ocsp.pki.goog/gts1c3
471 B IP
Hash 16224c5d98111b880317d7abe78acc6f
adc7242b1cc72d0d28675518e765755ed741e76f
3eee85d77f21c34e07df868b943097d75fc001626742941f5427c3e89f8cdf41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 03 Oct 2023 13:11:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/amp/s/www.gilsreformas.com.br/new/new/wz/rlkgdb/YW5kcmVhLnNlYWxlQGNhbmNlci5jYQ==
279 B URL www.google.com/amp/s/www.gilsreformas.com.br/new/new/wz/rlkgdb/YW5kcmVhLnNlYWxlQGNhbmNlci5jYQ==
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7793323a5432db52c3a521baf2617f0c
8da37376584ed9515fa1a190a728b97cd8cf3591
4096d526cd0896f1aa8a2684a83074b82f582783fd1824683b850c4fad016289
GET /amp/s/www.gilsreformas.com.br/new/new/wz/rlkgdb/YW5kcmVhLnNlYWxlQGNhbmNlci5jYQ== HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://www.gilsreformas.com.br/new/new/wz/rlkgdb/YW5kcmVhLnNlYWxlQGNhbmNlci5jYQ==
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-KTZsFv1GttPQqjojWmPF9g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Tue, 03 Oct 2023 13:11:30 GMT
server: gws
content-length: 279
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: __Secure-ENID=15.SE=T0_0YqG_B2yJnZoNDKs8awO75w2aGeJiCls8ygxNenE7ByjhhmcK11ySquMNfKUljY0dIRIAflE4SeEvDihhFg_i53OSaHe2uDslzDvgdlrFyy9A5iHE7mt8byJ3srFzbyCASliaLE1QouZfq9p3zl6x4SZ2hJt_5rxpLh1x9KQ; expires=Sat, 02-Nov-2024 05:29:48 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+808; expires=Thu, 02-Oct-2025 13:11:30 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gilsreformas.com.br/new/new/wz/rlkgdb/YW5kcmVhLnNlYWxlQGNhbmNlci5jYQ==
0 B URL www.gilsreformas.com.br/new/new/wz/rlkgdb/YW5kcmVhLnNlYWxlQGNhbmNlci5jYQ==
IP
ASN #24961 myLoc managed IT AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /new/new/wz/rlkgdb/YW5kcmVhLnNlYWxlQGNhbmNlci5jYQ== HTTP/1.1
Host: www.gilsreformas.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
refresh: 0;url=https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/#andrea.seale@cancer.ca
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 03 Oct 2023 13:11:28 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 6ffe1b36da5cedc55de7d1ed94560b53
b702312a32734e128385a9d3fa8c4a31c81c5d93
e73c164604fc8cb1809f6a15f7d7dce29e9ea36ef085a782b081e17a2caa42e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 03 Oct 2023 13:11:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
200 OK 25 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
IP
Requested by https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/#andrea.seale@cancer.ca
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash abe91756d18b7cd60871a2f47c1e8192
7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aktppqp54cqd8cd0li1p.ht28466.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
accept-ranges: bytes
date: Tue, 03 Oct 2023 13:11:32 GMT
age: 9861935
x-served-by: cache-fra-eddf8230097-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
X-Firefox-Spdy: h2
aktppqp54cqd8cd0li1p.ht28466.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
302 Found 7.3 kB URL GET HTTP/3 aktppqp54cqd8cd0li1p.ht28466.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
Requested by https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/#andrea.seale@cancer.ca
Certificate IssuerGoogle Trust Services LLC
Subjectht28466.ru
Fingerprint64:C1:41:1F:D4:4E:A5:DE:06:AB:57:D8:76:DC:81:6C:49:AC:FC:A8
ValidityWed, 27 Sep 2023 04:46:23 GMT - Tue, 26 Dec 2023 04:46:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: aktppqp54cqd8cd0li1p.ht28466.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ta8df85mphdrkv9l8d93a66uc0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Tue, 03 Oct 2023 13:11:33 GMT
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
vary: accept-encoding
