{"report_id":"92b9e147-914a-4c90-8e9a-56e733afca35","version":6,"status":"done","tags":[],"date":"2023-12-04T02:47:41Z","url":{"schema":"https","addr":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","fqdn":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","domain":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","fqdn":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","domain":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","tld":"r2.dev"},"title":"Sign in to your account"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T09:16:28Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-08-23","domain_rank":0,"first_seen":"2023-10-08 17:19:56","last_seen":"2023-11-06 03:32:26","alert_count":2,"request_count":2,"received_data":28712,"sent_data":1025,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21 19:28:02","last_seen":"2023-12-03 05:09:22","alert_count":0,"request_count":1,"received_data":30657,"sent_data":449,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msftauth.net","ip":{"addr":"152.199.23.37","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":1455,"first_seen":"2018-11-19 11:50:32","last_seen":"2023-12-03 05:52:07","alert_count":0,"request_count":2,"received_data":3561,"sent_data":1077,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msauth.net","ip":{"addr":"13.107.213.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":1421,"first_seen":"2018-11-19 11:50:03","last_seen":"2023-12-03 18:12:32","alert_count":0,"request_count":2,"received_data":2790,"sent_data":1056,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.cnc-tools.cz","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2015-01-21","domain_rank":0,"first_seen":"2019-06-05 14:04:48","last_seen":"2023-11-12 00:26:59","alert_count":0,"request_count":1,"received_data":0,"sent_data":514,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-12-03","alert":"Office365","trigger":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2023-11-06","alert":"Microsoft","trigger":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","verdict":"phishing","severity":"medium","comment":"Microsoft","link":"http://phishtank.com","meta":null}]},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","fqdn":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","domain":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"816b992971b37fe7ebbec532073d8310","sha1":"f8077a91382644ce314d915b07510ff2a7d38c4e","sha256":"98f41e4658878823421de0a3a5f2857f592b714cde37b398b1c05e79f84082f3","sha512":"221b3737f974c3ad9481a4a083a6b197be41998c9c2c667c4345eace52e51572989ebe62e415674176c385ab8511295161e132f379e706e6a1bc61a2227175e0","ssdeep":"","tlshash":"35512197f76c36533076507c982f25c92b2e68f379008f73fc3456a45a60e1bb93a924","size":2918,"data":"","first_seen":"2023-11-06T12:34:52Z","last_seen":"2024-08-20T20:41:54.183738Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","fqdn":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","domain":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"398d45527ac0f5c79f262839f98ec3f1","sha1":"960b8b802581eead9fa02ff4483a85d2b7cf939a","sha256":"76da592798ee5b41a444eebf66d08d461bc826db30df367fd21c85862ca82db0","sha512":"4f0673fd82e75fde270a4f037f33e1a1ff5b8f10ff0aeef6ac273f88d134fd2f8c3faa353dcc2701fc7c9a748828ca45ab792e5f883a8601dc63ef5f7c1f70b0","ssdeep":"","tlshash":"42d0235775d1597445ff773e2347c2443d7140b174183e5124484e314c30d545766a41","size":217,"data":"","first_seen":"2023-03-07T01:18:27Z","last_seen":"2026-05-01T14:51:41.047231Z","times_seen":2681,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","size":86709,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-05-06T06:54:43.04301Z","times_seen":140701,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","fqdn":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","domain":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-04T02:47:28.503Z","timestamp":1701658048503,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Oct 2023 17:13:53 GMT","end":"Tue, 09 Jan 2024 17:13:52 GMT"},"fingerprint":{"sha1":"91:F0:8B:D3:AA:FC:86:18:F9:F2:29:EB:98:8C:D8:5A:3A:76:5C:CF","sha256":"F3:D6:02:91:4C:11:83:7C:7C:FD:D0:A3:86:08:75:A0:37:A4:08:AF:67:24:48:AE:14:4D:D0:BA:8D:6A:19:A9"}}},"request":{"raw":"GET /networt.html HTTP/1.1\r\nHost: pub-dc250bebd543436e98813f391cf7aaa0.