhsaSh7qVqOir56ng60lqOGhsFZhirionbX5w4WjFzTP%2B\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncf-ray: 85c1545d4fe856b9-OSL\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":604,"size_decoded":604,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (640), with no line terminators","md5":"d5f0d0d0615fe9cd3217e838e5ca283c","sha1":"30f0085b6fe0c4fc2f861dfb27208d07ed7ed5c1","sha256":"9329ddd97ad24ad9a165e8673435607b12a5d8fd1a164c1b734eb115ea4d3962","sha512":"e48ba838611d1b3c00d655702308da38ac226771a3b81b058b03219c32a7f190951a8fd2671bae4b24b25a4792ed0676e81335a05d40f50a52407b6f25858991","ssdeep":"","tlshash":"0af0282c3d25f9a09d7d356e34bad5bd3da100162500e25389cfac2ce0b3fc84ca54d0","first_seen":"2024-02-08T17:55:30Z","last_seen":"2024-08-20T10:00:15.605277Z","times_seen":1117,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":392,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/microsoftfavicon.ico","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.988Z","timestamp":1709046371988,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/microsoftfavicon.ico HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nCookie: XSRF-TOKEN=eyJpdiI6IkQ4dzUxSWYrSFlTajZCUkppYmFzcXc9PSIsInZhbHVlIjoiM1NER0NXdHBGdjl1Rmx3ZkFTZ0lyRHBua2dJajNzV1BLL2ZVT2lvZUJma2dQU2hLQ1A0VkRqUkZvYS9ZaTVieVlzK3lCODFCTkY3NWo2dEY0SWhMNFhkelE2M0FWUVU3ZXpSMTgrdGh3bWN2LzgwQ29qNjBzc0xmQzlyK1drQ1ciLCJtYWMiOiI1NWQ2ODc0ZTg0YWQwNTgzYzFmMjg4MTNiZjc3ZDY3NDMzYjM3ZTdkOTcyY2E5MGY1ZWQ4ZmY3M2M4YzNjNzNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndVU3FVOTIyM3Joc2xnankrR0pEQVE9PSIsInZhbHVlIjoiOVVINDlvUjNIUitLZWlPdjN2TFRRd01wekZzVEZGbU5IWXExcXNGSytxTERVM1Zva1ZuKy9SMGxDRDBSdFB1Wkg4WlVxdFk4YmJNNnFPcmMwWi9ObGhraVRVcy93bmZPOVE0Ty95ajc2cG1xL3VDcVV4WmVPUzA3Z0Vxbm9OY3UiLCJtYWMiOiIwZGZjOTc5OGNjNzAyNmJkMzBiZDk2NDlmZjNjZmQxODc2MWMzNWFlOGViYTA5MmFjNzU2MzMyZmUyZTI2MzhlIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\nlast-modified: Sun, 19 Mar 2023 06:20:16 GMT\r\netag: W/\"4316-5f73acdc5a800\"\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=1hUxce16blku9Prjka1hPB%2Bb9c2xMmKRnDhaB4Ll7HLvuhkJUOmTnbcVLPpUj23KZfVdiJ1kANeeZGuNEG%2FL0PSQibU6jUG%2Fq%2Fr5ycG9uzFCejQc%2B5CcysvMC13b\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 0\r\nserver: cloudflare\r\ncf-ray: 85c15490ef4756b9-OSL\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17174,"size_decoded":17174,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors","md5":"12e3dac858061d088023b2bd48e2fa96","sha1":"e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5","sha256":"90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21","sha512":"c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01","ssdeep":"24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO","tlshash":"b772e35b1f5f4981ec4b0db80b125e80c5e49c973854dffbdb76b62888b0364ab845eb","first_seen":"2023-04-05T03:19:57Z","last_seen":"2026-04-05T13:21:05.757157Z","times_seen":163412,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.socket.io/4.6.0/socket.io.min.js","fqdn":"cdn.socket.io","domain":"socket.io","tld":"io"},"ip":{"addr":"143.204.55.70","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:04.125Z","timestamp":1709046364125,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.socket.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sun, 22 Oct 2023 00:00:00 GMT","end":"Sun, 17 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"BB:7D:4E:26:70:F6:06:2A:12:E9:92:A8:F1:9F:CD:82:0B:BF:48:ED","sha256":"C6:1C:9F:99:92:94:22:B4:CA:16:AD:70:73:8C:CF:16:98:BB:6F:5E:9B:8A:EE:32:C3:D5:13:F3:CF:69:F4:51"}}},"request":{"raw":"GET /4.6.0/socket.io.min.js HTTP/1.1\r\nHost: cdn.socket.