{"report_id":"a6e7218b-ace0-4602-b7a4-5fb48a51d4b6","version":6,"status":"done","tags":["phishing","microsoft","outlook"],"date":"2024-01-10T15:01:14Z","url":{"schema":"http","addr":"r20.rs6.net/tn.jsp?f=001ej29hAuVDrHumdgDNEESWMTsfRYaMuJPdadbowP0iGbSt3bkBYQKum_gHLw_PYA2h7GX2lQUTURwzUYghJWGihIjJOP1OLas8amf_YU1lDZgD6YyzgB7RP1ykuTF4gbyTGHuKKaE7DLuxHjha3qAzp4NUoosWdKn\u0026c=\u0026ch==\u0026c=\u0026ch=\u0026__=//cgi/content/images//492/oje/Y2hyaXNAbW96YWljLWxsYy5jb20=","fqdn":"r20.rs6.net","domain":"rs6.net","tld":"net"},"ip":{"addr":"208.75.122.11","port":0,"asn":40444,"as":"ASN-CC","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"07r.qtwrekg.ru/##chris@mozaic-llc.com","fqdn":"07r.qtwrekg.ru","domain":"qtwrekg.ru","tld":"ru"},"title":"abyYBzjYXlGBmVxBwifWsVEYV"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T04:22:31Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":0,"first_seen":"2021-10-20 07:02:03","last_seen":"2024-01-10 09:54:38","alert_count":0,"request_count":9,"received_data":443183,"sent_data":5643,"comment":"","tags":null,"fingerprints":null},{"fqdn":"07r.qtwrekg.ru","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2023-12-25","domain_rank":0,"first_seen":"2023-12-28 01:12:00","last_seen":"2023-12-28 01:12:00","alert_count":2,"request_count":2,"received_data":8050,"sent_data":994,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r20.rs6.net","ip":{"addr":"208.75.122.11","port":0,"asn":40444,"as":"ASN-CC","country":"United States","country_code":"US"},"domain_registered":"2001-12-21","domain_rank":6735,"first_seen":"2014-04-18 19:30:06","last_seen":"2024-01-10 05:11:35","alert_count":0,"request_count":1,"received_data":407,"sent_data":727,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hei-om.com","ip":{"addr":"132.148.17.97","port":0,"asn":26496,"as":"AS-26496-GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"domain_registered":"2017-11-22","domain_rank":0,"first_seen":"2020-07-29 21:19:56","last_seen":"2024-01-10 12:46:03","alert_count":1,"request_count":1,"received_data":371,"sent_data":549,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":439,"first_seen":"2012-09-30 02:15:09","last_seen":"2024-01-09 18:12:29","alert_count":0,"request_count":1,"received_data":26137,"sent_data":462,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8435cabc5dad0b51","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e0a893e6d94660ccf7a42b9be9cd2f8","sha1":"8d209fff2525af623f27f8b135ed05f4450f7258","sha256":"ee225a3063c55e715c3557b298251c93696b4c3404564dc6c45512aebb0c9dc1","sha512":"29a68b74fb77e55f8bbcffb811f3ad157af3b357491f2ab576bb369faa8f43e2e2f6d9c6f63905319e86c06ee3fe6e21ad6e51d60cb812c6ebda193564e25a6a","ssdeep":"3072:gZfPo/9MciP52xyeXnyQKBCcm7spSFYWio/R++ziU:gsMybcjpQPiCRZiU","tlshash":"590471cc77cba8692233397870273216709b5d496c7c1dddfa00b1c529f621a92e76ee","size":179462,"data":"","first_seen":"2024-08-20T12:42:55.868024Z","last_seen":"2024-08-20T12:42:57.811425Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImRXdU1SaU56dUpPYVFzTSIpLmdldEF0dHJpYnV0ZSgiSnFldkJiTmV5YXFvSWNUUlJSR3pUViIpKSkpKTt3TnRnbnlBY1FEZWhmYVJGd1ZZbm09IlRLQ2tVeFJHTEp2bUthSnpnc1RRayI7","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e8417255ea57d11d328a658a66dc70e6","sha1":"e423d294b8321ec99b939177602907449abea757","sha256":"93cc483d97888822fd49f50eb99224fa9192093af028881d90aaa0304d54165e","sha512":"82f6413d465c4097389c619a0643d66c5d780b857ae16636a1f3e7006437e53792d282135d273fcfa2ad67aaab3196374fb7af5454e37ebd66089da299b07a88","ssdeep":"","tlshash":"a9c02233400cf13c8d5a8282836842e68cec3106ec5a7c004c0ded58794f9a20122a40","size":177,"data":"","first_seen":"2024-08-20T12:42:55.875248Z","last_seen":"2024-08-20T12:42:55.875248Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0aea3ab2c4a2f1df82a1cbd0e3cd139","sha1":"4be28a6299190417eef5f41efd8ae1247668e653","sha256":"dbc38cf0a394006d94e88fc271e31df655fda88118ea16ed59f779aa4f48041e","sha512":"24bba5711fa346ab9c5c21ea4e1961ce65c1a4fe85f3f0a3f760e8e4e2afca7d19d4f6e8ab98495ed76965a181c5aaa00c11f2c236d485c58950321080248075","ssdeep":"","tlshash":"65e0a7ed5a23f95239c9a93422eec68404231b7a6943f23340259846455c4dc6403f57","size":412,"data":"","first_seen":"2024-08-20T12:42:55.876111Z","last_seen":"2024-08-20T12:42:55.876111Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1c862db5f2555377c2dc1e62ed7b3981","sha1":"c29e6dc25c08a70995127ec13ded6f80d9a36174","sha256":"27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac","sha512":"31143265b96385ef4b575b72591775139057dff85891be61591e3d55259b6d1dc95d86a0feec40c801d38e64278cfbe50c3c2a16757f986ad40f716935bf2bb2","ssdeep":"","tlshash":"0c8000ac38802000803328e8002fa8aaa020083030800e022a02e8888cb222c822a8ae","size":26,"data":"","first_seen":"2023-04-11T21:13:06Z","last_seen":"2026-04-03T22:27:11.593886Z","times_seen":264121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"99dd2e64e7ba345a3b2f7d34c465258a","sha1":"ee3bc947d6f6828ae4df6bf14a77e4c7cc62a310","sha256":"850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef","sha512":"71fcfbee1cb8d0887fb72b0b3d70c75eb94f80f005a35db046a7eb74ce6b20807648e2d3465f129bcf81a0b57bcab866425fddd3a011e075a141ade765d3f7fd","ssdeep":"768:oYfClijjk2CqEit11AWGgks1+cD6lf3KQJrsaoBYvRdXxMyymCwMftGwMkZ:o0ft11AWGgks1+c2l7rsauZ","tlshash":"25f2189d3287397187ee01e0207ba74373397a3ae98ccc50d856cc7525acd99d236fa9","size":35312,"data":"","first_seen":"2024-01-05T16:53:14Z","last_seen":"2024-08-20T13:50:34.734334Z","times_seen":13793,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c9fe9b86ae6d745331e1e639c825a46","sha1":"06f42e88256dc6c1cf258969e3a01c1522494f2d","sha256":"1f42b1dcc0c259bee416b5547271b056c0dbec41c4bd430b9ce0278cf5b716d5","sha512":"f6c0d52173032364259945f8ddd5ee7b08f477d202ff59fd8079c594fc33d1b852c196d5d9c9e41d9a1528f67934d0f1597c8b4aa95310b63f2dee5a7c521d59","ssdeep":"","tlshash":"a0014c6f70197831503618263707f78abb3b612196e73483a16d8958f0319fb81ead89","size":709,"data":"","first_seen":"2024-08-20T12:42:55.877735Z","last_seen":"2024-08-20T12:42:55.877735Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"625685b3b659939688e456a4673a0994","sha1":"28547644d0f9029c0a25698abbe0fcce730b1e73","sha256":"7ef3435502a431f919c02b4ed94699d26ab347295d3d60abf2e183f1b702d3d9","sha512":"381c97e4cf66c82f2c24aa6cccab830adb55ee70dfd806f1670d3f22fc50dc2f1960db19d97c4d562df5372cda6b886d992fce456e13fd6d7e7191e3249ad4c4","ssdeep":"","tlshash":"6961c8fa54f942661719a324275fe7412932029b4c4c75787e4dc1092f2e59f22b47ca","size":3268,"data":"","first_seen":"2024-08-20T12:42:55.884057Z","last_seen":"2024-08-20T12:42:55.884057Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":[{"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-03T22:28:54.480943Z","times_seen":665240,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"write":[{"md5":"4b09eb0233b8e16b516de4336ff73972","sha1":"e351db6fc7074725fde4f5b9beeddc4eb10a90fc","sha256":"9787538a41769ee537f3bb3c84916f2e70279e798112c2fd77716e85ae44cbeb","sha512":"4a168d36c97b4f8fd4826454017bd0f76af43ee1979c06bde2f33286641247baf5e367b6a53cef3a42de47fbec1707a5c78d91eec58ecb96bee6f24f4a05f4b6","ssdeep":"","tlshash":"027143d5dc5a25631c3be6f2356a939530fad334c5431421d2ee0aa622c8fdab1bac70","size":3750,"data":"","first_seen":"2024-08-20T12:42:55.885781Z","last_seen":"2024-08-20T12:42:55.885781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"8db03ad371bd760566781617d871813b","sha1":"d51ef39470608dec1404e384587f866bc7bef128","sha256":"124a05b6b681164ce665901fa3c468efa6227d2389bcb523f5b0aff19464fd2d","sha512":"d10966ef09c378866059f01ec2585fae2d4c4cdeda0ac696161da1bc1f81c3aa7ba392961cd5410fd94a6f174d338cae93e36a422f561751ed13fc8be3777d7e","ssdeep":"","tlshash":"3a71d060acf3508185cbd30cbbe0ed861be0b1a3919a5656bb4c874ec7857ec8957f02","size":3574,"data":"","first_seen":"2024-01-05T16:53:14Z","last_seen":"2024-08-20T13:50:34.752133Z","times_seen":9912,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"r20.rs6.net/tn.jsp?f=001ej29hAuVDrHumdgDNEESWMTsfRYaMuJPdadbowP0iGbSt3bkBYQKum_gHLw_PYA2h7GX2lQUTURwzUYghJWGihIjJOP1OLas8amf_YU1lDZgD6YyzgB7RP1ykuTF4gbyTGHuKKaE7DLuxHjha3qAzp4NUoosWdKn\u0026c=\u0026ch==\u0026c=\u0026ch=\u0026__=//cgi/content/images//492/oje/Y2hyaXNAbW96YWljLWxsYy5jb20=","fqdn":"r20.rs6.net","domain":"rs6.net","tld":"net"},"ip":{"addr":"208.75.122.11","port":0,"asn":40444,"as":"ASN-CC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-01-10T15:00:48.671227204Z","timestamp":1704898848671,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /tn.jsp?f=001ej29hAuVDrHumdgDNEESWMTsfRYaMuJPdadbowP0iGbSt3bkBYQKum_gHLw_PYA2h7GX2lQUTURwzUYghJWGihIjJOP1OLas8amf_YU1lDZgD6YyzgB7RP1ykuTF4gbyTGHuKKaE7DLuxHjha3qAzp4NUoosWdKn\u0026c=\u0026ch==\u0026c=\u0026ch=\u0026__=//cgi/content/images//492/oje/Y2hyaXNAbW96YWljLWxsYy5jb20= HTTP/1.1\r\nHost: r20.rs6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Wed, 10 Jan 2024 15:00:48 GMT\r\nServer: Apache\r\nP3P: CP=\"CAO DSP TAIa OUR NOR UNI\"\r\nLocation: https://hei-om.com/content/images//cgi/content/images//492/oje/Y2hyaXNAbW96YWljLWxsYy5jb20=\r\nContent-Length: 0\r\nCache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache=\"Set-Cookie\"\r\nPragma: no-cache\r\nConnection: close\r\nContent-Type: text/html;charset=ISO-8859-1\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hei-om.com/content/images//cgi/content/images//492/oje/Y2hyaXNAbW96YWljLWxsYy5jb20=","fqdn":"hei-om.com","domain":"hei-om.com","tld":"com"},"ip":{"addr":"132.148.17.97","port":0,"asn":26496,"as":"AS-26496-GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-01-10T15:00:49.140440658Z","timestamp":1704898849140,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /content/images//cgi/content/images//492/oje/Y2hyaXNAbW96YWljLWxsYy5jb20= HTTP/1.1\r\nHost: hei-om.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 10 Jan 2024 15:00:49 GMT\r\nServer: Apache\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding,User-Agent\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":119,"size_decoded":111,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"a706478a2eb04a2e46e0f900b970ff61","sha1":"de13a23abb8598991d92127c84b5c9e9766e2585","sha256":"173be28a785ca00d29abff8e58003145ca6a7f338516b524b4f4ad307fbcbb7a","sha512":"2549147d7e47d3dd3d8cdfcc23dffd3561d2497f1f03ac4a9789cf7f69a49c7ed29b3f02b827dc1aa76e273ce2f5cadb7012a812bbc619231c1e96c3bfb13fc6","ssdeep":"","tlshash":"a8b092970c86c4465ac100a1d062fe58675682aa4708c48aa890c0ba22857cb8e4a686","first_seen":"2024-08-20T12:42:55.864586Z","last_seen":"2024-08-20T12:42:55.926347Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://07r.qtwrekg.ru/##chris@mozaic-llc.com","date":"2024-01-10T15:00:50.997Z","timestamp":1704898850997,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://07r.qtwrekg.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.0.2\r\nx-jsd-version-type: version\r\netag: W/\"260c5-fByeBXPlzqi603M74vxjqoxo6o0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 10 Jan 2024 15:00:51 GMT\r\nage: 18422092\r\nx-served-by: cache-fra-eddf8230097-FRA, cache-hel1410028-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 25360\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25360,"size_decoded":155845,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65306)","md5":"abe91756d18b7cd60871a2f47c1e8192","sha1":"7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d","sha256":"7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b","sha512":"bac54101debafcda5535f0607b5f60c2cda3e896629e771ad76ac07b697e77e4242d4f5f886d363b55fc43a85ea48a6bfc460a66f2b1fc8f56b27ba326e3a604","ssdeep":"1536:d0bwW83RipVVsEBpy0cuJcf22RWb5CyVUpz600I4fM:d0bwlyVUpz600I4fM","tlshash":"09e3a3d7f581241dd4a7c259a0d1bffd052f4586e3025babb0277bb88b8a6c70963e4c","first_seen":"2023-04-05T03:16:49Z","last_seen":"2026-04-03T22:25:14.885702Z","times_seen":94470,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":48,"dns":23,"connect":14,"send":0,"wait":13,"receive":5,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T15:00:51.302Z","timestamp":1704898851302,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 15:00:51 GMT\r\ncontent-type: image/png\r\ncache-control: max-age=2629800, public\r\nserver: cloudflare\r\ncf-ray: 8435cabcde4b0b51-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61,"size_decoded":61,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced","md5":"9246cca8fc3c00f50035f28e9f6b7f7d","sha1":"3aa538440f70873b574f40cd793060f53ec17a5d","sha256":"c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84","sha512":"a2098304d541df4c71cde98e4c4a8fb1746d7eb9677ceba4b19ff522efdd981e484224479fd882809196b854dbc5b129962dba76198d34aaecf7318bd3736c6b","ssdeep":"","tlshash":"a5a002e763957d7bd94b133756651151f8324514171305458805d475161736c81c4a82","first_seen":"2023-08-25T15:09:14Z","last_seen":"2025-05-14T12:12:43.698394Z","times_seen":189286,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1685082004:1704895753:lnMGlEfsXUUotY1dDQ43X1E8y55FdHFQFoh2ChmhCeg/8435cabc5dad0b51/8de766827b7bec6","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T15:00:51.542Z","timestamp":1704898851542,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1685082004:1704895753:lnMGlEfsXUUotY1dDQ43X1E8y55FdHFQFoh2ChmhCeg/8435cabc5dad0b51/8de766827b7bec6 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nContent-type: application/x-www-form-urlencoded\r\nCF-Challenge: 8de766827b7bec6\r\nContent-Length: 2565\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 15:00:51 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: Bgka7grVSNdPMctJ0R+UOOHsbtEcOfdM4JuzIpBZwOtmZ+0cxHDrKam7gyhuAplUAi7bmTVuCN+7ImAr7u0u1yxe22hSOGwP8vjVirD9KilqUauHZb4gfQX9bmVm1oM6XVhtfgE7EfzPcLfQourO1oIfEdKnTL9WFiR21sj4P4NC4mveqywtcoFs+dx3na57Ists764Hh1jfLqUwUMTudXznpeu+9oZabPR5IEwDbWsQC2i+/0+2wwZOBrVRagvyzSPnOWjLTbMzCISTYvdPGaVZ00ph36oWg4ITYzVy2VwYvIgaU0bgIIYZdmKuBysx0d6tr/NaSWMGkScR47V6L5V2JWDXoF06OqxaoagWRGYakQsUcjo2AD/QC8INrQor$HQH6bsCJavlKg3THpnT5cw==\r\nserver: cloudflare\r\ncf-ray: 8435cabe5ff20b51-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95256,"size_decoded":95256,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1da499d4c6cef72068730683b75603dc","sha1":"ebec68dffcd6d07bc82392df6162560fb023be0f","sha256":"247f5c2077260f9235b3c30185802cb58bb2823544b0f6160c49d9c7fb3456da","sha512":"a77662c4122db4ce9ff4c2eddde06e6c8f50f1e8a905801045aa8b8c57e20dcec758f7dba465e32a45d908675a72989c6fa2ee4c0d2018b2f6424548def21757","ssdeep":"1536:LG5M4JurNFhYlaXJTqqAuiSW5f//IOXe7cvHuiiiwUgfmrf+8AMIApXW9qoX2UC6:S2N7BJTq0iHHXeqHuRgg+rf+8OAYkUd","tlshash":"cd93026148df7f1c1d806333553aa99ab1bcbe76402be6e4a4cc74cec88ed98361449f","first_seen":"2024-08-20T12:42:55.866671Z","last_seen":"2024-08-20T12:42:55.866671Z","times_seen":1,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://07r.qtwrekg.ru/##chris@mozaic-llc.com","date":"2024-01-10T15:00:50.990Z","timestamp":1704898850990,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://07r.qtwrekg.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 10 Jan 2024 15:00:51 GMT\r\ncache-control: max-age=300, public\r\nlocation: /turnstile/v0/b/c8377512/api.js\r\nvary: accept-encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\ncf-ray: 8435cabafefc56c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":35312,"size_decoded":35312,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":8,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8435cabc5dad0b51/1704898851581/4wts2_px2fvhQqB","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T15:00:52.235Z","timestamp":1704898852235,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/i/8435cabc5dad0b51/1704898851581/4wts2_px2fvhQqB HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 15:00:52 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\ncf-ray: 8435cac2bd980b51-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61,"size_decoded":61,"mime_type":"image/png","magic":"PNG image data, 55 x 74, 8-bit/color RGB, non-interlaced","md5":"6f8c04d65febd0836aab2e920b30a8d5","sha1":"7626410e797fd6dd089b7682c4fd63a4136953c3","sha256":"e594287fd39e65e43e39f3ad4029a9fd65675d6dd2fb8e50f57e9bbc0e8fe1d5","sha512":"210220b1b643c994092639fb60f85a84463ed6d873fddaa691e9653795d648b23f634d9c738b6480dfc42e583687228ad78aca85ceb4aad2d308afb22d2b0c45","ssdeep":"","tlshash":"e6a002eb63d4ac78c957023756250871e8320918431152559809c42a566736cd1c4a52","first_seen":"2023-07-28T20:36:45Z","last_seen":"2025-05-03T18:46:13.348404Z","times_seen":83,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8435cabc5dad0b51","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T15:00:51.303Z","timestamp":1704898851303,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8435cabc5dad0b51 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 15:00:51 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nserver: cloudflare\r\ncf-ray: 8435cabcde4f0b51-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":179462,"size_decoded":179462,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"5e0a893e6d94660ccf7a42b9be9cd2f8","sha1":"8d209fff2525af623f27f8b135ed05f4450f7258","sha256":"ee225a3063c55e715c3557b298251c93696b4c3404564dc6c45512aebb0c9dc1","sha512":"29a68b74fb77e55f8bbcffb811f3ad157af3b357491f2ab576bb369faa8f43e2e2f6d9c6f63905319e86c06ee3fe6e21ad6e51d60cb812c6ebda193564e25a6a","ssdeep":"3072:gZfPo/9MciP52xyeXnyQKBCcm7spSFYWio/R++ziU:gsMybcjpQPiCRZiU","tlshash":"590471cc77cba8692233397870273216709b5d496c7c1dddfa00b1c529f621a92e76ee","first_seen":"2024-08-20T12:42:55.868024Z","last_seen":"2024-08-20T12:42:57.811425Z","times_seen":3,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1685082004:1704895753:lnMGlEfsXUUotY1dDQ43X1E8y55FdHFQFoh2ChmhCeg/8435cabc5dad0b51/8de766827b7bec6","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T15:00:53.946Z","timestamp":1704898853946,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1685082004:1704895753:lnMGlEfsXUUotY1dDQ43X1E8y55FdHFQFoh2ChmhCeg/8435cabc5dad0b51/8de766827b7bec6 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nContent-type: application/x-www-form-urlencoded\r\nCF-Challenge: 8de766827b7bec6\r\nContent-Length: 25774\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 15:00:54 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: 1xH88s7a66ttXWvrHUl4/xE5kCd/foMqDBHN4Y0omd6V8rMIrej1oItk4rsqjTgc$wfvPeNyFE7F8JXYeZb3WpA==\r\nserver: cloudflare\r\ncf-ray: 8435cacd5a520b51-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18288,"size_decoded":18288,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (18288), with no line terminators","md5":"6896de9d160ede05689518b9407ea0f3","sha1":"1b32d0e62b9ecb6743b939ab22d360d094adc688","sha256":"e72b0aba91349d8a4cf53ec1644cdc051fd2988b10bd1066f72c120afb76e605","sha512":"ecf5a9361cf03eb15805f61e5bcd9af34345c9f34e5e63f18426f96cded64708ba4f2a1afc0e953072cda5054d985a0efa89eedbeb9a2a99a0670027ea72eda9","ssdeep":"384:5ZGUd1KgUPbgCMG7YxpnI4+n2WN+4gJNY4fOnuiUgwPdVoXMzdonwMj2EQ+Y:qUdAzPcCjSnCd9wPdVoXxnwq2v","tlshash":"3482c0eea80714535f1774134c86b70e64c1f134c0669886b7d2c9e924feb6f4ca1ae4","first_seen":"2024-08-20T12:42:55.869495Z","last_seen":"2024-08-20T12:42:55.869495Z","times_seen":1,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://07r.qtwrekg.ru/##chris@mozaic-llc.com","date":"2024-01-10T15:00:51.037Z","timestamp":1704898851037,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/b/c8377512/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://07r.qtwrekg.ru/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Jan 2024 15:00:51 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8435cabb2f4d56c3-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35312,"size_decoded":35312,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (35311)","md5":"99dd2e64e7ba345a3b2f7d34c465258a","sha1":"ee3bc947d6f6828ae4df6bf14a77e4c7cc62a310","sha256":"850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef","sha512":"71fcfbee1cb8d0887fb72b0b3d70c75eb94f80f005a35db046a7eb74ce6b20807648e2d3465f129bcf81a0b57bcab866425fddd3a011e075a141ade765d3f7fd","ssdeep":"768:oYfClijjk2CqEit11AWGgks1+cD6lf3KQJrsaoBYvRdXxMyymCwMftGwMkZ:o0ft11AWGgks1+c2l7rsauZ","tlshash":"25f2189d3287397187ee01e0207ba74373397a3ae98ccc50d856cc7525acd99d236fa9","first_seen":"2024-01-05T16:53:14Z","last_seen":"2024-08-20T13:50:34.734334Z","times_seen":13793,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"07r.qtwrekg.ru/","fqdn":"07r.qtwrekg.ru","domain":"qtwrekg.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-10T15:00:49.388Z","timestamp":1704898849388,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qtwrekg.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 25 Dec 2023 08:43:33 GMT","end":"Sun, 24 Mar 2024 08:43:32 GMT"},"fingerprint":{"sha1":"93:A6:76:25:50:DB:2B:59:63:57:85:7A:61:D6:EA:75:BB:69:D3:72","sha256":"41:5B:98:AE:B1:F7:F9:2B:79:AB:4D:CF:7E:8E:23:39:F3:2E:25:52:5B:B3:F8:79:AC:D0:FD:D2:D4:A1:9E:28"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 07r.qtwrekg.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hei-om.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Jan 2024 15:00:50 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\nset-cookie: PHPSESSID=5svps6h56qlautk13d0q12acka; expires=Thu, 11-Jan-2024 15:00:50 GMT; Max-Age=86400; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=03qBUpBh6IaxZ8vonvpeSHP%2BSKOuCk3l3L089mRvmEyhn2yZXxpcEayBUpu%2BsiaDrVASPohA5fPwCscBNKvOT8euhTqKcnZq%2B9pYcFW4Rji%2BtawIHHCoyBZUKuM%2FYPuEHQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8435cab0ff425693-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5332,"size_decoded":5332,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (5336), with no line terminators","md5":"10bdb8d525858c67cf1d34b4ca79d2f7","sha1":"8a6c5880aff3d0dda3680f640d85e67356d1c473","sha256":"a4af0e8aad24bca2e1db48518d5b81ff20eccf504b2f50564791127e3e826c91","sha512":"a57d1310fd441eac60473e38bcc1420207df0609d8bf7cef2e979f847789b00ef806e1c5dfa6c5e8beca644f8f56b7eede73a58192dc6925134a2d9ec02346cb","ssdeep":"96:z5ZRAO1hBWIdn5AAuQxcjuu2uQBhamV5ACEOcfKQTQ3IPcxDKQ5SbKOQvQ+WQue2:z5PKIdbxjatihZ1qOCwV5IyHi","tlshash":"8fb1daabac330764d40adb8f7789589b956128edac52fc80c7352d8a743b7186d7818d","first_seen":"2024-08-20T12:42:55.871045Z","last_seen":"2024-08-20T12:42:55.871045Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1489,"timings":{"blocked":13,"dns":0,"connect":1,"send":0,"wait":1461,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"07r.qtwrekg.ru/favicon.ico","fqdn":"07r.qtwrekg.ru","domain":"qtwrekg.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://07r.qtwrekg.ru/##chris@mozaic-llc.com","date":"2024-01-10T15:00:51.216Z","timestamp":1704898851216,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qtwrekg.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 25 Dec 2023 08:43:33 GMT","end":"Sun, 24 Mar 2024 08:43:32 GMT"},"fingerprint":{"sha1":"93:A6:76:25:50:DB:2B:59:63:57:85:7A:61:D6:EA:75:BB:69:D3:72","sha256":"41:5B:98:AE:B1:F7:F9:2B:79:AB:4D:CF:7E:8E:23:39:F3:2E:25:52:5B:B3:F8:79:AC:D0:FD:D2:D4:A1:9E:28"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 07r.qtwrekg.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://07r.qtwrekg.ru/\r\nCookie: PHPSESSID=5svps6h56qlautk13d0q12acka\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 10 Jan 2024 15:00:51 GMT\r\ncontent-type: text/html\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: BYPASS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=mSq3MOJrjY6OqYMyb6EV6CXQu%2BQiak3thRW0iXudXOKYL%2Bn0H9sdb9DBsceZ4o%2BCfeBA%2F1y%2Fdmw065O0GNSdQqAzhYj9PT5uLxiIcB9cHl9HHA%2FLeKgJZtEBISSJl5uFPg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8435cabc4f070b69-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1236,"size_decoded":1236,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1274), with no line terminators","md5":"8c16945397b2ea2fa974494c910f6d08","sha1":"87289c714f1955cc0a4b8d0f5319bf0dcf771141","sha256":"16782bd72a33f1963efb1d59aa17f964a604235a255e51dd4aafe0e0587040c6","sha512":"c57c43f89f7120d957597532db1634c5085a982de4cf3a1e4251a6593af28262362cbb1163a81e47c2a46c0cada341839ac2824e25b94dfbc8c2c116b84f9f90","ssdeep":"","tlshash":"c621423ec1c1920a94171198f7d1b278265ac341db930fb4364d7068f6cd0ee56a3fc4","first_seen":"2023-04-05T04:31:49Z","last_seen":"2025-03-27T15:32:37.859784Z","times_seen":16264,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://07r.qtwrekg.ru/##chris@mozaic-llc.com","date":"2024-01-10T15:00:51.224Z","timestamp":1704898851224,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://07r.qtwrekg.ru/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 15:00:51 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ncontent-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndocument-policy: js-profiling\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver: cloudflare\r\ncf-ray: 8435cabc5dad0b51-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":74865,"size_decoded":74865,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (40811)","md5":"d8d1e13827dc87f6100336078710709d","sha1":"25fb8bd9de5719662c3adf230687b31859b1119f","sha256":"fd90446e115fa6129edc97723acc74b4c6119d28c8df005e6505a2b11e8b1343","sha512":"3b3e15c13d881267365b8a726bcb8003d214d1ae993740d9bd074240ca9b89b292ed09fc4ed6d890383d76b098c96bf0ee382e615d7b4058b639d4760e6dd07c","ssdeep":"1536:UaJfcyI6+2ecnfIedWeOnCgw1EkWCziqRW4a4YYPqi1Pt2MYE1lDaHy7YYXYVtt5:xfTmG9pkrw6EfD97YYXYjtgMkCOsU1yz","tlshash":"8d73f7d9cebc2d69ab029729b1ce51e3632d63471505e599b4cca280cfed14e22f0f69","first_seen":"2024-08-20T12:42:55.872337Z","last_seen":"2024-08-20T12:42:55.872337Z","times_seen":1,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8435cabc5dad0b51/1704898851586/61c64a4cefd161873a4e94e8da7d029532381d43a6ca08ffe3a0e4b2221f1849/embkSM93FUcRVXr","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T15:00:53.180Z","timestamp":1704898853180,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/pat/8435cabc5dad0b51/1704898851586/61c64a4cefd161873a4e94e8da7d029532381d43a6ca08ffe3a0e4b2221f1849/embkSM93FUcRVXr HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wizji/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 Unauthorized\r\ndate: Wed, 10 Jan 2024 15:00:53 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nwww-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gYcZKTO_RYYc6TpTo2n0ClTI4HUOmygj_46DksiIfGEkAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApwk22dwqHyYFCoiCDfexgw4nOb343LANfDTXdD2Cc0JjPjJf1qZhGsXMZrW8Og8cXP1amfkgnHS6cWFMm9Px9acLHVI_On3-2XV9Iw7dGzEJnOMokFQBVVymhLE7WToU7pMYuYND5SstspRgZ46sG0xOUm1N1mD2wmTZjP0TobPtt-XgKvATA_YhncFgJRZKYygqf6SHeCptQeC1-XLMnQJaspb8HSn01ViIUVJTZDe1VlDFEaNvJPUUWCBeSGBE7TDrbejOkkbIqCRgpN_x7b_ASxabG3X79pJ8CKchClCwZf0bsT-Z6NaRSB4p_Z4sd2DG1EFi20Ndm5VhfhpBkwIDAQAB, max-age=20, PrivateToken challenge=AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIGHGSkzv0WGHOk6U6Np9ApUyOB1DpsoI_-Og5LIiHxhJABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyAcIyqXWj0XAym0z5V844rFA0WOzLVwj0uCwmVj6zC4qOH40oBiGHrMNMBnDyk95jvnBAuHeEs855e7nA4l4DPJ4jUWKZbua8BxGAzjn74A1BV81a52F1zvBPUm-VEJXPAPXQehXphSv51uR7HKtfcM5oaS33TGDSy-6xv0r84xjMuTBvwPgXGehxpi1MCGGE5yWkzKN5Zzllk7m6Nkiv6learV-Uz7tzaoPbdZkBk1bFXxm2q07jWavoBZ-JEuEJyjQ00PSTz2Zjpbct6AlR3eCS9sbmXtb5XxSs7JMsvoa8uojD7a5m2SEJIwaf8xKL6wtxkaPonUfvsLj4JoJZQIDAQAB, max-age=20\r\nserver: cloudflare\r\ncf-ray: 8435cac88cfe0b51-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":null,"data":{"size":1,"size_decoded":1,"mime_type":"text/plain; charset=UTF-8","magic":"very short file (no magic)","md5":"ff44570aca8241914870afbc310cdb85","sha1":"58668e7669fd564d99db5d581fcdb6a5618440b5","sha256":"6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5","sha512":"3c266c0035de59eab2a0dd31b3dcb4a9dd157b310289e5db9ab4f8c2fddb7433466d48f25da7ad735a1cb8f2935aa612ad1f62f0efcece3933ba9979082e2304","ssdeep":"","tlshash":"c700000000000003c00000300000003000000000000000000003000000000000000000","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:28:54.25713Z","times_seen":399742,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}