Report - www.google.co.nz/url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw==

Report Overview

Submitted URL
www.google.co.nz/url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw==
IP
216.58.211.3
ASN
#15169 GOOGLE
Submitted
2024-10-18 01:41:10
Access
public
Website Title
Final URL
t7j.grentermi.com/xiU91bZV/#Dmario.maes@state.nm.us
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.co.nz	28204	1999-02-16	2012-06-03T19:08:41Z	2024-10-14T12:31:06.006148Z	1.6 kB	2.5 kB	142.250.74.131
bolt.dev	unknown	2021-05-20	2024-10-17T19:34:56.650037Z	2024-10-17T19:34:56.650037Z	441 B	262 B	103.83.194.55
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17T22:46:33Z	2024-10-16T01:30:54.597478Z	439 B	15 kB	104.17.24.14
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20T07:02:03Z	2024-10-16T01:35:24.115415Z	5.7 kB	509 kB	104.18.94.41
t7j.grentermi.com	unknown	2024-10-11	2024-10-17T19:36:06.308211Z	2024-10-17T19:36:06.308211Z	2.1 kB	58 kB	188.114.97.1
code.jquery.com	634	2005-12-10	2012-05-21T19:28:02Z	2024-10-16T01:41:24.678696Z	413 B	90 kB	151.101.130.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-17	medium	grentermi.com	Sinkholed
2024-10-17	medium	grentermi.com	Sinkholed
2024-10-17	medium	grentermi.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (52)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	48 kB	2023-03-07T01:31:53Z	2024-10-18T03:19:50.826039Z
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07T01:31:53Z Last Seen2024-10-18T03:19:50.826039Z Times Seen38459 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07T01:02:13Z	2024-10-18T03:19:50.826956Z
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07T01:02:13Z Last Seen2024-10-18T03:19:50.826956Z Times Seen126599 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	unknown	1.4 kB	2024-10-18T01:41:13.051332Z	2024-10-18T01:41:13.051332Z
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-18T01:41:13.051332Z Last Seen2024-10-18T01:41:13.051332Z Times Seen1 Hash 7c42848ebb6ac7bd841e80265ba3bbd5 1f69b1d8534aa7d9e4fca8b4350a8acdfb91084a 6b6134389d3fcbd397886c9637794fa408ba7b412805c8c37a17f6f379382fff Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/	4.2 kB	2024-10-18T01:41:13.054801Z	2024-10-18T01:41:13.054801Z
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-18T01:41:13.054801Z Last Seen2024-10-18T01:41:13.054801Z Times Seen1 Hash 4b45558fa99ba1a988dca9d6d7b45ad9 b1e7d390ebb091ed8b95676f844ba1009dbb5feb 238faeccd1cc151f734b2232d968451313137746ac6d9b0884eeda82c31de172 Loading...

	t7j.grentermi.com/xiU91bZV/#Dmario.maes@state.nm.us	18 kB	2024-10-18T01:41:13.05878Z	2024-10-18T01:41:13.05878Z
Pretty URL t7j.grentermi.com/xiU91bZV/#Dmario.maes@state.nm.us IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-18T01:41:13.05878Z Last Seen2024-10-18T01:41:13.05878Z Times Seen1 Hash 011f84f723d0c4c2a630d2d1b5be20d3 4a881d41728c500d01f9569e2936d2f450c3b5ad 527283ee1969e01b6a0a2d8195247f9776efad85268ef11fd9b581ff4552f8d3 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	48 kB	2024-10-03T15:09:17Z	2024-10-18T03:22:02.839051Z
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-03T15:09:17Z Last Seen2024-10-18T03:22:02.839051Z Times Seen3217 Hash 5d332fd1ae9feb79a10425dfc3f84fe4 c7d7f9d2bf5ee08e242765803cdd3a223fe1cbfc 2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611 Loading...

	unknown	190 B	2024-10-04T00:30:08Z	2024-10-18T02:04:40.075875Z
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-04T00:30:08Z Last Seen2024-10-18T02:04:40.075875Z Times Seen153 Hash 996895bb9e2f1fbaa2b6f7fcaa42606f 9490d23d3608eaad635e7fc6c37d47bdbe703edb 1cde1f1ca57dabf8053813d2d9ce9ead9ab7d0182feae260d57fd491d2cfe556 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d44d278f8e656cc&lang=auto	119 kB	2024-10-18T01:41:13.034346Z	2024-10-18T01:41:13.034346Z
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d44d278f8e656cc&lang=auto IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-18T01:41:13.034346Z Last Seen2024-10-18T01:41:13.034346Z Times Seen1 Hash 9b129fdd8d1fc7d117430581714f0f4d 03259a62f7258ba56c6616d8f4804eeefbaac308 b160c1a4d5b1d41f5ea8e5f73de067d6520602e87c38971466b4032b4c21ca36 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b1e62ab037a8d42f3ee7cd1a110e9e87	28 B	2024-10-18T01:41:13.064503Z	2024-10-18T01:41:13.064503Z
Pretty Observations First Seen2024-10-18T01:41:13.064503Z Last Seen2024-10-18T01:41:13.064503Z Times Seen1 Hash b1e62ab037a8d42f3ee7cd1a110e9e87 5283ee5093eb7c2b00047c6fccad59d41e24597c 389f2c864c71d3f4e5ff41d32eb107b3d8638531fe65793ca2b578c6fa45c27c Loading...

	#2 Eval - eb895d3072772074dcad7f91cc015c51	28 B	2024-10-18T01:41:13.067941Z	2024-10-18T01:41:13.067941Z
Pretty Observations First Seen2024-10-18T01:41:13.067941Z Last Seen2024-10-18T01:41:13.067941Z Times Seen1 Hash eb895d3072772074dcad7f91cc015c51 89ea050b26b00ccb2605f54320635eef8ba45232 40f0c5f85f8929ed23c9b208841df36b31ae527e983eac26764e8bcbcf23de5d Loading...

	#3 Eval - 51a32909770f8a299aa50894f5de5321	28 B	2024-10-18T01:41:13.071338Z	2024-10-18T01:41:13.071338Z
Pretty Observations First Seen2024-10-18T01:41:13.071338Z Last Seen2024-10-18T01:41:13.071338Z Times Seen1 Hash 51a32909770f8a299aa50894f5de5321 0c39b9d19d938b69a541e8ef727f09213f6a0097 c616440bef16a445ebfaf8e03217df440b022d08c783dfdf95d69568eca2a0d3 Loading...

	#4 Eval - 7c039319e887cf0434fb981af4f27238	28 B	2024-10-18T01:41:13.074838Z	2024-10-18T01:41:13.074838Z
Pretty Observations First Seen2024-10-18T01:41:13.074838Z Last Seen2024-10-18T01:41:13.074838Z Times Seen1 Hash 7c039319e887cf0434fb981af4f27238 0d42a5a44069ba069e331ce8b626ae6e9b8ddee8 672ef49266c1bb3d8b3d6b40ab6e17d5f1e9b4727ea740194631250db4e81a0c Loading...

	#5 Eval - e8703bde3fea12a165eb588b8e9f43a6	28 B	2024-10-18T01:41:13.079532Z	2024-10-18T01:41:13.079532Z
Pretty Observations First Seen2024-10-18T01:41:13.079532Z Last Seen2024-10-18T01:41:13.079532Z Times Seen1 Hash e8703bde3fea12a165eb588b8e9f43a6 e671f69932a825a3a732f5375df0ffec6ff9cc8a 5e313b7b443a2f815a869fa819d6aa545369e52dec30fe3c81c81eb6afc6dc6a Loading...

	#6 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07T01:03:43Z	2024-10-18T03:22:03.097676Z
Pretty Observations First Seen2023-03-07T01:03:43Z Last Seen2024-10-18T03:22:03.097676Z Times Seen301949 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#7 Eval - 534f90aff2b29607b7d32e6fd8541e39	28 B	2024-10-18T01:41:13.083723Z	2024-10-18T01:41:13.083723Z
Pretty Observations First Seen2024-10-18T01:41:13.083723Z Last Seen2024-10-18T01:41:13.083723Z Times Seen1 Hash 534f90aff2b29607b7d32e6fd8541e39 d89d2abbda2ca4e3953e8d4c2a7bca6e4fa13d87 6bb56afd4722275cc26d9e444d2cf93ae7e55358ecc9e6731723667bec3b5c41 Loading...

	#8 Eval - 3934d1955523307fdb72d92bc05c8b4c	28 B	2024-10-18T01:41:13.086848Z	2024-10-18T01:41:13.086848Z
Pretty Observations First Seen2024-10-18T01:41:13.086848Z Last Seen2024-10-18T01:41:13.086848Z Times Seen1 Hash 3934d1955523307fdb72d92bc05c8b4c 57070980b101f6df38571baa44e1b3b3cfaca7d6 e6745dff49900644d10be646bb17c0641b6d4a8a7f29edd6d9629afb9c037692 Loading...

	#9 Eval - 880b5f8004ba5790030e09c01eb42c90	28 B	2024-10-18T01:41:13.090509Z	2024-10-18T01:41:13.090509Z
Pretty Observations First Seen2024-10-18T01:41:13.090509Z Last Seen2024-10-18T01:41:13.090509Z Times Seen1 Hash 880b5f8004ba5790030e09c01eb42c90 9356e4cd52fd004f7e537bc7fb07481e079638c0 69552f3ea64b0cd3128684de60e7d953afe37ab01d0cb77c5904837288336b13 Loading...

	#10 Eval - 17b69446e0daa98a3b6b49aad8220fa1	28 B	2024-10-18T01:41:13.094311Z	2024-10-18T01:41:13.094311Z
Pretty Observations First Seen2024-10-18T01:41:13.094311Z Last Seen2024-10-18T01:41:13.094311Z Times Seen1 Hash 17b69446e0daa98a3b6b49aad8220fa1 7a18099719df48f1b1fd0fa7d9f057a14cae9190 e8df4d36c535d6469eb777f20f66fdf3de91e85216adecee926a3299bf9128e7 Loading...

	#11 Eval - d66259718257aeb598564eeb9543c607	28 B	2024-10-18T01:41:13.09812Z	2024-10-18T01:41:13.09812Z
Pretty Observations First Seen2024-10-18T01:41:13.09812Z Last Seen2024-10-18T01:41:13.09812Z Times Seen1 Hash d66259718257aeb598564eeb9543c607 d02a7ff9e76b3490f3241df57324bde07f4237b7 ba06472435d4f24dcbb55c4f509c8b5eed15f96aa71ce9765a6b1dd21120032b Loading...

	#12 Eval - ac1d636eb70d3f4961a684e40a929fa8	28 B	2024-10-18T01:41:13.101585Z	2024-10-18T01:41:13.101585Z
Pretty Observations First Seen2024-10-18T01:41:13.101585Z Last Seen2024-10-18T01:41:13.101585Z Times Seen1 Hash ac1d636eb70d3f4961a684e40a929fa8 db2b86849c7998f11a2f4aead7db5b17cd4a42ab 9481d0aedf56b0cd6779db9d0f7444e039bae95b6cceb104dab70b7ad31146f0 Loading...

	#13 Eval - 23ea8b2e5a1aee57c67d0f2b74b59f32	28 B	2024-10-18T01:41:13.104861Z	2024-10-18T01:41:13.104861Z
Pretty Observations First Seen2024-10-18T01:41:13.104861Z Last Seen2024-10-18T01:41:13.104861Z Times Seen1 Hash 23ea8b2e5a1aee57c67d0f2b74b59f32 4fe450c75e26d15fa662a872e5513a6da89873a1 862c9070e83e4adc87cf64d1d98f12bbf4253fac6ce7e220841a38c8a99a0c8d Loading...

	#14 Eval - e0fcd14098dc8ebf1f4d954e78ef98a9	28 B	2024-10-18T01:41:13.108079Z	2024-10-18T01:41:13.108079Z
Pretty Observations First Seen2024-10-18T01:41:13.108079Z Last Seen2024-10-18T01:41:13.108079Z Times Seen1 Hash e0fcd14098dc8ebf1f4d954e78ef98a9 0d2f67a000e3ab2061d9ce967af034c1c61fb15b 97c6536fcd6b6089489abd98fc35107339493473572273e176ef6fd4efda483c Loading...

	#15 Eval - 61fa153f2827c887a48a351ae3c6cfd3	8 B	2023-03-07T01:03:50Z	2024-10-18T03:19:50.912975Z
Pretty Observations First Seen2023-03-07T01:03:50Z Last Seen2024-10-18T03:19:50.912975Z Times Seen7092 Hash 61fa153f2827c887a48a351ae3c6cfd3 5fbd02245cf700ea94d638c8d76924ecca52d330 4c44d7c28ec0f6ca3e2624c6af1d3be324576d01ef6f6c2dc0af7e61664b8c2c Loading...

	#16 Eval - 5a3c2adc097a03b3e462c3c50da06a0e	28 B	2024-10-18T01:41:13.11261Z	2024-10-18T01:41:13.11261Z
Pretty Observations First Seen2024-10-18T01:41:13.11261Z Last Seen2024-10-18T01:41:13.11261Z Times Seen1 Hash 5a3c2adc097a03b3e462c3c50da06a0e fa6bf75f3e9bf6d03efc028e47bae245283e6c84 7b3c2d3135ec8b5e71e08b6635f64f12deefd2bc6fd57fe4aa0d1efbf54cb807 Loading...

	#17 Eval - 2ef0e0c4b90b8b013781911e120c3b71	28 B	2024-10-18T01:41:13.116145Z	2024-10-18T01:41:13.116145Z
Pretty Observations First Seen2024-10-18T01:41:13.116145Z Last Seen2024-10-18T01:41:13.116145Z Times Seen1 Hash 2ef0e0c4b90b8b013781911e120c3b71 a037d30cad34c24a20f73532a88860138f64c1ca f634ac157f59daaea5786263112307ec011e3f625eafded5d787f65a951a05d0 Loading...

	#18 Eval - fc8d66ff532702f8b34cda6845f28661	28 B	2024-10-18T01:41:13.119347Z	2024-10-18T01:41:13.119347Z
Pretty Observations First Seen2024-10-18T01:41:13.119347Z Last Seen2024-10-18T01:41:13.119347Z Times Seen1 Hash fc8d66ff532702f8b34cda6845f28661 c8f4c6ec01e460f171b3b3892c11f4ad873d0e02 69bdd2e328542aefd4b2480c7c6fccc7e1de942f788de317770c33dd1d57a011 Loading...

	#19 Eval - 3591a433c97ad2c00c379e916eead88f	28 B	2024-10-18T01:41:13.122613Z	2024-10-18T01:41:13.122613Z
Pretty Observations First Seen2024-10-18T01:41:13.122613Z Last Seen2024-10-18T01:41:13.122613Z Times Seen1 Hash 3591a433c97ad2c00c379e916eead88f 20f9175edcddb962cf4bfd4f2041f14b2500852d 25a85c84d3704edb5d696f1dad7131421d0004de1fbf82901f55cd0d7a17e10d Loading...

	#20 Eval - ee8291cccff5b593f2106d5b40f7404c	28 B	2024-10-18T01:41:13.1264Z	2024-10-18T01:41:13.1264Z
Pretty Observations First Seen2024-10-18T01:41:13.1264Z Last Seen2024-10-18T01:41:13.1264Z Times Seen1 Hash ee8291cccff5b593f2106d5b40f7404c 1ac49a1e819309188dbb17b031787adc3c544204 b8d96e5c6ef6f349661d1bec45ffbe9c4b49ab18ac87e7ca59c87edd68356d9c Loading...

	#21 Eval - 57a9ceecbff44e50bdec0d7c89824123	28 B	2024-10-18T01:41:13.129709Z	2024-10-18T01:41:13.129709Z
Pretty Observations First Seen2024-10-18T01:41:13.129709Z Last Seen2024-10-18T01:41:13.129709Z Times Seen1 Hash 57a9ceecbff44e50bdec0d7c89824123 de4cfd92dc092b9e448319beadfa73859dd37659 9319a8591bdab3ee6f8a8f547acbba77f7d68e4691e030cb5c7b5f5c66d51017 Loading...

	#22 Eval - 8ca63a01e0c62013b1eb932e3b260bc8	28 B	2024-10-18T01:41:13.132693Z	2024-10-18T01:41:13.132693Z
Pretty Observations First Seen2024-10-18T01:41:13.132693Z Last Seen2024-10-18T01:41:13.132693Z Times Seen1 Hash 8ca63a01e0c62013b1eb932e3b260bc8 d20376d85a0aec616713e4745aa0e5936f32343f d7e141c20374253d405541c4b72b799c33f332fd92f76e8c0de89556f43f9054 Loading...

	#23 Eval - 1697a7b780e7ab793d476c37de9fa9ce	28 B	2024-10-18T01:41:13.136598Z	2024-10-18T01:41:13.136598Z
Pretty Observations First Seen2024-10-18T01:41:13.136598Z Last Seen2024-10-18T01:41:13.136598Z Times Seen1 Hash 1697a7b780e7ab793d476c37de9fa9ce a94a7812d4834e3f5a8ed2a8a07c892ec3bd87aa 9cd494c97305ae4ab9c2fdcd754a28f9a070443175b76b3a36fd872fc493a217 Loading...

	#24 Eval - b45ed2feee4f6ebc84320c3e3fe9e830	28 B	2024-10-18T01:41:13.139966Z	2024-10-18T01:41:13.139966Z
Pretty Observations First Seen2024-10-18T01:41:13.139966Z Last Seen2024-10-18T01:41:13.139966Z Times Seen1 Hash b45ed2feee4f6ebc84320c3e3fe9e830 fc8be2c392012d61da36de9476bfa860b3692dd3 2cd863982c3131df68989a3c1fd70559891c80f21860914d5f553a704738ae3a Loading...

	#25 Eval - 3427ac31f138f734510cde3adf27e8e8	28 B	2024-10-18T01:41:13.143033Z	2024-10-18T01:41:13.143033Z
Pretty Observations First Seen2024-10-18T01:41:13.143033Z Last Seen2024-10-18T01:41:13.143033Z Times Seen1 Hash 3427ac31f138f734510cde3adf27e8e8 136354c46aadcfaecc5c2913d5e423f35be6e080 05b107af6f4eaabc08a22f04186a29a668b7eccc76dfa0cf134d7bc6cc48c2e7 Loading...

	#26 Eval - 7f825e21c5fc7a3bafebb4c025ca4edd	60 B	2024-10-03T15:09:18Z	2024-10-18T03:22:03.04248Z
Pretty Observations First Seen2024-10-03T15:09:18Z Last Seen2024-10-18T03:22:03.04248Z Times Seen3288 Hash 7f825e21c5fc7a3bafebb4c025ca4edd 79e8cb7db779c31d4fd8c01565171bc73f736d82 69b137d664bb50d6994854cb7049b54047e9f30e201b1b849ddb0e6359b4888c Loading...