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HlFkQplQQcCMCzQYdLoD4SeDiXNL7JgxrJC7HXax%2FUd1xvY0YkCixEQytI2gY9Vi1wQMnuwvHe%2BJotIJMd8lKGxdo5XQs3XVbTzYw3LD7AtHJXc8Sls0TcJ645WamltTl1sy%2F7W2Rchp463nQIZgQgg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81056e80ff6956b1-OSL
alt-svc: h3=":443"; ma=86400
aktppqp54cqd8cd0li1p.ht28466.ru/ax23/5ss8Y7mZvbp
200 OK 0 B URL POST HTTP/3 aktppqp54cqd8cd0li1p.ht28466.ru/ax23/5ss8Y7mZvbp
IP
Requested by https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/#andrea.seale@cancer.ca
Certificate IssuerGoogle Trust Services LLC
Subjectht28466.ru
Fingerprint64:C1:41:1F:D4:4E:A5:DE:06:AB:57:D8:76:DC:81:6C:49:AC:FC:A8
ValidityWed, 27 Sep 2023 04:46:23 GMT - Tue, 26 Dec 2023 04:46:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ax23/5ss8Y7mZvbp HTTP/1.1
Host: aktppqp54cqd8cd0li1p.ht28466.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/
Content-Type: multipart/form-data; boundary=---------------------------175166232032928493443843652962
Content-Length: 750
Origin: https://aktppqp54cqd8cd0li1p.ht28466.ru
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ta8df85mphdrkv9l8d93a66uc0; cf_clearance=5dbbV9yM8FijlSelvvWreuBUKlhKHTTwvwXEVhIAgb8-1696338693-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1696338693
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 03 Oct 2023 13:11:36 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUd0rmSxLtPar6pgmNpG4g%2BxSWV%2Fzi92R8%2BkQmR1kwmdEwuK5cw1L3J6T1zaDiFNs4EyrtYc7OXN9uUx9vXiHeM8kTgWubsLNQ4ay%2FW4JHh3MaYOHsdXLcAqV1sKSslYsytQQJGnq8137LtOWTNrDNLL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81056e92f84056b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
200 OK 28 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
IP
Requested by https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/#andrea.seale@cancer.ca
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14577)
Hash 1557a0a7f6e71c4d2960251345631df4
bdf1ffa05fc200e894527ab83bcf1e9003cb85bb
d33aa2f0f27e31d4e6e1665ad9f142e1da0f32801f3f7a6f5ed06bdb6ae176dd
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aktppqp54cqd8cd0li1p.ht28466.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 03 Oct 2023 13:11:33 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 81056e80ecda56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2+U=
200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2+U=
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Hash 9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2+U= HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 03 Oct 2023 13:11:33 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 81056e81ad6756c1-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=81056e80ecda56c1
200 OK 173 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=81056e80ecda56c1
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 173 kB (173091 bytes)
Hash 246067c4afc01aabb251bc80d7c4177c
4fad78589f2041b7b02a44d34c9ac12d9c436f48
3e4e64ec592151191e7f01d336312264b181c3ba4e30c2f7d112a791749037e8
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=81056e80ecda56c1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 03 Oct 2023 13:11:33 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 81056e81bd6c56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aktppqp54cqd8cd0li1p.ht28466.ru/cdn-cgi/challenge-platform/h/g/jsd/r/81056e742c2cb517
200 OK 0 B URL POST HTTP/3 aktppqp54cqd8cd0li1p.ht28466.ru/cdn-cgi/challenge-platform/h/g/jsd/r/81056e742c2cb517
IP
Requested by https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/#andrea.seale@cancer.ca
Certificate IssuerGoogle Trust Services LLC
Subjectht28466.ru
Fingerprint64:C1:41:1F:D4:4E:A5:DE:06:AB:57:D8:76:DC:81:6C:49:AC:FC:A8
ValidityWed, 27 Sep 2023 04:46:23 GMT - Tue, 26 Dec 2023 04:46:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/g/jsd/r/81056e742c2cb517 HTTP/1.1
