Report - fixit-gh.com/asdf/a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20=

Report Overview

Visited public
2023-11-21 07:43:53
Tags
phishing microsoft outlook
Submit Tags
URL
fixit-gh.com/asdf/a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20=
Finishing URL
fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20=
IP / ASN
192.185.121.225
#46606 UNIFIEDLAYER-AS-1
Title
2Jk99WzYrtG2LxN2XXqg831fgQHN4TNWuU9Z1AKoprXWS
Phishing - Microsoft Outlook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fydtc3zin9urq8g.kyxfgpywfa.ru	unknown	2023-11-14	2023-11-16 01:11:30	2023-11-20 03:58:23	8.1 kB	281 kB	188.114.96.1
fixit-gh.com	unknown	2023-07-23	2023-07-24 17:14:54	2023-11-20 16:55:17	514 B	335 B	192.185.121.225
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-11-21 05:09:09	467 B	26 kB	151.101.65.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/64ZYl4VRCoy/jq-3WDKWx0CHsceR6sRofwt7lErFdVyuVM1qkGHnvhqMSYU6TSxjUiOViQKbzUzD8Do5GxDYNUdfrUARFyA	ScriptElement	87 kB	2023-03-07	2025-07-06
Pretty URL fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/64ZYl4VRCoy/jq-3WDKWx0CHsceR6sRofwt7lErFdVyuVM1qkGHnvhqMSYU6TSxjUiOViQKbzUzD8Do5GxDYNUdfrUARFyA IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-07-06 06:32 Times Seen59261 Hash a46fb81762396b7bf2020774a2fb4d9e fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7 d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Loading...

	unknown	ScriptElement	31 B	2023-10-19	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-19 19:11 Last Seen2024-08-21 04:06 Times Seen26506 Hash 3d1074fb6b65f4b9536871023e610d5a 4c714779bcd18078513b46b165790086ba8dccb0 b57f451d459d16b81d0fcacdb0c79d84f114df0ec897bcbff79d72addd7cf688 Loading...

	data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoIkh5bmZKbFlLY1Z4cU5LWiIpLmdldEF0dHJpYnV0ZSgiTVl5alVJTXRBSEhmVWVZIikpKSkpO2xyS3ZVZHZoYmpleERzbHlaUE9wPSJPbUVrY0dkanhTQXBSVEUiOw==	ScriptElement	163 B	2024-08-20	2024-08-20
Pretty URL data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoIkh5bmZKbFlLY1Z4cU5LWiIpLmdldEF0dHJpYnV0ZSgiTVl5alVJTXRBSEhmVWVZIikpKSkpO2xyS3ZVZHZoYmpleERzbHlaUE9wPSJPbUVrY0dkanhTQXBSVEUiOw== IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 18:31 Last Seen2024-08-20 18:31 Times Seen1 Hash e7e6a18602381b18355db1d9fcf94cfd c7c69ce0c61e4d68a40a291a5d9a1f223692b2e9 9c712b5211ea16336ff4a730751d7679c3420625f4b5e2d31297aa06815f1d11 Loading...

	fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6b1fIefOJK3/sc-orHaeC8egXMEzk2mMSnPhWFrHf0wLi0VYGCAoRo9QhjQbOXtLz4ExtyIhgvRKgGWAT56wWUV837uqAGC	ScriptElement	32 kB	2023-11-21	2023-11-21
Pretty URL fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6b1fIefOJK3/sc-orHaeC8egXMEzk2mMSnPhWFrHf0wLi0VYGCAoRo9QhjQbOXtLz4ExtyIhgvRKgGWAT56wWUV837uqAGC IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 08:43 Last Seen2023-11-21 08:43 Times Seen1 Hash 542179be1c14ffcb2c20aad0abe13ecc 0837e154e0d26ecf903840f4f177bbc1717781d5 e3d161baa2fad22e6554a2573740f5c5abb6c89cdab34c716f953d7b8e9a6740 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-07-06 22:33
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-07-06 22:33 Times Seen402170 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

		Size	First Seen	Last Seen
	#1 Write - cc6672613743dc7a30c76e5c2b8266b8	3.7 kB	2024-08-20 18:31	2024-08-20 18:31
Pretty Observations First Seen2024-08-20 18:31 Last Seen2024-08-20 18:31 Times Seen1 Hash cc6672613743dc7a30c76e5c2b8266b8 7d4aa15e2e287525bc683800dab944433bf1f27c ea37a0994ad831cced214ac5be7f40345cfd7a00d36a0102c0904f81cdb1fb9d Loading...

	#2 Write - a27c88365ce7cd8f68390c4c024e29e1	3.6 kB	2023-11-07 13:07	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:07 Last Seen2024-08-20 20:33 Times Seen72071 Hash a27c88365ce7cd8f68390c4c024e29e1 1d15a8d192608f93096ef8d9aa623c360dbb7351 0ca2b3df8f04565300bafcd6c929a1d310d2a761ff9f8dda200f3f6cffab50ce Loading...

