URL User Request GET HTTP/1.1 IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4800), with CRLF, LF line terminators
Hash c20c756daa607a90fec9eaf3c5d9b458
5fde56c8aeff7714cc9900686392542566d048f0
790c4bc58cd7ff629048cce48226f2bce62c2d7e5183b7b05ff0cf454be8e1c1
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET / HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 03 Nov 2023 20:09:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyW9qOrB54MpyU%2BqRSi6CkUTMPuG18XyD%2BP3l6RgIWxWX8bMfwJmVcjIa%2Fy6CRVTPbSPWk3N9C%2BWpclGL5s4VTXbrZXN5jCbbKfrh7Ji0Jjg%2FVKWc4avaq%2FtaAOv5qH%2BVkI%2B1xw2qwU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8207411c0cf5b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cpxxuy.calasavacj.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8207411c0cf5b4eb
200 OK 1.9 kB URL GET HTTP/1.1 cpxxuy.calasavacj.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8207411c0cf5b4eb
IP
Requested by http://cpxxuy.calasavacj.com/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Hash 7f3a9f9c37b9a7292990052de568a1a9
91359605668641a2afe5273579646cb89c2f7d9f
853131e37ae810fe81b64cb3be7a9f79c4ebcf1663bf0d0bf04ef01ce1c47c38
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8207411c0cf5b4eb HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cpxxuy.calasavacj.com/?__cf_chl_rt_tk=PXwnw9qDBnHxs2Bwdzfw0OJDJN5G56xxbhk6Lldo3CA-1699042160-0-gaNycGzNBrs
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Nov 2023 20:09:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sn2SulkHjowg8HDaLVrYA5XX8N7d4nXfUpA6SBCBRjou7bv7RxE4Q13HjDZk%2BxZVDKVL4aNmguyPh6xdqvq73j1wFJ2gwlYWg9VFcHMimtTDLzEIeoZ2cesB77zXEBXPUjBfO%2BZx4BY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8207411e7a1256bf-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cpxxuy.calasavacj.com/favicon.ico
403 Forbidden 3.4 kB URL GET HTTP/1.1 cpxxuy.calasavacj.com/favicon.ico
IP
Requested by http://cpxxuy.calasavacj.com/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4956), with CRLF, LF line terminators
Hash 00e9c173e75bd2e923737d65c044dd8f
b77c72cfd045ef095de83baff3e5278f5a8ea81b
980c1552f6437344e326b22f96b85b91fd5647fc3609643485bcfe627a2c35ec
GET /favicon.ico HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cpxxuy.calasavacj.com/?__cf_chl_rt_tk=PXwnw9qDBnHxs2Bwdzfw0OJDJN5G56xxbhk6Lldo3CA-1699042160-0-gaNycGzNBrs
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 03 Nov 2023 20:09:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSF52E11wX5vLOqccqZaZDFGnNY3Bczh%2FKbHKXvcDu%2B8NZKHgBSr1S5NVqdfeUhqqY%2FC3xTMWoJOXUJtmBVVeJTXzVmgrQ38Pc3I9UTfx8HudC6A5ENXMWQ1XVPQ%2BybeYn1KStX4ugs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8207411eba5156bf-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
188.114.96.1