POST bogco.jlaancyfaw.es/lmgMMHfx3esrE586pZXE6gulj9CQlwulTgy2ew
200 OK 330 B URL POST bogco.jlaancyfaw.es/lmgMMHfx3esrE586pZXE6gulj9CQlwulTgy2ew
IP
Requested by https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
Hash 6f9430dcdfb96ad30061e02aa4372c98
d7483b0f9e3412e18476dda4d1391ee5f830a0ae
3195f6ffef432e5c5c0505aa1d6f6c5c523aac16cf2f1948f37aa495a00be660
Analyzer Verdict Alert urlquery phishing Phishing - Tycoon Phishing Kit
POST /lmgMMHfx3esrE586pZXE6gulj9CQlwulTgy2ew HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 25
Origin: https://bogco.jlaancyfaw.es
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org
Cookie: XSRF-TOKEN=eyJpdiI6InB3SDhXWVM3Um43SytxanhUbExGMUE9PSIsInZhbHVlIjoiVXhPTEVvUGhwVjI5d2Rpd28yTjluTWlMVDBmdkptNkxEK0l5dE9ZeW9RbTE5YTdEUjRJZXZTb0hBeGsvVnh1L21OUG8zbU5FM3YzV2Q1M1hJOS9oTTlPZGJXYmlMRGxCUmNueUF2YXZmZEF3cE95QjdleDJTdTBOZDBpdFNmR24iLCJtYWMiOiJhNDJmYjliNjE4M2U5ZDA4ODlkNzhlOGNiZjkwZTM3NGI5NGZhZGVmMWY5NjIxNmFmNTY4ZjQwYTc4YTFkYzNmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNTQ1kvTHRPN24yMmo0WmlhOWtUY1E9PSIsInZhbHVlIjoiWW5tSUdhVzhYcnV1VmNFWjBaSFlNamFtcStwdXgwN0NDbGhPelpiajgwSEpicVp5QzJVd2RrUldLWkk5WXluTjVWQzhIL0xYQXRtWjVlc2dpSmxwUXY5VHFzZloxOE1wNFB2ZmE5MDlkbmhsZXZ6WjdCeTlnTEhwbUQveXdabU8iLCJtYWMiOiI2YjViNWI1ZmI3MTZlNzk2OGRiMzQ2OTMzYzIxN2U3ZTkxM2Y0Y2RjYTMzZWE1ZGVjZmQ1NmY4NWIzZWMxN2VhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:29 GMT
content-type: text/html; charset=UTF-8
cf-ray: 951cafbbadca56b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=w%2BagiSlm28ZaW%2F7kuN0PiyFozCnsVvxHa%2B92xpMmdCxLddGhoXwUX747hD0nYksoApGNjr8A2yLUjgaYrhXJAHa%2BLPQiLdK95643DJP9pOA%3D"}]}
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6IkNIemNibXlIdTdzMC8zTU0vdGY0Nmc9PSIsInZhbHVlIjoiUkxEc0krUiszQVZxTm5vaXFOMGl5amZDS3JJaFFteHpENmlsL2hOd3NMQXBNVi93ejNCY2RoSkIyNkR1UGhLODJvQ25iUzJVRGF1WjVXQUovVGJSeFNSRTlBcHU0d29Ka3VlcmUwb2Y4QzBqVkxPVng4aGZ6Z0xHTWZQdjEyaDQiLCJtYWMiOiI3NjIwYzE0ZDU5NzJkMTBmYWM0YTcxOGQzOWYyZDQ5ZGU3OGUwYzZmZTEwODllOGVhMDVmNzc3NGNlMTg2YTc1IiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:28 GMT
laravel_session=eyJpdiI6IndiNjhPL011aGllRzYxUEZyWFdiWnc9PSIsInZhbHVlIjoiZG9MMDdUSmEvdGxoRy82ZEwvQkxFWTIvN0NFWisxT3lnZktPWjZ0NGVZbDlnQjJCMXQ2YUZBQzBkWFlhWTE0L0E0RWdUOGJYK01MMGVkOWlNMG81Q2twOTlKSG5TOGJ6SW82bXJvYkptdkwvNHBldTV0SUVJMXpNUGdXbXdtYlYiLCJtYWMiOiI0ODJkM2ZkYTBmMTgyYjMwYTNlMzc1ZDYzNTdiNzVjNTNhOGE2Nzc1OWIyNzYxZjVhZmE0YmZhOTI3MTMxM2NjIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:28 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1926&min_rtt=669&rtt_var=1188&sent=151&recv=159&lost=0&retrans=0&sent_bytes=34295&recv_bytes=14475&delivery_rate=7299084&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=d8c42af06fdba460&ts=11259&inflight_dur=43&x=80"
GET bogco.jlaancyfaw.es/wxSQsOx2QDaME89RopR2FyvVbth4rT512121
200 OK 644 B URL GET bogco.jlaancyfaw.es/wxSQsOx2QDaME89RopR2FyvVbth4rT512121
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type RIFF (little-endian) data, Web/P image
Hash 541b83c2195088043337e4353b6fd60d
f09630596b6713217984785a64f6ea83e91b49c5
2658b8874f0d2a12e8726df78ac8954324c3bbe4695e66bdef89195fde64322f
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /wxSQsOx2QDaME89RopR2FyvVbth4rT512121 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: image/webp
content-length: 644
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="wxSQsOx2QDaME89RopR2FyvVbth4rT512121"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=8d3Egh2eAg4fTh23XeBsABSDu5giNwEtMnSHKGZnBjIKpyhwT3IEfYbBfiR%2FcV5S7iWfOdrvJqHlMcXoZbdgThGXKOfV5FiApGbYTVMkpYc%3D"}]}
cf-ray: 951cafcd2e6356b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1378&min_rtt=669&rtt_var=231&sent=320&recv=195&lost=0&retrans=0&sent_bytes=205988&recv_bytes=36039&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14375&inflight_dur=86&x=80"
GET bogco.jlaancyfaw.es/ijKSEEMcBaDAACEnWHScuhHeloVKFflrG54fH7cdfPPMiNsoY3axVnso78162
200 OK 7.4 kB URL GET bogco.jlaancyfaw.es/ijKSEEMcBaDAACEnWHScuhHeloVKFflrG54fH7cdfPPMiNsoY3axVnso78162
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type SVG Scalable Vector Graphics image
Hash b59c16ca9bf156438a8a96d45e33db64
4e51b7d3477414b220f688adabd76d3ae6472ee3
a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /ijKSEEMcBaDAACEnWHScuhHeloVKFflrG54fH7cdfPPMiNsoY3axVnso78162 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: image/svg+xml
cf-ray: 951cafcd3e6656b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="ijKSEEMcBaDAACEnWHScuhHeloVKFflrG54fH7cdfPPMiNsoY3axVnso78162"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ACkzBMbdOPf1UF8ZsDiFocm4zJF7GZ7QP5cTutdX9a66m4FgSfTLTvSY5d85HxMClE5IuKUlVXfsaoEG4OkOod9hWAUdtDLGxUN6XQeh"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1320&min_rtt=669&rtt_var=202&sent=333&recv=198&lost=0&retrans=0&sent_bytes=218179&recv_bytes=36176&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14394&inflight_dur=90&x=80"
GET ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
200 OK 223 kB URL GET ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerDigiCert Inc
Subject*.oktacdn.com
Fingerprint3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5
ValidityMon, 02 Dec 2024 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT
File type ASCII text, with very long lines (51734)
Size 223 kB (222931 bytes)
Hash 0329c939fca7c78756b94fbcd95e322b
7b5499b46660a0348cc2b22cae927dcc3fda8b20
0e47f4d2af98bfe77921113c8aaf0c53614f88ff14ff819be6612538611ed3d1
GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/1.1
Host: ok4static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Tue, 14 May 2024 21:48:24 GMT
x-amz-meta-sha1sum: 7b5499b46660a0348cc2b22cae927dcc3fda8b20
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 16 Jun 2025 04:30:17 GMT
expires: Tue, 16 Jun 2026 04:25:19 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
etag: W/"0329c939fca7c78756b94fbcd95e322b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c16cb9fc938243bd0209a41893a00da4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: d-X3vJAizZmVEkqYan2uPFd3rjU7lSYaiZ7dPkyahxtPpfhLWATsBg==
age: 221712
X-Firefox-Spdy: h2
GET cdn.jsdelivr.net/npm/lz-string@1.4.4/libs/lz-string.min.js
200 OK 4.7 kB URL GET cdn.jsdelivr.net/npm/lz-string@1.4.4/libs/lz-string.min.js
IP
Requested by https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT
File type JavaScript source, ASCII text, with very long lines (4718)
Hash 109c13d75d0b6fc6440d3e98f803d396
b69e7073bc2c1bc9a57aada4c73799d182ef8368
9d1a0ef07a2ea5faa8cd4afb60a0518075e6771e341e5ff4e0e481cefedeecbf
GET /npm/lz-string@1.4.4/libs/lz-string.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.4.4
x-jsd-version-type: version
etag: W/"126f-tp5wc7wsG8mleq2kxzeZ0YLvg2g"
content-encoding: br
accept-ranges: bytes
date: Wed, 18 Jun 2025 18:00:28 GMT
age: 677915
x-served-by: cache-fra-etou8220041-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1425
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
200 OK 48 kB URL GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
Requested by https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File type JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Hash 2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
cf-ray: 951cafbb0a755685-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 851160
expires: Mon, 08 Jun 2026 18:00:28 GMT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQ7rCuCtQCS2KztGJlZjNZVBV5nd4px6ZmqjgEOAB7K7nvGDmi8nXjfK1Bwi6ELimtaJBjyJ%2FtXq%2Bya6sncO69k%2Fe96yPeDtEj%2FAlSUM79EipWEc4rwstXcle5jhf%2BhNeHhcWrNh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET bogco.jlaancyfaw.es/GDSherpa-bold.woff
200 OK 36 kB URL GET bogco.jlaancyfaw.es/GDSherpa-bold.woff
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type Web Open Font Format, TrueType, length 35970, version 1.0
Hash 496b7bbde91c7dc7cf9bbabbb3921da8
2bd3c406a715ab52dad84c803c55bf4a6e66a924
ae40a04f95df12b0c364f26ab691dc0c391d394a28bcdb4aeacfaca325d0a798
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /GDSherpa-bold.woff HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: font/woff
content-length: 35970
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-bold.woff"
cf-cache-status: MISS
last-modified: Wed, 18 Jun 2025 18:00:32 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=B33miaCQQekmAABDr20dkhIZjCl5VmURF%2FQC2nbGSk5f6F9SCxBVW%2Fj8KEKHXaXTpAYxLx1C96wKP62ItpctzQwPsUpP1Jmk1LkpwUoeBKY%3D"}]}
cache-control: max-age=14400
cf-ray: 951cafcd2e5e56b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1414&min_rtt=669&rtt_var=330&sent=402&recv=208&lost=0&retrans=0&sent_bytes=291529&recv_bytes=36649&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14734&inflight_dur=113&x=80"
GET bogco.jlaancyfaw.es/gheF0795z6Z5b9dKa5Gw8uFUH4CzFtX9SB1QvBZ9At1klouUPUaVZRp1oHDgpe6lfPM912210
200 OK 25 kB URL GET bogco.jlaancyfaw.es/gheF0795z6Z5b9dKa5Gw8uFUH4CzFtX9SB1QvBZ9At1klouUPUaVZRp1oHDgpe6lfPM912210
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type RIFF (little-endian) data, Web/P image
Hash f9a795e2270664a7a169c73b6d84a575
0fbb60ab27ab88c064eb347d0722c8ed4cf5e8b8
d00203b2eea6e418c31baafa949ada5349a9f9b7e99fa003aec7406822693740
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /gheF0795z6Z5b9dKa5Gw8uFUH4CzFtX9SB1QvBZ9At1klouUPUaVZRp1oHDgpe6lfPM912210 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: image/webp
content-length: 25216
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="gheF0795z6Z5b9dKa5Gw8uFUH4CzFtX9SB1QvBZ9At1klouUPUaVZRp1oHDgpe6lfPM912210"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wIanLs7ImZK6okhQ32XPcVLUbjo%2B4TsnBzun9%2B9IrBQaIAVFn%2BfAPp9e0TpNVi%2FtKv3CwFck0ow%2FE3vzukZ0vRguhIQ1QO50H1Gq0ra0%2BiA%3D"}]}
cf-ray: 951cafcd4e6b56b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1337&min_rtt=669&rtt_var=255&sent=324&recv=196&lost=0&retrans=0&sent_bytes=208878&recv_bytes=36085&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14389&inflight_dur=87&x=80"
GET objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250618%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250618T180031Z&X-Amz-Expires=300&X-Amz-Signature=2fbbb6f07f14fec2a7162098e3ee0c20663418fe55a0717398b5210013e29be8&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream
200 OK 10 kB URL GET objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250618%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250618T180031Z&X-Amz-Expires=300&X-Amz-Signature=2fbbb6f07f14fec2a7162098e3ee0c20663418fe55a0717398b5210013e29be8&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerSectigo Limited
Subject*.github.io
Fingerprint8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91
ValidityFri, 07 Mar 2025 00:00:00 GMT - Sat, 07 Mar 2026 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (10017)
Hash 6c20a2be8ba900bc0a7118893a2b1072
ff7766fde1f33882c6e1c481ceed6f6588ea764c
b1c42acd0288c435e95e00332476781532ed002cac6f3dcee9110ced30b31500
GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250618%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250618T180031Z&X-Amz-Expires=300&X-Amz-Signature=2fbbb6f07f14fec2a7162098e3ee0c20663418fe55a0717398b5210013e29be8&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Tue, 07 Dec 2021 16:38:45 GMT
etag: "0x8D9B9A009499A1E"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d91f6eaf-e01e-0032-2f18-13e122000000
x-ms-version: 2023-11-03
x-ms-creation-time: Tue, 17 Aug 2021 14:57:31 GMT
x-ms-blob-content-md5: bCCivoupALwKcRiJOisQcg==
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=randexp.min.js
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 18 Jun 2025 18:00:32 GMT
age: 5304
x-served-by: cache-iad-kiad7000045-IAD, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 23045, 9
x-timer: S1750269632.063104,VS0,VE0
content-length: 10245
X-Firefox-Spdy: h2
GET get.geojs.io/v1/ip/geo.json
200 OK 335 B URL GET get.geojs.io/v1/ip/geo.json
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectgeojs.io
Fingerprint88:B3:65:B8:95:15:9F:37:C6:F0:8D:A3:3B:A4:29:F9:CC:31:E1:BC
ValidityMon, 28 Apr 2025 06:03:21 GMT - Sun, 27 Jul 2025 07:02:58 GMT
Hash 683ef992928f2fe01f57f9e1ce20bdc2
528f32de7f5168af0b401789f03d8cde4a5aa8ab
203f8785df9fcd18bd8a6bbd1982c3bff16cf9416f3cb1acf49a129b0a88efb4
GET /v1/ip/geo.json HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bogco.jlaancyfaw.es
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 18 Jun 2025 18:00:34 GMT
content-type: application/json
content-encoding: br
x-request-id: c9777081958449295f41cee6d3a82889-ASH
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
geojs-backend: ash-01
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qyg7XN%2F0btrAoRqovp26mt2C5lSh%2BtLbnVYNfCsFYZO7kAv29ZrtoYHwJ4WNz0ugG8bCdIOqUD4yvIKMm8tf%2F2YEs81QRWb6Jn6MHgtxZdbF697QH5MA9DlCFnmYIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 951cafe1ba92b4fd-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=491&min_rtt=425&rtt_var=115&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3263&recv_bytes=1251&delivery_rate=7634446&cwnd=254&unsent_bytes=0&cid=272c5b0361fa1061&ts=137&x=0"
X-Firefox-Spdy: h2
GET public-eur.mkt.dynamics.com/favicon.ico
0 B URL GET public-eur.mkt.dynamics.com/favicon.ico
IP
Requested by https://public-eur.mkt.dynamics.com/api/orgs/56ba32c6-2b3f-f011-a209-000d3adc9651/r/a1FS-tNCp02zLbSqjGQDAAAAAAA?target={%22TargetUrl%22:%22https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org%22,%22RedirectOptions%22:{%225%22:null,%221%22:null}}&digest=smdEIClI3BNGCSdwbpNy7IPzwye/Xw3UoIDjMA+ycGE=&secretVersion=7c13c22c20aa46a1b2fc8b71fde4d19a
Certificate IssuerMicrosoft Corporation
Subjectprdia888neu0aks.mkt.dynamics.com
Fingerprint01:93:08:3F:12:8A:E5:EF:8B:CB:61:26:21:86:BB:F9:9E:D5:DA:31
ValidityWed, 07 May 2025 20:02:01 GMT - Mon, 03 Nov 2025 20:02:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: public-eur.mkt.dynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://public-eur.mkt.dynamics.com/api/orgs/56ba32c6-2b3f-f011-a209-000d3adc9651/r/a1FS-tNCp02zLbSqjGQDAAAAAAA?target={%22TargetUrl%22:%22https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org%22,%22RedirectOptions%22:{%225%22:null,%221%22:null}}&digest=smdEIClI3BNGCSdwbpNy7IPzwye/Xw3UoIDjMA+ycGE=&secretVersion=7c13c22c20aa46a1b2fc8b71fde4d19a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
GET bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
200 OK 25 kB URL User Request GET bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
IP
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (5491)
Hash 345599f8ff53a8459f363261504da476
124ac316502beb5b5cf6eeb904dfd4c42cd765ac
45dbc7d67e63eb652101c2cd18f7a2cb326f5691192335d16a6b92f7e693626e
Analyzer Verdict Alert urlquery suspicious Suspicious - Anti-debugging code
urlquery phishing Phishing - Tycoon Phishing Kit
GET /IICQiex@v1hSA/$moss@ymcaret.org HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://public-eur.mkt.dynamics.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 18 Jun 2025 18:00:17 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=c%2B%2FyRpazOC07HA2py0y1YwLZdaitKAefhhoBqJ92V5bmoMMJkQSASMF2%2F%2B%2Bgd6c6Ir%2Bzl4ybmsmRs0hJNUPi6%2Bisrvl23KkshjsZoMkfKgk%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: XSRF-TOKEN=eyJpdiI6ImJLcmVxTko5TEVFZjNQMVdwb3VFNHc9PSIsInZhbHVlIjoid3JrSXgzL0d2a1V0Sk9pcHZ2czMxSldlUVlwb2VaNnJ2Q2RZRkhZV0p6eGluU0JYYmxrbVNTeXZUSHkwV3dxNU9FTWVUNHhwQkpXa3BhY1RQQ2VyQzRlMVhpa2RqZklhd3hiMDZ0bi8vRFNWVjlUTlVMaTlxdmdaUTlrcTJDamUiLCJtYWMiOiI1YTFiOGU2YTRlNWY5OTgyMGQyNzM2MGIxY2VjOWEyOGVlMjhhMGQ5ODVmYmY2ZTM5Yjc3MWNhMjYwYWZhNGJmIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:17 GMT
laravel_session=eyJpdiI6Ikt0RXVLZW9QU1NvV2JkTHhRS2UzR0E9PSIsInZhbHVlIjoibHVUZzBNaEZTTWNhT3pVak5ka3BwYzhxbi9hQnl1SElsd1BqRUp1V0RWdkY2U21oUG85b3pvZ0ZWSkNCWHhFbXRPaEUvekdtb0FNMDE3ekxCR2o5UjZwR3ozMUU5S01pOXRMa05KT2VtUC9DSFhPMjk1MUhGOEVSL3o5UW8yQysiLCJtYWMiOiI3NTZmNDVhOTlmN2RlNzUxZjNiNjc0NWQ3NTZhYWMwMjY2MzI0MmQ3ZDg4ZjJlZTM2MDQ0MTZiYzllZTcyZTUyIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:17 GMT
cf-ray: 951caf715fa50b41-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET bogco.jlaancyfaw.es/GDSherpa-vf2.woff2
200 OK 93 kB URL GET bogco.jlaancyfaw.es/GDSherpa-vf2.woff2
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
Hash bcd7983ea5aa57c55f6758b4977983cb
ef3a009e205229e07fb0ec8569e669b11c378ef1
6528a0bf9a836a53dfd8536e1786ba6831c9d1faa74967126fddf5b2081b858c
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /GDSherpa-vf2.woff2 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: font/woff2
content-length: 93276
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-vf2.woff2"
cf-cache-status: MISS
last-modified: Wed, 18 Jun 2025 18:00:32 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FPL4it7gjIlT3kFNMbp5rRLIWKODONjg7krf2tYT4LMWTu7q8ImrHqBCNUqr6jzxwXNA8k%2BXKzFRWrjMmVTIKB4s5FN9irfQ5kGzZ906IaY%3D"}]}
cache-control: max-age=14400
cf-ray: 951cafcd2e6156b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2544&min_rtt=669&rtt_var=944&sent=523&recv=219&lost=0&retrans=0&sent_bytes=428120&recv_bytes=39052&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14953&inflight_dur=144&x=80"
GET bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
200 OK 1.4 kB URL User Request GET bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
IP
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type HTML document, ASCII text, with very long lines (496), with CRLF line terminators
Hash 378593b636c0ccf4a2e05dba21540f93
a90dd3eff53ae313300a55f75955f158b75aec91
d5e3f7f83ce54819eec56855b697b2b0162f515fb364c3f3a05e1124642b02bc
Analyzer Verdict Alert urlquery suspicious Suspicious - Anti-debugging code
urlquery phishing Phishing - Tycoon Phishing Kit
GET /IICQiex@v1hSA/$moss@ymcaret.org HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public-eur.mkt.dynamics.com/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlZGdmJIeW5UY05ESG5TNVIySWJncFE9PSIsInZhbHVlIjoiZjFlbVEzWHllMVJ1bXdjZU9vYnZWT3dTWVFvNUt1cG1MckhEV2NYcW9uQ1FJY0hMZ0lRMktONzh6MmNUTERpNDU1czRuQ21Sc3ZWZHVmSTZQNm43UXAwa0hIejRFZ3NqbGlXNmJkWGptTHJEZXI2RHl3bnRnbjROejVMNG4ydSsiLCJtYWMiOiI3ZjUzZjU4YzJjZGIxMTRjOGNkNzc4ZDNkZTRiOTk5MjgxOTIyZTZjMDAwM2JlNGFhNWVmMjBkNjMxYjFlMTFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImhmaTNwN3dBclFwenJLNlhVb1ZKaXc9PSIsInZhbHVlIjoiV1NoV2N1Y1kxZHh4QWhOTDNWWjRBeVdlaFg5VmlURUJmR1N0akYwYjR2V1R4TGdEM1B2MnpnZFZFdUhjejVYTGY4UzFldWZjWUZlMHNqQzNFeUZUdkhJQUJlL1I1ZHVnb2Y4a0lhQURzZ1FJaVFuVUpxdjBBVm0rWk0zc2pKOVYiLCJtYWMiOiI0OTYzZTc4MTZhNzhiNTgwNDFiOGE0ZDgzYzgwZWE3MTk3MWUyNTIyYmQ2M2M2M2NmM2NjMTQzMjI5NDA5Y2FhIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:27 GMT
content-type: text/html; charset=UTF-8
cf-ray: 951cafb0ed8056b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=3cmxcxj0LWUvLEiusWUFwB6VHxpp%2F%2FeTOLsUPurYO3oIPUaC%2Fh4CfnWfhxaOEwbL6HHFCmhz1k2eRyiJKaVXf65k1k3cYt%2FOGfpjcHbg%2FXA%3D"}]}
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6IitZOU1vQnYyRThJU2dKbGRtRGh3VXc9PSIsInZhbHVlIjoiZ3MxTlVHRkFyQ252ZHd5YmFUNEtOZXVyVytrQWxVNHJlSTg5VisrQmFzbVZHYmhKRk0vQU82SmVDY3EwQjZWVnYrVUVLTFpPYWdRT1JBTmVhVUtvUkJseGkxem9sK0VwYkxReDNFdlRRcG94aTRIZ2sxV1BsbWIzc1p3a0RicDYiLCJtYWMiOiJjOTdmM2VmMjk0ZGUzNjM1ODJmNzgzNDZmZjVkMzNiZmQ3NDZmOTEyM2U3YzJmN2Y1Y2UxNjcyM2EyNmJjNTg0IiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:27 GMT