	#27 Eval - 1058e369bda2cf00e16fc42e1c348639	28 B	2024-10-18T01:41:13.147386Z	2024-10-18T01:41:13.147386Z
Pretty Observations First Seen2024-10-18T01:41:13.147386Z Last Seen2024-10-18T01:41:13.147386Z Times Seen1 Hash 1058e369bda2cf00e16fc42e1c348639 1737cec37cff8c80e1e70611414e0e593f974db6 88c5e1279d1e710f32a116cca81fc4fc36e937ce7e39cea5b616e3d4095bd77b Loading...

	#28 Eval - 0e288dd75a8c83b6e8c85e0000b6205f	28 B	2024-10-18T01:41:13.151053Z	2024-10-18T01:41:13.151053Z
Pretty Observations First Seen2024-10-18T01:41:13.151053Z Last Seen2024-10-18T01:41:13.151053Z Times Seen1 Hash 0e288dd75a8c83b6e8c85e0000b6205f 38ce57c11d0878c8997ee5cdf26a8ddaef5445a1 4a2ebff1bdb87e72e58d4e9caa21c412ec2370a0844a62fdf296b6d1de8bd67d Loading...

	#29 Eval - 26482d2ede2425731fd4a62b6e7285d8	28 B	2024-10-18T01:41:13.154497Z	2024-10-18T01:41:13.154497Z
Pretty Observations First Seen2024-10-18T01:41:13.154497Z Last Seen2024-10-18T01:41:13.154497Z Times Seen1 Hash 26482d2ede2425731fd4a62b6e7285d8 2b9d4ba81593d0da579657d464fe3bda6ca96744 aa04afaa48d5937a4a6290fe6b8be69110de5d0b5c5189e9d61bbc9b612264e8 Loading...

	#30 Eval - 8ff35a567d98bf3d1aa9c133da08f9c7	28 B	2024-10-18T01:41:13.157985Z	2024-10-18T01:41:13.157985Z
Pretty Observations First Seen2024-10-18T01:41:13.157985Z Last Seen2024-10-18T01:41:13.157985Z Times Seen1 Hash 8ff35a567d98bf3d1aa9c133da08f9c7 e88bcbc4f9a50a43e4e060ba59fbf0a1959733bc 146b4210a933ca88d17fb713da116eccfe90eb70438a1dd30673c6205a3b174d Loading...

	#31 Eval - 485ecd2849349722c6011817b2a054f5	583 B	2024-10-18T01:41:13.161216Z	2024-10-18T01:41:13.161216Z
Pretty Observations First Seen2024-10-18T01:41:13.161216Z Last Seen2024-10-18T01:41:13.161216Z Times Seen1 Hash 485ecd2849349722c6011817b2a054f5 4c2e200b2b7a953d452e03eb51e319afd7253698 cf391b5255e6127727afab9d7f1015d2374b25dd2e1497f2be8f81a9cb3b3287 Loading...

	#32 Eval - 018100f3ce1eb21f0f9b91e33fbd4663	28 B	2024-10-18T01:41:13.165248Z	2024-10-18T01:41:13.165248Z
Pretty Observations First Seen2024-10-18T01:41:13.165248Z Last Seen2024-10-18T01:41:13.165248Z Times Seen1 Hash 018100f3ce1eb21f0f9b91e33fbd4663 1f23430e2fc91d8c72a60a74d1629dc605d495e8 1ced7aefac9cc11ff12c500a8720cf16235ff7b7de7e9a49faffcbd19cb1f926 Loading...

	#33 Eval - 94e9204b215b2455b73c73c632e63f59	28 B	2024-10-18T01:41:13.168615Z	2024-10-18T01:41:13.168615Z
Pretty Observations First Seen2024-10-18T01:41:13.168615Z Last Seen2024-10-18T01:41:13.168615Z Times Seen1 Hash 94e9204b215b2455b73c73c632e63f59 9027b2bed57270d9ca8f468afc28be7e4aa3d1a8 2ceadf65b29961176e31d0dd2b7a3ff362cddb4218a6b9034ffd7df6e31c76ac Loading...

	#34 Eval - 4146d26d6806412054c4c3a6d5a8d359	28 B	2024-10-18T01:41:13.172152Z	2024-10-18T01:41:13.172152Z
Pretty Observations First Seen2024-10-18T01:41:13.172152Z Last Seen2024-10-18T01:41:13.172152Z Times Seen1 Hash 4146d26d6806412054c4c3a6d5a8d359 49696dbc921d0c64eadbaff612119caf60ad957a e76b553e6f730e19ef4e6734b5b4ff813d498c7cc5f48baef312af342352a4d8 Loading...

	#35 Eval - 4176a80119cef728cc01213db1a62b46	28 B	2024-10-18T01:41:13.175353Z	2024-10-18T01:41:13.175353Z
Pretty Observations First Seen2024-10-18T01:41:13.175353Z Last Seen2024-10-18T01:41:13.175353Z Times Seen1 Hash 4176a80119cef728cc01213db1a62b46 4626206a12f5f41fae31334552bfcb2b9da0b053 6836122c0ee236427ce7050440111c367dc417e32123f9328d149d0332c4c8a2 Loading...

	#36 Eval - f0161968cb80b3a7d9d6525438367f92	28 B	2024-10-18T01:41:13.178685Z	2024-10-18T01:41:13.178685Z
Pretty Observations First Seen2024-10-18T01:41:13.178685Z Last Seen2024-10-18T01:41:13.178685Z Times Seen1 Hash f0161968cb80b3a7d9d6525438367f92 63ec0a05c6b8f4bc09f229ab32d13d659c3d2ab1 952b9c0417b93ea8cdc25d3ae2b1aa10d6d3b36f6f431b780bb84c69c174b29a Loading...

	#37 Eval - 72e0542542184367b6c3d5eeb57c22fb	28 B	2024-10-18T01:41:13.181904Z	2024-10-18T01:41:13.181904Z
Pretty Observations First Seen2024-10-18T01:41:13.181904Z Last Seen2024-10-18T01:41:13.181904Z Times Seen1 Hash 72e0542542184367b6c3d5eeb57c22fb d1f9de97adbb231e7fd125ebcc04092451df7325 6327a052bec2a2406feeeb0e3011ec0e9621606058e5cf1d8be2c9610e43eea2 Loading...

	#38 Eval - 782aaea9eb5faed54ca5b263f586b01a	28 B	2024-10-18T01:41:13.184685Z	2024-10-18T01:41:13.184685Z
Pretty Observations First Seen2024-10-18T01:41:13.184685Z Last Seen2024-10-18T01:41:13.184685Z Times Seen1 Hash 782aaea9eb5faed54ca5b263f586b01a 51da644a6e0cf549e2435284a67e3338dd832350 f5e088d45f39dfb08ebaf3bc3f964f10b0c893e37084c746cb5de6bc0182c1b3 Loading...

	#39 Eval - 021ab323e244654b65eeea1079dba609	28 B	2024-10-18T01:41:13.187936Z	2024-10-18T01:41:13.187936Z
Pretty Observations First Seen2024-10-18T01:41:13.187936Z Last Seen2024-10-18T01:41:13.187936Z Times Seen1 Hash 021ab323e244654b65eeea1079dba609 a8ac5401679ffb4ddc3d58c0813f5b34a136b40f 2fb03513cd1e0e14465a54118cb8c2999218ff2af2835fd4849dabec86682a09 Loading...

	#40 Eval - e2aad6a825fbe7f4cfae575359662cd1	28 B	2024-10-18T01:41:13.191387Z	2024-10-18T01:41:13.191387Z
Pretty Observations First Seen2024-10-18T01:41:13.191387Z Last Seen2024-10-18T01:41:13.191387Z Times Seen1 Hash e2aad6a825fbe7f4cfae575359662cd1 ab23cebffe2bedb37136784afba02b614a41aadd fb47b8bd2595e962f249e090b8bb9e7e20f35aa5f221ba81f8f8a15d40cde977 Loading...

	#41 Eval - 841ddb0e8cfbefa32b48c25ddfc9fc24	28 B	2024-10-18T01:41:13.194249Z	2024-10-18T01:41:13.194249Z
Pretty Observations First Seen2024-10-18T01:41:13.194249Z Last Seen2024-10-18T01:41:13.194249Z Times Seen1 Hash 841ddb0e8cfbefa32b48c25ddfc9fc24 77466082f34759977928022b5497242d802bcd61 a8950f92c7f56fb10ebfff2d69e4743edc9276e952bc628a9138e6a5aaa2d837 Loading...

	#42 Eval - c4503b5eb454d07863c2b8842a93f77e	28 B	2024-10-18T01:41:13.197436Z	2024-10-18T01:41:13.197436Z
Pretty Observations First Seen2024-10-18T01:41:13.197436Z Last Seen2024-10-18T01:41:13.197436Z Times Seen1 Hash c4503b5eb454d07863c2b8842a93f77e 6cae2526ef50e4f1f792aaf027d25422772dbe5f a3b7afa2ec6b1978638e56938c7bd05ad376aef247f248d8b74b9d627ed58f59 Loading...

	#43 Eval - 0f7b7a14cfb1107aa76b21f153dbb41a	28 B	2024-10-18T01:41:13.200614Z	2024-10-18T01:41:13.200614Z
Pretty Observations First Seen2024-10-18T01:41:13.200614Z Last Seen2024-10-18T01:41:13.200614Z Times Seen1 Hash 0f7b7a14cfb1107aa76b21f153dbb41a b5a3a22dfaa83703413673e7d453fedfe55b5aa1 17ed42d01a6e305857053298acaea47354713c953ef0dad7e61d282d34eafaf8 Loading...

		Size	First Seen	Last Seen
	#1 Write - 315ce3a0555be592017cc1871d4ba0e1	5.0 kB	2024-10-18T01:41:13.204283Z	2024-10-18T01:41:13.204283Z
Pretty Observations First Seen2024-10-18T01:41:13.204283Z Last Seen2024-10-18T01:41:13.204283Z Times Seen1 Hash 315ce3a0555be592017cc1871d4ba0e1 73d410ac6f934e7ea14563f47b3759e14825f33f f8cf98b491ba0f88192206bbe3464f329c88925db7fdb5dfbe9ea237aa49aaad Loading...

HTTP Transactions (17)

URL IP Response Size

www.google.co.nz/url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw==

142.250.74.131

302 Found

297 B

URL
www.google.co.nz/url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw==
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
297 B (297 bytes)
Hash
f56542d433935742f57d267860df3a00
5ae6091b843a68e183ca8e04d4ba9c20e644fd9f
3fdbd9b8055a1e220c731c3d8640de8f68c99d8bdd4303cce4fa8c7b91cf72d0

HTTP Headers

GET /url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw== HTTP/1.1
Host: www.google.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://www.google.co.nz/amp/bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw==
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ngTFlz2sqJhqaXD7xmqw7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Fri, 18 Oct 2024 01:40:44 GMT
server: gws
content-length: 297
x-xss-protection: 0
set-cookie: __Secure-ENID=23.SE=FusSHF2Ts7obafzcDW_yFpFxq5wKEYm9z-1poiAnjpw-KRGhfOczpPxZIKHye0faAKTtq1-oSwWKxu9rxVPTuzBJaQrlHpxzaVZdC6t25Xu73eAxbVr2Xbqi4f8AiGoenAljMFFEgQS4On7wYgxd6Vm1n0RCMdwW18wfLqtNQUoKP4LfOVrFkGIE6srq08BK8oEf_BLgkZ9-JlBhM9zOcQp39u2C4Yd069qGQ-I; expires=Mon, 17-Nov-2025 17:59:02 GMT; path=/; domain=.google.co.nz; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.co.nz/amp/bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw==

142.250.74.131

302 Found

275 B

URL
www.google.co.nz/amp/bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw==
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
275 B (275 bytes)
Hash
9ae55b96d742a003726f41368f403293
d1fd614ba1fd61436326739e66a11db831ef9f5a
c6c03edff0c53eb06694cea814aacb6f1e86875ecb5f2e5600eddd846892befd

HTTP Headers

GET /amp/bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw== HTTP/1.1
Host: www.google.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=23.SE=FusSHF2Ts7obafzcDW_yFpFxq5wKEYm9z-1poiAnjpw-KRGhfOczpPxZIKHye0faAKTtq1-oSwWKxu9rxVPTuzBJaQrlHpxzaVZdC6t25Xu73eAxbVr2Xbqi4f8AiGoenAljMFFEgQS4On7wYgxd6Vm1n0RCMdwW18wfLqtNQUoKP4LfOVrFkGIE6srq08BK8oEf_BLgkZ9-JlBhM9zOcQp39u2C4Yd069qGQ-I
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
location: http://bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw==
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-xTMthA5wdD6Jhyd0LUqsBg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
date: Fri, 18 Oct 2024 01:40:44 GMT
server: gws
content-length: 275
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw==

103.83.194.55

200 OK

0 B

URL
bolt.dev/work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw==
IP
103.83.194.55:0
ASN
#393960 HOST4GEEKS-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /work/D5zvfsmtwaGsfvecDIg1DDUc/bWFyaW8ubWFlc0BzdGF0ZS5ubS51cw== HTTP/1.1
Host: bolt.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Oct 2024 01:40:44 GMT
Server: Apache
refresh: 0;url= https://t7j.grentermi.com/xiU91bZV/#Dmario.maes@state.nm.us
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.24.14

200 OK

14 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t7j.grentermi.com/xiU91bZV/#Dmario.maes@state.nm.us
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
FingerprintE6:47:BB:06:9C:32:48:7E:A6:0A:4B:62:53:7B:F0:35:5D:A9:A3:8A
ValiditySat, 28 Sep 2024 05:35:05 GMT - Fri, 27 Dec 2024 05:35:04 GMT

File type
JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Size
14 kB (13972 bytes)
Hash
2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t7j.grentermi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Oct 2024 01:40:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 115660
expires: Wed, 08 Oct 2025 01:40:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufguzr0dh0s%2FDtGL%2FAAs3yCdkVxUgUx%2B1L%2FXAkwQDAiBGEIcSqTJZf7ZUZ8rVpD2Wd6tt44yVOOJ%2BWaDoHbgjhAvWBTZ34cL3LFkkO7fZeun1zusMHABAIBaodB%2FtNNyTUjbW3ew"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8d44d2771ee80b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

104.18.94.41

302 Found

0 B

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t7j.grentermi.com/xiU91bZV/#Dmario.maes@state.nm.us
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t7j.grentermi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 18 Oct 2024 01:40:45 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/62ec4f065604/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d44d2771925b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

t7j.grentermi.com/xiU91bZV/

188.114.97.1

200 OK

36 kB

URL
t7j.grentermi.com/xiU91bZV/
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (6741), with CRLF line terminators
Size
36 kB (35940 bytes)
Hash
6e172a40fa744d6acb5a43bf637a8308
604cb8851a471c801a5791e671463f4b85eff81a
8fdebe90d733ed3bfd9cb61dfa40ce6116d3632c0bd27bc94ecd79794187e5e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /xiU91bZV/ HTTP/1.1
Host: t7j.grentermi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Oct 2024 01:40:45 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmHt3CLVkYa2mG4yGTF%2BLUN5OuQ6Wi3KpsszwaRrvVe8vnfgGh6%2Fkv3%2BnkR52%2Fg8RXhznJgzddPTmgNpBLVg4rMDItHUvbBqwTAOUVkX5UUuLrJPhNWSTYM3shJM1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6IkRNdnErQ2xLVTRVakVUc2x2Q09meHc9PSIsInZhbHVlIjoidUFwbExuYmVDZEJVRGpNVFBJRU5yRXVaWnZTMVBVR3BlQVJqb0Z0VmJnZGFwVFdVSzlkN1prVkRiTHU2QU5iRS9jTE5xMUZ5NDN2alBWYVZaVzRuOHkzVTM2alB2OUJXQndiZ1dKcmlkano1ZnJNYjlFZE5PR1BFL1FMU29RbHYiLCJtYWMiOiI4MDFlMWI0YjRjZWI5MTRmYzYxNWMzZmIxNzU4ZjlmYTI0MjlkYTJiMTE0NjU0NTUzMGU4MTIzMjg4NmFmZWM3IiwidGFnIjoiIn0%3D; expires=Fri, 18-Oct-2024 03:40:45 GMT; Max-Age=7200; path=/; secure; samesite=none
laravel_session=eyJpdiI6ImI4K3ZqcWJ6ZmVQSHpDKzlBK0QwaUE9PSIsInZhbHVlIjoidFFxaC9WR1NqdTIrQkZNeDJRRWdZT25KQVJvWFlXUHFZbmNTc1IrVUtNd0g5TnUrNldoS2pkbDVRY1NpS2FWS2ZTRnZHek1DeXQ2Q3plMDlkSkRsTXdXR3JIdENPZVVPbk1xYW4xb2R1RW5PSm5sRlJqWWFPUUJuWFVBc1VJZUwiLCJtYWMiOiIyNDVhMjFjMmU4ODhjYWYyNTc1ZDM0MWIwNWM1NGNiMzJkMjQ4N2ZlYjE0YWI5ZjcxOGQ0YzEyY2UzYjRiYjdmIiwidGFnIjoiIn0%3D; expires=Fri, 18-Oct-2024 03:40:45 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8d44d2749d685685-OSL
content-encoding: br
X-Firefox-Spdy: h2

t7j.grentermi.com/favicon.ico

188.114.97.1

404 Not Found

64 B

URL GET HTTP/3
t7j.grentermi.com/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t7j.grentermi.com/xiU91bZV/#Dmario.maes@state.nm.us
Certificate
IssuerGoogle Trust Services
Subjectgrentermi.com
FingerprintAC:F9:6F:F7:2E:2D:B6:DA:53:66:65:B1:1D:F5:16:BA:59:C5:4C:4F
ValidityFri, 11 Oct 2024 15:17:11 GMT - Thu, 09 Jan 2025 15:17:10 GMT

File type
data
Size
64 B (64 bytes)
Hash
2c3dd3d4a9bc9d1ffdf125e8439a3c00
a9b83cd7e27c23a420c3f56107ce51368e4662cb
0d68a8110cb0daf3c313fce8c1e3b950e49ed0d27fe4403f708734c3af15003d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: t7j.grentermi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t7j.grentermi.com/xiU91bZV/
Cookie: XSRF-TOKEN=eyJpdiI6IkRNdnErQ2xLVTRVakVUc2x2Q09meHc9PSIsInZhbHVlIjoidUFwbExuYmVDZEJVRGpNVFBJRU5yRXVaWnZTMVBVR3BlQVJqb0Z0VmJnZGFwVFdVSzlkN1prVkRiTHU2QU5iRS9jTE5xMUZ5NDN2alBWYVZaVzRuOHkzVTM2alB2OUJXQndiZ1dKcmlkano1ZnJNYjlFZE5PR1BFL1FMU29RbHYiLCJtYWMiOiI4MDFlMWI0YjRjZWI5MTRmYzYxNWMzZmIxNzU4ZjlmYTI0MjlkYTJiMTE0NjU0NTUzMGU4MTIzMjg4NmFmZWM3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImI4K3ZqcWJ6ZmVQSHpDKzlBK0QwaUE9PSIsInZhbHVlIjoidFFxaC9WR1NqdTIrQkZNeDJRRWdZT25KQVJvWFlXUHFZbmNTc1IrVUtNd0g5TnUrNldoS2pkbDVRY1NpS2FWS2ZTRnZHek1DeXQ2Q3plMDlkSkRsTXdXR3JIdENPZVVPbk1xYW4xb2R1RW5PSm5sRlJqWWFPUUJuWFVBc1VJZUwiLCJtYWMiOiIyNDVhMjFjMmU4ODhjYWYyNTc1ZDM0MWIwNWM1NGNiMzJkMjQ4N2ZlYjE0YWI5ZjcxOGQ0YzEyY2UzYjRiYjdmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Fri, 18 Oct 2024 01:40:45 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AX2UEqlMW8n4NyjhG4U9wBBzmPCpewNwkHgoxcuOGb%2Fu1NdNqgx%2FbJiQRijSmFlgTi%2BDt%2B%2BO87DSiTLV%2FhYBpHFr3Nj4LgKCZRbiqXld64yf5khp9mpRu7nR6inLEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 6344
priority: u=6,i=?0
server: cloudflare
cf-ray: 8d44d2793ddab4ee-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=9269&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4152&recv_bytes=1790&delivery_rate=224190&cwnd=12000&unsent_bytes=0&cid=bb73bde5c6e3dc48&ts=527&x=1", cfExtPri, cfHdrFlush;dur=0