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 04 Dec 2023 02:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"a9d7bb19a102113a7d7ce79c9ae8d9b9\"\r\nLast-Modified: Thu, 05 Oct 2023 11:38:59 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8300b9711a39569a-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21683,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (65131), with CRLF line terminators","md5":"a9d7bb19a102113a7d7ce79c9ae8d9b9","sha1":"340424dd829883b26c69af016131aef246049136","sha256":"dd67650ce7e9a1df227232624299ca3e01f0f813b721a7d13a250cf543e62d4d","sha512":"4c134e5b046063790edbf7a595d45ab3cab498e6a080afa2aff76ea2061bc13d75c7c8e50cb8e16187ca13e76e41729bae3767044f279b60b883156c39f102d1","ssdeep":"1536:DxoBMCgKy+U5KazA/PWrF7qvEAFiQcpm2CkMgpC490nS67GxUkbjqM:loBgp4490z6","tlshash":"09b3d8906914392a9037c73671d1bd8b62251433e737aeb7f6752cb8cf896870f32a49","first_seen":"2023-11-06T12:34:52Z","last_seen":"2024-08-20T20:41:54.177587Z","times_seen":13,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":25,"dns":0,"connect":5,"send":0,"wait":545,"receive":3,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-12-03","alert":"Office365","trigger":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2023-11-06","alert":"Microsoft","trigger":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","verdict":"phishing","severity":"medium","comment":"Microsoft","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","date":"2023-12-04T02:47:29.228Z","timestamp":1701658049228,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 11 Jul 2023 00:00:00 GMT","end":"Sun, 14 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"D2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D","sha256":"B1:CA:3A:23:BA:70:1D:18:3F:EC:99:D7:BE:6D:B2:FD:66:5F:5C:A7:7D:7F:C1:FC:16:D1:FD:89:4B:CC:15:34"}}},"request":{"raw":"GET /jquery-3.1.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-152b5\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Mon, 04 Dec 2023 02:47:23 GMT\r\nage: 6857441\r\nx-served-by: cache-lga21947-LGA, cache-bma1666-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 119, 73893\r\nx-timer: S1701658044.778219,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30070\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30070,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (32030)","md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-05-06T06:54:43.04301Z","times_seen":140701,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":22,"dns":4,"connect":8,"send":0,"wait":8,"receive":4,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg","fqdn":"aadcdn.msftauth.net","domain":"msftauth.net","tld":"net"},"ip":{"addr":"152.199.23.37","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","date":"2023-12-04T02:47:29.230Z","timestamp":1701658049230,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msftauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Fri, 01 Dec 2023 00:00:00 GMT","end":"Sun, 01 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B","sha256":"CA:EA:26:E0:08:53:1A:CF:E2:11:03:C4:9E:16:75:E1:E6:E8:F6:5D:84:D4:EC:7A:69:6B:E9:52:FA:83:33:BC"}}},"request":{"raw":"GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1\r\nHost: aadcdn.msftauth.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding\r\nage: 27930181\r\ncache-control: public, max-age=31536000\r\ncontent-md5: nzaLxFgP7ZB3dfMcaybWzw==\r\ncontent-type: image/svg+xml\r\ndate: Mon, 04 Dec 2023 02:47:23 GMT\r\netag: 0x8D79A1B9F5E121A\r\nlast-modified: Thu, 16 Jan 2020 00:32:52 GMT\r\nserver: ECAcc (ska/F7B5)\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: fc3f3f64-801e-006c-6456-2890f5000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 1435\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1435,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (3651), with no line terminators","md5":"ee5c8d9fb6248c938fd0dc19370e90bd","sha1":"d01a22720918b781338b5bbf9202b241a5f99ee4","sha256":"04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a","sha512":"c77215b729d0e60c97f075998e88775cd0f813b4d094dc2fdd13e5711d16f4e5993d4521d0fbd5bf7150b0dbe253d88b1b1ff60901f053113c5d7c1919852d58","ssdeep":"","tlshash":"6371117b132887dae9d4a78c2e997b8d377095c4b1b24290874328a5bc086f7f038d60","first_seen":"2023-04-06T08:44:24Z","last_seen":"2026-05-06T07:47:43.083228Z","times_seen":125147,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":73,"dns":57,"connect":7,"send":0,"wait":11,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.213.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","date":"2023-12-04T02:47:29.231Z","timestamp":1701658049231,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sun, 29 Oct 2023 00:00:00 GMT","end":"Tue, 29 Oct 2024 23:59:59 GMT"},"fingerprint":{"sha1":"88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C","sha256":"09:32:99:C8:74:C7:C3:CF:73:1C:DD:DA:92:7C:22:1B:DD:53:9C:51:21:D5:10:61:C4:4D:CC:52:56:13:C6:DC"}}},"request":{"raw":"GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 276\r\ncontent-type: image/svg+xml\r\ncontent-encoding: gzip\r\ncontent-md5: TjUQkZ0p0Y7rbj6LJofS9Q==\r\nlast-modified: Fri, 17 Jan 2020 19:28:34 GMT\r\netag: 0x8D79B8371B97A82\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 4d8ee911-101e-0036-6042-0fec6e000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0SpZJZQAAAAAmBLZXYFfTSIPxFEjCT7FDQU1TMDRFREdFMTkxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0uz1tZQAAAADuGvQ7pI53TZF98CeSwN0KU1ZHMjBFREdFMDYxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Mon, 04 Dec 2023 02:47:22 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":276,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (513), with no line terminators","md5":"a9cc2824ef3517b6c4160dcf8ff7d410","sha1":"8db9aebad84ca6e4225bfdd2458ff3821cc4f064","sha256":"34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58","sha512":"aa3ddab0a1cff9533f9a668aba4fb5e3d75ed9f8aff8a1caa4c29f9126d85ff4529e82712c0119d2e81035d1ce1cc491ff9473384d211317d4d00e0e234ad97f","ssdeep":"","tlshash":"29f0598a41c8fb142ce08050dff8ea28540270c3fb4e5008b1922b18e2ef383f6406f5","first_seen":"2023-04-19T20:10:52Z","last_seen":"2026-05-06T08:02:21.88462Z","times_seen":30358,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":154,"dns":114,"connect":12,"send":0,"wait":12,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg","fqdn":"aadcdn.msftauth.net","domain":"msftauth.net","tld":"net"},"ip":{"addr":"152.199.23.37","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","date":"2023-12-04T02:47:29.388Z","timestamp":1701658049388,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msftauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Fri, 01 Dec 2023 00:00:00 GMT","end":"Sun, 01 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B","sha256":"CA:EA:26:E0:08:53:1A:CF:E2:11:03:C4:9E:16:75:E1:E6:E8:F6:5D:84:D4:EC:7A:69:6B:E9:52:FA:83:33:BC"}}},"request":{"raw":"GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1\r\nHost: aadcdn.msftauth.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\nage: 14882002\r\ncache-control: public, max-age=31536000\r\ncontent-md5: DhdidjYrlCeaRJJRG/y9mA==\r\ncontent-type: image/svg+xml\r\ndate: Mon, 04 Dec 2023 02:47:23 GMT\r\netag: 0x8D7B007297AE131\r\nlast-modified: Wed, 12 Feb 2020 22:01:50 GMT\r\nserver: ECAcc (ska/F732)\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: 68d21ab8-f01e-0076-6702-9f059f000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 673\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":673,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (1864), with no line terminators","md5":"bc3d32a696895f78c19df6c717586a5d","sha1":"9191cb156a30a3ed79c44c0a16c95159e8ff689d","sha256":"0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68","sha512":"8d4f38907f3423a86d90575772b292680f7970527d2090fc005f9b096cc81d3f279d59ad76eafca30c3d4bbaf2276bbaa753e2a46a149424cf6f1c319ded5a64","ssdeep":"","tlshash":"4e310059c51d3566ec04c3aceae1d468315e71efa8a581c961849b3f95b0dce0eccb70","first_seen":"2023-04-12T23:20:27Z","last_seen":"2026-05-06T07:42:27.763113Z","times_seen":102742,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.213.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","date":"2023-12-04T02:47:29.232Z","timestamp":1701658049232,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sun, 29 Oct 2023 00:00:00 GMT","end":"Tue, 29 Oct 2024 23:59:59 GMT"},"fingerprint":{"sha1":"88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C","sha256":"09:32:99:C8:74:C7:C3:CF:73:1C:DD:DA:92:7C:22:1B:DD:53:9C:51:21:D5:10:61:C4:4D:CC:52:56:13:C6:DC"}}},"request":{"raw":"GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 621\r\ncontent-type: image/svg+xml\r\ncontent-encoding: gzip\r\ncontent-md5: R2FAVxfpONfnQAuxVxXbHg==\r\nlast-modified: Tue, 10 Nov 2020 03:41:24 GMT\r\netag: 0x8D8852A7FA6B761\r\nx-cache: TCP_REMOTE_HIT\r\nx-ms-request-id: fa0cb013-601e-0039-6b5a-246571000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0uz1tZQAAAAAVV8IayP7rR7KSPbrwHEYMQU1TMDRFREdFMTkwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0uz1tZQAAAADfAibYNnnkQ6zyt+Af0bZPU1ZHMjBFREdFMDYxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Mon, 04 Dec 2023 02:47:22 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":621,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (1592), with no line terminators","md5":"4e48046ce74f4b89d45037c90576bfac","sha1":"4a41b3b51ed787f7b33294202da72220c7cd2c32","sha256":"8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93","sha512":"b2bba2a68edaa1a08cfa31ed058afb5e6a3150aabb9a78db9f5ccc2364186d44a015986a57707b57e2cc855fa7da57861ad19fc4e7006c2c239c98063fe903cf","ssdeep":"","tlshash":"b931787f43b45ae7239017741760626c13f4ee917169d0b4dba30c9a8d4bd33327843a","first_seen":"2023-04-14T20:16:11Z","last_seen":"2026-05-06T07:47:47.038141Z","times_seen":77935,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":147,"dns":113,"connect":8,"send":0,"wait":85,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/favicon.ico","fqdn":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","domain":"pub-dc250bebd543436e98813f391cf7aaa0.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","date":"2023-12-04T02:47:29.467Z","timestamp":1701658049467,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Oct 2023 17:13:53 GMT","end":"Tue, 09 Jan 2024 17:13:52 GMT"},"fingerprint":{"sha1":"91:F0:8B:D3:AA:FC:86:18:F9:F2:29:EB:98:8C:D8:5A:3A:76:5C:CF","sha256":"F3:D6:02:91:4C:11:83:7C:7C:FD:D0:A3:86:08:75:A0:37:A4:08:AF:67:24:48:AE:14:4D:D0:BA:8D:6A:19:A9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: pub-dc250bebd543436e98813f391cf7aaa0.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Mon, 04 Dec 2023 02:47:24 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8300b976fbc1569a-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":6476,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (611)","md5":"df3d48946e8d3f5a83608308edbb4b86","sha1":"47b9c40c97abf2658df96b1c06109324e15e1a00","sha256":"570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499","sha512":"36ec1cec72dc3245730c813277c645525473cc5232e85cd23503b8593d90264f335e61a16d364a1e6c41922820b40ba7c0f46b19f4b91db6a0cf5e31e778ddea","ssdeep":"384:6FamwIluB0sJQqCeSQup5szCUXAG0VVi82OgoKACZQQofNJXY3gW3:663Mp5If8WOmgW3","tlshash":"6bc292dc7bf968e4a5de43aaef2831a8320ba0fb17425904f51d12142f0655cec6f6ed","first_seen":"2023-04-05T17:41:51Z","last_seen":"2025-09-17T15:21:34.980882Z","times_seen":52648,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":58,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cnc-tools.cz/wp-admin/sav/prv.php?id=","fqdn":"www.cnc-tools.cz","domain":"cnc-tools.cz","tld":"cz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/networt.html","date":"2023-12-04T02:47:29.521Z","timestamp":1701658049521,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /wp-admin/sav/prv.php?id= HTTP/1.1\r\nHost: www.cnc-tools.cz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-dc250bebd543436e98813f391cf7aaa0.r2.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T07:45:48.950283Z","times_seen":14725783,"resource_available":true,"data":null}},"time_used":854,"timings":{"blocked":854,"dns":0,"connect":36,"send":0,"wait":0,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}