static3.matne.ru/.boonseng.teo@slurpmail.net
104.26.11.176301 Moved Permanently 0 B URL HTTP/1.1 static3.matne.ru/.boonseng.teo@slurpmail.net
IP 104.26.11.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /.boonseng.teo@slurpmail.net HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 07 Oct 2022 19:52:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 07 Oct 2022 20:52:23 GMT
Location: https://static3.matne.ru/.boonseng.teo@slurpmail.net
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMNA%2FFPSJmwiwJ7xwzfy9O5qWprV7cvAb5SeLfxZ%2FwLn0s8Te6G3C7ngsOcg07%2BCYGn10qGiewe1%2Fa%2BlV%2FrPRgxh6HA92kZkAMaRjNU4MUp5p1qnu7AKnw%2B2a0cQtFsmJ6s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75692d49dd5efac8-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6229
Expires: Fri, 07 Oct 2022 21:36:12 GMT
Date: Fri, 07 Oct 2022 19:52:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: p0UMXXRBpIBk2qA-ny0jW0bhS6tXEMjnYvbv8kwE7e1YxOFVqvB3sg==
Age: 187505
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Fri, 07 Oct 2022 21:44:27 GMT
Date: Fri, 07 Oct 2022 19:52:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8bk7V5Jwt46PaVY2z666SQbPk74OKILZWtarkTdaF1gCZYHZvkXGedpIxsusGNSh11FlURL0FO4=
x-amz-request-id: SXZZRGXWV2A1XZSD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 19:31:20 GMT
age: 1263
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35fa369bee556448809478aa57a8578b
a8ad468d9d883061eb512ee761e0a10d7e82f128
9fd11171b75b6d5243548be2f8c284ca0b4c9c2e1a8e1e2b84a62952f4393962
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9FD11171B75B6D5243548BE2F8C284CA0B4C9C2E1A8E1E2B84A62952F4393962"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16382
Expires: Sat, 08 Oct 2022 00:25:25 GMT
Date: Fri, 07 Oct 2022 19:52:23 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 19:52:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
static3.matne.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=75692d4c3d26b524
104.26.11.176200 OK 42 B URL HTTP/2 static3.matne.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=75692d4c3d26b524
IP 104.26.11.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=75692d4c3d26b524 HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/.boonseng.teo@slurpmail.net
Cookie: cf_clearance=bHnCscwfnXaZfwddBXxb.zqfCzb.f4kLg0WyOkU.DfY-1665170528-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:23 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 04 Oct 2022 15:37:48 GMT
etag: "633c534c-2a"
server: cloudflare
cf-ray: 75692d4d8ea8b524-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 07 Oct 2022 21:52:23 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
static3.matne.ru/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=75692d4c3d26b524
104.26.11.176200 OK 42 B URL HTTP/2 static3.matne.ru/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=75692d4c3d26b524
IP 104.26.11.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=75692d4c3d26b524 HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/.boonseng.teo@slurpmail.net
Cookie: cf_clearance=bHnCscwfnXaZfwddBXxb.zqfCzb.f4kLg0WyOkU.DfY-1665170528-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:23 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 04 Oct 2022 15:37:48 GMT
etag: "633c534c-2a"
server: cloudflare
cf-ray: 75692d4d8eb6b524-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 07 Oct 2022 21:52:23 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
static3.matne.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=75692d4c3d26b524
104.26.11.176200 OK 22 kB URL HTTP/2 static3.matne.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=75692d4c3d26b524
IP 104.26.11.176:0
File type HTML document, ASCII text, with very long lines (61094), with no line terminators
Hash b3b5f669ff008e37cb0bbc0779a5b34a
ec194f46e8eba3bbba829214b94534e341eca8cb
3935a46c71d7d53ed048d524f96b3ceaf2a7ddb1d3d3add21842fb77213d4a84
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=75692d4c3d26b524 HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/.boonseng.teo@slurpmail.net?__cf_chl_rt_tk=XfxeewI562DLae3rn7JaFzvaL6Iyg.EtgSkK_fJRKs4-1665172343-0-gaNycGzNCH0
Cookie: cf_clearance=bHnCscwfnXaZfwddBXxb.zqfCzb.f4kLg0WyOkU.DfY-1665170528-0-150
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:23 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upYLh9LVUHxUUvH9zjUHyG4NgDomfCHIK6jLS1iJPiAH%2FRdzXoub3eS7H%2BtaFroqq71a9bbS7hWRF2G7tZ6wlaWrvZbXYaGo2cimX80OEymnaCuvwLOCM0xjOoCQ%2BX7r7R4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d4d8eb4b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 171
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 19:52:24 GMT
Last-Modified: Fri, 07 Oct 2022 19:49:33 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
static3.matne.ru/favicon.ico
104.26.11.176403 Forbidden 136 kB URL HTTP/2 static3.matne.ru/favicon.ico
IP 104.26.11.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1850)
Size 136 kB (135657 bytes)
Hash 2d9733c1a3381488f84b726a99f6576e
7bfcd16fe71fc1535c900b9a902c66e68fb75b07
709f31e19ff93bff07d8147922ad89748bbab9725790f441e1ee1d0d0881595b
GET /favicon.ico HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/.boonseng.teo@slurpmail.net?__cf_chl_rt_tk=XfxeewI562DLae3rn7JaFzvaL6Iyg.EtgSkK_fJRKs4-1665172343-0-gaNycGzNCH0
Cookie: cf_clearance=bHnCscwfnXaZfwddBXxb.zqfCzb.f4kLg0WyOkU.DfY-1665170528-0-150; cf_chl_prog=s
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
date: Fri, 07 Oct 2022 19:52:24 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
referer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqNmmp7r6HIxw2z0bzon22lbamBNHveEFr%2BVyxYKSULFIRMuC9AeY%2BZrLz0OTjDXOdRKwIwSddEmbGkh%2FLF0cJCaUEPzumEt7es%2BfI7MwVCQuZFddZ0m6AIcTzflZY%2FvUU4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75692d4e1f4cb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2175
Expires: Fri, 07 Oct 2022 20:28:41 GMT
Date: Fri, 07 Oct 2022 19:52:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2175
Expires: Fri, 07 Oct 2022 20:28:41 GMT
Date: Fri, 07 Oct 2022 19:52:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2175
Expires: Fri, 07 Oct 2022 20:28:41 GMT
Date: Fri, 07 Oct 2022 19:52:26 GMT
Connection: keep-alive
static3.matne.ru/cdn-cgi/challenge-platform/h/g/pat/75692d4c3d26b524/1665172344128/52b17e15cca58b51f170ee34b1c16861e280327262bdc7d108d1b17c1db1d470/-Xj6Ppzxq_6TL6z
104.26.11.176401 Unauthorized 13 kB URL HTTP/2 static3.matne.ru/cdn-cgi/challenge-platform/h/g/pat/75692d4c3d26b524/1665172344128/52b17e15cca58b51f170ee34b1c16861e280327262bdc7d108d1b17c1db1d470/-Xj6Ppzxq_6TL6z
IP 104.26.11.176:0
Hash 56a027f6049bed00e042ad7b11445c43
3f9be7a93aefa771a8d1683ce95434f194dcf61b
54083b941f0173fccd4a4ff4858ecac88116488b5b2cee0ed04f65148ee87ce5
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/g/pat/75692d4c3d26b524/1665172344128/52b17e15cca58b51f170ee34b1c16861e280327262bdc7d108d1b17c1db1d470/-Xj6Ppzxq_6TL6z HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static3.matne.ru/.boonseng.teo@slurpmail.net
Connection: keep-alive
Cookie: cf_clearance=bHnCscwfnXaZfwddBXxb.zqfCzb.f4kLg0WyOkU.DfY-1665170528-0-150; cf_chl_prog=e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 401 Unauthorized
date: Fri, 07 Oct 2022 19:52:24 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gUrF-Fcyli1HxcO40scFoYeKAMnJivcfRCNGxfB2x1HAAEHN0YXRpYzMubWF0bmUucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA31_dzDPwYTZrxWRWlYcB8Qa2tiZ6VMUVDLNgLsLtl2jXDiF7i0JQjgWLS28X7o3-fgeKSh7290F1-6OksevONnjgwt2ejDqXZIQRqDpZX8ynZvRxsoU84fU48paBbEA8WrkIxtxT5vpf1xCodelaFfssNTg7I8ipFJNa_rCI3UGkkgTwkeytstZBCEhlkhAylZeNGI5KMP-j1-QboOEip5OkcI2zYycNF88l9pW8JBE3YRleUMwq42VX_EskAWOzu6MiZS38656zLoypug-44miauLTFVBQ1S-YTcuzm9AUEMJ_LlO6EbHAvtjvMzWzyDLaFWystwwadoVE7mqrwmwIDAQAB, max-age=15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAE%2FWuoiG8eeYeVrdClpOtmVA1glxDGZcmoRB9h86WTHT8sCIq5mmTTTMHrU4OPTWXzmEQb2dzDXGYG1KtdaVwQylJKT3Us2bqPicUTWQ8Zv3nLRv%2BRPG7O3o0sJ%2BKV2%2B0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d4fb9c1b524-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4572451a09430ca7a9203f14ddc035ba
46e17c44fba23988d7a9d9832c411ba2810136c3
fa54e73c4b32d8e109504ebcd46e4316de8143f44b7eae20a44ba63d14a6f24b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8445
x-amzn-requestid: 7d295b3b-29d6-4b2e-8314-c9055d1def80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmju5FxwoAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4cc5-3f58c18b1159ad512c60422b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:46:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1ECXhkAhfdrU8ZyMhhDdwydsq4PQfzzGOPd-REjCkCsDbXQLnLiA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:57 GMT
etag: "46e17c44fba23988d7a9d9832c411ba2810136c3"
content-type: image/jpeg
age: 78629
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: V3fTgH8URZ1iWMxWPy49--20mtdJvMK6XTG_aPKk68pvwCxPl8lULw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 79688
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2ac0ed19ef64f2f765ce7adb2a8fa7c
b6ea582befd01324dd456d59d3f610101dcf910c
d324c9f67b0efc38a935195076488dd0a62f61b893706ecf40ad1f2c5550a7d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11492
x-amzn-requestid: 7ac7e364-5204-4101-87f6-89fbdf3c5cb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_GKSoAMFdkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-4ae692e2617657225c88e5fb;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: jddNzOBqcXe8oUyYEEC82u0w35f4lAdk7Xf4ruu40Ngj2eY-r1Qyww==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "b6ea582befd01324dd456d59d3f610101dcf910c"
content-type: image/jpeg
age: 79688
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static3.matne.ru/cdn-cgi/challenge-platform/h/g/img/75692d4c3d26b524/1665172344125/VtIYSstItAGRgrK
104.26.11.176200 OK 11 kB URL HTTP/2 static3.matne.ru/cdn-cgi/challenge-platform/h/g/img/75692d4c3d26b524/1665172344125/VtIYSstItAGRgrK
IP 104.26.11.176:0
File type PNG image data, 1 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash f8897f42c18da4a4426da52199082a17
2da317989f55703e3818aa087909077cb4dbdaf1
1dfe49161d9d97f30b9021db339f82b55dc6069d01c3dd32c63356f392cacea1
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/g/img/75692d4c3d26b524/1665172344125/VtIYSstItAGRgrK HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/.boonseng.teo@slurpmail.net
Cookie: cf_clearance=bHnCscwfnXaZfwddBXxb.zqfCzb.f4kLg0WyOkU.DfY-1665170528-0-150; cf_chl_prog=e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:24 GMT
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nf2hKqKAkPf44KYv%2BUqkEEbxSvmh4WrWJoTL5OB1dOgv95subbwIU%2B0KczwverMdlmyuhJvGjHTQZBd6chsXDza8yS%2Ft5fG9kUrIhGL7jGSFljNvN1YpPQOkfRHh2MbtvXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d4f38ffb524-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: a9tOPCySPRdXpvJf239ycM7_3PJS7GcITvM52Sxic_FwYr_-n2XQHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
age: 79688
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static3.matne.ru/ASSETS/img/LIMG-6340837ac1980.css
104.26.11.176200 OK 1.6 kB URL HTTP/2 static3.matne.ru/ASSETS/img/LIMG-6340837ac1980.css
IP 104.26.11.176:0
File type PNG image data, 108 x 24, 8-bit colormap, non-interlaced\012- data
Hash ee236805d05e24861ce1b6b0e7d94b8d
d46828cf9df268ddaf62facf15590a447116aeb8
175986272200fb72da9a598d30016bbda9ddcaa9e6e3f07eb94bc74196d4b805
GET /ASSETS/img/LIMG-6340837ac1980.css HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/PS-63408379e44aa
Cookie: cf_clearance=D4vYUWIB_gQVFp_e4MExfSaRZitMo0ac8Xr6QYj5zIM-1665172345-0-150; PHPSESSID=bse49j04jd5bdt39b6m789909q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:26 GMT
content-type: image/png
content-length: 1637
cache-control: public, max-age=604800
expires: Fri, 14 Oct 2022 19:52:26 GMT
etag: "665-633750f2-e13a3;;;"
last-modified: Fri, 30 Sep 2022 20:26:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcH%2FcQ1Ye1tmyWPcyUNzc5zu6Ds2SqOi7FuQ3n5rxX3xmqIvQq7Ok%2BzOxViBBsTRtHSgWbXyqc8UwSX%2F4maLQv534doVIaRHQ06vXju4xDz2ILeGRbBWFJZPEFUW7fQU%2FI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75692d5fcb36b524-OSL
X-Firefox-Spdy: h2
unpkg.com/axios@1.1.2/dist/axios.min.js
104.16.126.175200 OK 317 kB URL HTTP/2 unpkg.com/axios@1.1.2/dist/axios.min.js
IP 104.16.126.175:0
File type ASCII text, with very long lines (26541)
Size 317 kB (316645 bytes)
Hash 0b193e4365540490e630c59892fc4f9d
f359ec86aca42260aa85f60a98de4a1d1618076e
810c29521c249f052e4133f69e7dd52c2cebdf7c0c37b5babdf97ae3bba1affc
GET /axios@1.1.2/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static3.matne.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:26 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"67d4-ae22gWc+WteU0z+fBbiwjqlAwTs"
via: 1.1 fly.io
fly-request-id: 01GERZ66JWEKENZHQ1YJ54WKY8-ams
cf-cache-status: HIT
age: 34503
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75692d5b79c4b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/axios/dist/axios.min.js
104.16.126.175302 Found 0 B URL HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.126.175:0
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 07 Oct 2022 19:52:26 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.1.2/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GESZY87VZVWRGKF1H9F2MT3J-ams
cf-cache-status: HIT
age: 161
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75692d5b5999b51d-OSL
X-Firefox-Spdy: h2
static3.matne.ru/jm/iehcwkm5ckd6whh1gmroq070o
104.26.11.176200 OK 0 B URL HTTP/2 static3.matne.ru/jm/iehcwkm5ckd6whh1gmroq070o
IP 104.26.11.176:0
Analyzer Verdict Alert fortinet Phishing
GET /jm/iehcwkm5ckd6whh1gmroq070o HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/PS-63408379e44aa
Cookie: cf_clearance=D4vYUWIB_gQVFp_e4MExfSaRZitMo0ac8Xr6QYj5zIM-1665172345-0-150; PHPSESSID=bse49j04jd5bdt39b6m789909q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:26 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Fri, 14 Oct 2022 19:52:26 GMT
etag: W/"eb5-633750f2-e13ae;gz"
last-modified: Fri, 30 Sep 2022 20:26:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POkuT2RV2ddKzsCAaEkwHT9k6ZizADpewk5qkCYYTipsU0fpqQDI3MTRhzLL0b1%2B1YOTqb80S4sEKh4WwGzhDLbpJ%2BkgoWCNm8LRbiTu8vhvHi3LsJsMNBFtNQ%2FNDqMzJL0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d5b3ae0b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
static3.matne.ru/boot/iwghdmwkc761mhe0rhc0qo5ok
104.26.11.176200 OK 0 B URL HTTP/2 static3.matne.ru/boot/iwghdmwkc761mhe0rhc0qo5ok
IP 104.26.11.176:0
Analyzer Verdict Alert fortinet Phishing
GET /boot/iwghdmwkc761mhe0rhc0qo5ok HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/PS-63408379e44aa
Cookie: cf_clearance=D4vYUWIB_gQVFp_e4MExfSaRZitMo0ac8Xr6QYj5zIM-1665172345-0-150; PHPSESSID=bse49j04jd5bdt39b6m789909q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:26 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Fri, 14 Oct 2022 19:52:26 GMT
etag: W/"c75f-633750f2-e13b1;gz"
last-modified: Fri, 30 Sep 2022 20:26:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlsRegIz%2BZbBcm9mOwD24j6gcL4fkm7g3TBpnk4xwqZc9mexkZEAi%2BEHzqqy%2Br%2FOaAlyftZCxMs3V4DW50H3Kp%2FA0dkw%2BKUkWeWO5WXLuBGvZl2odYJ0g5Jc6KX1gr0sr7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d5b3ad7b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
static3.matne.ru/.boonseng.teo@slurpmail.net
104.26.11.176403 Forbidden 0 B URL HTTP/2 static3.matne.ru/.boonseng.teo@slurpmail.net
IP 104.26.11.176:0
Analyzer Verdict Alert fortinet Phishing
GET /.boonseng.teo@slurpmail.net HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: cf_clearance=bHnCscwfnXaZfwddBXxb.zqfCzb.f4kLg0WyOkU.DfY-1665170528-0-150
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 403 Forbidden
date: Fri, 07 Oct 2022 19:52:23 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
referer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fs711vrkNbPn5TccoXT9f0StuItcawqHXTsRsZkcErulV9nENzAAtyniyWgnRL509M5ipmivHBUQWwTTgCOBjul2vv8kTZSS0L6RD3LxaMJZtknV39otcPfdHuo6LkC7sSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75692d4c3d26b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
static3.matne.ru/.boonseng.teo@slurpmail.net
104.26.11.176302 Found 0 B URL HTTP/2 static3.matne.ru/.boonseng.teo@slurpmail.net
IP 104.26.11.176:0
Analyzer Verdict Alert fortinet Phishing
POST /.boonseng.teo@slurpmail.net HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3236
Origin: https://static3.matne.ru
Connection: keep-alive
Referer: https://static3.matne.ru/.boonseng.teo@slurpmail.net?__cf_chl_tk=XfxeewI562DLae3rn7JaFzvaL6Iyg.EtgSkK_fJRKs4-1665172343-0-gaNycGzNCH0
Cookie: cf_clearance=bHnCscwfnXaZfwddBXxb.zqfCzb.f4kLg0WyOkU.DfY-1665170528-0-150
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 07 Oct 2022 19:52:25 GMT
content-type: text/html; charset=UTF-8
location: ./PS-63408379e44aa
set-cookie: cf_clearance=D4vYUWIB_gQVFp_e4MExfSaRZitMo0ac8Xr6QYj5zIM-1665172345-0-150; path=/; expires=Sat, 07-Oct-23 20:52:25 GMT; domain=.matne.ru; HttpOnly; Secure; SameSite=None
PHPSESSID=bse49j04jd5bdt39b6m789909q; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEcAXMj0EnFXw0M7%2BIzqxEZK2vtwCSBd%2FA6n1WrzI3iAOqIi4TkqRwwq8m8hUAETzjLeWn%2Boh4rXgMrsM4V41pq5fmAD2Mfnbx7UCRSc5GoLppncx%2BTHAyQDtTrSVphmAjY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d545866b524-OSL
X-Firefox-Spdy: h2
static3.matne.ru/o/1cwirhhdk6mw0ok0gcmho57qe
104.26.11.176200 OK 0 B URL HTTP/2 static3.matne.ru/o/1cwirhhdk6mw0ok0gcmho57qe
IP 104.26.11.176:0
Analyzer Verdict Alert fortinet Phishing
GET /o/1cwirhhdk6mw0ok0gcmho57qe HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/PS-63408379e44aa
Cookie: cf_clearance=D4vYUWIB_gQVFp_e4MExfSaRZitMo0ac8Xr6QYj5zIM-1665172345-0-150; PHPSESSID=bse49j04jd5bdt39b6m789909q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:26 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Fri, 14 Oct 2022 19:52:26 GMT
etag: W/"e43-633750f2-e13a5;gz"
last-modified: Fri, 30 Sep 2022 20:26:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaS41M5QcdvZmpPFePL8%2BJDnhwjxn8sKQxZbOjVrSQFEdx02G7zCRf1QzTb%2B793lJLBiRaP5TXESBKQDyTjnPLwlLtO2J40%2Fja03alYyuD0Z%2FAQ5Pd47SarDjQHOHjzgU18%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d5b3aceb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
static3.matne.ru/jq/iroq0c0ch67w5mdokhh1kwmeg
104.26.11.176200 OK 0 B URL HTTP/2 static3.matne.ru/jq/iroq0c0ch67w5mdokhh1kwmeg
IP 104.26.11.176:0
Analyzer Verdict Alert fortinet Phishing
GET /jq/iroq0c0ch67w5mdokhh1kwmeg HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/PS-63408379e44aa
Cookie: cf_clearance=D4vYUWIB_gQVFp_e4MExfSaRZitMo0ac8Xr6QYj5zIM-1665172345-0-150; PHPSESSID=bse49j04jd5bdt39b6m789909q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:26 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Fri, 14 Oct 2022 19:52:26 GMT
etag: W/"14e4a-633750f2-e13b3;gz"
last-modified: Fri, 30 Sep 2022 20:26:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NMDHGOvbZbSxPaZcA3XOT8CaeSScQwlABKbZlk6kqXkx4nrfcUsW9dkkMW0qP5w7MlhwaJhy3DR%2BTGl%2Fu2rfsvTuRkl8hXW%2FJl4BDqSwWEtuSad1avGcEDwBcfyFksEb4w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d5b3ad2b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
static3.matne.ru/e/hw5me6kgw001koqcdco7hihmr
104.26.11.176200 OK 0 B URL HTTP/2 static3.matne.ru/e/hw5me6kgw001koqcdco7hihmr
IP 104.26.11.176:0
Analyzer Verdict Alert fortinet Phishing
GET /e/hw5me6kgw001koqcdco7hihmr HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/PS-63408379e44aa
Cookie: cf_clearance=D4vYUWIB_gQVFp_e4MExfSaRZitMo0ac8Xr6QYj5zIM-1665172345-0-150; PHPSESSID=bse49j04jd5bdt39b6m789909q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:26 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Fri, 14 Oct 2022 19:52:26 GMT
etag: W/"201-633750f2-e139f;gz"
last-modified: Fri, 30 Sep 2022 20:26:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVvbJYmOlI%2FspUuweBqvAXWe2SvkWzARIwEvDIIGMjdxQrKVrwNCLnVmZQFd895fdnbbGbR5Uqq1i1j%2FwPz3IYcj17g8Fd0VUeN%2B%2Brp8xzH2I08U5QCs9PHFInsogYjRdWQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d5b3ad0b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
static3.matne.ru/ic/hcw6ced0q5wko1h7mm0rihokg
104.26.11.176200 OK 0 B URL HTTP/2 static3.matne.ru/ic/hcw6ced0q5wko1h7mm0rihokg
IP 104.26.11.176:0
Analyzer Verdict Alert fortinet Phishing
GET /ic/hcw6ced0q5wko1h7mm0rihokg HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/PS-63408379e44aa
Cookie: cf_clearance=D4vYUWIB_gQVFp_e4MExfSaRZitMo0ac8Xr6QYj5zIM-1665172345-0-150; PHPSESSID=bse49j04jd5bdt39b6m789909q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:26 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Fri, 14 Oct 2022 19:52:26 GMT
etag: W/"4316-633750f2-e13a0;gz"
last-modified: Fri, 30 Sep 2022 20:26:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpHEmSaIIeoMym93goZuVoGQtPQOlY0yo4tP0PEtaHWe0iU3RWENs3PNHKELN5uBMnH3MeLaDrM45lRMxK6HXurkkwpagvN%2BK%2BrvKj7pBSoPVVeE%2BhkftaDn%2BaD4EmJoZmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d5e28e8b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
static3.matne.ru/api-gkq5o0mhri6hwhco1ce7wd0km?email=boonseng.teo@slurpmail.net&data=logo
104.26.11.176200 OK 0 B URL HTTP/2 static3.matne.ru/api-gkq5o0mhri6hwhco1ce7wd0km?email=boonseng.teo@slurpmail.net&data=logo
IP 104.26.11.176:0
GET /api-gkq5o0mhri6hwhco1ce7wd0km?email=boonseng.teo@slurpmail.net&data=logo HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/PS-63408379e44aa
Cookie: cf_clearance=D4vYUWIB_gQVFp_e4MExfSaRZitMo0ac8Xr6QYj5zIM-1665172345-0-150; PHPSESSID=bse49j04jd5bdt39b6m789909q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:26 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCQM3ttPltnOYrxPn08LgrnkwxXA6mXj7PjpKrO9%2FFQRGaWYdnMljoZe5EPyuT2ZG7oOHvzKE4%2FF%2FVDbTv26dpjMrsOv5bbbsZyBY9dZjHg09UtCZ0W7bfX0xZV%2Fb%2FtlYu4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d5cde24b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
static3.matne.ru/api-hm5wkd0710c6hekgohwoqicmr?email=boonseng.teo@slurpmail.net&data=background
104.26.11.176200 OK 0 B URL HTTP/2 static3.matne.ru/api-hm5wkd0710c6hekgohwoqicmr?email=boonseng.teo@slurpmail.net&data=background
IP 104.26.11.176:0
GET /api-hm5wkd0710c6hekgohwoqicmr?email=boonseng.teo@slurpmail.net&data=background HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static3.matne.ru/PS-63408379e44aa
Cookie: cf_clearance=D4vYUWIB_gQVFp_e4MExfSaRZitMo0ac8Xr6QYj5zIM-1665172345-0-150; PHPSESSID=bse49j04jd5bdt39b6m789909q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:27 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhVaQwMkrFoserJrd1Ym%2FtMRirPpVaYZV4V2oYuZJ6UrSEP%2F8CarZR%2BZPPAl1%2F7iOEGF29Ia4UtKce3kbwQ6DKn7cReGPuX%2FuYH7rSCdtxd1yhz29xmVFCwl0qDJ2IVIO6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d5cde2eb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
static3.matne.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5492484409670397:1665169574:sSQf5f0dFTmrt1wFhxDnm3XXRxcQCsivWuHyKdmuR5s/75692d4c3d26b524/a37c5950ecd60de
104.26.11.176200 OK 0 B URL HTTP/2 static3.matne.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5492484409670397:1665169574:sSQf5f0dFTmrt1wFhxDnm3XXRxcQCsivWuHyKdmuR5s/75692d4c3d26b524/a37c5950ecd60de
IP 104.26.11.176:0
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.5492484409670397:1665169574:sSQf5f0dFTmrt1wFhxDnm3XXRxcQCsivWuHyKdmuR5s/75692d4c3d26b524/a37c5950ecd60de HTTP/1.1
Host: static3.matne.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
CF-Challenge: a37c5950ecd60de
Content-Length: 15893
Origin: https://static3.matne.ru
Connection: keep-alive
Referer: https://static3.matne.ru/.boonseng.teo@slurpmail.net
Cookie: cf_chl_seq_a37c5950ecd60de=tzifj9zlM5RZrIk; cf_clearance=bHnCscwfnXaZfwddBXxb.zqfCzb.f4kLg0WyOkU.DfY-1665170528-0-150; cf_chl_prog=e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:52:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_chl_rc_m=;Expires=Thu, 06 Oct 2022 19:52:24 GMT;SameSite=Strict
cf_chl_out: yj9Xwn7mm4PQLGZWzzvXk5use9Z5UCNmYQuqPpvOmMnK6E0h/Ic90rtb308ZQRIDuBZgRGex9FmHKgXaIUJQdg==$MVbaHm4wjAoaN73CluEQ4w==
cf_chl_out_s: bEKhxLKg+4zqZqUT8fDECtQJLgKgujuqfjxpWE+jIdUh2Vr4zQeTk2ni5snWBcYh$4V9N4Zv7bkjGN+k3zYB91w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jh%2FbEqaRSTvig6j5DS7Ykx16qXOI9u8A9%2BDhSyxLFG7FnzE7QUM3xDE9i7bM%2BWJ77oCVs7PtlRDEJySmZpvLoBe94Iv4qPEyxFqTxOoo0yPI4ryMyF99zyd50K%2BNmjUEXAE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75692d51ccd8b524-OSL
content-encoding: br
X-Firefox-Spdy: h2