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-disposition: inline; filename=\"socket.io.min.js\"\r\ncontent-encoding: gzip\r\ndate: Mon, 15 Jan 2024 16:33:26 GMT\r\netag: W/\"80f5b8c6a9eeac15de93e5a112036a06\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: fra1::gsg9m-1705336406533-adf1f7d78a76\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: GsMFB9c200eS8jD8nrJysM9xgvZLmR78PiD5YcFrFptolOQqUlzoLg==\r\nage: 3709958\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45806,"size_decoded":45806,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (45667)","md5":"80f5b8c6a9eeac15de93e5a112036a06","sha1":"f7174635137d37581b11937fc90e9cb325077bce","sha256":"0401de33701f1cad16ecf952899d23990b6437d0a5b7335524edf6bdfb932542","sha512":"b976a5f02202439d94c6817d037c813fa1945c6bb93762284d97ff61718c5b833402f372562034663a467fdbaa46990de24cb1e356392340e64d034e4ba1b4e4","ssdeep":"384:1ZS0CCnasl8gRR/PoPez+iCMN0Fkiw2Jh4RWdRGhAjbp2ChPL8cYRGv5MRUK6np9:/CCnVl7tUkBxkdRGOfDiY5C5MAn5GY2","tlshash":"1423a488f2a1b06187e37165443f110ba27a746964c9c18cf639d9f19eb8ece7123f79","first_seen":"2023-04-05T03:09:50Z","last_seen":"2026-04-03T09:57:49.448884Z","times_seen":39623,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":3,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"star.phydraca.com/web6/assets/css/pages.min.css?cb=36","fqdn":"star.phydraca.com","domain":"phydraca.com","tld":"com"},"ip":{"addr":"172.67.188.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:10.327Z","timestamp":1709046370327,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phydraca.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 04 Feb 2024 19:46:57 GMT","end":"Sat, 04 May 2024 19:46:56 GMT"},"fingerprint":{"sha1":"01:E2:8E:64:8C:E8:F0:23:22:16:54:C0:38:01:AB:75:DC:10:76:42","sha256":"1C:4D:73:0C:7E:A0:77:0F:12:E9:EE:83:2C:03:9B:59:6A:27:25:69:52:41:95:5C:7C:CB:A2:35:7D:50:6C:0E"}}},"request":{"raw":"GET /web6/assets/css/pages.min.css?cb=36 HTTP/1.1\r\nHost: star.phydraca.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/eridisto/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:10 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 07 Feb 2024 19:41:51 GMT\r\netag: W/\"4264-610cfe2e1fdc0-gzip\"\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=dGX51wwcKKeHW8PF1elEO5XtpZfjn4ETwvfrdI%2FEvudU9r5B9pX%2BnAfsSBpWdFCxanpWjBdWomnJ%2FNCJXjFC8vAEXma0I%2F%2BWYx56t3hr2C%2FYi5cdoBYX2DMZ6GIM\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1\r\nserver: cloudflare\r\ncf-ray: 85c154868b3b56b9-OSL\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16996,"size_decoded":16996,"mime_type":"text/css","magic":"ASCII text, with very long lines (16996), with no line terminators","md5":"e4e39ea7eb163a7d401286ed0de4b411","sha1":"e08ad5db54f8b2e192ee1276d3f6856e752bc15f","sha256":"354881575002cb9a143349bcefb8420081940ab9ba3aa816f1bb7aff7286a271","sha512":"21989a06c9f62492ebeeb315401079fca5c156665df46dd46657f433ce8850790ebd1d98f88d6e2f2238501cf72fdbe4d7298689e2beb6d69aa196db922b4f62","ssdeep":"192:S3PiHSaHZfdY8xbXUfCkDAm0vHXIYECacgAx8K1MbJK2EKPMq/vHID/gPnqBvMmU:mtaldY8xbXn54YE80tk0Sgfn","tlshash":"4b72aaa1a2103229e177c13721d2fac922355652f57b6eb9bc7671f4cf891c32b3364a","first_seen":"2024-02-09T16:53:34Z","last_seen":"2024-08-20T09:58:19.667173Z","times_seen":2219,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4kvgx/0x4AAAAAAARbNTbUwdRvgt_K/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://star.phydraca.com/eridisto/#alx@floormaxusa.com","date":"2024-02-27T15:06:11.499Z","timestamp":1709046371499,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/4kvgx/0x4AAAAAAARbNTbUwdRvgt_K/auto/normal HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://star.phydraca.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 27 Feb 2024 15:06:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ncontent-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndocument-policy: js-profiling\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver: cloudflare\r\ncf-ray: 85c1548dce5e56a9-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":74898,"size_decoded":74898,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (40811)","md5":"19e589b305a037c783ebc9f77d7bfd4e","sha1":"26d8b02ac2a17ae9a475b8ee7358d8d9f8f27646","sha256":"6cbf7e062874c0eb55bc6ebb6b381203c7de406f57cc12a98de46c099e17271a","sha512":"07e6e4ca3ca2aee065493df3f2842d4c5f5edccd7f6489269703731d5acb3015392c66b7b1d543707a875f5ea19234e428a6a5b6403e53c23de571267fdf0ac1","ssdeep":"1536:3aJfcyI6+2ecnfIedWeOnCgw1EkWCziqRW4a4YYPqi1Pt2MYE1lDaHy7YYXYVttd:ofTmG9pkrw6EfD97YYXYjtgMkCOsU1yb","tlshash":"0173f7d9cebc2d19ab029729b0ce51e3632d63471556e599b4cca280cfed14e22f0f79","first_seen":"2024-08-20T08:47:00.432761Z","last_seen":"2024-08-20T08:47:00.432761Z","times_seen":1,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}