Host: aktppqp54cqd8cd0li1p.ht28466.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12282
Origin: https://aktppqp54cqd8cd0li1p.ht28466.ru
DNT: 1
Connection: keep-alive
Referer: https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/
Cookie: PHPSESSID=ta8df85mphdrkv9l8d93a66uc0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 03 Oct 2023 13:11:33 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=5dbbV9yM8FijlSelvvWreuBUKlhKHTTwvwXEVhIAgb8-1696338693-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1696338693; path=/; expires=Wed, 02-Oct-24 13:11:33 GMT; domain=.ht28466.ru; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4953fP7ZJ0Bisd7kP%2FCBOlF5NF77LC3idVnaKpkzxrJxTSVE1SA1%2F8%2Fy1VSgrEjENAqxXwzECDG0XmZU2FlYbLFOLq8IKcqGDWMxFwysztbz8WcHEotjJvMU%2BySLyzZdm%2BPrT4Av428HGXGSh8BSsZ%2F6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81056e827a3256b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/831089768:1696334999:aEBgWzYuwOhFfes27K8DiBUAraeXwFl4Jv2vdbgrTE0/81056e80ecda56c1/9a2fd9d9b91aac4
200 OK 78 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/831089768:1696334999:aEBgWzYuwOhFfes27K8DiBUAraeXwFl4Jv2vdbgrTE0/81056e80ecda56c1/9a2fd9d9b91aac4
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash ac20cca8754ae8ee3e88952e9d00fb2d
b73e6b0ee52caaa37bba3bd02be1e09c93d03192
daf0dfd00cf3f4d976f011de97fde5b8cfa185cfe06b61237b851d9a2e66b9d9
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/831089768:1696334999:aEBgWzYuwOhFfes27K8DiBUAraeXwFl4Jv2vdbgrTE0/81056e80ecda56c1/9a2fd9d9b91aac4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9a2fd9d9b91aac4
Content-Length: 2934
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 03 Oct 2023 13:11:33 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: EacauId9FhQ8YrEgNDoJ8ow74NENZldKKay++q/F91L6JyP5BAx1DTngGoY1YjjMWSEiNU3pl+rBLg3G6AMPKue4vOBy67uy8J4ffXmJ6nsWUroIoiZWDgP5YWYhd/B/ZjILTqijnNVuQ77GzAtyEauZ3FpxozhVT0Ts5EzUMdnVYHJNxY+qY8TaM1KWvQaJXgxLPUz2F/VJdff92hpB02d7RW4eyJaa8+jG6dCSD2ZFl2Yx31UyDkkmj9WyTirsnUkJmTbDrHFfZs8e1O4hI0ecjtM0vyb40Hb+0rEpsOOhGDo1ffF0HkdTiv4gsUzssn62egSa5e6tCse53L03QgqL6/WxzbiaQFWgpvwWves=$Vyj0N1t6D10hqAJbc/+miA==
server: cloudflare
cf-ray: 81056e83cf5a56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/81056e80ecda56c1/1696338693739/p52tT0iQv4FqYLH
200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/81056e80ecda56c1/1696338693739/p52tT0iQv4FqYLH
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 74 x 73, 8-bit/color RGB, non-interlaced\012- data
Hash f4e9d872d7b6a0c7e9c91058ed105f5d
838689d63cad23e8debe0162de5ccd28884b78bd
d7937b32b27f949d1d0a40bb0a242d5856e7d60ef93e40ff9a2be69a034d17e7
GET /cdn-cgi/challenge-platform/h/g/i/81056e80ecda56c1/1696338693739/p52tT0iQv4FqYLH HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 03 Oct 2023 13:11:35 GMT
content-type: image/png
server: cloudflare
cf-ray: 81056e912cf856c1-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js
200 OK 34 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js
IP
Requested by https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/#andrea.seale@cancer.ca
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (33998)
Hash cc3e43876d80dbb4f1bff1e8b15a9c60
3b43cbd347df372f7c1daf463b1229e4a8849195
06d063d7e58bade3ae244489087afa82f9f7c59276cdd7dcfbb2a9b5b600c5da
GET /turnstile/v0/g/dffb14d6/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aktppqp54cqd8cd0li1p.ht28466.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 03 Oct 2023 13:11:32 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 81056e7f1c5156bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
aktppqp54cqd8cd0li1p.ht28466.ru/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
200 OK 7.3 kB URL GET HTTP/3 aktppqp54cqd8cd0li1p.ht28466.ru/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