laravel_session=eyJpdiI6IlRtbUpuUS9zb2dRMVBsdW9uTHlKYUE9PSIsInZhbHVlIjoid2NWMEVEby90Q3dvUG1rYnRzb0xMdTNBc0hpZHNDVCtQZ2ZDdHlzckhYbzNmU2I5R20zM0NmcXNtd1JDd2FRaU8reVh0bFp4aTJET2oyVHRnSzZ2dFBJRkZITGlBa0ZJbWJhWDY3TjZJdW9WUFRxR0ZXUW5hT1pXa1JBSytXS2ciLCJtYWMiOiIyZTgwYWFmNWYwMjQ5Y2E2NGI0NDEzNTU1OGI1MjVhZTU0NWQwN2E5MTMwNTYxY2JlYzQ1MTcxMDBkMzg0YTBhIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:27 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2659&min_rtt=669&rtt_var=1423&sent=122&recv=151&lost=0&retrans=0&sent_bytes=10990&recv_bytes=11195&delivery_rate=537930&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=d8c42af06fdba460&ts=9556&inflight_dur=35&x=80"
GET bogco.jlaancyfaw.es/12DrW0hHl8tT3a3X1xyxpegz8920
200 OK 28 kB URL GET bogco.jlaancyfaw.es/12DrW0hHl8tT3a3X1xyxpegz8920
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type ASCII text, with very long lines (28186), with no line terminators
Hash a1606fe4c64f4a7649b295a56b8d4b47
ffea9bddd62c0ddfe5f3c314f885da0bc2cf8a1e
8734d2dcfa9c93df3e755660ba1c6bb54ed5fb2a7bfac1b0410d017f11129746
Analyzer Verdict Alert urlquery phishing Phishing - Tycoon Phishing Kit
GET /12DrW0hHl8tT3a3X1xyxpegz8920 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: text/css;charset=UTF-8
cf-ray: 951cafcd1e5b56b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="12DrW0hHl8tT3a3X1xyxpegz8920"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2OZ%2BGeydWZeJ99FXGItyOILJkm%2FvN53oggNhWh0hg97qWyPBOq3dHBjbLnhYvO%2BrP0wKxDP3Cp9bfqIwqcpLXtqK4QsL4%2FoPna%2B2oMw9iic%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1276&min_rtt=669&rtt_var=270&sent=368&recv=202&lost=0&retrans=0&sent_bytes=255437&recv_bytes=36363&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14545&inflight_dur=101&x=80"
GET bogco.jlaancyfaw.es/ijeqUHiLxKAFDnJ2fclJH3ACgQgqrqYXenj32rvJUzHpiET9dpeu7ikab228
200 OK 1.3 kB URL GET bogco.jlaancyfaw.es/ijeqUHiLxKAFDnJ2fclJH3ACgQgqrqYXenj32rvJUzHpiET9dpeu7ikab228
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type RIFF (little-endian) data, Web/P image
Hash 32ca2081553e969f9fdd4374134521ad
7b09924c4c3d8b6e41fe38363e342da098be4173
216fc342a469aa6a005b2eacc24622095e5282d3e9f1ae99ce54c27b92ec3587
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /ijeqUHiLxKAFDnJ2fclJH3ACgQgqrqYXenj32rvJUzHpiET9dpeu7ikab228 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:33 GMT
content-type: image/webp
content-length: 1298
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="ijeqUHiLxKAFDnJ2fclJH3ACgQgqrqYXenj32rvJUzHpiET9dpeu7ikab228"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wG%2FVd3Il4UZX5QCKvVRCKNFdwyfC%2FvCpYfUc%2BwgCWi77I95y7beAEfaom961wuLtlU%2BF13MywmJ8tIAq631dTCn40lhJyAsHiLCO6UDSAOE%3D"}]}
cf-ray: 951cafd48eb456b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2985&min_rtt=669&rtt_var=786&sent=594&recv=224&lost=0&retrans=0&sent_bytes=505915&recv_bytes=39290&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=15219&inflight_dur=158&x=80"
GET github.com/fent/randexp.js/releases/download/v0.4.3/randexp.min.js
302 Found 10 kB URL GET github.com/fent/randexp.js/releases/download/v0.4.3/randexp.min.js
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerSectigo Limited
Subjectgithub.com
FingerprintE4:33:71:DD:D6:91:4A:75:B6:1F:9E:4F:74:6D:9B:F0:DD:26:FC:3A
ValidityWed, 05 Feb 2025 00:00:00 GMT - Thu, 05 Feb 2026 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 18 Jun 2025 18:00:31 GMT
content-type: text/html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250618%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250618T180031Z&X-Amz-Expires=300&X-Amz-Signature=2fbbb6f07f14fec2a7162098e3ee0c20663418fe55a0717398b5210013e29be8&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
x-github-request-id: 3143:31A8A8:7B14A0C:7DFF24D:6852FEBF
X-Firefox-Spdy: h2
GET ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
200 OK 10 kB URL GET ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerDigiCert Inc
Subject*.oktacdn.com
Fingerprint3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5
ValidityMon, 02 Dec 2024 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT
File type ASCII text, with very long lines (10450)
Hash e0d37a504604ef874bad26435d62011f
4301f0d2b729ae22adece657d79eccaa25f429b1
c39ff65e2a102e644eb0bf2e31d2bad3d18f7afb25b3b9ba7a4d46263a711179
GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/1.1
Host: ok4static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Thu, 14 Mar 2024 00:03:58 GMT
x-amz-meta-sha1sum: 4301f0d2b729ae22adece657d79eccaa25f429b1
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 16 Jun 2025 04:30:17 GMT
expires: Tue, 16 Jun 2026 04:25:19 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
etag: W/"e0d37a504604ef874bad26435d62011f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c16cb9fc938243bd0209a41893a00da4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: my4o0CUvOONixfERn56kGkfjCyBQMZiLFo1eWAYDbY5_Lgd7yHroaw==
age: 221712
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
200 OK 48 kB URL GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File type JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Hash 2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
cf-ray: 951cafd369665685-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 851164
expires: Mon, 08 Jun 2026 18:00:32 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GUz5vJlDasoPUlEKCZzTQ2o0OxXyc0c6n9n5TKO841SlVmUgEmHFGpSe%2FPlzLG7CjXXoHZuer8U%2BP%2Bt8RdFMEMIU6o9klEewfaIBqb6uQCdxSdgH3Ns3WyGETp%2FOAuiDS4Ac0Y1T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
200 OK 1.4 kB URL User Request GET bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
IP
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type HTML document, ASCII text, with very long lines (496), with CRLF line terminators
Hash 1d515b132802f9f5cf4441b6158a914e
0e82040621302a6bede4d05c95d2067c9dc4199d
e46ebf7d08749948be946ae89cf26684546762b6b596ebb1e42d23c2cebb9764
Analyzer Verdict Alert urlquery suspicious Suspicious - Anti-debugging code
urlquery phishing Phishing - Tycoon Phishing Kit
GET /HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org
Cookie: XSRF-TOKEN=eyJpdiI6IkNIemNibXlIdTdzMC8zTU0vdGY0Nmc9PSIsInZhbHVlIjoiUkxEc0krUiszQVZxTm5vaXFOMGl5amZDS3JJaFFteHpENmlsL2hOd3NMQXBNVi93ejNCY2RoSkIyNkR1UGhLODJvQ25iUzJVRGF1WjVXQUovVGJSeFNSRTlBcHU0d29Ka3VlcmUwb2Y4QzBqVkxPVng4aGZ6Z0xHTWZQdjEyaDQiLCJtYWMiOiI3NjIwYzE0ZDU5NzJkMTBmYWM0YTcxOGQzOWYyZDQ5ZGU3OGUwYzZmZTEwODllOGVhMDVmNzc3NGNlMTg2YTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndiNjhPL011aGllRzYxUEZyWFdiWnc9PSIsInZhbHVlIjoiZG9MMDdUSmEvdGxoRy82ZEwvQkxFWTIvN0NFWisxT3lnZktPWjZ0NGVZbDlnQjJCMXQ2YUZBQzBkWFlhWTE0L0E0RWdUOGJYK01MMGVkOWlNMG81Q2twOTlKSG5TOGJ6SW82bXJvYkptdkwvNHBldTV0SUVJMXpNUGdXbXdtYlYiLCJtYWMiOiI0ODJkM2ZkYTBmMTgyYjMwYTNlMzc1ZDYzNTdiNzVjNTNhOGE2Nzc1OWIyNzYxZjVhZmE0YmZhOTI3MTMxM2NjIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:29 GMT
content-type: text/html; charset=UTF-8
cf-ray: 951cafbf5de956b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=bn%2FaAzPs3fu1fQzoVsGkQVxgpFuPtm24Tyy8MuKs5JexphW8Qa%2B4TWDZKMkgIUwoCOUDTOu3NE5cyxSpKTv2OS3wIMLGUenkXd00R045fdc%3D"}]}
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6IitkRzFJTmszeURoVmVTb0h4NFlMK3c9PSIsInZhbHVlIjoiTThZSGlOQ0EyRzhQcE94YzBqR0kzMHJVNVYxbzNBVWhabmtKeUU4R0VlOCtlUGtJNkJMendzbmR1N25yWlpTazNPbXdEa09KaVFUM2NZK0ZpbG1lWEc0c1BVWjAyeGhnWU9DQ3VHZHJ2ZUtHQUhhU3ROZ3BwWTJoTkllOXJZbEEiLCJtYWMiOiI0OTcxNTMxNjRjODZjNmZkNjhiMmExMmI1NWI4MTBjYmU0NTIyMzhhNDQxMmZlNzAzZWU3MTY0YzQ3ZDMzZjg2IiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:29 GMT
laravel_session=eyJpdiI6InN3Wks3bFlsR2pZZGF4dFE3cW5IRlE9PSIsInZhbHVlIjoiK0o1QUF1SUpjLzN0ZkhoRngvYkliWDdVdGU4Z2lPNTRvSlc2ckJuOEhwOVVDNTEzd1g3c3NoNlJQL0FueXNtZGdGZFd2UWJZT0F1NXpBRjFSdnJnaHdDUlBNRlNvdDFTNXpKRWdGOGk2K0pGK1cvY1VyYnozVXVWdWkxcWljekEiLCJtYWMiOiIwYmQyMGUwYmU1ZThkNjgyNjFhYzEwNGI3MTljMDUzNTUzZTRlOWI0Mjc5YzU5OWNlM2M3Yjg1NGQ1NTdjYWEwIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:29 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1799&min_rtt=669&rtt_var=1144&sent=154&recv=161&lost=0&retrans=0&sent_bytes=35953&recv_bytes=15539&delivery_rate=7299084&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=d8c42af06fdba460&ts=11865&inflight_dur=45&x=80"
GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
200 OK 48 kB URL GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File type JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Hash 2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
cf-ray: 951cafcc2f895685-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 851163
expires: Mon, 08 Jun 2026 18:00:31 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MW6%2BQucdfQ1U5CCjNiI4nXqITxXW5tLnAeh5yAN1TIy5IniVDz4i6RQUdC5ECb1ZTdof2lQQjX0cseiSlMRi94S3d7vZZxB9DrdyR%2FARnEdYVVr5e6Np%2FEZKoyX7P7EqV3mqS0q8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET bogco.jlaancyfaw.es/GDSherpa-regular.woff2
200 OK 29 kB URL GET bogco.jlaancyfaw.es/GDSherpa-regular.woff2
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
Hash 17081510f3a6f2f619ec8c6f244523c7
87f34b2a1532c50f2a424c345d03fe028db35635
2c7292014e2ef00374aeb63691d9f23159a010455784ee0b274ba7db2bcca956
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /GDSherpa-regular.woff2 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: font/woff2
content-length: 28584
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-regular.woff2"
cf-cache-status: MISS
last-modified: Wed, 18 Jun 2025 18:00:32 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wHVJYll0%2Bd2Li%2Bl0Lo0xR1Qgs%2BpPOaVoEsFpIVCDVFwdQep2ChUhRQmdsatCLOsWYPfPzd%2B9GxZHT5HUXzTANa3PDuXgCRHgMNu3U2Qq"}]}
cache-control: max-age=14400
cf-ray: 951cafcd2e5f56b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2161&min_rtt=669&rtt_var=1089&sent=445&recv=212&lost=0&retrans=0&sent_bytes=339658&recv_bytes=36841&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14759&inflight_dur=126&x=80"
GET bogco.jlaancyfaw.es/op7RjdpKvbcWXIn9jsM7gS7A06HnJp4XAm5uuvTwc6hUFbJjE4u7m6fx8mnStef191
200 OK 268 B URL GET bogco.jlaancyfaw.es/op7RjdpKvbcWXIn9jsM7gS7A06HnJp4XAm5uuvTwc6hUFbJjE4u7m6fx8mnStef191
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type SVG Scalable Vector Graphics image
Hash 59759b80e24a89c8cd029b14700e646d
651b1921c99e143d3c242de3faacfb9ad51dbb53
b02b5df3ecd59d6cd90c60878683477532cbfc24660028657f290bdc7bc774b5
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /op7RjdpKvbcWXIn9jsM7gS7A06HnJp4XAm5uuvTwc6hUFbJjE4u7m6fx8mnStef191 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: image/svg+xml
cf-ray: 951cafcd3e6856b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="op7RjdpKvbcWXIn9jsM7gS7A06HnJp4XAm5uuvTwc6hUFbJjE4u7m6fx8mnStef191"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=EV2PKbeOef%2F%2FtI73Lw6%2FPHCL5iyEwZYpzW%2BRG3T57%2BcZS4NxK7%2B3pogCtlkTai46iY6FFaPSEuZ2KoWIZNNu5omzSdCdmJ6h0wH2fvNdFRE%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1347&min_rtt=669&rtt_var=259&sent=358&recv=200&lost=0&retrans=0&sent_bytes=245897&recv_bytes=36269&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14418&inflight_dur=98&x=80"
POST 7kk8i9sildjqptfmjzhbgepigycbkzodzwhl75czulbp0arddefyclx.cppppesmelxi.es/rPzKoEvMegREXnbmjsCHGObcNBHDIMWUADRMDURGAMXNMVOKXNEFEpqg6vz3noyqr89lxlcAjyza5Pwx37
200 OK 620 B URL POST 7kk8i9sildjqptfmjzhbgepigycbkzodzwhl75czulbp0arddefyclx.cppppesmelxi.es/rPzKoEvMegREXnbmjsCHGObcNBHDIMWUADRMDURGAMXNMVOKXNEFEpqg6vz3noyqr89lxlcAjyza5Pwx37
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectcppppesmelxi.es
FingerprintE2:39:0F:65:8A:33:1D:17:DA:91:3C:A6:9D:9A:C8:EA:B9:D0:34:4B
ValidityThu, 12 Jun 2025 15:13:05 GMT - Wed, 10 Sep 2025 16:11:43 GMT
File type ASCII text, with very long lines (620), with no line terminators
Hash 03e5a76839d60bbbccd124cf766770bd
9c351c1cdc87e777eda3bc6c782b8706b9103bfc
e25787774dfe96b2e1384c810e757106bc9743871d63a4ab30c65b3ad6c9e4dd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /rPzKoEvMegREXnbmjsCHGObcNBHDIMWUADRMDURGAMXNMVOKXNEFEpqg6vz3noyqr89lxlcAjyza5Pwx37 HTTP/1.1
Host: 7kk8i9sildjqptfmjzhbgepigycbkzodzwhl75czulbp0arddefyclx.cppppesmelxi.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 103
Origin: https://bogco.jlaancyfaw.es
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 18 Jun 2025 18:00:35 GMT
content-type: text/plain; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Origin
access-control-allow-origin: https://bogco.jlaancyfaw.es
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=iBgeW3LuAk1%2FXHwtYe%2FtMVXUhLynhpMmZQL6dVtFO3CDh%2BhDxlnRvF5esDLFAXkzJ8RqNxm%2Fd5xef5d6v6nmthsUaGO7aknj1MaQlwkfqFzoHeaNgNTg4aF8OgI6jF45QCwnpj7VwiXfjI4B%2BCfxykcVeTsZBCaz7Ag0hVDZx1lP2mfwIQ%3D%3D"}]}
content-encoding: br
cf-ray: 951cafe32e4e56b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
200 OK 212 kB URL POST bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type HTML document, ASCII text, with very long lines (10947), with CRLF line terminators
Size 212 kB (212198 bytes)
Hash 6db89598cb851cfd522a088aead7d613
f5912fe864a3beda48538fc672e282b8623aa3ec
ce4a650e2d470faf058d3b5b66765a3548058c4058501f497d413c176ba27a23
Analyzer Verdict Alert urlquery suspicious Suspicious - Anti-debugging code
urlquery phishing Phishing - Tycoon Phishing Kit
POST /HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Content-Type: multipart/form-data; boundary=---------------------------402932662420356486693216036471
Content-Length: 174
Origin: https://bogco.jlaancyfaw.es
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IitkRzFJTmszeURoVmVTb0h4NFlMK3c9PSIsInZhbHVlIjoiTThZSGlOQ0EyRzhQcE94YzBqR0kzMHJVNVYxbzNBVWhabmtKeUU4R0VlOCtlUGtJNkJMendzbmR1N25yWlpTazNPbXdEa09KaVFUM2NZK0ZpbG1lWEc0c1BVWjAyeGhnWU9DQ3VHZHJ2ZUtHQUhhU3ROZ3BwWTJoTkllOXJZbEEiLCJtYWMiOiI0OTcxNTMxNjRjODZjNmZkNjhiMmExMmI1NWI4MTBjYmU0NTIyMzhhNDQxMmZlNzAzZWU3MTY0YzQ3ZDMzZjg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InN3Wks3bFlsR2pZZGF4dFE3cW5IRlE9PSIsInZhbHVlIjoiK0o1QUF1SUpjLzN0ZkhoRngvYkliWDdVdGU4Z2lPNTRvSlc2ckJuOEhwOVVDNTEzd1g3c3NoNlJQL0FueXNtZGdGZFd2UWJZT0F1NXpBRjFSdnJnaHdDUlBNRlNvdDFTNXpKRWdGOGk2K0pGK1cvY1VyYnozVXVWdWkxcWljekEiLCJtYWMiOiIwYmQyMGUwYmU1ZThkNjgyNjFhYzEwNGI3MTljMDUzNTUzZTRlOWI0Mjc5YzU5OWNlM2M3Yjg1NGQ1NTdjYWEwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:30 GMT
content-type: text/html; charset=UTF-8
cf-ray: 951cafc27df956b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qzHkmS0xJa%2BVPacrpqd3VHhxPiiZfwF%2BvmfMyRjtGIedUwjWzpNoF9hKDRROzrhy8p1MoyWaz5R%2BOR9WxOipfAIa99obGaf6fsLu%2FIYj7s4%3D"}]}
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:30 GMT
laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:30 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1795&min_rtt=669&rtt_var=1048&sent=160&recv=165&lost=0&retrans=0&sent_bytes=38689&recv_bytes=17846&delivery_rate=7299084&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=d8c42af06fdba460&ts=12372&inflight_dur=69&x=80"
GET bogco.jlaancyfaw.es/abllgvnrsh8gh22
200 OK 36 kB URL GET bogco.jlaancyfaw.es/abllgvnrsh8gh22
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type ASCII text, with CRLF line terminators
Hash 38501e3fbbbd89b56aa5ba35de1a32fe
d9b31981b6f834e8480ba28fbc1cff1be772f589
a1ca6b381cb01968851c98512c6e7f6c5309a49f7a16b864813135cbff82a85b
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /abllgvnrsh8gh22 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: text/css;charset=UTF-8
cf-ray: 951cafcd1e5c56b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="abllgvnrsh8gh22"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Wh1ddCF8U6NgUhua0uijoA5EXrjUI4bnqk6OxoZQLiLN85m2y7D6JYwSK9iON9mrVSxn8IPTQrhviAy%2FUq8e%2FcjOgKyMDz%2Fvb8DHKPxKpz8%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1392&min_rtt=669&rtt_var=271&sent=313&recv=194&lost=0&retrans=0&sent_bytes=199602&recv_bytes=35993&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14230&inflight_dur=83&x=80"
GET bogco.jlaancyfaw.es/efrJ1GlcrNer4YzYbEj99guv0W9oOqBdem7AjLGxK90144
200 OK 270 B URL GET bogco.jlaancyfaw.es/efrJ1GlcrNer4YzYbEj99guv0W9oOqBdem7AjLGxK90144
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type SVG Scalable Vector Graphics image
Hash 40eb39126300b56bf66c20ee75b54093
83678d94097257eb474713dec49e8094f49d2e2a
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /efrJ1GlcrNer4YzYbEj99guv0W9oOqBdem7AjLGxK90144 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: image/svg+xml
cf-ray: 951cafcd3e6556b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="efrJ1GlcrNer4YzYbEj99guv0W9oOqBdem7AjLGxK90144"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=J%2B1VMRfLCkJfU6B3Z2QfiB5W9i0NGV45H5JgoyJEPilUYFc4Je26dyMEIXZZMVeMnCnep5%2Bg4VFLBE%2B%2BoFmYGTOZHGYaV0ZVuM4O89iEH8g%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1310&min_rtt=669&rtt_var=245&sent=332&recv=197&lost=0&retrans=0&sent_bytes=217345&recv_bytes=36131&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14390&inflight_dur=89&x=80"
GET code.jquery.com/jquery-3.6.0.min.js
200 OK 90 kB URL GET code.jquery.com/jquery-3.6.0.min.js
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 18 Jun 2025 18:00:31 GMT
age: 1998631
x-served-by: cache-lga21931-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 471854
x-timer: S1750269632.522273,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
GET bogco.jlaancyfaw.es/qrcxIP3XuxImCZd2z01QTGrKANMoLVHKBjIUOwrshFuuvUkBExVDnMI02tdfm6mzsxCH14BY16cd231
200 OK 9.6 kB URL GET bogco.jlaancyfaw.es/qrcxIP3XuxImCZd2z01QTGrKANMoLVHKBjIUOwrshFuuvUkBExVDnMI02tdfm6mzsxCH14BY16cd231
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type RIFF (little-endian) data, Web/P image
Hash 4946eb373b18d178c93d473489673bb6
16477acb73b63ca251d37401249e7e4515febd24
666bc574c9f3fb28a8ac626fa8105c187c2a313736494a06bd5a937473673c92
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /qrcxIP3XuxImCZd2z01QTGrKANMoLVHKBjIUOwrshFuuvUkBExVDnMI02tdfm6mzsxCH14BY16cd231 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: image/webp
content-length: 9648
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="qrcxIP3XuxImCZd2z01QTGrKANMoLVHKBjIUOwrshFuuvUkBExVDnMI02tdfm6mzsxCH14BY16cd231"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HB%2Bg%2B1N2UGam6qhmTxBsbjwZ41X3HvbucmGXz6VpplA4Ow7X4q1WkhdDHZC9kfPkW4u4fF9dDW24Ke3vTvbyuUX389o4ATzoSay6RbMaXd4%3D"}]}
cf-ray: 951cafcd4e6d56b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1294&min_rtt=669&rtt_var=204&sent=337&recv=199&lost=0&retrans=0&sent_bytes=221292&recv_bytes=36221&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14398&inflight_dur=95&x=80"
GET aadcdn.msauthimages.net/dbd5a2dd-svwunzsap4e1m82anvxpfkbpo-6dnmzblqd7i5qjxkm/logintenantbranding/0/bannerlogo?ts=638472351363842916
200 OK 9.1 kB URL GET aadcdn.msauthimages.net/dbd5a2dd-svwunzsap4e1m82anvxpfkbpo-6dnmzblqd7i5qjxkm/logintenantbranding/0/bannerlogo?ts=638472351363842916
IP
ASN #20940 Akamai International B.V.
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerMicrosoft Corporation
Subjectidnaakamaicdn.msftauth.net
FingerprintDC:51:C1:FA:8A:C3:85:DA:8E:3C:1C:06:37:00:90:7A:B4:62:A9:DC
ValidityFri, 27 Dec 2024 18:21:36 GMT - Mon, 22 Dec 2025 18:21:36 GMT
File type PNG image data, 600 x 143, 8-bit/color RGBA, non-interlaced
Hash a5fea74a29da0730c0f41c3e67c7fa67
82e2abd5d403093188ef53f576df40999fbdc5ef
0ef5d592340be7eb72c095728b7fa2ddbf8fb601c4b0a76ad9dd9336eed8e49a
GET /dbd5a2dd-svwunzsap4e1m82anvxpfkbpo-6dnmzblqd7i5qjxkm/logintenantbranding/0/bannerlogo?ts=638472351363842916 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 9099
content-type: image/*
content-md5: pf6nSinaBzDA9Bw+Z8f6Zw==
last-modified: Thu, 28 Mar 2024 15:05:36 GMT
etag: 0x8DC4F38861EA1AA
x-ms-request-id: 758a822c-701e-005b-577a-e07ad9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
date: Wed, 18 Jun 2025 18:00:36 GMT
x-content-type-options: nosniff
akamai-grn: 0.844f2417.1750269636.1cb60257
X-Firefox-Spdy: h2
POST bogco.jlaancyfaw.es/wztqRuiJUYmom5X691b5EO9ILdETzEQMyeNozp
200 OK 20 B URL POST bogco.jlaancyfaw.es/wztqRuiJUYmom5X691b5EO9ILdETzEQMyeNozp
IP
Requested by https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
POST /wztqRuiJUYmom5X691b5EO9ILdETzEQMyeNozp HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org
Content-Type: multipart/form-data; boundary=---------------------------145151802222754628913557856592
Content-Length: 962
Origin: https://bogco.jlaancyfaw.es
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJLcmVxTko5TEVFZjNQMVdwb3VFNHc9PSIsInZhbHVlIjoid3JrSXgzL0d2a1V0Sk9pcHZ2czMxSldlUVlwb2VaNnJ2Q2RZRkhZV0p6eGluU0JYYmxrbVNTeXZUSHkwV3dxNU9FTWVUNHhwQkpXa3BhY1RQQ2VyQzRlMVhpa2RqZklhd3hiMDZ0bi8vRFNWVjlUTlVMaTlxdmdaUTlrcTJDamUiLCJtYWMiOiI1YTFiOGU2YTRlNWY5OTgyMGQyNzM2MGIxY2VjOWEyOGVlMjhhMGQ5ODVmYmY2ZTM5Yjc3MWNhMjYwYWZhNGJmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ikt0RXVLZW9QU1NvV2JkTHhRS2UzR0E9PSIsInZhbHVlIjoibHVUZzBNaEZTTWNhT3pVak5ka3BwYzhxbi9hQnl1SElsd1BqRUp1V0RWdkY2U21oUG85b3pvZ0ZWSkNCWHhFbXRPaEUvekdtb0FNMDE3ekxCR2o5UjZwR3ozMUU5S01pOXRMa05KT2VtUC9DSFhPMjk1MUhGOEVSL3o5UW8yQysiLCJtYWMiOiI3NTZmNDVhOTlmN2RlNzUxZjNiNjc0NWQ3NTZhYWMwMjY2MzI0MmQ3ZDg4ZjJlZTM2MDQ0MTZiYzllZTcyZTUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:26 GMT
content-type: application/json
cf-ray: 951cafabed3c56b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=39bz8AL0qncfbzqPyk7pYUhIwI2YyeJZCChI0BFKctrT2Wnr0WrEcupEWASMk7YJVh421gI%2Fa123FaONTqyclrweYKGK2gOZ%2BWzQOooTlek%3D"}]}
set-cookie: XSRF-TOKEN=eyJpdiI6IlZGdmJIeW5UY05ESG5TNVIySWJncFE9PSIsInZhbHVlIjoiZjFlbVEzWHllMVJ1bXdjZU9vYnZWT3dTWVFvNUt1cG1MckhEV2NYcW9uQ1FJY0hMZ0lRMktONzh6MmNUTERpNDU1czRuQ21Sc3ZWZHVmSTZQNm43UXAwa0hIejRFZ3NqbGlXNmJkWGptTHJEZXI2RHl3bnRnbjROejVMNG4ydSsiLCJtYWMiOiI3ZjUzZjU4YzJjZGIxMTRjOGNkNzc4ZDNkZTRiOTk5MjgxOTIyZTZjMDAwM2JlNGFhNWVmMjBkNjMxYjFlMTFmIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:26 GMT
laravel_session=eyJpdiI6ImhmaTNwN3dBclFwenJLNlhVb1ZKaXc9PSIsInZhbHVlIjoiV1NoV2N1Y1kxZHh4QWhOTDNWWjRBeVdlaFg5VmlURUJmR1N0akYwYjR2V1R4TGdEM1B2MnpnZFZFdUhjejVYTGY4UzFldWZjWUZlMHNqQzNFeUZUdkhJQUJlL1I1ZHVnb2Y4a0lhQURzZ1FJaVFuVUpxdjBBVm0rWk0zc2pKOVYiLCJtYWMiOiI0OTYzZTc4MTZhNzhiNTgwNDFiOGE0ZDgzYzgwZWE3MTk3MWUyNTIyYmQ2M2M2M2NmM2NjMTQzMjI5NDA5Y2FhIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:26 GMT
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2783&min_rtt=669&rtt_var=1568&sent=118&recv=149&lost=0&retrans=0&sent_bytes=9533&recv_bytes=10191&delivery_rate=468490&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=d8c42af06fdba460&ts=9080&inflight_dur=32&x=80"
GET bogco.jlaancyfaw.es/favicon.ico
404 Not Found 0 B URL GET bogco.jlaancyfaw.es/favicon.ico
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Tycoon Phishing Kit
GET /favicon.ico HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6IitkRzFJTmszeURoVmVTb0h4NFlMK3c9PSIsInZhbHVlIjoiTThZSGlOQ0EyRzhQcE94YzBqR0kzMHJVNVYxbzNBVWhabmtKeUU4R0VlOCtlUGtJNkJMendzbmR1N25yWlpTazNPbXdEa09KaVFUM2NZK0ZpbG1lWEc0c1BVWjAyeGhnWU9DQ3VHZHJ2ZUtHQUhhU3ROZ3BwWTJoTkllOXJZbEEiLCJtYWMiOiI0OTcxNTMxNjRjODZjNmZkNjhiMmExMmI1NWI4MTBjYmU0NTIyMzhhNDQxMmZlNzAzZWU3MTY0YzQ3ZDMzZjg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InN3Wks3bFlsR2pZZGF4dFE3cW5IRlE9PSIsInZhbHVlIjoiK0o1QUF1SUpjLzN0ZkhoRngvYkliWDdVdGU4Z2lPNTRvSlc2ckJuOEhwOVVDNTEzd1g3c3NoNlJQL0FueXNtZGdGZFd2UWJZT0F1NXpBRjFSdnJnaHdDUlBNRlNvdDFTNXpKRWdGOGk2K0pGK1cvY1VyYnozVXVWdWkxcWljekEiLCJtYWMiOiIwYmQyMGUwYmU1ZThkNjgyNjFhYzEwNGI3MTljMDUzNTUzZTRlOWI0Mjc5YzU5OWNlM2M3Yjg1NGQ1NTdjYWEwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 18 Jun 2025 18:00:29 GMT
content-type: text/html; charset=UTF-8
cf-ray: 951cafc31e0156b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=h9qWW4kjRG0fKiKN7WwCR4uYNGgJk9S8LIRh5XEwEx4f%2FEv%2BPyUPpHX%2B3XdvxoZjqZfmRDdhUjHv60TAT6o1gWSvwBejWTiZ8hb7M4wxV3k%3D"}]}
cf-cache-status: HIT
vary: accept-encoding
age: 1
cache-control: max-age=14400
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1913&min_rtt=669&rtt_var=1085&sent=159&recv=164&lost=0&retrans=0&sent_bytes=38068&recv_bytes=17801&delivery_rate=7299084&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=d8c42af06fdba460&ts=12028&inflight_dur=48&x=80"
GET bogco.jlaancyfaw.es/styHhVLOh6q8XmxqDsOrt7KC69L4O83o9iixfKlPk335mPm67RIx38MCQVpeKdWI5ubeYaYhKidTEhvNy9Qgh259
200 OK 18 kB URL GET bogco.jlaancyfaw.es/styHhVLOh6q8XmxqDsOrt7KC69L4O83o9iixfKlPk335mPm67RIx38MCQVpeKdWI5ubeYaYhKidTEhvNy9Qgh259
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type RIFF (little-endian) data, Web/P image
Hash 4b52ecdc33382c9dca874f551990e704
8f3bf8e41cd4cdddb17836b261e73f827b84341b
cce050cc3b150c0b370751021bb15018ee2b64ac369e230fe3b571a9b00d4342
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /styHhVLOh6q8XmxqDsOrt7KC69L4O83o9iixfKlPk335mPm67RIx38MCQVpeKdWI5ubeYaYhKidTEhvNy9Qgh259 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: image/webp
content-length: 17842
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="styHhVLOh6q8XmxqDsOrt7KC69L4O83o9iixfKlPk335mPm67RIx38MCQVpeKdWI5ubeYaYhKidTEhvNy9Qgh259"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oxA3JLV7MJ5yNZe8lCE5H0zhm%2B8C6711nIMt1o%2B2rbZnAuC54lGeNYpOLY0Mgr8wcxSoMF8%2FvpBMkinRwmsCtz6dEgxCt%2BMIiT73K1TD"}]}
cf-ray: 951cafcd4e6e56b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1294&min_rtt=669&rtt_var=204&sent=337&recv=199&lost=0&retrans=0&sent_bytes=221292&recv_bytes=36221&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14398&inflight_dur=95&x=80"
GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
200 OK 48 kB URL GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
Requested by https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File type JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Hash 2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 18 Jun 2025 18:00:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
cf-ray: 951caf78d8575689-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 851150
expires: Mon, 08 Jun 2026 18:00:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AsT27lAfqLKuk75kOnzmF9ADrLHlYtkIjM8RJcFxQfzw3YoTGkQx3iibApSka1CpqRob84i%2FrOipJcVqJ6ARTTYVO73ORmKPx6cca4wpFCifEM%2FAzTIl95NLS94qaXPmLfh46cjo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET w7o6s.qsfajwsg.es/chut!28uujl4
200 OK 1 B URL GET w7o6s.qsfajwsg.es/chut!28uujl4
IP
Requested by https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
Certificate IssuerGoogle Trust Services
Subjectqsfajwsg.es
Fingerprint81:E2:C5:A9:71:46:07:52:30:4C:7B:C2:BA:12:02:57:3A:DF:97:35
ValidityTue, 03 Jun 2025 23:11:52 GMT - Tue, 02 Sep 2025 00:10:40 GMT
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /chut!28uujl4 HTTP/1.1
Host: w7o6s.qsfajwsg.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bogco.jlaancyfaw.es/
Origin: https://bogco.jlaancyfaw.es
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 18 Jun 2025 18:00:26 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
access-control-allow-origin: *
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UW9Ccwy8aH1ZqNy4JvRbwKMPDjN37ZOkXSA0HVxRdkn38zSDYNyN80UOEvm53GTHZLh5Gic3isEjv%2BtJVsY9lLU1T1kXfIenn9V3lnA45g%3D%3D"}]}
content-encoding: br
cf-ray: 951cafa58eff56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET bogco.jlaancyfaw.es/yzv7HoXk6J4MWzK3BAvc6FfAP5qhajAumSCop5K9SwIa53dfIJm4VkMi90173
200 OK 2.9 kB URL GET bogco.jlaancyfaw.es/yzv7HoXk6J4MWzK3BAvc6FfAP5qhajAumSCop5K9SwIa53dfIJm4VkMi90173
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type SVG Scalable Vector Graphics image
Hash fe87496cc7a44412f7893a72099c120a
a0c1458c08a815df63d3cb0406d60be6607ca699
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /yzv7HoXk6J4MWzK3BAvc6FfAP5qhajAumSCop5K9SwIa53dfIJm4VkMi90173 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: image/svg+xml
cf-ray: 951cafcd3e6756b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="yzv7HoXk6J4MWzK3BAvc6FfAP5qhajAumSCop5K9SwIa53dfIJm4VkMi90173"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Mh9kvt4GYjlhTzTB4qjN8evptlrDn0ctD%2FkFCxldYLbbZOzRrPuU1a30ztEmQgRuHxBx%2F0wE0NbDZKgGXTfIeH41J2jLXZQA0VKP2EOn1dc%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1313&min_rtt=669&rtt_var=263&sent=360&recv=201&lost=0&retrans=0&sent_bytes=246788&recv_bytes=36316&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14422&inflight_dur=100&x=80"
GET bogco.jlaancyfaw.es/mnI8nQDkqAwg5yBtWqKpansiZu1Ln56bXIWbNFhtUWoiJrQaXaRxefAuv220
200 OK 1.9 kB URL GET bogco.jlaancyfaw.es/mnI8nQDkqAwg5yBtWqKpansiZu1Ln56bXIWbNFhtUWoiJrQaXaRxefAuv220
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type SVG Scalable Vector Graphics image
Hash bc3d32a696895f78c19df6c717586a5d
9191cb156a30a3ed79c44c0a16c95159e8ff689d
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /mnI8nQDkqAwg5yBtWqKpansiZu1Ln56bXIWbNFhtUWoiJrQaXaRxefAuv220 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:33 GMT
content-type: image/svg+xml
cf-ray: 951cafd48eb356b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="mnI8nQDkqAwg5yBtWqKpansiZu1Ln56bXIWbNFhtUWoiJrQaXaRxefAuv220"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QHFaF%2Bx1FQ76Bit45U6BqUWgnbUe6RRAPs0zBFNflKuS1%2FcE6ovoytGOEIfUJ2G4nZ2aIvdcy1%2BP80pTn3wTqdK1ZdCCPGodh0rc6yF9Mao%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2985&min_rtt=669&rtt_var=786&sent=590&recv=224&lost=0&retrans=0&sent_bytes=504492&recv_bytes=39290&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=15218&inflight_dur=158&x=80"
GET ok4static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2
200 OK 20 kB URL GET ok4static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerDigiCert Inc
Subject*.oktacdn.com
Fingerprint3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5
ValidityMon, 02 Dec 2024 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 20416, version 2.197
Hash d99a7377dabb55772ca9f986b0a04b57
2b5fcd8431953c44e410d0489899e74f6d2cfecc
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
GET /assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2 HTTP/1.1
Host: ok4static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bogco.jlaancyfaw.es
DNT: 1
Connection: keep-alive
Referer: https://ok4static.oktacdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 20416
accept-ranges: bytes
server: nginx
last-modified: Tue, 07 Nov 2023 18:56:28 GMT
x-amz-meta-sha1sum: 2b5fcd8431953c44e410d0489899e74f6d2cfecc
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
date: Mon, 09 Jun 2025 08:53:29 GMT
expires: Tue, 09 Jun 2026 08:53:29 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
etag: "d99a7377dabb55772ca9f986b0a04b57"
x-cache: Hit from cloudfront
via: 1.1 c16cb9fc938243bd0209a41893a00da4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: 35SeIQu5tOh3KMtShdoZT_AR-c9yB3jsVYKVcO84UHzF5GTH1fjRpw==
age: 810423
X-Firefox-Spdy: h2
GET developers.cloudflare.com/favicon.png
200 OK 937 B URL GET developers.cloudflare.com/favicon.png
IP
Requested by https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
Certificate IssuerGoogle Trust Services
Subjectdevelopers.cloudflare.com
FingerprintD9:49:C8:81:82:61:AD:08:62:72:50:FC:EF:AC:49:10:1D:B0:90:17
ValidityTue, 13 May 2025 00:16:33 GMT - Mon, 11 Aug 2025 01:16:30 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Hash fc3b7bbe7970f47579127561139060e2
3f7c5783fe1f4404cb16304a5a274778ea3abd25
85e6223afdbd5badf2c79bcfbaa6fe686acaa781eca52c196647ffabb3be2ffe
GET /favicon.png HTTP/1.1
Host: developers.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 18 Jun 2025 18:00:18 GMT
content-type: image/png
content-length: 937
cf-ray: 951caf7ada2c5690-OSL
cf-cache-status: HIT
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "6be7ff94b6151f8cfbf08b53a17e2ac1"
set-cookie: __cf_bm=X8RKuJm2edUxnWWG4MjQe7fTfUF7zBA7DWbddQnPmBg-1750269618-1.0.1.1-wfdJ9Ui2v6eJpmqvY7BwcunRLkeXWkHIgvvAMBC0XpztCd8OkFTCsYpR2EsOS2jZt7RfhFNMmlJcGHuCGxNxf5n1rBovD0QjMHVgmNbP.Nw; path=/; expires=Wed, 18-Jun-25 18:30:18 GMT; domain=.developers.cloudflare.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
200 OK 48 kB URL GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File type JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Hash 2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
cf-ray: 951cafcbbf1a5685-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 851163
expires: Mon, 08 Jun 2026 18:00:31 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3xwoAhbM3bvG44EJKfjnBR2iTZpWq01gbMD1epdP0%2BXbi%2B40tOIFXdN80hx9cjGp4GTIeVzY2KseV%2Bh%2Fwf73YajCestV3vpXf1YAE2377LV64P8p9OhppDRq9KbJ%2BGGYRnGlKivn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET bogco.jlaancyfaw.es/opaVExNdIu69sgtdA1Ef4vEI1FaghEohUdzxhlQjxv5n40AuB67140
200 OK 892 B URL GET bogco.jlaancyfaw.es/opaVExNdIu69sgtdA1Ef4vEI1FaghEohUdzxhlQjxv5n40AuB67140
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type RIFF (little-endian) data, Web/P image
Hash 41d62ca205d54a78e4298367482b4e2b
839aae21ed8ecfc238fdc68b93ccb27431cd5393
20a4a780db0bcc047015a0d8037eb4eb58b3e5cb338673799c030a3e1b626b40
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /opaVExNdIu69sgtdA1Ef4vEI1FaghEohUdzxhlQjxv5n40AuB67140 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: image/webp
content-length: 892
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="opaVExNdIu69sgtdA1Ef4vEI1FaghEohUdzxhlQjxv5n40AuB67140"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=S41l7JsFWmCOcigbKVKjki498UZKvF0OeSaUw5Wj3NfrMptolBHN20KrcBvp%2B%2FX3BBxQ%2FZUAMHE%2BPxisP2dkCyKkOR1S0CE7XXmYmzts4ZM%3D"}]}
cf-ray: 951cafcd2e6456b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1337&min_rtt=669&rtt_var=255&sent=322&recv=196&lost=0&retrans=0&sent_bytes=207300&recv_bytes=36085&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14388&inflight_dur=87&x=80"
GET cxppeur1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js
200 OK 52 kB URL GET cxppeur1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://public-eur.mkt.dynamics.com/api/orgs/56ba32c6-2b3f-f011-a209-000d3adc9651/r/a1FS-tNCp02zLbSqjGQDAAAAAAA?target={%22TargetUrl%22:%22https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org%22,%22RedirectOptions%22:{%225%22:null,%221%22:null}}&digest=smdEIClI3BNGCSdwbpNy7IPzwye/Xw3UoIDjMA+ycGE=&secretVersion=7c13c22c20aa46a1b2fc8b71fde4d19a
Certificate IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
Fingerprint73:96:97:AD:85:B3:98:01:B8:1E:47:25:42:37:0B:38:5A:52:1F:0A
ValidityThu, 23 Jan 2025 18:07:15 GMT - Tue, 22 Jul 2025 18:07:15 GMT
File type JavaScript source, ASCII text, with very long lines (51528)
Hash e38bc64915f250aef4222e17c85770de
b7cfcae66774b94e3b3fe4bb23aab901a623afa5
acefc8761c02b81801767512d06edff4b970cfbb5ae49d6253d9494504a92feb
GET /botdetection/BotDetection/BotDetection.bundle.js HTTP/1.1
Host: cxppeur1rdrect01sa02cdn.blob.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://public-eur.mkt.dynamics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 51601
Content-Type: application/javascript
Content-MD5: 44vGSRXyUK70Ii4XyFdw3g==
Last-Modified: Thu, 22 May 2025 11:40:12 GMT
ETag: 0x8DD99256A040F79
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6d9989a6-c01e-00e3-147a-e038b1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Date: Wed, 18 Jun 2025 18:00:15 GMT
POST bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
200 OK 25 kB URL POST bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
IP
Requested by https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type HTML document, ASCII text, with very long lines (24808), with CRLF line terminators
Hash 39e0d541161c9ace77f6b3e261b5e76d
02d5c64ede9644fdcbd3f26d53bb1ad0bf1aeb4c
694be6dc72a5d45dd0ef8f4d6574657916e19fcc6d6ca5ba3fda8eb6d4b14874
Analyzer Verdict Alert urlquery suspicious Suspicious - Anti-debugging code
urlquery phishing Phishing - Tycoon Phishing Kit
POST /IICQiex@v1hSA/$moss@ymcaret.org HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org
Content-Type: multipart/form-data; boundary=---------------------------10572901508629869171068915074
Content-Length: 172
Origin: https://bogco.jlaancyfaw.es
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IitZOU1vQnYyRThJU2dKbGRtRGh3VXc9PSIsInZhbHVlIjoiZ3MxTlVHRkFyQ252ZHd5YmFUNEtOZXVyVytrQWxVNHJlSTg5VisrQmFzbVZHYmhKRk0vQU82SmVDY3EwQjZWVnYrVUVLTFpPYWdRT1JBTmVhVUtvUkJseGkxem9sK0VwYkxReDNFdlRRcG94aTRIZ2sxV1BsbWIzc1p3a0RicDYiLCJtYWMiOiJjOTdmM2VmMjk0ZGUzNjM1ODJmNzgzNDZmZjVkMzNiZmQ3NDZmOTEyM2U3YzJmN2Y1Y2UxNjcyM2EyNmJjNTg0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlRtbUpuUS9zb2dRMVBsdW9uTHlKYUE9PSIsInZhbHVlIjoid2NWMEVEby90Q3dvUG1rYnRzb0xMdTNBc0hpZHNDVCtQZ2ZDdHlzckhYbzNmU2I5R20zM0NmcXNtd1JDd2FRaU8reVh0bFp4aTJET2oyVHRnSzZ2dFBJRkZITGlBa0ZJbWJhWDY3TjZJdW9WUFRxR0ZXUW5hT1pXa1JBSytXS2ciLCJtYWMiOiIyZTgwYWFmNWYwMjQ5Y2E2NGI0NDEzNTU1OGI1MjVhZTU0NWQwN2E5MTMwNTYxY2JlYzQ1MTcxMDBkMzg0YTBhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:28 GMT
content-type: text/html; charset=UTF-8
cf-ray: 951cafb47da256b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=m04zEO9ds0jVt2%2FgaclIKFLGRPc0X9Jy4F8Rhre0KTpwis8e%2Bk82EDi%2B7GUaPtqRR2Hq2uI9tVg1krAbNtUmvOdi0xf9t8km64lwGLjd"}]}
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6InB3SDhXWVM3Um43SytxanhUbExGMUE9PSIsInZhbHVlIjoiVXhPTEVvUGhwVjI5d2Rpd28yTjluTWlMVDBmdkptNkxEK0l5dE9ZeW9RbTE5YTdEUjRJZXZTb0hBeGsvVnh1L21OUG8zbU5FM3YzV2Q1M1hJOS9oTTlPZGJXYmlMRGxCUmNueUF2YXZmZEF3cE95QjdleDJTdTBOZDBpdFNmR24iLCJtYWMiOiJhNDJmYjliNjE4M2U5ZDA4ODlkNzhlOGNiZjkwZTM3NGI5NGZhZGVmMWY5NjIxNmFmNTY4ZjQwYTc4YTFkYzNmIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:27 GMT
laravel_session=eyJpdiI6IjNTQ1kvTHRPN24yMmo0WmlhOWtUY1E9PSIsInZhbHVlIjoiWW5tSUdhVzhYcnV1VmNFWjBaSFlNamFtcStwdXgwN0NDbGhPelpiajgwSEpicVp5QzJVd2RrUldLWkk5WXluTjVWQzhIL0xYQXRtWjVlc2dpSmxwUXY5VHFzZloxOE1wNFB2ZmE5MDlkbmhsZXZ6WjdCeTlnTEhwbUQveXdabU8iLCJtYWMiOiI2YjViNWI1ZmI3MTZlNzk2OGRiMzQ2OTMzYzIxN2U3ZTkxM2Y0Y2RjYTMzZWE1ZGVjZmQ1NmY4NWIzZWMxN2VhIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 18 Jun 2025 20:00:27 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2503&min_rtt=669&rtt_var=1380&sent=128&recv=154&lost=0&retrans=0&sent_bytes=13133&recv_bytes=13289&delivery_rate=976200&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=d8c42af06fdba460&ts=10183&inflight_dur=37&x=80"
GET code.jquery.com/jquery-3.6.0.min.js
200 OK 90 kB URL GET code.jquery.com/jquery-3.6.0.min.js
IP
Requested by https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 18 Jun 2025 18:00:18 GMT
age: 1998618
x-served-by: cache-lga21931-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 471845
x-timer: S1750269618.167044,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
GET bogco.jlaancyfaw.es/favicon.ico
404 Not Found 0 B URL GET bogco.jlaancyfaw.es/favicon.ico
IP
Requested by https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Tycoon Phishing Kit
GET /favicon.ico HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org
Cookie: XSRF-TOKEN=eyJpdiI6IitZOU1vQnYyRThJU2dKbGRtRGh3VXc9PSIsInZhbHVlIjoiZ3MxTlVHRkFyQ252ZHd5YmFUNEtOZXVyVytrQWxVNHJlSTg5VisrQmFzbVZHYmhKRk0vQU82SmVDY3EwQjZWVnYrVUVLTFpPYWdRT1JBTmVhVUtvUkJseGkxem9sK0VwYkxReDNFdlRRcG94aTRIZ2sxV1BsbWIzc1p3a0RicDYiLCJtYWMiOiJjOTdmM2VmMjk0ZGUzNjM1ODJmNzgzNDZmZjVkMzNiZmQ3NDZmOTEyM2U3YzJmN2Y1Y2UxNjcyM2EyNmJjNTg0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlRtbUpuUS9zb2dRMVBsdW9uTHlKYUE9PSIsInZhbHVlIjoid2NWMEVEby90Q3dvUG1rYnRzb0xMdTNBc0hpZHNDVCtQZ2ZDdHlzckhYbzNmU2I5R20zM0NmcXNtd1JDd2FRaU8reVh0bFp4aTJET2oyVHRnSzZ2dFBJRkZITGlBa0ZJbWJhWDY3TjZJdW9WUFRxR0ZXUW5hT1pXa1JBSytXS2ciLCJtYWMiOiIyZTgwYWFmNWYwMjQ5Y2E2NGI0NDEzNTU1OGI1MjVhZTU0NWQwN2E5MTMwNTYxY2JlYzQ1MTcxMDBkMzg0YTBhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 18 Jun 2025 18:00:28 GMT
content-type: text/html; charset=UTF-8
cf-ray: 951cafb46da056b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=h9qWW4kjRG0fKiKN7WwCR4uYNGgJk9S8LIRh5XEwEx4f%2FEv%2BPyUPpHX%2B3XdvxoZjqZfmRDdhUjHv60TAT6o1gWSvwBejWTiZ8hb7M4wxV3k%3D"}]}
cf-cache-status: MISS
vary: accept-encoding
cache-control: max-age=14400
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2054&min_rtt=669&rtt_var=1242&sent=148&recv=157&lost=0&retrans=0&sent_bytes=33623&recv_bytes=13426&delivery_rate=7299084&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=d8c42af06fdba460&ts=10581&inflight_dur=42&x=80"
GET bogco.jlaancyfaw.es/GDSherpa-bold.woff2
200 OK 28 kB URL GET bogco.jlaancyfaw.es/GDSherpa-bold.woff2
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
Hash a4bca6c95fed0d0c5cc46cf07710dcec
73b56e33b82b42921db8702a33efd0f2b2ec9794
5a51d246af54d903f67f07f2bd820ce77736f8d08c5f1602db07469d96dbf77f
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /GDSherpa-bold.woff2 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: font/woff2
content-length: 28000
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-bold.woff2"
cf-cache-status: MISS
last-modified: Wed, 18 Jun 2025 18:00:32 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=f200D0z8bW8g4ct3PmdafDwVxOBROfWVOyt1BS6sM0o0LZqdd5rK5wioDhokTTmZUvlw%2FYoGnjKTjfhc%2FBqCnoKP7OQmQKt47IfQVAou"}]}
cache-control: max-age=14400
cf-ray: 951cafcd2e5d56b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1999&min_rtt=669&rtt_var=1020&sent=433&recv=211&lost=0&retrans=0&sent_bytes=325651&recv_bytes=36796&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14747&inflight_dur=122&x=80"
GET code.jquery.com/jquery-3.6.0.min.js
200 OK 90 kB URL GET code.jquery.com/jquery-3.6.0.min.js
IP
Requested by https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org#msdynmkt_trackingcontext=fa52516b-42d3-4da7-b32d-b4aa8c640300
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 18 Jun 2025 18:00:28 GMT
age: 1998628
x-served-by: cache-lga21931-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 471851
x-timer: S1750269629.661604,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
GET bogco.jlaancyfaw.es/GDSherpa-vf.woff2
200 OK 44 kB URL GET bogco.jlaancyfaw.es/GDSherpa-vf.woff2
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
Hash 2a05e9e5572abc320b2b7ea38a70dcc1
d5fa2a856d5632c2469e42436159375117ef3c35
3efcb941aaddaf4aea08dab3fb97d3e904aa1b83264e64b4d5bda53bc7c798ec
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /GDSherpa-vf.woff2 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: font/woff2
content-length: 43596
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-vf.woff2"
cf-cache-status: MISS
last-modified: Wed, 18 Jun 2025 18:00:32 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=V37Qjwbe18WSvmKn4FDTG9k7xSnpchVpBZfeEuvedG6qN0IswDqGAa5c443k%2FtrgMm3huO%2BBvNQX5WfhCIxhiE5VDoNCtRvcN7TSDyGE%2FfA%3D"}]}
cache-control: max-age=14400
cf-ray: 951cafcd2e6256b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2412&min_rtt=669&rtt_var=905&sent=511&recv=218&lost=0&retrans=0&sent_bytes=414114&recv_bytes=39005&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14931&inflight_dur=140&x=80"
GET public-eur.mkt.dynamics.com/api/orgs/56ba32c6-2b3f-f011-a209-000d3adc9651/r/a1FS-tNCp02zLbSqjGQDAAAAAAA?target={%22TargetUrl%22:%22https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org%22,%22RedirectOptions%22:{%225%22:null,%221%22:null}}&digest=smdEIClI3BNGCSdwbpNy7IPzwye/Xw3UoIDjMA+ycGE=&secretVersion=7c13c22c20aa46a1b2fc8b71fde4d19a
200 OK 792 B URL User Request GET public-eur.mkt.dynamics.com/api/orgs/56ba32c6-2b3f-f011-a209-000d3adc9651/r/a1FS-tNCp02zLbSqjGQDAAAAAAA?target={%22TargetUrl%22:%22https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org%22,%22RedirectOptions%22:{%225%22:null,%221%22:null}}&digest=smdEIClI3BNGCSdwbpNy7IPzwye/Xw3UoIDjMA+ycGE=&secretVersion=7c13c22c20aa46a1b2fc8b71fde4d19a
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectprdia888neu0aks.mkt.dynamics.com
Fingerprint01:93:08:3F:12:8A:E5:EF:8B:CB:61:26:21:86:BB:F9:9E:D5:DA:31
ValidityWed, 07 May 2025 20:02:01 GMT - Mon, 03 Nov 2025 20:02:01 GMT
File type HTML document, ASCII text, with very long lines (792), with no line terminators
Hash 6144f276b02c6d75f714475334c41309
5e4cd01cd8d6174d46c2a0478652ad098a545470
e3a15c434da3b0b35f2d38e1493eecaac99448cd0ded6880abd7bc9e6374fbeb
GET /api/orgs/56ba32c6-2b3f-f011-a209-000d3adc9651/r/a1FS-tNCp02zLbSqjGQDAAAAAAA?target={%22TargetUrl%22:%22https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org%22,%22RedirectOptions%22:{%225%22:null,%221%22:null}}&digest=smdEIClI3BNGCSdwbpNy7IPzwye/Xw3UoIDjMA+ycGE=&secretVersion=7c13c22c20aa46a1b2fc8b71fde4d19a HTTP/1.1
Host: public-eur.mkt.dynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jun 2025 18:00:15 GMT
content-type: text/html
content-length: 792
x-ms-trace-id: bb361ae84445507e0146605bb0eac281
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2
POST public-eur.mkt.dynamics.com/api/orgs/56ba32c6-2b3f-f011-a209-000d3adc9651/cp/a1FS-tNCp02zLbSqjGQDABMrvTpE75lImPj8CECxsSY
202 Accepted 0 B URL POST public-eur.mkt.dynamics.com/api/orgs/56ba32c6-2b3f-f011-a209-000d3adc9651/cp/a1FS-tNCp02zLbSqjGQDABMrvTpE75lImPj8CECxsSY
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://public-eur.mkt.dynamics.com/api/orgs/56ba32c6-2b3f-f011-a209-000d3adc9651/r/a1FS-tNCp02zLbSqjGQDAAAAAAA?target={%22TargetUrl%22:%22https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org%22,%22RedirectOptions%22:{%225%22:null,%221%22:null}}&digest=smdEIClI3BNGCSdwbpNy7IPzwye/Xw3UoIDjMA+ycGE=&secretVersion=7c13c22c20aa46a1b2fc8b71fde4d19a
Certificate IssuerMicrosoft Corporation
Subjectprdia888neu0aks.mkt.dynamics.com
Fingerprint01:93:08:3F:12:8A:E5:EF:8B:CB:61:26:21:86:BB:F9:9E:D5:DA:31
ValidityWed, 07 May 2025 20:02:01 GMT - Mon, 03 Nov 2025 20:02:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/orgs/56ba32c6-2b3f-f011-a209-000d3adc9651/cp/a1FS-tNCp02zLbSqjGQDABMrvTpE75lImPj8CECxsSY HTTP/1.1
Host: public-eur.mkt.dynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public-eur.mkt.dynamics.com/api/orgs/56ba32c6-2b3f-f011-a209-000d3adc9651/r/a1FS-tNCp02zLbSqjGQDAAAAAAA?target={%22TargetUrl%22:%22https://bogco.jlaancyfaw.es/IICQiex@v1hSA/$moss@ymcaret.org%22,%22RedirectOptions%22:{%225%22:null,%221%22:null}}&digest=smdEIClI3BNGCSdwbpNy7IPzwye/Xw3UoIDjMA+ycGE=&secretVersion=7c13c22c20aa46a1b2fc8b71fde4d19a
Content-Type: application/json
Content-Length: 360
Origin: https://public-eur.mkt.dynamics.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
server: nginx
date: Wed, 18 Jun 2025 18:00:16 GMT
content-length: 0
access-control-allow-origin: *
x-ms-trace-id: fa4f22313407dd43edd1cc63c25aee90
strict-transport-security: max-age=2592000; preload
X-Firefox-Spdy: h2
GET bogco.jlaancyfaw.es/GDSherpa-regular.woff
200 OK 37 kB URL GET bogco.jlaancyfaw.es/GDSherpa-regular.woff
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type Web Open Font Format, TrueType, length 36696, version 1.0
Hash a69e9ab8afdd7486ec0749c551051ff2
c34e6aa327b536fb48d1fe03577a47c7ee2231b8
fd78a1913db912221b8ead1e62fad47d1ff0a9fa6cd88d3b128a721ad91d2faf
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Tycoon Phishing Kit
GET /GDSherpa-regular.woff HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:32 GMT
content-type: font/woff
content-length: 36696
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-regular.woff"
cf-cache-status: MISS
last-modified: Wed, 18 Jun 2025 18:00:32 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BXhYsv3xAo3rpras6bNeTwzBWR%2Bljavy2WmWSUYAjwtuZhg%2FXyipN%2F3RdChdWE%2BudXGE%2B9T%2B0M7q6BFspyMWxCofFbb%2FEscOxrnlL0yb"}]}
cache-control: max-age=14400
cf-ray: 951cafcd2e6056b5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1390&min_rtt=669&rtt_var=378&sent=391&recv=207&lost=0&retrans=0&sent_bytes=278920&recv_bytes=36601&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=14589&inflight_dur=111&x=80"
GET bogco.jlaancyfaw.es/56yBjdF8x9LNDHDFEmrkQRa3Mpkl3K41KeMii2mr4967110
200 OK 293 kB URL GET bogco.jlaancyfaw.es/56yBjdF8x9LNDHDFEmrkQRa3Mpkl3K41KeMii2mr4967110
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerGoogle Trust Services
Subjectjlaancyfaw.es
FingerprintE5:65:6D:0C:98:8B:3E:1C:4B:51:7D:CD:FB:B6:EF:D8:6A:BD:C0:C1
ValidityWed, 14 May 2025 15:42:57 GMT - Tue, 12 Aug 2025 16:39:16 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 293 kB (292748 bytes)
Hash bf1842c2fd860a7809d3fe2e6aa9fd47
f652abd5a6954c760c8df4be1cb8905b36cedab9
c92fb0a9442b9c578002b60e35af1abeb388e5ac5d2731dec1899eca486b18dc
Analyzer Verdict Alert urlquery phishing Phishing - Tycoon Phishing Kit
GET /56yBjdF8x9LNDHDFEmrkQRa3Mpkl3K41KeMii2mr4967110 HTTP/1.1
Host: bogco.jlaancyfaw.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Cookie: XSRF-TOKEN=eyJpdiI6Im4xaWFQamF1VEt0SEV1VEpQc1phL2c9PSIsInZhbHVlIjoiOFVCenVzdXBHbVFXb2lZNDZQVFdsVWhLNGRKSXZITEpObjV3YkpESjE5cmpXTkI3NGtoN1VpVnFKUk9xWXZnSUN6VlRBQ2VaZU03cGg0emllcDlSVkt1Y2VVbTJkbHl6SE8xdFRYeko2QXJjb2tOVHNxUFpGWmt1RVhQaEpIcksiLCJtYWMiOiIyYzVhYzE2YjZmMmIwYWUyYmI2NTI0MDE4MTZmMzgyNGY3NzdlNTc4MmQxY2QzNmI0Njg3N2QzZTY0YTY5OGFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImlUVjk2enlDL3cwZW1tcndLakc2bnc9PSIsInZhbHVlIjoiYk9LcnNtQTE4cUJ5V1RkZFZDNklkWjNCMndBSEZzK2JBRTY0ckd0UXRPSmY4dHByeTY2S253L1N5RmJHYS9PaDRVTW1RUmJxTjFBRmllYlZtTWFRZkNRMll3VDBMYnJydGl6M3pVMXNTYU1JcGdkN3luQjZkYUNtR2tQY2VIcGkiLCJtYWMiOiJiMzA3NTBhZjdlMzE3N2QxMDEyYTdjNDUxMzM5ZjEyMzFlYWVjMDhmYzI1NzY5NWEwYmRhZjZjZjdmZjJmZmU3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 18 Jun 2025 18:00:33 GMT
content-type: application/javascript
cf-ray: 951cafcd4e6f56b5-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="56yBjdF8x9LNDHDFEmrkQRa3Mpkl3K41KeMii2mr4967110"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Tp7IV1%2FbXU2eYP7c%2Bl2IWX%2BQk3njBe7IpOECpktWXXZ%2F1SA5tuM5eKRtwHaXjikAlNKfrNFk2jsSKxV0arAHKaviG7WLbovA2X4%2BjSPKHGI%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2791&min_rtt=669&rtt_var=782&sent=580&recv=222&lost=0&retrans=0&sent_bytes=492724&recv_bytes=39193&delivery_rate=21140206&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=93600&unsent_bytes=0&cid=d8c42af06fdba460&ts=15108&inflight_dur=152&x=80"
GET ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7
200 OK 11 kB URL GET ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7
IP
Requested by https://bogco.jlaancyfaw.es/HVQHVRNNFUNZVDWAWRJwtjqfmcfrfcknuiddvqcpe7XZ183SYCNH2GPTWGJ7NW37Z0HQ?ERZHOGZYOQQSCSXQLGYKZTTHI
Certificate IssuerDigiCert Inc
Subject*.oktacdn.com
Fingerprint3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5
ValidityMon, 02 Dec 2024 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT
File type PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
Hash 12bdacc832185d0367ecc23fd24c86ce
4422f316eb4d8c8d160312bb695fd1d944cbff12
877ae491d9aac5c6ef82a8430f9f652ace8a0dbc7294bd112aad49bd593769d0
GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1
Host: ok4static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bogco.jlaancyfaw.es/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 10796
accept-ranges: bytes
server: nginx
last-modified: Tue, 23 Feb 2021 04:20:08 GMT
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-security-policy: default-src 'none'; img-src 'self'; require-trusted-types-for 'script'; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce
x-content-type-options: nosniff
date: Sun, 08 Jun 2025 16:31:18 GMT
expires: Mon, 08 Jun 2026 16:31:18 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
etag: "12bdacc832185d0367ecc23fd24c86ce"
x-cache: Hit from cloudfront
via: 1.1 c16cb9fc938243bd0209a41893a00da4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: RgeNtxZ7Ahlt0dVz0qWNEKTCg3IDz52zS1MaIrLmsbpqD2SFHjO4Dw==
age: 869353
X-Firefox-Spdy: h2
40.113.183.0
151.101.2.137
172.67.188.213
140.82.121.4
23.36.77.249
20.60.40.68