{"report_id":"d165f971-c8b4-454c-9d29-2d6a2d1501f9","version":6,"status":"done","tags":["phishing","microsoft","outlook"],"date":"2023-11-21T06:24:04Z","url":{"schema":"http","addr":"carmelnewchurchschool.org/cache/OT6K7QvV/xernyoht/bV9ncnVzZUBmb3hpdHNvZnR3YXJlLmNvbQ==","fqdn":"carmelnewchurchschool.org","domain":"carmelnewchurchschool.org","tld":"org"},"ip":{"addr":"67.227.241.61","port":0,"asn":32244,"as":"LIQUIDWEB","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","fqdn":"cmalntl.com","domain":"cmalntl.com","tld":"com"},"title":"Sign in to your account"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T12:15:47Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"carmelnewchurchschool.org","ip":{"addr":"67.227.241.61","port":0,"asn":32244,"as":"LIQUIDWEB","country":"United States","country_code":"US"},"domain_registered":"2007-04-23","domain_rank":0,"first_seen":"2017-07-07 12:38:03","last_seen":"2023-11-20 05:40:05","alert_count":1,"request_count":1,"received_data":953,"sent_data":542,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cmalntl.com","ip":{"addr":"172.67.135.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-09-11","domain_rank":0,"first_seen":"2023-11-17 08:24:11","last_seen":"2023-11-20 03:56:24","alert_count":1,"request_count":2,"received_data":30223,"sent_data":2101,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msauthimages.net","ip":{"addr":"152.199.23.72","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"domain_registered":"2018-11-12","domain_rank":4795,"first_seen":"2019-08-14 20:34:06","last_seen":"2023-11-19 18:15:33","alert_count":0,"request_count":2,"received_data":49542,"sent_data":1078,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ajax.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":12905,"first_seen":"2013-08-16 11:51:31","last_seen":"2023-11-20 04:04:32","alert_count":0,"request_count":1,"received_data":32001,"sent_data":428,"comment":"","tags":null,"fingerprints":null},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":0,"first_seen":"2021-10-20 07:02:03","last_seen":"2023-11-19 21:12:47","alert_count":0,"request_count":3,"received_data":109140,"sent_data":1523,"comment":"","tags":null,"fingerprints":null},{"fqdn":"segy.xyz","ip":{"addr":"152.89.246.205","port":443,"asn":30823,"as":"combahton GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-05-04","domain_rank":0,"first_seen":"2021-05-06 22:04:40","last_seen":"2023-11-20 03:46:02","alert_count":0,"request_count":3,"received_data":23188,"sent_data":1561,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2015-04-17 22:46:33","last_seen":"2023-11-19 20:10:20","alert_count":0,"request_count":2,"received_data":57892,"sent_data":872,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msauth.net","ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":1421,"first_seen":"2018-11-19 11:50:03","last_seen":"2023-11-19 18:13:31","alert_count":0,"request_count":2,"received_data":22112,"sent_data":1006,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msftauth.net","ip":{"addr":"152.199.23.37","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":1455,"first_seen":"2018-11-19 11:50:32","last_seen":"2023-11-19 18:14:17","alert_count":0,"request_count":1,"received_data":17800,"sent_data":476,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6142a5f5c66e2c1be52ee9506a565962","sha1":"c3b39e8352efd1e0619b6dd62af8b2a917622868","sha256":"51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7","sha512":"3de194e4c8f32703cfee9e2a48230d21301e28a39beefb36dcb2b8df26b962b3a508e7fd8fe55aca2f619293e293cdf64459bf5d91526cbceda770396765d5e2","ssdeep":"768:3YpyCIUTKuBT1ytljuXeMDKLFn76p+B5nLZ73akHgMO4B4oq0HVi:30nKuBT1Yj7MDCKp","tlshash":"9ff229993187343187ee41e0207b67877339ba3ae58cc840d85bc97539bcd8ad137ba9","size":34254,"data":"","first_seen":"2023-11-07T13:44:12Z","last_seen":"2023-11-30T20:53:42Z","times_seen":32842,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-03T22:25:43.691683Z","times_seen":460916,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7281e62eeda88eb58b454f533de3ce3","sha1":"28fd6af70a9a4801ba06b6409e8347848317c7e6","sha256":"f565b9fc579a6e69c8ca86e025a8dd3e2efa59408025b0ce43e55d507592c51f","sha512":"912af6477ef77e37339c0ebe4ffed504b6ab64282f8d6b27854f4d50f97327403fdb4ebaf39ed7bd8f970e53c6c16062b9f8b175c97e3901b0131dbf5d5f4c94","ssdeep":"192:apByZB8wRzTuu2yUfncowK36fJo1D7Vu92jw40Z+:i0v8wRzTuu2DfncA3F5kqx0Z+","tlshash":"1dd1721ba65154cb134b193e257ee387d7b7cc6f241c8d02c66af4c516a8a23e8e3a71","size":6537,"data":"","first_seen":"2023-11-17T13:10:20Z","last_seen":"2024-08-20T19:07:04.369325Z","times_seen":400,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"be5bff88880fbdb55fe68b54d43871b0","sha1":"afb27e3f2a29c015eb673f913fa8a1691bfbaa59","sha256":"d21d19132bd52f766bd42269fdf795640059fe40600785c9ea48118db2adff92","sha512":"3e0f4e23e424a3090bb35b45f96936ba11b2b4eb3fa229ff2020b326a4e5e5d1f86b7ba92c1110c3923b5dcbcd53b57bb2372ffadac40696c3d54560dc0cd6de","ssdeep":"96:MTPOYMCjRYmIyuBWYZuZIbbT/VdUkcw3WXdW1upfocdJT2WzoWMeqG8UNEKEK/DK:UMCjRYmIyuBWYZmI3PSL8WSG828fyL4n","tlshash":"58f1e918f8e271d0a3437c7e735fe015e336aa2be0c48c58711d59b49f81a2ad8e65bd","size":7544,"data":"","first_seen":"2023-11-17T13:10:20Z","last_seen":"2024-08-20T19:07:04.369863Z","times_seen":573,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","fqdn":"cmalntl.com","domain":"cmalntl.com","tld":"com"},"ip":{"addr":"172.67.135.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-03T22:32:55.110019Z","times_seen":14604041,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":[{"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T22:31:54.429001Z","times_seen":693680,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"write":[{"md5":"ccef9706b7423862a602012a3105b55f","sha1":"a8a0a489e7aacc623490a4a2e65b602fca6680b8","sha256":"ad05347a1c8278218140289b1d1fc9c5b03aa98f91af2a517ea7bd30b7914b53","sha512":"33530b5ba6c381b6b6d66475185f0ed2edce0c7c9a93af20653735a52d11078ed44620d4912cecdcf024ac043fc47911ad3db92baea27208232801e038d9145b","ssdeep":"384:0/0v8wRzTuu2DfncA3F5kqx0ZEyxSAPA0y43Q:0MXqOZddoF1","tlshash":"db62c62265f0109b138384697979e74b9ba6cd2ba90cce42f36d9ac40fe7e57dc93134","size":15110,"data":"","first_seen":"2024-08-20T18:31:50.946995Z","last_seen":"2024-08-20T18:31:50.946995Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a27c88365ce7cd8f68390c4c024e29e1","sha1":"1d15a8d192608f93096ef8d9aa623c360dbb7351","sha256":"0ca2b3df8f04565300bafcd6c929a1d310d2a761ff9f8dda200f3f6cffab50ce","sha512":"1ce1d149845e13e3f312f848dcbd973d241a0815da5aa7202a2db68160a84a21e9585bc115a3020ffc995139a8a25f44c0f28f51e5f9a9099753708e937d6584","ssdeep":"","tlshash":"e671c264acf3509185cbd30cbbe0ed861be0b1a3919a5656bb4c874ec7857ec8957f02","size":3574,"data":"","first_seen":"2023-11-07T13:07:13Z","last_seen":"2024-08-20T20:33:21.268002Z","times_seen":72071,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"38e6363aa9956657daf7a1434e2ca4e9","sha1":"2e9948690320776f66210a42367d5809ce68866b","sha256":"d68fa27d29a8564b6bb8dd9d0c4eb1be0f55857df5d893e9b3ed600ff79c830a","sha512":"403d8aa98ac8952e7332f4963dd079cc48cda347a1b840c249b69b5143d71055e5fc0219b0662242fdae3d6428b2f8cb534fa17b25f7a1d9ed7c69e28033c75d","ssdeep":"384:D4Fee9VcR1dy3UycSuLJqdl5tIOhmkHUBu:D4Fee9VcR1dy3NcSuL4lffhmvc","tlshash":"8cd294482da051585673e33defeb0a4ce53a612346530d99bb9d11d24ff256cc987eb0","size":29729,"data":"","first_seen":"2023-11-17T13:10:20Z","last_seen":"2024-08-20T19:07:04.371782Z","times_seen":574,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"http","addr":"carmelnewchurchschool.org/cache/OT6K7QvV/xernyoht/bV9ncnVzZUBmb3hpdHNvZnR3YXJlLmNvbQ==","fqdn":"carmelnewchurchschool.org","domain":"carmelnewchurchschool.org","tld":"org"},"ip":{"addr":"67.227.241.61","port":0,"asn":32244,"as":"LIQUIDWEB","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-21T06:23:48.47669732Z","timestamp":1700547828476,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /cache/OT6K7QvV/xernyoht/bV9ncnVzZUBmb3hpdHNvZnR3YXJlLmNvbQ== HTTP/1.1\r\nHost: carmelnewchurchschool.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nrefresh: 0;url=https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com\r\ncache-control: max-age=0\r\nexpires: Tue, 21 Nov 2023 06:23:46 GMT\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=60\r\ncontent-length: 1\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Tue, 21 Nov 2023 06:23:46 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"eccbc87e4b5ce2fe28308fd9f2a7baf3","sha1":"77de68daecd823babbb58edb1c8e14d7106e83bb","sha256":"4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce","sha512":"3bafbf08882a2d10133093a1b8433f50563b93c14acd05b79028eb1d12799027241450980651994501423a66c276ae26c43b739bc65c4e16b10c3af6c202aebb","ssdeep":"","tlshash":"c700000000300000c0000030000000000000000000c000000000000000000000003000","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-05-03T06:08:54.378267Z","times_seen":25553,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:49.284Z","timestamp":1700547829284,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42","sha256":"9A:90:D4:1D:0C:D1:CA:9D:4D:19:37:44:C4:E6:E4:28:27:C0:F5:0A:9C:B4:56:89:C4:D1:8A:63:A7:01:28:54"}}},"request":{"raw":"GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31017\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Nov 2023 05:00:23 GMT\r\nexpires: Fri, 15 Nov 2024 05:00:23 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Wed, 10 Mar 2021 14:28:09 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 437004\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31017,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-03T22:25:43.691683Z","times_seen":460916,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":112,"dns":3,"connect":7,"send":0,"wait":9,"receive":8,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:49.279Z","timestamp":1700547829279,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 21 Nov 2023 06:23:47 GMT\r\nvary: accept-encoding\r\ncache-control: max-age=300, public\r\naccess-control-allow-origin: *\r\nlocation: /turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback\r\nserver: cloudflare\r\ncf-ray: 8296d8913f6f7128-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"data","md5":"41e5df5dedfa4a7221e6f0344832aeec","sha1":"477e4f555a05ee754b11a420780176bc6d2c243a","sha256":"364e80fa85a2feee7264077d6e7448502ef6057574dc71f29fe7cc9cc3c4e7de","sha512":"1c0b5ace4db8a398a104f631cf793301808ed202fe588bbf5fd46da93aec62b6fa03e7951b10c0020eeef534daf4a04d3a007168cbd6990bab82b0ef2467e7ec","ssdeep":"","tlshash":"62f0540f1f38b107e94e42cc2325e3ad9f063e601918a5803a3caa657fc51d9c30cc0c","first_seen":"2023-11-20T23:00:22Z","last_seen":"2023-11-21T14:18:53Z","times_seen":4,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":5,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","fqdn":"cmalntl.com","domain":"foxitsoftware.com","tld":"com"},"ip":{"addr":"172.67.135.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-21T06:23:48.744Z","timestamp":1700547828744,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmalntl.com","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Nov 2023 08:03:47 GMT","end":"Thu, 15 Feb 2024 08:03:46 GMT"},"fingerprint":{"sha1":"98:57:AE:56:75:30:2F:75:F8:C1:05:20:C5:12:7A:35:E6:DB:A0:A4","sha256":"D0:CD:75:E6:D8:72:47:90:58:BF:4E:4F:D7:FF:53:93:08:BB:5F:D9:11:39:C1:8B:72:83:A1:18:9D:06:B3:A6"}}},"request":{"raw":"GET /online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com HTTP/1.1\r\nHost: cmalntl.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Nov 2023 06:23:47 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 17 Nov 2023 10:35:44 GMT\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=8Y7wQFq2lZAcaJ1xmflZGtsLWfjolk%2BR4i19ZNJCR07waxGzRPSPIPI%2FKMVpNy3HjGy6iCj7AiD1YhZXyHFeKIYzVo5zc7RidymUuzNIv6tZ%2Bgy986v6kStJOGPMng%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8296d88dd908569a-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1745,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (362), with CRLF line terminators","md5":"845cd1a8146dade5e274d909c51db033","sha1":"0ddc7d4329f4cd5e47f8cde735d314034fe5da18","sha256":"8a8b7f5342488fd2d5ff4020866305122a1f90ea3ac229cbc3bcf5480be7b5d7","sha512":"68b1953c4bb9a80b413f3638c28590bceae9195b842644204b3b771d106f6358141fc646cd8e866eced3cc1db8bd11f88a8fbbfa3da771ffb1ad3e7b3d49104a","ssdeep":"","tlshash":"9c7166ad1c5260584733f7b95bbbe109ef26f6179104524934ec92a2bf72514c1a3fec","first_seen":"2023-11-17T14:41:40Z","last_seen":"2023-11-21T21:43:02Z","times_seen":81,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":1,"connect":2,"send":0,"wait":405,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"segy.xyz/cap.php","fqdn":"segy.xyz","domain":"segy.xyz","tld":"xyz"},"ip":{"addr":"152.89.246.205","port":443,"asn":30823,"as":"combahton GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:52.333Z","timestamp":1700547832333,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"segy.xyz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Nov 2023 07:19:49 GMT","end":"Sat, 03 Feb 2024 07:19:48 GMT"},"fingerprint":{"sha1":"6F:DF:90:EC:AE:D6:E0:13:C7:5C:47:EA:1A:C8:4F:0D:C0:F5:86:74","sha256":"4A:FA:5B:EB:F1:72:FA:3F:FF:46:D1:F5:12:5C:74:B9:23:E6:53:5C:C9:47:BD:A7:CF:EF:24:B9:8B:CE:E6:3E"}}},"request":{"raw":"POST /cap.php HTTP/1.1\r\nHost: segy.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nContent-Length: 647\r\nOrigin: https://cmalntl.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 21 Nov 2023 06:23:51 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6484,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON data\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (30973), with no line terminators","md5":"b66f5bbc46bbcff1bb76b3a8362c7de9","sha1":"ce1b6a1b4079220ca451dad480c9f79aa9fa80b8","sha256":"6103f0ce68cbfda93b60873c50931d776b75dabaf90b056cc96dd6883f341419","sha512":"e6af4ed9309ef4b2b1bbe35b170dd9eb2cf4b24bad5760e6b2efa93721390ae28b37a985570ff5864fe5f2cb38318f9b6050a942ad3661d96a13dfb136bc5098","ssdeep":"192:I48fOhGoFxxyIAMZzyssiG/Yi8E30s3+oYRFXSMeYxYnU3V1ciS7FRuJZZn/9mlj:4fOhyRuJk81r/Oj0q0l5tIOhmkHUBV","tlshash":"2bd2814c2c64b1789f42a12d6ffbc5ac923d70d758634e9abbcd5492d3c22acc686670","first_seen":"2023-11-17T13:10:20Z","last_seen":"2023-11-27T19:02:43Z","times_seen":561,"resource_available":false,"data":null}},"time_used":798,"timings":{"blocked":163,"dns":2,"connect":25,"send":0,"wait":470,"receive":1,"ssl":134},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:57.957Z","timestamp":1700547837957,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Nov 2023 06:23:52 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27938\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"603e8adc-15d9d\"\r\nlast-modified: Tue, 02 Mar 2021 18:58:36 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 2072388\r\nexpires: Sun, 10 Nov 2024 06:23:52 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=FGBpQu0yATePUBQd8LjdWgWSsrdqYRpwEWUEYYbr1a0xvFlVmBhojbfp5Zf89VFekFwOXXRrdlv%2Bq58k1bxKPfS47WX%2BkvywVnq4QcERhxR0%2BRjPWcfAjsOp7xm6jnAdYPsRlfsO\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 8296d8aecf6d56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27938,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-03T22:25:43.691683Z","times_seen":460916,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"segy.xyz/api/validate","fqdn":"segy.xyz","domain":"segy.xyz","tld":"xyz"},"ip":{"addr":"152.89.246.205","port":443,"asn":30823,"as":"combahton GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:56.179Z","timestamp":1700547836179,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"segy.xyz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Nov 2023 07:19:49 GMT","end":"Sat, 03 Feb 2024 07:19:48 GMT"},"fingerprint":{"sha1":"6F:DF:90:EC:AE:D6:E0:13:C7:5C:47:EA:1A:C8:4F:0D:C0:F5:86:74","sha256":"4A:FA:5B:EB:F1:72:FA:3F:FF:46:D1:F5:12:5C:74:B9:23:E6:53:5C:C9:47:BD:A7:CF:EF:24:B9:8B:CE:E6:3E"}}},"request":{"raw":"OPTIONS /api/validate HTTP/1.1\r\nHost: segy.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://cmalntl.com/\r\nOrigin: https://cmalntl.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.18.0 (Ubuntu)\r\nContent-Type: text/html; charset=UTF-8\r\nConnection: keep-alive\r\nCache-Control: no-cache, private\r\nDate: Tue, 21 Nov 2023 06:23:54 GMT\r\nAccess-Control-Allow-Origin: *\r\nVary: Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: content-type\r\nAccess-Control-Max-Age: 0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-03T22:32:55.110019Z","times_seen":14604041,"resource_available":true,"data":null}},"time_used":727,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":726,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"segy.xyz/api/validate","fqdn":"segy.xyz","domain":"segy.xyz","tld":"xyz"},"ip":{"addr":"152.89.246.205","port":443,"asn":30823,"as":"combahton GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:56.179Z","timestamp":1700547836179,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"segy.xyz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Nov 2023 07:19:49 GMT","end":"Sat, 03 Feb 2024 07:19:48 GMT"},"fingerprint":{"sha1":"6F:DF:90:EC:AE:D6:E0:13:C7:5C:47:EA:1A:C8:4F:0D:C0:F5:86:74","sha256":"4A:FA:5B:EB:F1:72:FA:3F:FF:46:D1:F5:12:5C:74:B9:23:E6:53:5C:C9:47:BD:A7:CF:EF:24:B9:8B:CE:E6:3E"}}},"request":{"raw":"POST /api/validate HTTP/1.1\r\nHost: segy.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 82\r\nOrigin: https://cmalntl.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, private\r\nDate: Tue, 21 Nov 2023 06:23:54 GMT\r\nX-RateLimit-Limit: 60\r\nX-RateLimit-Remaining: 58\r\nAccess-Control-Allow-Origin: *\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15787,"size_decoded":0,"mime_type":"application/json","magic":"JSON data\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (15787), with no line terminators","md5":"474345d16f2c822a256d267b53af6058","sha1":"71bc4fc4839d0547460646119e037ca94d4b3d7c","sha256":"18f24761f28287037ced1747abc29a5dadecbe908e7abcf5c4f80afc418c3892","sha512":"8c7c92d0dc33fcdb8e46c25c8be060e93ee5cebce5fd0dc8c0574883ab548101b8d750f8e5449d24d640d59839e40586872837dc5e8663476a48ebcd2fe2dc15","ssdeep":"192:Id8hByZB8wRzTuu2yUNpcoKg6fJo/X5Vu92jw9PZIY3TWGVGBpEVK/9icx:V0v8wRzTuu2DNpcyH/kqgZIY3KO4x","tlshash":"a462d8177590507a1743aaad383e676eaf97f819bd1ccd43f3ad94c4039a621cca7231","first_seen":"2023-11-21T07:24:05Z","last_seen":"2023-11-21T07:24:05Z","times_seen":1,"resource_available":false,"data":null}},"time_used":727,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":726,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:57.957Z","timestamp":1700547837957,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Nov 2023 06:23:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27938\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"603e8adc-15d9d\"\r\nlast-modified: Tue, 02 Mar 2021 18:58:36 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 2072392\r\nexpires: Sun, 10 Nov 2024 06:23:56 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=l6Pxc5hbMuwZxKiUOpq9BSX0W%2FtTx0SjH7UpBGdPFnBuVZPpC2S0LVKKQLos%2FBlgeJ3PE0VwKzeYHRhwYuISYjEVBQNIzWWeUy2MUrOucBaom7hr5DLqJfD2USoQ%2FQPXp%2Bqdcckr\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 8296d8c759da0b49-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27938,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-03T22:25:43.691683Z","times_seen":460916,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauthimages.net/dbd5a2dd-wjgpev-0avlwehjny3gtyoseee-izmspp5ttiwujrtg/logintenantbranding/0/bannerlogo?ts=637811263967931136","fqdn":"aadcdn.msauthimages.net","domain":"msauthimages.net","tld":"net"},"ip":{"addr":"152.199.23.72","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:57.960Z","timestamp":1700547837960,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msauthimages.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure TLS Issuing CA 02","organization":"Microsoft Corporation"},"validity":{"start":"Wed, 08 Mar 2023 11:16:34 GMT","end":"Sat, 02 Mar 2024 11:16:34 GMT"},"fingerprint":{"sha1":"6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D","sha256":"E5:FB:43:84:42:E5:D9:D8:29:91:B4:27:99:47:7F:D1:AD:4E:11:B8:F5:ED:1C:AB:BC:FB:75:9F:B0:41:53:98"}}},"request":{"raw":"GET /dbd5a2dd-wjgpev-0avlwehjny3gtyoseee-izmspp5ttiwujrtg/logintenantbranding/0/bannerlogo?ts=637811263967931136 HTTP/1.1\r\nHost: aadcdn.msauthimages.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding\r\nage: 12\r\ncache-control: public, max-age=86400\r\ncontent-md5: YJKdXhdy1Ui7l8XhlfyMJA==\r\ncontent-type: image/*\r\ndate: Tue, 21 Nov 2023 06:23:56 GMT\r\netag: 0x8D9F5F71E977F2F\r\nlast-modified: Tue, 22 Feb 2022 11:33:16 GMT\r\nserver: ECAcc (ska/F750)\r\nx-cache: HIT\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: 9bacb8ef-e01e-0014-0443-1c0b8d000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 8232\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8232,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 344 x 164, 8-bit/color RGBA, non-interlaced\\012- data","md5":"60929d5e1772d548bb97c5e195fc8c24","sha1":"925523842cfe5833e92d6ea0cbcbd85e759b4738","sha256":"a3aebaf40f7c57897e2287ffb79592b70799a863cfb11cd867732b8b32090958","sha512":"1cc7a7dc4cac5cf8147a781010978dce1a1b231e2366845aac406d16b56b8ada539c2ae98bd7f9fff622f9fad388e027ac2f89ad464203fadaf67c1b9b680a28","ssdeep":"","tlshash":"","first_seen":"2023-06-13T03:39:11Z","last_seen":"2023-11-23T09:43:53Z","times_seen":31,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":34,"dns":1,"connect":9,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:57.952Z","timestamp":1700547837952,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sun, 29 Oct 2023 00:00:00 GMT","end":"Tue, 29 Oct 2024 23:59:59 GMT"},"fingerprint":{"sha1":"88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C","sha256":"09:32:99:C8:74:C7:C3:CF:73:1C:DD:DA:92:7C:22:1B:DD:53:9C:51:21:D5:10:61:C4:4D:CC:52:56:13:C6:DC"}}},"request":{"raw":"GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cmalntl.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 19953\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\ncontent-md5: xg2DER+s52egaL6bUXi4hw==\r\nlast-modified: Mon, 18 Apr 2022 21:18:26 GMT\r\netag: 0x8DA2180FA29F5AF\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 48eb22be-401e-0007-6777-10e67d000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0xINJZQAAAAAJLsCNX+71QLRhef8mpNmyQU1TMDRFREdFMTkyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0/ExcZQAAAAAW3DDjl9x2SIkgrZbXbmQiU1ZHMjBFREdFMDYyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Tue, 21 Nov 2023 06:23:55 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19953,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (61177)","md5":"ce26137fc0d9b7d7a0d52ebe3a186512","sha1":"b9d7fb3fe7d08f46c2d1153bb47b13809375c663","sha256":"1304c5090f063c677a5b3720fe7b97ef4d9ea102e2bdd837ce399df6057fe385","sha512":"6a189c0858a150e6388648895b1950ef31284ea90795e4d45fd7e53f35aa364e49473367fd2142552a145cfc48ca89d8cb13b4f1b9039e050cf4e70026393e0a","ssdeep":"1536:QpHDgBvguhw+EViazA/PWrF7qvEAFiQcpmU4eCgzc6VUgs:xktA6VUf","tlshash":"d6b3c7906d243d269037c73571d1bd87a2111503e637aebbf6263db9cf8968b0b32e45","first_seen":"2023-04-06T20:12:23Z","last_seen":"2026-04-17T14:11:45.023642Z","times_seen":4178,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":59,"dns":5,"connect":11,"send":0,"wait":12,"receive":1,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:57.962Z","timestamp":1700547837962,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sun, 29 Oct 2023 00:00:00 GMT","end":"Tue, 29 Oct 2024 23:59:59 GMT"},"fingerprint":{"sha1":"88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C","sha256":"09:32:99:C8:74:C7:C3:CF:73:1C:DD:DA:92:7C:22:1B:DD:53:9C:51:21:D5:10:61:C4:4D:CC:52:56:13:C6:DC"}}},"request":{"raw":"GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 276\r\ncontent-type: image/svg+xml\r\ncontent-encoding: gzip\r\ncontent-md5: TjUQkZ0p0Y7rbj6LJofS9Q==\r\nlast-modified: Fri, 17 Jan 2020 19:28:34 GMT\r\netag: 0x8D79B8371B97A82\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 4d8ee911-101e-0036-6042-0fec6e000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0SpZJZQAAAAAmBLZXYFfTSIPxFEjCT7FDQU1TMDRFREdFMTkxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0/ExcZQAAAACHKeHPiqTgTqWZ0u/KH8evU1ZHMjBFREdFMDUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Tue, 21 Nov 2023 06:23:55 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":276,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (513), with no line terminators","md5":"a9cc2824ef3517b6c4160dcf8ff7d410","sha1":"8db9aebad84ca6e4225bfdd2458ff3821cc4f064","sha256":"34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58","sha512":"aa3ddab0a1cff9533f9a668aba4fb5e3d75ed9f8aff8a1caa4c29f9126d85ff4529e82712c0119d2e81035d1ce1cc491ff9473384d211317d4d00e0e234ad97f","ssdeep":"","tlshash":"29f0598a41c8fb142ce08050dff8ea28540270c3fb4e5008b1922b18e2ef383f6406f5","first_seen":"2023-04-19T20:10:52Z","last_seen":"2026-05-02T19:46:57.124178Z","times_seen":30341,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":50,"dns":2,"connect":14,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauthimages.net/dbd5a2dd-wjgpev-0avlwehjny3gtyoseee-izmspp5ttiwujrtg/logintenantbranding/0/illustration?ts=637811263963005306","fqdn":"aadcdn.msauthimages.net","domain":"msauthimages.net","tld":"net"},"ip":{"addr":"152.199.23.72","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:58.154Z","timestamp":1700547838154,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msauthimages.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure TLS Issuing CA 02","organization":"Microsoft Corporation"},"validity":{"start":"Wed, 08 Mar 2023 11:16:34 GMT","end":"Sat, 02 Mar 2024 11:16:34 GMT"},"fingerprint":{"sha1":"6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D","sha256":"E5:FB:43:84:42:E5:D9:D8:29:91:B4:27:99:47:7F:D1:AD:4E:11:B8:F5:ED:1C:AB:BC:FB:75:9F:B0:41:53:98"}}},"request":{"raw":"GET /dbd5a2dd-wjgpev-0avlwehjny3gtyoseee-izmspp5ttiwujrtg/logintenantbranding/0/illustration?ts=637811263963005306 HTTP/1.1\r\nHost: aadcdn.msauthimages.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding\r\nage: 12\r\ncache-control: public, max-age=86400\r\ncontent-md5: 4kj9cHPS90E512kcI6GJpg==\r\ncontent-type: image/*\r\ndate: Tue, 21 Nov 2023 06:23:56 GMT\r\netag: 0x8D9F5F71E554FB3\r\nlast-modified: Tue, 22 Feb 2022 11:33:16 GMT\r\nserver: ECAcc (ska/F73F)\r\nx-cache: HIT\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: f15aa579-501e-004c-6443-1cd3d2000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 40087\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40087,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 900 x 900, 8-bit/color RGB, non-interlaced\\012- data","md5":"e248fd7073d2f74139d7691c23a189a6","sha1":"bbe209e6bbc0a6f3ada9dfd4488aff3210e8ce7e","sha256":"5f38d1de513925ceffc4d271f144bd495cd7c809e586684187085139f5554422","sha512":"b1ac43e514ca76e814d7fc441bcd312daa814456172781e547eaedaadd8892835e012778b0dc51eb430436c0cea664b930b4c26c853036d6849f1d4e302ccc71","ssdeep":"","tlshash":"","first_seen":"2023-06-13T03:39:11Z","last_seen":"2024-08-21T07:00:24.712789Z","times_seen":32,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico","fqdn":"aadcdn.msftauth.net","domain":"msftauth.net","tld":"net"},"ip":{"addr":"152.199.23.37","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:58.148Z","timestamp":1700547838148,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msftauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 31 Jan 2023 00:00:00 GMT","end":"Wed, 31 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"99:06:D8:1E:EC:BF:DB:78:DF:F4:89:A3:ED:23:07:3D:79:F1:16:D6","sha256":"F7:B6:66:B3:86:91:AD:10:60:9A:D7:48:01:B8:27:C3:F4:47:7A:7C:B7:FF:C5:3F:77:26:B0:B3:08:24:D9:EE"}}},"request":{"raw":"GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1\r\nHost: aadcdn.msftauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding\r\nage: 15047328\r\ncache-control: public, max-age=31536000\r\ncontent-md5: EuPayFgGHQiAI7K9SOL6lg==\r\ncontent-type: image/x-icon\r\ndate: Tue, 21 Nov 2023 06:23:56 GMT\r\netag: 0x8D8731240E548EB\r\nlast-modified: Sun, 18 Oct 2020 03:02:30 GMT\r\nserver: ECAcc (ska/F738)\r\nx-cache: HIT\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: 003b7cc6-501e-0067-4768-9344ba000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 17174\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17174,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\\012- data","md5":"12e3dac858061d088023b2bd48e2fa96","sha1":"e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5","sha256":"90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21","sha512":"c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01","ssdeep":"24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO","tlshash":"b772e35b1f5f4981ec4b0db80b125e80c5e49c973854dffbdb76b62888b0364ab845eb","first_seen":"2023-04-05T03:19:57Z","last_seen":"2026-05-03T21:08:41.285264Z","times_seen":164446,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":1,"connect":7,"send":0,"wait":9,"receive":3,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmalntl.com/favicon.ico","fqdn":"cmalntl.com","domain":"cmalntl.com","tld":"com"},"ip":{"addr":"172.67.135.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:49.465Z","timestamp":1700547829465,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmalntl.com","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Nov 2023 08:03:47 GMT","end":"Thu, 15 Feb 2024 08:03:46 GMT"},"fingerprint":{"sha1":"98:57:AE:56:75:30:2F:75:F8:C1:05:20:C5:12:7A:35:E6:DB:A0:A4","sha256":"D0:CD:75:E6:D8:72:47:90:58:BF:4E:4F:D7:FF:53:93:08:BB:5F:D9:11:39:C1:8B:72:83:A1:18:9D:06:B3:A6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cmalntl.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 21 Nov 2023 06:23:47 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 11\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=hjKABoz2fGDtCgrW9DW%2FLwy5WLqi3d2j%2FTj9EEr%2FH%2F6QYPWF8Leu9KNzyRWTbSEGRw63lJoQo69KD4rmB919XvMILlkP6yoTHx5caV41gu14BydcXUVMkm3%2FLrCfBw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8296d8924b41569a-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":27242,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (611)","md5":"df3d48946e8d3f5a83608308edbb4b86","sha1":"47b9c40c97abf2658df96b1c06109324e15e1a00","sha256":"570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499","sha512":"36ec1cec72dc3245730c813277c645525473cc5232e85cd23503b8593d90264f335e61a16d364a1e6c41922820b40ba7c0f46b19f4b91db6a0cf5e31e778ddea","ssdeep":"384:6FamwIluB0sJQqCeSQup5szCUXAG0VVi82OgoKACZQQofNJXY3gW3:663Mp5If8WOmgW3","tlshash":"6bc292dc7bf968e4a5de43aaef2831a8320ba0fb17425904f51d12142f0655cec6f6ed","first_seen":"2023-04-05T17:41:51Z","last_seen":"2025-09-17T15:21:34.980882Z","times_seen":52648,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:49.303Z","timestamp":1700547829303,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cmalntl.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Nov 2023 06:23:47 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8296d8914f797128-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34254,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (34253)","md5":"6142a5f5c66e2c1be52ee9506a565962","sha1":"c3b39e8352efd1e0619b6dd62af8b2a917622868","sha256":"51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7","sha512":"3de194e4c8f32703cfee9e2a48230d21301e28a39beefb36dcb2b8df26b962b3a508e7fd8fe55aca2f619293e293cdf64459bf5d91526cbceda770396765d5e2","ssdeep":"768:3YpyCIUTKuBT1ytljuXeMDKLFn76p+B5nLZ73akHgMO4B4oq0HVi:30nKuBT1Yj7MDCKp","tlshash":"9ff229993187343187ee41e0207b67877339ba3ae58cc840d85bc97539bcd8ad137ba9","first_seen":"2023-11-07T13:44:12Z","last_seen":"2023-11-30T20:53:42Z","times_seen":32842,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yq1n5/0x4AAAAAAANQskp_jR40sjOq/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://cmalntl.com/online-microsoft_com-48736743377809387436457-microsoft_8476365435473648347765347346837493467354634576726326362456354653263726372635625327637_%D8%AD%D8%B5%20%D8%AD%D8%A8%D9%88%D8%A8%20%D8%A7%D9%84%D8%A3%D8%B1%D8%B2%20%D8%A7%D9%84%D8%AD%D8%A7%D9%85%D8%B6%D8%A9-rr%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7F%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD%D8%B1%D9%85%D8%A7%D8%B1%D8%AF%20%D8%A7%D9%84%D8%A8%D8%AD.html?s=m_gruse@foxitsoftware.com","date":"2023-11-21T06:23:49.477Z","timestamp":1700547829477,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yq1n5/0x4AAAAAAANQskp_jR40sjOq/auto/normal HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmalntl.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Nov 2023 06:23:47 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ncontent-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndocument-policy: js-profiling\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver: cloudflare\r\ncf-ray: 8296d8926b9a0b55-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":72883,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (40091)","md5":"a2ea19f91613a24f1476d751f3e88630","sha1":"8f726baf93549217f25b69e091a62239b1c9a6b4","sha256":"18ee965f0c072c2fbdba6ad89d94eb771151e701a8eb8ab44574ff127ec0b641","sha512":"1e4d49d803765fd5f202276fca32f1770779a29d3b89e01d4f56093f230ac7885666b987ced2ce5a020b01eb7db02d5204b60a9b60f34fd8578cd020a695d0ee","ssdeep":"1536:XaTfc9IJbBeceIedkeO5gwyc99Kh0afdU6/jPNXhzNmU77JuI15fJRjDbY1GvIjw:4foTV/Pws9/j1hd77Jv5fJRjDbYMvIjw","tlshash":"a263f6d98ebc7d29ab029a29b0ce51e3732d53471541e199b8dca180cfec04e26f1f79","first_seen":"2023-11-21T07:24:05Z","last_seen":"2023-11-21T07:24:05Z","times_seen":1,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":10,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}