selligenttier.naylorcampaigns.com/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYWdlaWQ9NjI0MTEyJmRhdGFiYXNlaWQ9NjI0MTEyJnNlcmlhbD0xNjgyODQwNyZlbWFpbGlkPVRpbUBFbGV2YXRlZGNnLmNvbSZ1c2VyaWQ9MjExMTg2JnRhcmdldGlkPSZtbj0mZmw9Jm12aWQ9JmV4dHJhPSYmJg==&&&9999&&&shumhoi.com/xml/rid/DvRIR/Y3ludGhpYS56YWdpZWJveWxvQG5tc3Mub3Jn
1.6 kB URL selligenttier.naylorcampaigns.com/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYWdlaWQ9NjI0MTEyJmRhdGFiYXNlaWQ9NjI0MTEyJnNlcmlhbD0xNjgyODQwNyZlbWFpbGlkPVRpbUBFbGV2YXRlZGNnLmNvbSZ1c2VyaWQ9MjExMTg2JnRhcmdldGlkPSZtbj0mZmw9Jm12aWQ9JmV4dHJhPSYmJg==&&&9999&&&shumhoi.com/xml/rid/DvRIR/Y3ludGhpYS56YWdpZWJveWxvQG5tc3Mub3Jn
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1626), with no line terminators
Hash f467c42c9fce01dddb9feaea4254f32d
ae188f9907607ed76fa18a78ef0dafdd6c53d8ac
f16c08fe730733df7d244b318e7c085c2a073a97cbc8eb2282f18d6ce0c8fb04
GET /track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYWdlaWQ9NjI0MTEyJmRhdGFiYXNlaWQ9NjI0MTEyJnNlcmlhbD0xNjgyODQwNyZlbWFpbGlkPVRpbUBFbGV2YXRlZGNnLmNvbSZ1c2VyaWQ9MjExMTg2JnRhcmdldGlkPSZtbj0mZmw9Jm12aWQ9JmV4dHJhPSYmJg==&&&9999&&&shumhoi.com/xml/rid/DvRIR/Y3ludGhpYS56YWdpZWJveWxvQG5tc3Mub3Jn HTTP/1.1
Host: selligenttier.naylorcampaigns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 19 Nov 2023 05:29:04 GMT
Server:
Cache-Control: no-cache, must-revalidate, max-age=0, no-store
Expires: -1
Pragma: no-cache
Content-Length: 1626
Connection: close
Content-Type: text/html;charset=ascii
shumhoi.com/xml/rid/DvRIR/Y3ludGhpYS56YWdpZWJveWxvQG5tc3Mub3Jn
200 OK 0 B URL User Request GET HTTP/1.1 shumhoi.com/xml/rid/DvRIR/Y3ludGhpYS56YWdpZWJveWxvQG5tc3Mub3Jn
IP
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subjectcpcalendars.shumhoi.com
Fingerprint75:53:C1:9D:F4:45:D9:5B:F0:70:34:B1:62:CF:F4:05:18:37:80:7E
ValidityWed, 15 Nov 2023 22:37:33 GMT - Tue, 13 Feb 2024 22:37:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /xml/rid/DvRIR/Y3ludGhpYS56YWdpZWJveWxvQG5tc3Mub3Jn HTTP/1.1
Host: shumhoi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 19 Nov 2023 05:29:03 GMT
Server: Apache
refresh: 0;url=https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
200 OK 73 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
Requested by https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (40091)
Hash 46e9bf3a9b46144c4be6cc1a7a262325
31601a14d069e71ccecb67d72ed8ef12b643cbef
098f2727ef2d289b41eea8ab9f2aba487c895b39e04c9477af2e4037fb0eab67
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 19 Nov 2023 05:29:06 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 82860db85a2e1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/82860db85a2e1c0e/1700371747013/3d2229e7cd8a1a2938a929be645d24b52a34125ff1aba8f861c83c590171d3f5/SlDfTuaDNrYCGfL
401 Unauthorized 1 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/82860db85a2e1c0e/1700371747013/3d2229e7cd8a1a2938a929be645d24b52a34125ff1aba8f861c83c590171d3f5/SlDfTuaDNrYCGfL
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type very short file (no magic)
Hash ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/82860db85a2e1c0e/1700371747013/3d2229e7cd8a1a2938a929be645d24b52a34125ff1aba8f861c83c590171d3f5/SlDfTuaDNrYCGfL HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Sun, 19 Nov 2023 05:29:07 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gPSIp582KGik4qSm-ZF0ktSo0El_xq6j4Ycg8WQFx0_UAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA2Vpu93cQGJ2LaZqutZBtBreQbl_on09bX3jUD1xgGHNU1bhZDG0Mis-M3E9MoLsj0SXQPrgtEEXCrSty2tCoCHs4hds4Th8FtYf6vr6jcGvhP-JPUCv7zhxe2WixKmBEuBMQPOEnZpPY5qGlclA0pn5z1YdkqVDVuPLDsqYDXAsntqJEXsVqxzOxbHOAWm7Unww5KwcId437A1PncomjAGLNf0sFUKCTQ0CULWIPIaOE__-uztyz5ahlObs2gAGcQwskwDCWAS3sN5mp3SCTpB4OPKwZ1DcVhhqHJrhvtP_8AgwwCgl9K4KqkgXop7P1oLjAeJ3eQhWNua7m5REZMwIDAQAB, max-age=20, PrivateToken challenge=AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tID0iKefNihopOKkpvmRdJLUqNBJf8auo-GHIPFkBcdP1ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyAcIyqXWj0XAym0z5V844rFA0WOzLVwj0uCwmVj6zC4qOH40oBiGHrMNMBnDyk95jvnBAuHeEs855e7nA4l4DPJ4jUWKZbua8BxGAzjn74A1BV81a52F1zvBPUm-VEJXPAPXQehXphSv51uR7HKtfcM5oaS33TGDSy-6xv0r84xjMuTBvwPgXGehxpi1MCGGE5yWkzKN5Zzllk7m6Nkiv6learV-Uz7tzaoPbdZkBk1bFXxm2q07jWavoBZ-JEuEJyjQ00PSTz2Zjpbct6AlR3eCS9sbmXtb5XxSs7JMsvoa8uojD7a5m2SEJIwaf8xKL6wtxkaPonUfvsLj4JoJZQIDAQAB, max-age=20
server: cloudflare
cf-ray: 82860dc04bc21c0e-OSL
alt-svc: h3=":443"; ma=86400
lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
403 Forbidden 6.6 kB URL User Request GET HTTP/2 lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
IP
Certificate IssuerGoogle Trust Services LLC
Subjectlok365.live
Fingerprint8E:A5:CC:5C:1A:8C:50:2D:00:73:0A:8E:08:A1:B0:DE:59:7D:99:C7
ValidityWed, 18 Oct 2023 15:55:42 GMT - Tue, 16 Jan 2024 15:55:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6661), with no line terminators
Hash 5ffc989f2d699f4d25ac4027e76a20f9
dd86fe2c36a2c9b534a28b7a95d7bc84f7a0437b
ea7ee9e8b5fede20178f9720fcdc6c71a2ad733427cce7f82df6865251554795
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /&qrc=?email=cynthia.zagieboylo@nmss.org HTTP/1.1
Host: lok365.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Sun, 19 Nov 2023 05:29:05 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZFJJjEtkwQEtJiN2zTpr123o8GSlKoLankWQ2wPEdifV7XAdfrmsA5IPtr2geHMi7ieUNVYdOF26Ff4ZdacjDbIDK63uxw6KTGchbXIVy1a1eB10SrmLYADxM89jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82860db3ed60712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
lok365.live/cdn-cgi/styles/challenges.css
200 OK 6.6 kB URL GET HTTP/3 lok365.live/cdn-cgi/styles/challenges.css
IP
Requested by https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
Certificate IssuerGoogle Trust Services LLC
Subjectlok365.live
Fingerprint8E:A5:CC:5C:1A:8C:50:2D:00:73:0A:8E:08:A1:B0:DE:59:7D:99:C7
ValidityWed, 18 Oct 2023 15:55:42 GMT - Tue, 16 Jan 2024 15:55:41 GMT
File type ASCII text, with very long lines (6608), with no line terminators
Hash f0fd80732479959c893cfd7380f594bd
04111102f46bc02c195561743b3f41b4d5a349ca
704e70fc0fd54cb83a1100d48093680b73e0d3c45a32dc326c38355185aaf37f
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: lok365.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 19 Nov 2023 05:29:06 GMT
content-type: text/css
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
etag: W/"65568fe4-19c8"
server: cloudflare
cf-ray: 82860db4f9b55689-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 19 Nov 2023 07:29:06 GMT
cache-control: max-age=7200, public
content-encoding: gzip
lok365.live/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82860db3ed60712a
200 OK 183 kB URL GET HTTP/3 lok365.live/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82860db3ed60712a
IP
Requested by https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
Certificate IssuerGoogle Trust Services LLC
Subjectlok365.live
Fingerprint8E:A5:CC:5C:1A:8C:50:2D:00:73:0A:8E:08:A1:B0:DE:59:7D:99:C7
ValidityWed, 18 Oct 2023 15:55:42 GMT - Tue, 16 Jan 2024 15:55:41 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 183 kB (182757 bytes)
Hash 7f8a1a8ccaab9fcecc58fa154a9b4acc
f3893caaa19176b8542d87ed5ac6049d985adc17
582fdb2bbcf3c57cbce8a1c5a0f76efed789ecffcddaf2cd3f00847ff2aa11ce
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82860db3ed60712a HTTP/1.1
Host: lok365.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org&__cf_chl_rt_tk=r.i3WovzOYQDHXgnAtq6HPi3hbpfdYtBtkkMTYYolSQ-1700371745-0-gaNycGzNDNA
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 19 Nov 2023 05:29:06 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb48bbls60GeTvKdrNUFaKVAyk1TR47wAfu4qN7qDzq9hOxz%2FltEa%2FqUAlJSCJd8ljpV%2F8EfBOWxDN4xyiUQgQrvHAZqy2HfmfNB3QZzBo4U1sUJwA4vuQoVP1uPFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82860db549d65689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit
200 OK 34 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit
IP
Requested by https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (34253)
Hash 6142a5f5c66e2c1be52ee9506a565962
c3b39e8352efd1e0619b6dd62af8b2a917622868
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
GET /turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lok365.live
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 19 Nov 2023 05:29:06 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 82860db7dab57127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
lok365.live/favicon.ico
403 Forbidden 5.5 kB IP
Requested by https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
Certificate IssuerGoogle Trust Services LLC
Subjectlok365.live
Fingerprint8E:A5:CC:5C:1A:8C:50:2D:00:73:0A:8E:08:A1:B0:DE:59:7D:99:C7
ValidityWed, 18 Oct 2023 15:55:42 GMT - Tue, 16 Jan 2024 15:55:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5517), with no line terminators
Hash f46652b7ee586ac9d901d8dd61217493
cbc48f34c070b98635beca0b115d04a04522b44b
6e5302326d778ebe3a92cd698d4f15f47775ad0eeed5e11b488c7019bd661aa8
GET /favicon.ico HTTP/1.1
Host: lok365.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Sun, 19 Nov 2023 05:29:06 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFgG1%2BLglcknymIF8TAH2BOWqaMSMILk0rAoYTNxMpcsM2yGDD7VeRJXXOIR06aIYPR%2BVhKaX0JOzVZ24M%2FQKITjVUA5Suf146yiJaiRDMr777KVSCVEUGtCVoBFuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82860db599fb5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82860db85a2e1c0e
200 OK 180 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82860db85a2e1c0e
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 180 kB (179672 bytes)
Hash eb1d77cf93bc398f0bcc753d0258bf2a
4f179d4adcb4470016507d00c7e884bd312dab0c
683d89836d3240cb2a45c900cdf63f868d792b72551add4fe147f330bb0eb37d
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82860db85a2e1c0e HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 19 Nov 2023 05:29:06 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 82860db92a481c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/82860db85a2e1c0e/1700371747012/S7oRU5N3bxOfNhe
200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/82860db85a2e1c0e/1700371747012/S7oRU5N3bxOfNhe
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 60 x 31, 8-bit/color RGB, non-interlaced\012- data
Hash efc572301226b0b4d0d37c7d7865d321
639665bfa4fa3937569e5eb5535533431af7b093
f4a2655c9489c923aac6777aed9d370d086502d226118ea129d2f2b7573d4a74
GET /cdn-cgi/challenge-platform/h/g/i/82860db85a2e1c0e/1700371747012/S7oRU5N3bxOfNhe HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 19 Nov 2023 05:29:07 GMT
content-type: image/png
server: cloudflare
cf-ray: 82860dbfdbb81c0e-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1318523074:1700368138:Q0-j9JakDLSlsjh11u72Wt49sfgkFzGqI-rTT2CptlM/82860db85a2e1c0e/13115455dc362c8
200 OK 18 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1318523074:1700368138:Q0-j9JakDLSlsjh11u72Wt49sfgkFzGqI-rTT2CptlM/82860db85a2e1c0e/13115455dc362c8
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (17792), with no line terminators
Hash 9d6e6c1acf500c601a7c636a93a81fb7
a1d4fc074948c06e474c1677ff638c2cbe5ae690
94f89ecf80aee375bcf54862ff1b5b03a74f153b23f7743f546140baa931b580
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1318523074:1700368138:Q0-j9JakDLSlsjh11u72Wt49sfgkFzGqI-rTT2CptlM/82860db85a2e1c0e/13115455dc362c8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 13115455dc362c8
Content-Length: 25567
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 19 Nov 2023 05:29:08 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: gDBIpiPyGxM6JOn3bdq16Vn7U/4J5TmbEpyF5GXfugXYAcs9pUzZbHvKYqKGwmSo$L+FiOycfp83n5Uik2wC1CQ==
server: cloudflare
cf-ray: 82860dc5dc5c1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
lok365.live/favicon.ico
403 Forbidden 5.5 kB IP
Requested by https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
Certificate IssuerGoogle Trust Services LLC
Subjectlok365.live
Fingerprint8E:A5:CC:5C:1A:8C:50:2D:00:73:0A:8E:08:A1:B0:DE:59:7D:99:C7
ValidityWed, 18 Oct 2023 15:55:42 GMT - Tue, 16 Jan 2024 15:55:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5517), with no line terminators
Hash 7ae3556e54a66397993e4d6d00baf8ad
dfb83f5de0a07382d008135c11ba01721bf7d6d2
94e22984dcd78c3cf3ebd33010ff40cca588a8142eeae9d2eec1156ff09036a7
GET /favicon.ico HTTP/1.1
Host: lok365.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Sun, 19 Nov 2023 05:29:06 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8PLWk7O4GZLk4j7ZHwlK2LaKKAyRPiKI0aMLCbYnnmUEBUV%2Be4DyV%2BYLF1XQSFiTPaafueBhu2Kk6%2Fim39zU4CNcLvXpzPHGfv0%2B14jCGazJFBX6FEKMM%2BFtAfYJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82860db60a095689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
lok365.live/cdn-cgi/challenge-platform/h/g/flow/ov1/1004985051:1700368150:FAj2W-0kBCDcShotkvAPyaSh9uHIALxMwzOIfln3flg/82860db3ed60712a/aa0dce823ea2de6
200 OK 13 kB URL POST HTTP/3 lok365.live/cdn-cgi/challenge-platform/h/g/flow/ov1/1004985051:1700368150:FAj2W-0kBCDcShotkvAPyaSh9uHIALxMwzOIfln3flg/82860db3ed60712a/aa0dce823ea2de6
IP
Requested by https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
Certificate IssuerGoogle Trust Services LLC
Subjectlok365.live
Fingerprint8E:A5:CC:5C:1A:8C:50:2D:00:73:0A:8E:08:A1:B0:DE:59:7D:99:C7
ValidityWed, 18 Oct 2023 15:55:42 GMT - Tue, 16 Jan 2024 15:55:41 GMT
File type ASCII text, with very long lines (12636), with no line terminators
Hash c6ca77c9fa1dfe9e0c8329035828e829
2d7f5559d76dd46e1be4ebac7e274016f12f8d91
bdea8435ff8130160c11734c24af82e155963c31846b377f63e213d94d2a258a
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1004985051:1700368150:FAj2W-0kBCDcShotkvAPyaSh9uHIALxMwzOIfln3flg/82860db3ed60712a/aa0dce823ea2de6 HTTP/1.1
Host: lok365.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lok365.live/&qrc=?email=cynthia.zagieboylo@nmss.org
Content-type: application/x-www-form-urlencoded
CF-Challenge: aa0dce823ea2de6
Content-Length: 1864
Origin: https://lok365.live
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 19 Nov 2023 05:29:06 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: xokAt0iGQtFrGX9TMPlvZJ1t+/yY8nxWpg+IrCtizLjb2wYlbeBPdCk1U2GN63MD$O6lDNNAQkA8SF/G0AEDSjw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlHcoWOA97Ptsk9cZATHde6HS8wmeYfLH2OVfg4ezmVJqAScWbvbqMXzKJYuLWSMUduACl6mt2ajemEVvs8ZhCG2aSWq5VwBOmqPwLwAooZnfNrEUSZ7A8oXPPfEeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82860db6ca485689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2%2BU%3D
200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2%2BU%3D
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Hash 9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2%2BU%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 19 Nov 2023 05:29:06 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 82860db92a471c0e-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1318523074:1700368138:Q0-j9JakDLSlsjh11u72Wt49sfgkFzGqI-rTT2CptlM/82860db85a2e1c0e/13115455dc362c8
200 OK 83 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1318523074:1700368138:Q0-j9JakDLSlsjh11u72Wt49sfgkFzGqI-rTT2CptlM/82860db85a2e1c0e/13115455dc362c8
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1d9ce310fa2c46134451950200eff26c
9dbbd168c2c4e892b25a0b946f9aa4d679bfb83d
3f97c2b766443342cb062c455efd4ca455f69f1120d6655ccdc80606ccb85272
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1318523074:1700368138:Q0-j9JakDLSlsjh11u72Wt49sfgkFzGqI-rTT2CptlM/82860db85a2e1c0e/13115455dc362c8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1ee9h/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 13115455dc362c8
Content-Length: 3151
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 19 Nov 2023 05:29:07 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: pJd2/v4lwbHT+HsPNvH4RGupr0oDwuYLiEgwTo2MBVKuCMlMTJbeOS9i8jz8tKvY5vuCOLdRS5OTQ8O3KYiK2lUXO0vtC1IJei7kCsZ+MjtlB0yEjCF5YcAVvV8YDMquBrPnrMoTHZCXJ9kesoF4vY1VekW8ehjcA5gnS/FkbKXWWIOKpc1RM9+8e9PvJP/tjCTLAySfZ0HFoVxv4Lk3WYgfcdRotuAekSNlRA88biq/UkPJmQNfOY1Ns6lQm5k03cQZZjgM1/WSm61lUPOeveYuSBu/Qc17UWTKR6rb327Ump5AIJ+TLpt1tS7KohUV2jGlCKnE+woC6uAzjWxry22gM/+TLElCLbY4qpQWG6Q=$8Ylen0DNluSynRonUbdfLg==
server: cloudflare
cf-ray: 82860dbaba7e1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
144.202.229.149
188.114.97.1
104.17.2.184