{"report_id":"72e19bb3-997d-4416-8989-6a305f61712e","version":6,"status":"done","tags":[],"date":"2025-08-18T12:01:19Z","url":{"schema":"https","addr":"teleocgl.quest/cdn-cgi/phish-bypass?atok=grA77c3JI7xM5KaRwLcF96TworNBlJGBP91m30SgdxY-1755486152.4098868-0.0.1.1-%2F\u0026original_path=%2F\u0026cf-turnstile-response=","fqdn":"teleocgl.quest","domain":"teleocgl.quest","tld":"quest"},"ip":{"addr":"104.21.2.248","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"teleocgl.quest/cdn-cgi/phish-bypass?atok=grA77c3JI7xM5KaRwLcF96TworNBlJGBP91m30SgdxY-1755486152.4098868-0.0.1.1-%2F\u0026original_path=%2F\u0026cf-turnstile-response=","fqdn":"teleocgl.quest","domain":"teleocgl.quest","tld":"quest"},"title":"teleocgl.quest/cdn-cgi/phish-bypass?atok=grA77c3JI7xM5KaRwLcF96TworNBlJGBP91m30SgdxY-1755486152.4098868-0.0.1.1-%2F\u0026original_path=%2F\u0026cf-turnstile-response="},"submit":{"url":{"schema":"https","addr":"teleocgl.quest/cdn-cgi/phish-bypass?atok=grA77c3JI7xM5KaRwLcF96TworNBlJGBP91m30SgdxY-1755486152.4098868-0.0.1.1-%2F\u0026original_path=%2F\u0026cf-turnstile-response=","fqdn":"teleocgl.quest","domain":"teleocgl.quest","tld":"quest"},"ip":{"addr":"104.21.2.248","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-22T12:01:19Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"teleocgl.quest","ip":{"addr":"172.67.129.239","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-09","domain_rank":0,"first_seen":"2025-08-12T13:29:13.320313Z","last_seen":"2025-08-12T13:29:13.320313Z","alert_count":0,"request_count":2,"received_data":3998,"sent_data":1176,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"teleocgl.quest/cdn-cgi/phish-bypass?atok=grA77c3JI7xM5KaRwLcF96TworNBlJGBP91m30SgdxY-1755486152.4098868-0.0.1.1-%2F\u0026original_path=%2F\u0026cf-turnstile-response=","fqdn":"teleocgl.quest","domain":"teleocgl.quest","tld":"quest"},"ip":{"addr":"172.67.129.239","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-18T12:00:57.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"teleocgl.quest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 08:36:28 GMT","end":"Fri, 07 Nov 2025 09:35:01 GMT"},"fingerprint":{"sha1":"D3:1A:BC:B7:98:A0:70:31:E1:38:18:F9:E9:A6:84:23:79:7B:34:DE","sha256":"CB:3B:23:5A:A2:30:95:DB:6B:87:4B:1C:D4:C5:A6:88:0A:4E:2C:82:E2:0F:0D:37:B1:D5:82:06:0C:EC:E1:BA"}}},"request":{"raw":"GET /cdn-cgi/phish-bypass?atok=grA77c3JI7xM5KaRwLcF96TworNBlJGBP91m30SgdxY-1755486152.4098868-0.0.1.1-%2F\u0026original_path=%2F\u0026cf-turnstile-response= HTTP/1.1\r\nHost: teleocgl.quest\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\ndate: Mon, 18 Aug 2025 12:00:57 GMT\r\ncontent-length: 23\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=15552000; preload\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r56KMgasklMPTKf08uUVgz1hTtjrnF%2BtFJyweZ1LC1vy1Y1Ju%2FwaMf9ySYIiGhPYST40dnQz4Wy02YZNzJfakvlH%2BM90apc7A69ra5jQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 971140fa09a25cc8-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"1862a245f1f02bd4477a17e9432e3a25","sha1":"5e9e7ba669c7c6e7aa7aede335b0b22f0a08b88f","sha256":"e999e13afc2c76a9b3523daa037814a97f9ad5310ee32c4dfe3b5d006a0ed73b","sha512":"d9a8704b10b2897fa29358a36d8f8a180a97f1752ac745065c11ca1698055fd59415d32ac54e451a2237dc460d8a465ffacdbfc7009bf8e2f4fd885acc189e16","ssdeep":"","tlshash":"6b70000a0800320022000820002082a2af808080000000088ee2cce00808080a002220","first_seen":"2025-04-28T11:02:45.558882Z","last_seen":"2026-06-19T01:07:46.338565Z","times_seen":43299,"resource_available":true,"data":null}},"time_used":85,"timings":{"blocked":33,"dns":4,"connect":8,"send":0,"wait":12,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"teleocgl.quest/favicon.ico","fqdn":"teleocgl.quest","domain":"teleocgl.quest","tld":"quest"},"ip":{"addr":"172.67.129.239","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://teleocgl.quest/cdn-cgi/phish-bypass?atok=grA77c3JI7xM5KaRwLcF96TworNBlJGBP91m30SgdxY-1755486152.4098868-0.0.1.1-%2F\u0026original_path=%2F\u0026cf-turnstile-response=","date":"2025-08-18T12:00:58.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"teleocgl.quest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 08:36:28 GMT","end":"Fri, 07 Nov 2025 09:35:01 GMT"},"fingerprint":{"sha1":"D3:1A:BC:B7:98:A0:70:31:E1:38:18:F9:E9:A6:84:23:79:7B:34:DE","sha256":"CB:3B:23:5A:A2:30:95:DB:6B:87:4B:1C:D4:C5:A6:88:0A:4E:2C:82:E2:0F:0D:37:B1:D5:82:06:0C:EC:E1:BA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: teleocgl.quest\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://teleocgl.quest/cdn-cgi/phish-bypass?atok=grA77c3JI7xM5KaRwLcF96TworNBlJGBP91m30SgdxY-1755486152.4098868-0.0.1.1-%2F\u0026original_path=%2F\u0026cf-turnstile-response=\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 18 Aug 2025 12:00:58 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Wed, 16 Jul 2025 01:28:14 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=15552000; preload\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XuPQsb9MgkpAr5Fol5kqEaJi58BAw%2FDkIdmvWHQaOtNVtOJw11QAPErm6PM8k3NT92nJwSvuxUDK3CZkaUTJQm3YMEcAZNbo3yYbrq63\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\netag: W/\"6877002e-969\"\r\ncontent-encoding: br\r\ncf-ray: 971140fb2c3f5cc8-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2409,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48 with \n- PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"1635ed0e8715c40d4bed875b7494a93a","sha1":"ca2c72821b30194b9b6daf9c8c0ce1723fe54614","sha256":"504b4621e486970f8c1721d5297561c9f33296f516c83fbb33a0ff3f4f7c1357","sha512":"f710268687fcd3da9bd9ffee9cbf166d21598cab5ff1172c510fd478f57300af7112f35132ba345a2242b65ff53cde9de6ebf0f1ea8cf7f5fce17c832a5a85d8","ssdeep":"","tlshash":"9c413ae3663eb676c5f6a6660c4f01002c1f80d4759aab3c364ae0f68c4316a0ae4a23","first_seen":"2023-06-20T23:38:38Z","last_seen":"2026-06-22T00:14:36.530235Z","times_seen":2562,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}