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8d44d278f8e656cc/1729215645996/vlchDiw5-KoVh14

104.18.94.41

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8d44d278f8e656cc/1729215645996/vlchDiw5-KoVh14
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
PNG image data, 19 x 22, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
c766e24978c7ae242c5ad077724a6ad4
f0c28c94b5f5a8fb21413babb3d3428088ee538f
f08caa874e2ded8d70a98c427f60310bbaf0ce00cb9982b8a00d3f292e30956f

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/8d44d278f8e656cc/1729215645996/vlchDiw5-KoVh14 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 18 Oct 2024 01:40:46 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8d44d27fdcf356cc-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8d44d278f8e656cc/1729215645999/2cd82dcc300b2f0980d8c7bb8f48fa3df95d26ddd8a2f80efc89e632a7698c2f/M8MG2AwTGnb_jt9

104.18.94.41

401 Unauthorized

1 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8d44d278f8e656cc/1729215645999/2cd82dcc300b2f0980d8c7bb8f48fa3df95d26ddd8a2f80efc89e632a7698c2f/M8MG2AwTGnb_jt9
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/8d44d278f8e656cc/1729215645999/2cd82dcc300b2f0980d8c7bb8f48fa3df95d26ddd8a2f80efc89e632a7698c2f/M8MG2AwTGnb_jt9 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 18 Oct 2024 01:40:47 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gLNgtzDALLwmA2Me7j0j6PfldJt3YovgO_InmMqdpjC8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tICzYLcwwCy8JgNjHu49I-j35XSbd2KL4DvyJ5jKnaYwvABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tICzYLcwwCy8JgNjHu49I-j35XSbd2KL4DvyJ5jKnaYwvABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwOXxuf_YfH60WXLdHNNMi668yTzkAIuksAL2v5Hmho3odFuawAT0cyief1oGo8EaTM_mzmbWK1XdowTDWz2k8-mVmWsgyW3NdrIQwZo-pqOoSiMOVVjpDsnwZmGR_SeoYczHldSUjidO3m4djRGeWR4Iv7sZ131HRg8MZGc0BLoTAJ8WLryDVz1Kp_D_qSxsI1b5cap8Y1yGShRIAZ1O6b3zuooeDoLh9q098fsCdlZbnGh28gTNXgdkiFt_yjyaf5upGTHXcizT4TWTDdmvgSNE19n7ahXuj-_GH_XzP42QLUomcuqNEhu5wSj7XNnyRFURH19l6_sLROivytIY2wIDAQAB", max-age=20
server: cloudflare
cf-ray: 8d44d285a86556cc-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

t7j.grentermi.com/xiU91bZV/

188.114.97.1

200 OK

18 kB

URL User Request GET HTTP/2
t7j.grentermi.com/xiU91bZV/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgrentermi.com
FingerprintAC:F9:6F:F7:2E:2D:B6:DA:53:66:65:B1:1D:F5:16:BA:59:C5:4C:4F
ValidityFri, 11 Oct 2024 15:17:11 GMT - Thu, 09 Jan 2025 15:17:10 GMT

File type
HTML document, ASCII text, with very long lines (6741), with CRLF line terminators
Size
18 kB (18204 bytes)
Hash
6e172a40fa744d6acb5a43bf637a8308
604cb8851a471c801a5791e671463f4b85eff81a
8fdebe90d733ed3bfd9cb61dfa40ce6116d3632c0bd27bc94ecd79794187e5e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /xiU91bZV/ HTTP/1.1
Host: t7j.grentermi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Oct 2024 01:40:45 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmHt3CLVkYa2mG4yGTF%2BLUN5OuQ6Wi3KpsszwaRrvVe8vnfgGh6%2Fkv3%2BnkR52%2Fg8RXhznJgzddPTmgNpBLVg4rMDItHUvbBqwTAOUVkX5UUuLrJPhNWSTYM3shJM1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6IkRNdnErQ2xLVTRVakVUc2x2Q09meHc9PSIsInZhbHVlIjoidUFwbExuYmVDZEJVRGpNVFBJRU5yRXVaWnZTMVBVR3BlQVJqb0Z0VmJnZGFwVFdVSzlkN1prVkRiTHU2QU5iRS9jTE5xMUZ5NDN2alBWYVZaVzRuOHkzVTM2alB2OUJXQndiZ1dKcmlkano1ZnJNYjlFZE5PR1BFL1FMU29RbHYiLCJtYWMiOiI4MDFlMWI0YjRjZWI5MTRmYzYxNWMzZmIxNzU4ZjlmYTI0MjlkYTJiMTE0NjU0NTUzMGU4MTIzMjg4NmFmZWM3IiwidGFnIjoiIn0%3D; expires=Fri, 18-Oct-2024 03:40:45 GMT; Max-Age=7200; path=/; secure; samesite=none
laravel_session=eyJpdiI6ImI4K3ZqcWJ6ZmVQSHpDKzlBK0QwaUE9PSIsInZhbHVlIjoidFFxaC9WR1NqdTIrQkZNeDJRRWdZT25KQVJvWFlXUHFZbmNTc1IrVUtNd0g5TnUrNldoS2pkbDVRY1NpS2FWS2ZTRnZHek1DeXQ2Q3plMDlkSkRsTXdXR3JIdENPZVVPbk1xYW4xb2R1RW5PSm5sRlJqWWFPUUJuWFVBc1VJZUwiLCJtYWMiOiIyNDVhMjFjMmU4ODhjYWYyNTc1ZDM0MWIwNWM1NGNiMzJkMjQ4N2ZlYjE0YWI5ZjcxOGQ0YzEyY2UzYjRiYjdmIiwidGFnIjoiIn0%3D; expires=Fri, 18-Oct-2024 03:40:45 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8d44d2749d685685-OSL
content-encoding: br
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.130.137

200 OK

90 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://t7j.grentermi.com/xiU91bZV/#Dmario.maes@state.nm.us
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t7j.grentermi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 18 Oct 2024 01:40:45 GMT
age: 232531
x-served-by: cache-lga21931-LGA, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 126683
x-timer: S1729215645.491599,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js

104.18.94.41

200 OK

48 kB

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t7j.grentermi.com/xiU91bZV/#Dmario.maes@state.nm.us
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
JavaScript source, ASCII text, with very long lines (47459)
Size
48 kB (47460 bytes)
Hash
5d332fd1ae9feb79a10425dfc3f84fe4
c7d7f9d2bf5ee08e242765803cdd3a223fe1cbfc
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611

HTTP Headers

GET /turnstile/v0/b/62ec4f065604/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t7j.grentermi.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Oct 2024 01:40:45 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Oct 2024 14:19:56 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d44d277694bb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.18.94.41

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 18 Oct 2024 01:40:45 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8d44d279891e56cc-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d44d278f8e656cc&lang=auto

104.18.94.41

200 OK

119 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d44d278f8e656cc&lang=auto
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
119 kB (118786 bytes)
Hash
9b129fdd8d1fc7d117430581714f0f4d
03259a62f7258ba56c6616d8f4804eeefbaac308
b160c1a4d5b1d41f5ea8e5f73de067d6520602e87c38971466b4032b4c21ca36

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d44d278f8e656cc&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 18 Oct 2024 01:40:45 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8d44d279992056cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/198714361:1729214911:IMZyOZt90yXI4t-SGURk5cNAwuP1ULPU7QbwMl2gGx4/8d44d278f8e656cc/a492bcf445f5e3b

104.18.94.41

200 OK

145 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/198714361:1729214911:IMZyOZt90yXI4t-SGURk5cNAwuP1ULPU7QbwMl2gGx4/8d44d278f8e656cc/a492bcf445f5e3b
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
145 kB (145084 bytes)
Hash
ba897bba1107b532d47c0565da8f1077
5ecf50d19e947be6f35e77a73a86ab0917a1a3df
1c4647ae7867998ccb30e50f35e3d8eee92c5e33e737c0a8da0d2c8083501425

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/198714361:1729214911:IMZyOZt90yXI4t-SGURk5cNAwuP1ULPU7QbwMl2gGx4/8d44d278f8e656cc/a492bcf445f5e3b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
Content-type: application/x-www-form-urlencoded
CF-Challenge: a492bcf445f5e3b
Content-Length: 2662
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 18 Oct 2024 01:40:46 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: reFXHiX0ZgwX0HOycvg3s5JK82zFLEnUp9Id+CzKtoRsXKO5qrXl9hRNXunOvCKQAGSR5x96gzlHZKPf4b1H0JgFYxGhM5wZlw/VToarLRnf4hkTjirKE8Ns6izhZaXxqi5OrgLEYYBywFHuYe/IKTXJja8jFEK/+bLKP9HNqE6v0xa4R+DML8dbyBvEezMnF5uTcT9rFG+JaaI/qB82ZoWBF1gKg7H7huKFyHgHmblMWfmLUhe9lmbYZh/TE9/+GgWheQPuojnXljll+w43grfmNgwgTGOwMNlq3QLupncsv/H93O0QhgeHs9Lj8rMrX2HbpelSE56x5tQTot+AZ+tKent80lbWyl7TAtOa8hqCN58dmNzA9FiA9Rl1gyaMCWs3VY+vm07oNeEWW9kYKRfsy+/Zxjkv5mprywCQNZEZET3G5Cv5jlAB62nf/H+Vp5LekKSfC+janfTU5czgrtw5yXHzXBlVSIYnov9y34fUbq3+IwjGjiA=$VmJWMKdfF67rZUGC
server: cloudflare
cf-ray: 8d44d27b5a4f56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/

104.18.94.41

200 OK

165 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t7j.grentermi.com/xiU91bZV/#Dmario.maes@state.nm.us
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
HTML document, ASCII text, with very long lines (42605)
Size
165 kB (164742 bytes)
Hash
92813e910f69d6ab5b62812ee8a06a68
71a2c2cf0b83722de9037a607a49b4cb9b81adca
9e517aa72e27973f4924ce46b5855b7d99321ede0b9c4bc905ebadaf962cd79d

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t7j.grentermi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 18 Oct 2024 01:40:45 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
server: cloudflare
cf-ray: 8d44d278f8e656cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/198714361:1729214911:IMZyOZt90yXI4t-SGURk5cNAwuP1ULPU7QbwMl2gGx4/8d44d278f8e656cc/a492bcf445f5e3b

104.18.94.41

200 OK

27 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/198714361:1729214911:IMZyOZt90yXI4t-SGURk5cNAwuP1ULPU7QbwMl2gGx4/8d44d278f8e656cc/a492bcf445f5e3b
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
ASCII text, with very long lines (26872), with no line terminators
Size
27 kB (26872 bytes)
Hash
121819135642a8547c2f8d9dade8ca20
1d61d00c05919dc442dcfda3b33ea67158561ba6
a16f83c188602234d32e89ff0112b23bf1b49b59f559baa50add029a57a9e55b

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/198714361:1729214911:IMZyOZt90yXI4t-SGURk5cNAwuP1ULPU7QbwMl2gGx4/8d44d278f8e656cc/a492bcf445f5e3b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c1hyb/0x4AAAAAAAxTZL0beVPWkfBF/auto/fbE/normal/auto/
Content-type: application/x-www-form-urlencoded
CF-Challenge: a492bcf445f5e3b
Content-Length: 28046
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 18 Oct 2024 01:40:48 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: zZTm1WU2myhX35VYlks0NBjZCij82Znvp3c/sdCEd5i81NgFbUoV77eqcTLeIf5SjR57Ugdjnhqey9un$dlObYz/M129e0qC6
server: cloudflare
cf-ray: 8d44d289ab2c56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (52)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash