Report - benaturalfitnese.sa.com/new/auth/sf_rand_string

Report Overview

Submitted URL
benaturalfitnese.sa.com/new/auth/sf_rand_string_lowercase6/ZXJpbkBlcG5ldmlucy5jb20=
IP
162.241.69.179
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-06-08 16:24:27
Access
public
Website Title
Final URL
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
tg99cjqxtr647a2a44d78d6.casagr.ru	unknown	2023-05-08	2023-06-05	2023-06-06	12 kB	957 kB	104.21.91.83
unpkg.com	11693	2016-01-06	2016-01-08	2023-06-08	864 B	65 kB	104.16.125.175
benaturalfitnese.sa.com	unknown	2023-02-18	2023-02-18	2023-06-06	539 B	271 B	162.241.69.179

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	tg99cjqxtr647a2a44d78d6.casagr.ru/boot/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea5	51 kB	2023-03-07	2024-05-10
Pretty URL tg99cjqxtr647a2a44d78d6.casagr.ru/boot/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea5 IP 104.21.91.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-10 23:52:53 Times Seen247825 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	unknown	79 B	2023-04-11	2024-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-05-11 00:25:46 Times Seen125936 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	unpkg.com/axios/dist/axios.min.js	32 kB	2023-04-28	2024-05-09
Pretty URL unpkg.com/axios/dist/axios.min.js IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-28 01:15:05 Last Seen2024-05-09 10:36:32 Times Seen57619 Hash 6470a918ba1fd4b8d0882df0269ddb82 97814fdab64aa7d1b30f082f9eb272d4b1ce18a2 fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e Loading...

	tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc	22 kB	2023-05-29	2023-08-16
Pretty URL tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc IP 104.21.91.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-29 14:55:11 Last Seen2023-08-16 07:50:44 Times Seen16509 Hash 086052f76d60bc51a4efeb41f91ee74f b2d8fedd01775214ead1d546662f0bd2d42da5fa 1eba754a312ca7dbad8a2a57b8b2b1fd3c410550151a1556128e82e42d37ea1f Loading...

	tg99cjqxtr647a2a44d78d6.casagr.ru/jq/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea2	86 kB	2023-03-07	2024-05-11
Pretty URL tg99cjqxtr647a2a44d78d6.casagr.ru/jq/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea2 IP 104.21.91.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-11 00:13:28 Times Seen390716 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc	1.2 kB	2023-06-08	2023-06-08
Pretty URL tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc IP 104.21.91.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-08 18:24:28 Last Seen2023-06-08 18:24:28 Times Seen1 Hash 8093e8be022ffaddbbe73e14c4b93dd0 8fc4428b840f55509419cf8de37a9c2ac82ab951 351d78da6e6b301c90e3fcb89d530206dbf26ffb494fc9007f8fd218bedbbcb5 Loading...

	tg99cjqxtr647a2a44d78d6.casagr.ru/jm/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea6	6.1 kB	2023-05-29	2023-08-16
Pretty URL tg99cjqxtr647a2a44d78d6.casagr.ru/jm/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea6 IP 104.21.91.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-29 14:55:11 Last Seen2023-08-16 07:50:44 Times Seen18055 Hash 93aae148989a78e99a23d9ca0c363c8a b692873e3b6523458a636a50a736b0e9265963a8 24222e1acb18736764d7d4234f3772529beb02c3979cd5bbff51791809ead525 Loading...

	unknown	37 B	2023-04-11	2024-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-11 00:33:41 Times Seen235810 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5d57f3a2f850abb9019d41d25b055737	2.4 kB	2023-06-08	2023-06-08
Pretty Observations First Seen2023-06-08 18:24:28 Last Seen2023-06-08 18:27:52 Times Seen2 Hash 5d57f3a2f850abb9019d41d25b055737 6ea1fc97ca8ff11197c3b16f86d45716efeaf3c5 78788e6b28dc022507b1c93ac57b344f30aeaa91486524514a21a5649c37ea75 Loading...

	#2 Eval - 59eb898b68c473386462a913174e8612	1.2 kB	2023-06-08	2023-06-08
Pretty Observations First Seen2023-06-08 18:24:28 Last Seen2023-06-08 18:24:28 Times Seen1 Hash 59eb898b68c473386462a913174e8612 75044abb70897b00db04550234f3eb453a679086 3630c3d38284e8bc44621cb47f69dd9b96f8b946d517492b0b0f5f638c567bf5 Loading...

	#3 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-11 00:26:45 Times Seen352100 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#4 Eval - 93e354e833ee7b4feead7057a3f33168	13 B	2023-03-13	2023-07-11
Pretty Observations First Seen2023-03-13 20:39:31 Last Seen2023-07-11 14:53:30 Times Seen14356 Hash 93e354e833ee7b4feead7057a3f33168 4025c763f11cdc2eef6318108989528620fef9e7 80b90237b40178e74c34d6652d95b3918d01b603ba83f9dce47ba6b19343c245 Loading...

	#5 Eval - d084c0ca33481809130cc222b8f62408	1.1 kB	2023-06-06	2023-06-08
Pretty Observations First Seen2023-06-06 02:24:38 Last Seen2023-06-08 18:24:28 Times Seen2 Hash d084c0ca33481809130cc222b8f62408 5db8b7a6dcc841b5505b9020b67f0f6690a8c641 d768cdb82ed29ab46051e9a773c39d63d107f49b644e489f451ff68166505b83 Loading...

HTTP Transactions (20)

URL IP Response Size

benaturalfitnese.sa.com/new/auth/sf_rand_string_lowercase6/ZXJpbkBlcG5ldmlucy5jb20=

162.241.69.179

200 OK

0 B

URL User Request GET HTTP/1.1
benaturalfitnese.sa.com/new/auth/sf_rand_string_lowercase6/ZXJpbkBlcG5ldmlucy5jb20=
IP
162.241.69.179:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subject*.benaturalfitnese.sa.com
FingerprintF5:B4:8B:5E:FE:26:11:E8:3D:9B:A1:D6:0A:AD:21:4C:05:29:95:20
ValidityThu, 01 Jun 2023 09:13:09 GMT - Wed, 30 Aug 2023 09:13:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /new/auth/sf_rand_string_lowercase6/ZXJpbkBlcG5ldmlucy5jb20= HTTP/1.1
Host: benaturalfitnese.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Jun 2023 16:24:08 GMT
Server: Apache
refresh: 0;url=https://tg99cjqxtr647a2a44d78d6.casagr.ru/Merin@epnevins.com
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

tg99cjqxtr647a2a44d78d6.casagr.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d427bc6fe23b51b

104.21.91.83

42 B

URL
tg99cjqxtr647a2a44d78d6.casagr.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d427bc6fe23b51b
IP
104.21.91.83:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d427bc6fe23b51b HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/Merin@epnevins.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:10 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 30 May 2023 15:20:42 GMT
etag: "6476144a-2a"
server: cloudflare
cf-ray: 7d427bc83df61c0e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 08 Jun 2023 18:24:10 GMT
cache-control: max-age=7200, public
accept-ranges: bytes

tg99cjqxtr647a2a44d78d6.casagr.ru/boot/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea5

104.21.91.83

200 OK

322 kB

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/boot/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea5
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
ASCII text, with very long lines (50758)
Size
322 kB (322369 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /boot/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea5 HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:17 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 15 Jun 2023 16:24:16 GMT
last-modified: Mon, 05 Jun 2023 11:48:14 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhUCukA%2FzSSWDZtF3D2qxW0aMniuCKA9%2FeszWEbNEkexpCcGptHBDaEswlEQCkMqD1i50PRMXiXlNEjxhHXtxSjff%2FgW5mxUR8yPQEiaaHewByghnkaC5%2FrV%2FJGEMqa1cYS54Y6ZF2uPAtCGY0iSGHPmo2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427bf7d8da1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/ASSETS/img/LIMG-648200b1ec37b.css

104.21.91.83

200 OK

1.6 kB

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/ASSETS/img/LIMG-648200b1ec37b.css
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
PNG image data, 108 x 24, 8-bit colormap, non-interlaced\012- data
Size
1.6 kB (1637 bytes)
Hash
ee236805d05e24861ce1b6b0e7d94b8d
d46828cf9df268ddaf62facf15590a447116aeb8
175986272200fb72da9a598d30016bbda9ddcaa9e6e3f07eb94bc74196d4b805

HTTP Headers

GET /ASSETS/img/LIMG-648200b1ec37b.css HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:20 GMT
content-type: image/png
content-length: 1637
cache-control: public, max-age=604800
expires: Thu, 15 Jun 2023 16:24:19 GMT
last-modified: Mon, 05 Jun 2023 11:48:14 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDL9OtSVCOEwLkSsbQX30LCEEGqeqWBv4mre2ZMDKLQsptpcu8j8NKciuKvzgwkJ6CjxB2xZR%2BEm1PPGxf%2FiEO%2FFOJHeGmqgaWAzmrNm2G7iMg86GxVPUptQMdxJs6X2Jrd379K9WXCMeJV%2BDcOrZaiUyeg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d427c02486c1c0e-OSL
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/Merin@epnevins.com

104.21.91.83

403 Forbidden

7.7 kB

URL User Request GET HTTP/2
tg99cjqxtr647a2a44d78d6.casagr.ru/Merin@epnevins.com
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7902), with no line terminators
Size
7.7 kB (7733 bytes)
Hash
d3ce2b13f1e0db49662eccfc765ba502
dd9464adcfed5ab1dcea26cdb34ba46809ddb18c
5e1e2bf106c057e1143292ac1c4e4940aea8dc6fe574195c668fe56a0a59e94d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /Merin@epnevins.com HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Thu, 08 Jun 2023 16:24:10 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwanxnQD49h5Tx6AC0tLOrq08CmeeiqqSYFlUyvqr2OCMOs%2Fj3EBn0B%2F%2FNF3dHl1dxXJBC7JWoiiAeS6EfJU8dKEW2EPOjR91OWL8RUdqWoIWJkxbcsgCIbC%2B3XlC7j99DjAO4L%2BlEw16oyshOSe69Y%2B6ac%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d427bc6fe23b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tg99cjqxtr647a2a44d78d6.casagr.ru/api-as1f?email=erin@epnevins.com&data=logo

104.21.91.83

200 OK

103 B

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/api-as1f?email=erin@epnevins.com&data=logo
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
577a616ad04499ae1d75006b8fdb7373
70ceb342b5b9318364e1616865fa8e7da1be359a
3cbc0c1f50c6c1ece7a39ac49b59dabba7bad50901dff2037b124ec0cdf5934d

HTTP Headers

GET /api-as1f?email=erin@epnevins.com&data=logo HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:19 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMsL4bLDEqxiuZmSZ2kmd6L5Cx8FlaelvQjzxlrxx3ekpMOGbQkKIGzgMh2GSCDYIrJEkLLyUd%2Bv5fZGGMWR3vEkb59haRSzebBcPc3dBFOnl%2B5%2FWp7cVLJ3WqcMi3K9h14%2FKXkttzEPExhdvQ61mxRDZRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427c001d471c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/ic/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a6c

104.21.91.83

200 OK

17 kB

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/ic/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a6c
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

HTTP Headers

GET /ic/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a6c HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:19 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Thu, 15 Jun 2023 16:24:18 GMT
last-modified: Mon, 05 Jun 2023 11:48:14 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feHr49DVCaocgjI6bzxMXpugmeDO1Hq3ZXtzURVhQEIwEt9pj7jBv6cbaGEYdd0vrWbQoI5YOmCLu30yW803alpaJ6iytNKCcpcDihGTjqJAPuYBWV7IWJrMBBd7So721GEmnDd27F2Aw%2FbJL0AsKLTNwDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427c0379d31c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/o/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a95

104.21.91.83

200 OK

3.7 kB

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/o/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a95
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3695), with no line terminators
Size
3.7 kB (3651 bytes)
Hash
d633a913e6f3b1f45774b9874dfc85e0
5ba1344048578062c93cfddfdf8458477eaca476
c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714

HTTP Headers

GET /o/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a95 HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 15 Jun 2023 16:24:17 GMT
last-modified: Mon, 05 Jun 2023 11:48:14 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fX5C9PdY9DDLY2lgE6t4uLZMjLkvhUr3pzvoQ1gcqZJGxlnwDjRhD9qCaZrxg%2FmGevW028XfBDBZOZ0PQDO5oyHvmTI67rwDjbt02rHAnfNbO0ULmQNvkHMmPPRY9MvgQUuwGk967ysfRA7VVnxZgu68qn4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427c001d421c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/Merin@epnevins.com

104.21.91.83

302 Found

24 kB

URL User Request POST HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/Merin@epnevins.com
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type

Size
24 kB (24167 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

POST /Merin@epnevins.com HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/Merin@epnevins.com?__cf_chl_tk=iRohZ4MRL_7i950CO4YSeui1kc1evDkBngBloxwBFbY-1686241450-0-gaNycGzNC9A
Content-Type: application/x-www-form-urlencoded
Content-Length: 3190
Origin: https://tg99cjqxtr647a2a44d78d6.casagr.ru
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Thu, 08 Jun 2023 16:24:17 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
set-cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; path=/; expires=Fri, 07-Jun-24 16:24:15 GMT; domain=.casagr.ru; HttpOnly; Secure; SameSite=None
PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRF5kZpNIaaN1AfvnSa7EkgDGvSkiBN8KXQxU1AuyYFu0Hvi7FAin2FW4y2jaM6CQVWAU3PZcCFLX%2ByHwvzY7gQhHOarce5KFgsRULFYgsEBJBehwwgKD4NyHONtoiQa39XFeyj7bwZp%2FbhOZq5YgzuL1z4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427beb79351c0e-OSL
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/api-as1f?email=erin@epnevins.com&data=background

104.21.91.83

200 OK

109 B

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/api-as1f?email=erin@epnevins.com&data=background
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
109 B (109 bytes)
Hash
cdbe72b4aab9b41da4ea2a50ed92f81e
f059e1ff1f7c1032c94b98b2ee91321872b4ee14
cdbb7b5aab7ea1bf7d155ef3e1a89ce2270b07ffd2547a5ffc5457f930f3de11

HTTP Headers

GET /api-as1f?email=erin@epnevins.com&data=background HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:19 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CisTUYaAp0idAw2zMIKB3AIhgK8o3EndnQLJZkjYR%2FgynuTnJ%2F%2F6ZykSRgW5hlbrEpYASGB3W9Vr4R3is9%2BiUszsY%2B%2BndXexMfrz%2FSewC9yvBhCinjHzdPteG0kY28xvghd2v1lTSSsS1UU%2Bz1arcGeaQ8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427c002d4e1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/e/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a9c

104.21.91.83

200 OK

513 B

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/e/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a9c
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (529), with no line terminators
Size
513 B (513 bytes)
Hash
adc405f5fd089662209870ca5d2106f7
3a8b776df84bf251afc6ddd802cc5bbeddfb0e36
e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49

HTTP Headers

GET /e/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a9c HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 15 Jun 2023 16:24:17 GMT
last-modified: Mon, 05 Jun 2023 11:48:14 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjWmpBNQ3B76YY6GpA0lDhph8KqyX9zCdE8%2BwFkIW4%2BZzHbtznFYAmk4tooOrnhTIPDELVHSJ%2BjNAtyxHcro4WA1nG75iRW2W%2F5soQwO4GwamvVlMZ1WmpKqAujtzLiqXchKw0nMmm0vt9O8CcFkAPN%2BfpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427c001d451c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unpkg.com/axios@1.4.0/dist/axios.min.js

104.16.125.175

200 OK

32 kB

URL GET HTTP/2
unpkg.com/axios@1.4.0/dist/axios.min.js
IP
104.16.125.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (31803)
Size
32 kB (31842 bytes)
Hash
6470a918ba1fd4b8d0882df0269ddb82
97814fdab64aa7d1b30f082f9eb272d4b1ce18a2
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e

HTTP Headers

GET /axios@1.4.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 08 Jun 2023 16:24:17 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7c62-l4FP2rZKp9GzDwgvnrJy1LHOGKI"
via: 1.1 fly.io
fly-request-id: 01GZP8TZEXW4PFCT61FHX2WRTS-fra
cf-cache-status: HIT
age: 2940549
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d427bf82908b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2

tg99cjqxtr647a2a44d78d6.casagr.ru/2

104.21.91.83

200 OK

38 kB

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/2
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type

Size
38 kB (37559 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2 HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:19 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXJlSLim09rr6eCT2ZlhAEu1c2AkjYr19X4PvctFAiH63czo6vC6hSuQt3VoorgWeqkdCnMYzBdZJu1ni2eU%2FX7LZDwEcszmUzBXJHmjJZGMgbPD5h%2BzG92FYuUn8WRyXfetGweXdsxOHac%2BjDNWjy4HQXo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427bff9c261c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc

104.21.91.83

200 OK

24 kB

URL User Request GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (22448)
Size
24 kB (24167 bytes)
Hash
d3f4384891aecf8665695e7414fafb69
a4235c4a0263fe224a98bec8da498e23744e6107
21aaa1d35389e98fd60dbd602b663d728e61e19cf840d2094589d6e1594275ee

HTTP Headers

GET /beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/Merin@epnevins.com?__cf_chl_tk=iRohZ4MRL_7i950CO4YSeui1kc1evDkBngBloxwBFbY-1686241450-0-gaNycGzNC9A
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:17 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nBzALpA2MgxglkkhU2klQ2IPvR3pnARytKPTMwtjIGZcQVTGlCUfg1ZK4wmoNfbGTOmkVmE8Jv9eexEQCFpKwQkqs0wnbCcKr%2FIs%2B8WDmAKxAGKPQDCXhyLmpPWg36Os5y9VgkEu%2B4IAfNLsVAl9Y%2BU2Ek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427bf6bf301c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/jm/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea6

104.21.91.83

200 OK

6.1 kB

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/jm/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea6
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
ASCII text, with very long lines (6175), with no line terminators
Size
6.1 kB (6149 bytes)
Hash
0b3cd9bfcbe6444742df90b00f63efc3
0c978b0541c9659215908034b6299f78135c935c
2065edfabc7924bff8e65b4b4ade30bb341d70ab350518bfbad98e1d4f35266f

HTTP Headers

GET /jm/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea6 HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:17 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 15 Jun 2023 16:24:16 GMT
last-modified: Mon, 05 Jun 2023 11:48:14 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQbQato5C029MOGFVjpSpr42VoHUI3xXnRj6MBcEyl6HQd4jm98y8%2B3%2Fp7QEpXENFJ3oyaPdOjC%2BUdp52ru7E8bMQ%2B1k51z6r%2FYCkKnxbkd6duKBx3IjlcqbY8MDZTtCnjt2CMF7kXExnFm5gNWj844yaD0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427bf7d8dd1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unpkg.com/axios/dist/axios.min.js

104.16.125.175

302 Found

32 kB

URL GET HTTP/2
unpkg.com/axios/dist/axios.min.js
IP
104.16.125.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
32 kB (31842 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 08 Jun 2023 16:24:17 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.4.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H2DWRNF318476K83W5XM57P7-arn
cf-cache-status: HIT
age: 418
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d427bf7f8d8b4ed-OSL
X-Firefox-Spdy: h2

tg99cjqxtr647a2a44d78d6.casagr.ru/ASSETS/img/BIMG-648200b23cf2e.css

104.21.91.83

200 OK

306 kB

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/ASSETS/img/BIMG-648200b23cf2e.css
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
306 kB (306493 bytes)
Hash
7d07c247e8dfd5bfaf9a7169b5c402bd
392cc7836ca5418f3e65cc67f5680b2a359399dc
345f500582fb5cfc20df5426c6b54bb0bcaa62eb0249a4a661dc9716a9edc006

HTTP Headers

GET /ASSETS/img/BIMG-648200b23cf2e.css HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:19 GMT
content-type: image/png
content-length: 306493
cache-control: public, max-age=604800
expires: Thu, 15 Jun 2023 16:24:18 GMT
last-modified: Mon, 05 Jun 2023 11:48:14 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuLArcaqpk3%2FmnhBu2Bgqe6UR%2Bec0U7b2MXYPFtE0kujeTI3wfe3LTz87kbcpMDLaxwTgtiHyDRJO5FqiT6dpjeqn5hGow%2BSgatpgz4RR6NmGseosJq7RZIvurJdvaj2AgA0ljKqMxzllwaN0%2Bx2if59eBQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d427c03fa831c0e-OSL
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/jq/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea2

104.21.91.83

200 OK

86 kB

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/jq/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea2
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /jq/1d7db6e2c73d0b5f1fba7c244cbe9284648200b02cea2 HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:19 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 15 Jun 2023 16:24:17 GMT
last-modified: Mon, 05 Jun 2023 11:48:14 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Z9Tot6PeBhmLp0dcVxPNZI2S3i9uOehmka5lgf9e6JeUdOmTx1ENvCD8NF2hToc1EbfMQmpxl%2BANR%2BoBxWEVu8v7ipAEkIHZ88R0x0IFLgWNl6qzK2f4R5qepIXaIMxM2mobTRT3Ra1e6hNX24cw0kVsuM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427bf7d8d51c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/favicon.ico

104.21.91.83

404 Not Found

1.2 kB

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/favicon.ico
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1276), with no line terminators
Size
1.2 kB (1238 bytes)
Hash
24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 08 Jun 2023 16:24:19 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvYRSrltl7RT22lBtsPqZQaiF5alW1NSDDal%2BEgkLPp4kf1oQDbZXuRW7Gv6iWmkEhImjvWI0vSI6MwrqxXobkAU62iHWyuMjxJs7XinZ%2BTlzhRieC9Xiv7hbBKYNTgVSsjWrqe%2Bua%2FyQRuLrxCWwxfH8ck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d427c000d031c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg99cjqxtr647a2a44d78d6.casagr.ru/APP-MWC27W/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a73

104.21.91.83

200 OK

105 kB

URL GET HTTP/3
tg99cjqxtr647a2a44d78d6.casagr.ru/APP-MWC27W/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a73
IP
104.21.91.83:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Certificate
IssuerGoogle Trust Services LLC
Subjectcasagr.ru
Fingerprint5E:EB:99:7F:EB:19:12:0F:D0:30:78:09:34:F1:37:14:0E:1E:A9:09
ValidityWed, 10 May 2023 10:30:47 GMT - Tue, 08 Aug 2023 10:30:46 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
105 kB (105369 bytes)
Hash
8e6b0f88563f9c33f78bce65cf287df7
ef7765cd2a7d64ed27dd7344702597aff6f8c397
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a

HTTP Headers

GET /APP-MWC27W/1d7db6e2c73d0b5f1fba7c244cbe9284648200b197a73 HTTP/1.1
Host: tg99cjqxtr647a2a44d78d6.casagr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg99cjqxtr647a2a44d78d6.casagr.ru/beebb091955c06fa68b3eb8afc0bae51648200b01f8bbPASbeebb091955c06fa68b3eb8afc0bae51648200b01f8bc
Cookie: cf_clearance=v0Br20wcxg.WHU2HzCaM2fyGaK4MWkQtYWxPA0_TXQs-1686241450-0-160; PHPSESSID=7ee2d2af24319bb7ad3379e8b779fba1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 08 Jun 2023 16:24:19 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 15 Jun 2023 16:24:17 GMT
last-modified: Mon, 05 Jun 2023 11:48:14 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMZv%2FOevaAlWYAgq2GFHfNGs16DgBGwpc6X8TzHSk4ctPzJa9rUW%2B3jLkyQ6G3cP2KFvWi5VxUDRA8fUaMc3JFmDWndknckYRvTVuxToD9gDhCgdD1xkWontmPJJxQ3tsCKNZIumH7mY1qLpwxA5erSAUoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d427c003d671c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash