plg.quicktime.top/0oiym4/YW5kcmV3Lm1jYW51bHR5QGxpbmtob3VzaW5nLm9yZy5hdQ==
192.185.100.11302 Found 0 B URL User Request GET HTTP/2 plg.quicktime.top/0oiym4/YW5kcmV3Lm1jYW51bHR5QGxpbmtob3VzaW5nLm9yZy5hdQ==
IP 192.185.100.11:443
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subject*.quicktime.top
Fingerprint85:B8:29:4F:C5:A8:2F:C2:2C:8E:4D:1E:55:34:B5:01:EE:2E:07:EE
ValidityTue, 30 May 2023 11:02:39 GMT - Mon, 28 Aug 2023 11:02:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /0oiym4/YW5kcmV3Lm1jYW51bHR5QGxpbmtob3VzaW5nLm9yZy5hdQ== HTTP/1.1
Host: plg.quicktime.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 01 Jun 2023 03:45:46 GMT
server: Apache
X-Firefox-Spdy: h2
yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au
188.114.97.1403 Forbidden 8.1 kB URL User Request GET HTTP/2 yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au
IP 188.114.97.1:443
Certificate IssuerLet's Encrypt
Subjectsweetlabds.com
FingerprintF1:3E:14:1A:9B:FD:76:CB:36:DF:5C:8E:37:65:97:98:23:33:5D:BE
ValidityThu, 18 May 2023 11:46:47 GMT - Wed, 16 Aug 2023 11:46:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3070), with CRLF, LF line terminators
Hash e82805845cacb9a6cddb17b6b302fe30
666edeee3a23faf9a46ff5be85acb825b8dc2417
3ff7ff67a0085fa8d808702f6394e03de6b6686afec520a905373f696ec7fe53
GET /Mandrew.mcanulty@linkhousing.org.au HTTP/1.1
Host: yxgksf.sweetlabds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 01 Jun 2023 03:45:46 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qr9cZssZxJuncGUxA3BVKFsX53Cc42NMeLRHqCn15XTfmg9GfFZyarNV7wuB2HsnZOGkjEYBVBrBzYJnxwW11SxocS8m0k%2Fxuca5gv4NXJKr2fgHBKSDriGufGRFc475H%2BR9rY%2Fdhk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d047738bc8bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
yxgksf.sweetlabds.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d0477399d9db51d
188.114.96.1200 OK 42 B URL GET HTTP/1.1 yxgksf.sweetlabds.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d0477399d9db51d
IP 188.114.96.1:80
Requested by http://yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d0477399d9db51d HTTP/1.1
Host: yxgksf.sweetlabds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 03:45:46 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 25 May 2023 08:39:03 GMT
ETag: "646f1ea7-2a"
Server: cloudflare
CF-RAY: 7d04773a8c00b529-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Thu, 01 Jun 2023 05:45:46 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
yxgksf.sweetlabds.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7d0477399d9db51d
188.114.96.1200 OK 54 kB URL GET HTTP/1.1 yxgksf.sweetlabds.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7d0477399d9db51d
IP 188.114.96.1:80
Requested by http://yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1513fe8bf4b4f2f619d1ea5607ceb8cf
f24304633aa7ad60f4fe77a2351491ea440b861e
6741b2d57b0dc789f45e9267ab4a36346f287b8833b598fb8d568ebbe1d1dc9f
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7d0477399d9db51d HTTP/1.1
Host: yxgksf.sweetlabds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au?__cf_chl_rt_tk=7BzjszeDIK1hmKr99VUTCLMuAGFsBIuSikskxS4XoV0-1685591146-0-gaNycGzNBrs
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 03:45:46 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7rfsygZ8JSas53lO9W7wOWVN0ZfsDLqAFpn5ZSprOohMVIM4AldRksFjE4yIqNd5wd14XY%2BqwZEAfD17xYbevMvTuAZ2I42T%2BU8w9PTZ%2BWa8oV4Rl9KD7J%2BxDOJXgHjLPdWaQR9wq8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d04773a8ce41c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
yxgksf.sweetlabds.com/favicon.ico
188.114.96.1403 Forbidden 3.6 kB URL GET HTTP/1.1 yxgksf.sweetlabds.com/favicon.ico
IP 188.114.96.1:80
Requested by http://yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1833), with CRLF, LF line terminators
Hash 1079a3c70ddf0f3a20dbd545d9dfe92d
1cb1c14879c78cb6cc5504ba532907d3af14d2cc
727a5db41263787588ca77025806b7c17492cc7c97db38ce02c51ff93af41967
GET /favicon.ico HTTP/1.1
Host: yxgksf.sweetlabds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au?__cf_chl_rt_tk=7BzjszeDIK1hmKr99VUTCLMuAGFsBIuSikskxS4XoV0-1685591146-0-gaNycGzNBrs
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 01 Jun 2023 03:45:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWjk4Dgzanjerig2Eezn0Oy5vQRGdOQK1FiMZD8a3NXgIYa1FYiybWT9sN1vodGr4yQDj9kdMmQeeNtKmxzno7M5QyZ%2Fl%2F0GAeBs%2B8PvzLOzD2egzS4nJQ9sNOLzp5%2BvfxVZsvLSE1U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d04773abcfd1c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
yxgksf.sweetlabds.com/cdn-cgi/challenge-platform/h/b/flow/ov1/435181889:1685589854:1WFYsfQH0QuNn8HQPfVahleaWFx2IAP8SCXaPFOSEsU/7d0477399d9db51d/834363bf822ca16
188.114.96.1200 OK 5.6 kB URL POST HTTP/1.1 yxgksf.sweetlabds.com/cdn-cgi/challenge-platform/h/b/flow/ov1/435181889:1685589854:1WFYsfQH0QuNn8HQPfVahleaWFx2IAP8SCXaPFOSEsU/7d0477399d9db51d/834363bf822ca16
IP 188.114.96.1:80
Requested by http://yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au
File type ASCII text, with very long lines (7440), with no line terminators
Hash 253b81294526afafcbd563e64fbd1163
bcb10f11017430c7d6875d82889b4047a04fe2b7
b8b592ce27c0e74dab8dbabfe9cd4965f8cecf06581733aab6c974a17b7a4109
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/435181889:1685589854:1WFYsfQH0QuNn8HQPfVahleaWFx2IAP8SCXaPFOSEsU/7d0477399d9db51d/834363bf822ca16 HTTP/1.1
Host: yxgksf.sweetlabds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au
Content-type: application/x-www-form-urlencoded
CF-Challenge: 834363bf822ca16
Content-Length: 1794
Origin: http://yxgksf.sweetlabds.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 03:45:46 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 6hAWSNyHkhU37GQJ/hYy4lzrUXMDZFSAInsuWQT1MgwkUuyHRZpd8DHdgVzBSyb8$SWCea7raxRijvuStYaRMDg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0auPQCeEmu8NprG5Tq2YZAw2Kpl7up%2BN0PzfD%2B1FM0HhLZpvNwXpVWXOfgU%2Fecu3DlYOIRcuwLW959IkJK5kENlhMfQbN2ReBxzUIRX4%2B1Vhmg70%2FmRrgxGWGDiIfvXrAukNHLZXBoI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d04773bac9cb529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qgkal/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
104.18.6.185200 OK 24 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qgkal/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP 104.18.6.185:443
Requested by http://yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10899)
Hash b27a54bd9c4a50be9e48552216c08482
128a1229561fde75220c945b4bc02681c3e03743
b4cd2e8b7f70c53800e974bd960a4ae14bd7b8f6356e55176bc6b3737bc6a403
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qgkal/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 03:45:46 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7d04773becca0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1492424171:1685590010:peq85eDCnJSpqnlaoylAbNpWest3a54XxUpaCpO5RSw/7d04773becca0b41/58da4ad1f6bc332
104.18.6.185200 OK 214 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1492424171:1685590010:peq85eDCnJSpqnlaoylAbNpWest3a54XxUpaCpO5RSw/7d04773becca0b41/58da4ad1f6bc332
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qgkal/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 214 kB (213960 bytes)
Hash e488c42e23af88c1e6d3356843a1318c
acfe8b2cb90562a33716cebd570eb3704acdf57f
40376cfadeb5328efeaabe7eb7b8acadfcece344289c71dcd88b53a8a20ac6c7
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1492424171:1685590010:peq85eDCnJSpqnlaoylAbNpWest3a54XxUpaCpO5RSw/7d04773becca0b41/58da4ad1f6bc332 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qgkal/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 58da4ad1f6bc332
Content-Length: 2816
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 03:45:47 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: IbSnVXSAzNMdZSup425PdSAzIYT/mMkuc7YfklHtmMwuujewMkm5HBhnJr7fvUP7sxOyVrfRlBZ1fOPlz54vVaGIQTkYTOosiDVadbnY+AXsNHDIT1OlquesIlj55FZJO6PPuu0JqW5Xeuf/HBAf3gq2kqfvDPUaw0/NK5Xq+4a4bMV7xm/yif+NGp5B5CqvC8I6XbX5Ts9tpTfat+h3LaX2ATrjnyXP3L2ZyhLf2SdX8hyesDnytJpGORfTJtv3q+C/ggwXVMss0f2EYUyosgH0iXTBaojiwvLkPvMGAgyChmTR3KY6QkzTw2iR9lQk9UiRcC2OuyjLw99idD8pbU/yFoGE6N9WpTqF7IndqHeMr1CTSl5UF8ICDoSFC6UCPKK9gvvuSbUOnXBGnqXZB4km36zGaHnigYm3/7WACdhgRHqrYkWKwukwUqd3Lk/KxD9nOjWpWSVfXpq06knV8A==$mn0K0/lJOpL4yUMgdYy3VA==
server: cloudflare
cf-ray: 7d04773d9d510b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7d04773becca0b41/1685591147144/rdr9Pq3lClDobSK
104.18.6.185200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7d04773becca0b41/1685591147144/rdr9Pq3lClDobSK
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qgkal/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type PNG image data, 34 x 33, 8-bit/color RGB, non-interlaced\012- data
Hash b2bbcd1889afd603d8f89fdcf6f803ea
0354f3c0583c79b48b9f7fe5426d318a15b5c3e2
73f6de335384b818f666aeb840951f4814ae2a9cbc2ed8cc72901e32ece16ac8
GET /cdn-cgi/challenge-platform/h/b/img/7d04773becca0b41/1685591147144/rdr9Pq3lClDobSK HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qgkal/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 03:45:47 GMT
content-type: image/png
server: cloudflare
cf-ray: 7d04773efdb40b41-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1492424171:1685590010:peq85eDCnJSpqnlaoylAbNpWest3a54XxUpaCpO5RSw/7d04773becca0b41/58da4ad1f6bc332
104.18.6.185200 OK 13 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1492424171:1685590010:peq85eDCnJSpqnlaoylAbNpWest3a54XxUpaCpO5RSw/7d04773becca0b41/58da4ad1f6bc332
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qgkal/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (13232), with no line terminators
Hash a0f964a0b4ee84292054c45c124b9e1c
0e64afd7edc288016d216aba870d0cb94c1c83bc
3cc5b5996af5f909f7a3a36ba9c6144c7f6501db16b8309d818799379adea6d4
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1492424171:1685590010:peq85eDCnJSpqnlaoylAbNpWest3a54XxUpaCpO5RSw/7d04773becca0b41/58da4ad1f6bc332 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qgkal/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 58da4ad1f6bc332
Content-Length: 18869
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 03:45:48 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: cpBne29pKbR4pxhEMhAqbndOGt3BBsUE/uh7lHcw+QeGgFlq/HPLgwcsyqXNEdP0$0K1yGb9EqNWOw/C21eTjPg==
server: cloudflare
cf-ray: 7d0477457fcd0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 16 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:443
Requested by http://yxgksf.sweetlabds.com/Mandrew.mcanulty@linkhousing.org.au
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (15748)
Hash 2a1262ba5cd32899831d483322a28dd7
3805876db8773ed5820043e1f39b0b6c049f61b2
2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0
GET /turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://yxgksf.sweetlabds.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 03:45:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d04773b3c5cb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d04773becca0b41
104.18.6.185200 OK 159 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d04773becca0b41
IP 104.18.6.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qgkal/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 159 kB (159360 bytes)
Hash 68d850e11701b3f6af2c576d2359fbf7
4d09a3e88b2f8290119b1b9721dc4ffb83b77ba1
eab5344cd96f3e8cd742fe6c63e17505a0e164d7da9285155b9c7a1d5d97ead8
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d04773becca0b41 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qgkal/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 03:45:46 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7d04773c6cf10b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400