IP
Requested by https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/#andrea.seale@cancer.ca
Certificate IssuerGoogle Trust Services LLC
Subjectht28466.ru
Fingerprint64:C1:41:1F:D4:4E:A5:DE:06:AB:57:D8:76:DC:81:6C:49:AC:FC:A8
ValidityWed, 27 Sep 2023 04:46:23 GMT - Tue, 26 Dec 2023 04:46:22 GMT
File type ASCII text, with very long lines (7294), with no line terminators
Hash d7510c5230ef9ef7d811a0eafecdba3d
b6e1d657e433b09239a5053b7c7d0252a14cfb9d
e5b49de7ad21ef1c5e94d481529d97634a4b237f43beb94958ba137232e55791
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js HTTP/1.1
Host: aktppqp54cqd8cd0li1p.ht28466.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ta8df85mphdrkv9l8d93a66uc0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 03 Oct 2023 13:11:33 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7qSaDp6oAbhvdyn3Hq4KGPToyNclClMxAExObyvUQ%2BkrRfeKm2WM2%2FmLiyftLrtE85cK0isvVsNy2b7zbJe5WUaH9127UKSuMZHdpVjhajz%2FCKGmWGthpKd3gCHLV%2BCPsPuHb4DUZ5tgjcyb%2Fb%2BG5HD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81056e811f8256b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aktppqp54cqd8cd0li1p.ht28466.ru/ax23/
200 OK 8.4 kB URL User Request GET HTTP/2 aktppqp54cqd8cd0li1p.ht28466.ru/ax23/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectht28466.ru
Fingerprint64:C1:41:1F:D4:4E:A5:DE:06:AB:57:D8:76:DC:81:6C:49:AC:FC:A8
ValidityWed, 27 Sep 2023 04:46:23 GMT - Tue, 26 Dec 2023 04:46:22 GMT
File type HTML document, ASCII text, with very long lines (8360), with no line terminators
Hash 6d317a4dbf1f900d4f4803d3141ff60a
ba4bcf74ed81e462c02bc9a9190a21fcd945cd93
8c52eba0ed7efd76e19be90f3b63f3ce9008b4fb17abbe3bbc1198d73632c9fe
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /ax23/ HTTP/1.1
Host: aktppqp54cqd8cd0li1p.ht28466.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 03 Oct 2023 13:11:32 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: PHPSESSID=ta8df85mphdrkv9l8d93a66uc0; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RT39TtvJM3JhWDmhs3c5zejc%2BDJ6G%2FQ%2FjJv7pQLPZm5RcyT%2FKKy9znnjeF%2FgsjXwAU1VJrdpZaw9C%2F8KwLuIDKcUjqGd%2FlvI4z4SuSr5sdpmEK8RzbgIlENij22UnO7I0KKQtiofogmJ5Acf0L9B1DY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81056e742c2cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/api.js
302 Found 34 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js
IP
Requested by https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/#andrea.seale@cancer.ca
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aktppqp54cqd8cd0li1p.ht28466.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 03 Oct 2023 13:11:32 GMT
cache-control: max-age=300, public
location: /turnstile/v0/g/dffb14d6/api.js
vary: accept-encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 81056e7efc2e56bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
aktppqp54cqd8cd0li1p.ht28466.ru/favicon.ico
404 Not Found 1.2 kB URL GET HTTP/3 aktppqp54cqd8cd0li1p.ht28466.ru/favicon.ico
IP
Requested by https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/#andrea.seale@cancer.ca
Certificate IssuerGoogle Trust Services LLC
Subjectht28466.ru
Fingerprint64:C1:41:1F:D4:4E:A5:DE:06:AB:57:D8:76:DC:81:6C:49:AC:FC:A8
ValidityWed, 27 Sep 2023 04:46:23 GMT - Tue, 26 Dec 2023 04:46:22 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1274), with no line terminators
Hash 8c16945397b2ea2fa974494c910f6d08
87289c714f1955cc0a4b8d0f5319bf0dcf771141
16782bd72a33f1963efb1d59aa17f964a604235a255e51dd4aafe0e0587040c6
GET /favicon.ico HTTP/1.1
Host: aktppqp54cqd8cd0li1p.ht28466.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aktppqp54cqd8cd0li1p.ht28466.ru/ax23/
Cookie: PHPSESSID=ta8df85mphdrkv9l8d93a66uc0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 03 Oct 2023 13:11:33 GMT
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1LQltDaTfoE%2BK1ikvMKyrohCnxsUei0M8lNtUrFc%2F9qvQhURSWxmu3g9MPVk2FeAD8b9cul8qdD7fB2OxApI4JhvN54LSuUSICsKe9R1%2BiNSwhUTyXgik9gCLTeg%2FQDwEO1yrjskUGzlgKNwmu5KBz5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81056e80ef6856b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/831089768:1696334999:aEBgWzYuwOhFfes27K8DiBUAraeXwFl4Jv2vdbgrTE0/81056e80ecda56c1/9a2fd9d9b91aac4
200 OK 3.5 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/831089768:1696334999:aEBgWzYuwOhFfes27K8DiBUAraeXwFl4Jv2vdbgrTE0/81056e80ecda56c1/9a2fd9d9b91aac4
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (3512), with no line terminators
Hash 3588383eb073796da13a75b35278ecbb
e37327962f32cb93a7c1817bb893e1b92176be43
f5f27effdaaeec177b488c36807e42972e3d0875e63bb45b9816be88535c0793
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/831089768:1696334999:aEBgWzYuwOhFfes27K8DiBUAraeXwFl4Jv2vdbgrTE0/81056e80ecda56c1/9a2fd9d9b91aac4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9a2fd9d9b91aac4
Content-Length: 25168
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 03 Oct 2023 13:11:36 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: OlTW1erWgoIf4bPgm6NsIKy9wovFLI8JEWcwPR2vnwILIbqzm13XlavtAfJ9dytWzJ2r1pGcMKUePsWjFk/oiL11TnMcTo0fux14fejQYekfNUG4mbjUs7/rS8dqnO5R$MbxCGe/9qQE59X7M5a4NdA==
cf-chl-out-s: 8VkLPXG01fnAUXUPICXVBEovd9miiBRqdeqZzjBVLC7pWWMb0zPnozt+ZX4oV/ZMChSFmpdsBnCcDDLigo00PjBkx8OtYWgTfs51lc7xyVpN/WehWv4zbdQj+Do5W5sn8QZhO/2XAhgfXwgZAfxuWMCpgWfRcdo3FCoc4zIE3Vxl8Bx3Q1KPzm/lANhVoltM6gXQ8vKb2BTynJDDXawlxTWsLXeZVekvMI2PKMpnsTD3ApOomyHBjazgOMHieFj2aiE9WONjssLPMRXbSkGj1g==$7cF3ig/1Q6g+BO7HzQlmKw==
server: cloudflare
cf-ray: 81056e929e4056c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/81056e80ecda56c1/1696338693736/76c9ba87886e246b2764034bb06fe71897a4a47b17de87f09fe483f05c6926e7/dIjmtj8AhUyzXzE
401 Unauthorized 1 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/81056e80ecda56c1/1696338693736/76c9ba87886e246b2764034bb06fe71897a4a47b17de87f09fe483f05c6926e7/dIjmtj8AhUyzXzE
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type very short file (no magic)
Hash ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/81056e80ecda56c1/1696338693736/76c9ba87886e246b2764034bb06fe71897a4a47b17de87f09fe483f05c6926e7/dIjmtj8AhUyzXzE HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x1edm/0x4AAAAAAAKwlksHYu2QrjtV/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Tue, 03 Oct 2023 13:11:35 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gdsm6h4huJGsnZANLsG_nGJekpHsX3ofwn-SD8FxpJucAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAmwecnC9kG_Fj0JIwT3ZpvO_cMGClNgn70CbP_OAQtwOOEcI1r2Po8y80NqJxALuKmNWFbryz6_VdAlXOZboOVMLHCEbOy5q8d_6d0jdvr4gWOR2YS8ZTEnOkoT2a55wMVFQXjZEnncYNLIkkVvnJf6yMVipGTtubyCfc5cpfJd_D1ZgRw1IBDxoldOFSszBBZ4ZnflsRf89fe_8GxaiKG0TJLywsU6KjsU5o26MKfvTBAlpza3foWvE1uvJJ35QHhx3ypQQq1C4t0Px9W2E3TsW4ctYpIkmfm2ZZDRiMVSwZCR_gh44wnfOqUXvRHSKr1-YGAawfDrdFrPembkdRQQIDAQAB, max-age=20
server: cloudflare
cf-ray: 81056e8c2f7856c1-OSL
alt-svc: h3=":443"; ma=86400
aktppqp54cqd8cd0li1p.ht28466.ru/ax23/
0 B URL User Request GET aktppqp54cqd8cd0li1p.ht28466.ru/ax23/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectht28466.ru
Fingerprint64:C1:41:1F:D4:4E:A5:DE:06:AB:57:D8:76:DC:81:6C:49:AC:FC:A8
ValidityWed, 27 Sep 2023 04:46:23 GMT - Tue, 26 Dec 2023 04:46:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /ax23/ HTTP/1.1
Host: aktppqp54cqd8cd0li1p.ht28466.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ta8df85mphdrkv9l8d93a66uc0; cf_clearance=5dbbV9yM8FijlSelvvWreuBUKlhKHTTwvwXEVhIAgb8-1696338693-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1696338693
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
142.250.74.132
188.114.96.1
104.17.2.184
46.228.205.152
0.0.0.0