	#3 Write - 0a150c23c4dc772e236c089800b84a14	1.1 kB	2024-08-20 18:31	2024-08-20 18:31
Pretty Observations First Seen2024-08-20 18:31 Last Seen2024-08-20 18:31 Times Seen1 Hash 0a150c23c4dc772e236c089800b84a14 f66449e6ec35ec04cdc237fda804030701f8d144 789431c32b12b09d47f1b007188750f91e4c2dd8d037dc11b841ddb2f125f611 Loading...

	#4 Write - 47d1699c225872e3ebe43804315a571b	11 kB	2024-08-20 18:31	2024-08-20 18:31
Pretty Observations First Seen2024-08-20 18:31 Last Seen2024-08-20 18:31 Times Seen1 Hash 47d1699c225872e3ebe43804315a571b 2b5cd4c07098684a8e6653ed2cc165c46ced1d45 ece764c244fc73ce30df102108616e400d33551f934696c53e435ee524e83868 Loading...

HTTP Transactions (13)

	URL	IP	Response	Size
	fixit-gh.com/asdf/a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20=	192.185.121.225		139 B
URL fixit-gh.com/asdf/a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= IP 192.185.121.225:0 ASN #46606 UNIFIEDLAYER-AS-1 File type HTML document, ASCII text Size 139 B (139 bytes) Hash 56a7d5ac77ebf47f6183871cae1f477a 0c73d3aa234c25468983694fa9c3723686b3be43 74edf0f6383bcd62f1a46b5a5d628d706ecd86cdeb0ec3f2efdd47ec456c36c6 HTTP Headers `GET /asdf/a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= HTTP/1.1 Host: fixit-gh.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip content-length: 139 content-type: text/html; charset=UTF-8 date: Tue, 21 Nov 2023 07:43:35 GMT server: Apache X-Firefox-Spdy: h2`

	cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css	151.101.65.229		25 kB
URL cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css IP 151.101.65.229:0 ASN #54113 FASTLY File type Unicode text, UTF-8 text, with very long lines (65306) Size 25 kB (25360 bytes) Hash abe91756d18b7cd60871a2f47c1e8192 7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b HTTP Headers `GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=31536000, s-maxage=31536000, immutable cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload content-type: text/css; charset=utf-8 x-jsd-version: 5.0.2 x-jsd-version-type: version etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0" content-encoding: br accept-ranges: bytes date: Tue, 21 Nov 2023 07:43:37 GMT age: 14075859 x-served-by: cache-fra-eddf8230097-FRA, cache-bma1666-BMA x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 25360 X-Firefox-Spdy: h2

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6FBZhFCxvXf/lg-EehBx9eVpa6ETjjjQJPKUu1WtW3om5rUZkAJXYbCwJqSGJj9DpNRVEQ0NNjumKjPRhHHbKwwBDhWZpR2	188.114.96.1	200 OK	5.7 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6FBZhFCxvXf/lg-EehBx9eVpa6ETjjjQJPKUu1WtW3om5rUZkAJXYbCwJqSGJj9DpNRVEQ0NNjumKjPRhHHbKwwBDhWZpR2 IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (5880), with no line terminators Size 5.7 kB (5747 bytes) Hash a0f61597ace37acc0305ce1f9b0ad1f3 7513ad25c961cefc955dbbdd93340547b5e88e38 78e6be3839310884d616d66b852f0c26119bed33d2157655326763e6f5c6a887 HTTP Headers GET /flga9/6FBZhFCxvXf/lg-EehBx9eVpa6ETjjjQJPKUu1WtW3om5rUZkAJXYbCwJqSGJj9DpNRVEQ0NNjumKjPRhHHbKwwBDhWZpR2 HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Cookie: PHPSESSID=5tvm53ck57qg0i555cepafrnms Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 21 Nov 2023 07:43:42 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxsCRFjE641fGUqlLqC2dsYI4b9VKwlOxnMBKyUeaZ7IowLben6wIDiO0iBrNsEpsO%2Bt3Vevk2VcC4h9HeLJ7n%2FmGhC3bj0LcUZZQyB3cTkD%2BWDto53FZfkxO6E7NiwFZRASkl18xzeLo%2Bq%2F9RztOA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82974d9ff9261c06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6I00qZMuxUi/bg-4Qx0W4FcPRVC0pmwLXhnkxTkZsNwB5v6V9H9WMt8urf2zo6LckL0N9IyL7QDhyeIKfW8YU04WiyUKdBc	188.114.96.1	200 OK	16 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6I00qZMuxUi/bg-4Qx0W4FcPRVC0pmwLXhnkxTkZsNwB5v6V9H9WMt8urf2zo6LckL0N9IyL7QDhyeIKfW8YU04WiyUKdBc IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type Size 16 kB (16500 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /flga9/6I00qZMuxUi/bg-4Qx0W4FcPRVC0pmwLXhnkxTkZsNwB5v6V9H9WMt8urf2zo6LckL0N9IyL7QDhyeIKfW8YU04WiyUKdBc HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Cookie: PHPSESSID=5tvm53ck57qg0i555cepafrnms Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 21 Nov 2023 07:43:42 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2o%2BjWW9zgZFvOioLGuZr6RZ%2FCx%2BMhxZiwZIk7pkTVa%2BlEh%2FdxS8XLp7uZk6k%2FbhfhmgzqGP3FGKpfAvXVj5rIC%2FhVRKPc4ZSUs5dEpPRsxqDjxQXs%2B8n%2F0Ol8t37YQxyldBD3IbVpaHo5GfSCB43g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82974da229ff1c06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20=	188.114.96.1	200 OK	15 kB
URL User Request GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type ASCII text, with very long lines (15417), with no line terminators Size 15 kB (15417 bytes) Hash f92d3e361bd67a12b8c14ed38d2129ba fc2942d9abf994cf1fdaf75ba1cbbe7e80fd1110 d083db531351a1db88396ccc31cb801bc7a60d3428f07394eaa07553c49777cc HTTP Headers GET /flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/ Cookie: PHPSESSID=5tvm53ck57qg0i555cepafrnms Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 21 Nov 2023 07:43:42 GMT content-type: text/html; charset=UTF-8 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUARA%2B58baXic4cKYnQII1XsfrB1zZYkGYcj%2FiqDN3%2F1mXGyPNCZIr%2FjQn5G4kCqjaniPbYCdATjKu2AipaxhResrpXeNvNnT5dDN3alGfLeOZwyVdSW2v063066SjyCU%2FhswGn%2FoDy8nNKeWC1lpg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82974d9f38e41c06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6b1fIefOJK3/sc-orHaeC8egXMEzk2mMSnPhWFrHf0wLi0VYGCAoRo9QhjQbOXtLz4ExtyIhgvRKgGWAT56wWUV837uqAGC	188.114.96.1	200 OK	32 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6b1fIefOJK3/sc-orHaeC8egXMEzk2mMSnPhWFrHf0wLi0VYGCAoRo9QhjQbOXtLz4ExtyIhgvRKgGWAT56wWUV837uqAGC IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type ASCII text, with very long lines (9001), with CRLF line terminators Size 32 kB (31498 bytes) Hash 542179be1c14ffcb2c20aad0abe13ecc 0837e154e0d26ecf903840f4f177bbc1717781d5 e3d161baa2fad22e6554a2573740f5c5abb6c89cdab34c716f953d7b8e9a6740 HTTP Headers GET /flga9/6b1fIefOJK3/sc-orHaeC8egXMEzk2mMSnPhWFrHf0wLi0VYGCAoRo9QhjQbOXtLz4ExtyIhgvRKgGWAT56wWUV837uqAGC HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Cookie: PHPSESSID=5tvm53ck57qg0i555cepafrnms Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 21 Nov 2023 07:43:42 GMT content-type: text/javascript;charset=UTF-8 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13Ja8jHGvGWLGULXdt5QzdKhqkQwEbXCaNvxpzqiykWGub6niyIzoOjHTo9ETfUPLsIuJRQcdfmaN5BEhmDYKfso2zqLAEmMQej%2BVZtU1Fj91seu%2FBWXRSZA2i6PThN7QMlJPMHd6kdsoTSnLcx91A%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82974da019311c06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6yMudCRX8mc/si-KPF4H0c7pnu3cdSdwf9vyP1iY8z1QWfsssrQXTiweO9im4ipbIqb2GGi557E5h5ynYrzbyKHbZV16N0L	188.114.96.1	200 OK	2.5 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6yMudCRX8mc/si-KPF4H0c7pnu3cdSdwf9vyP1iY8z1QWfsssrQXTiweO9im4ipbIqb2GGi557E5h5ynYrzbyKHbZV16N0L IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2507), with no line terminators Size 2.5 kB (2471 bytes) Hash e83c7015cbfaae6e4c8a924251efc664 effbb437dc9e8add8fa03827e876d5f48287350b e93edc05da03fe774ebce23f1933f8fdcb52a3c850d501f8a2083b68b9152aaf HTTP Headers GET /flga9/6yMudCRX8mc/si-KPF4H0c7pnu3cdSdwf9vyP1iY8z1QWfsssrQXTiweO9im4ipbIqb2GGi557E5h5ynYrzbyKHbZV16N0L HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Cookie: PHPSESSID=5tvm53ck57qg0i555cepafrnms Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 21 Nov 2023 07:43:42 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnTFYgyd8NWGdcK2G0ilwW6YxxQQB2skbi2H8YVMDX%2F3Uk9uObkBWBog20NnZGpcasfMCnoG9nVhU%2BEiAQRC1%2FNuGw0bCdL40q9q6WMz5g%2FznAqqZ%2BnGPFFjjlJLes7%2Bh89co%2B1rjL2s5Y2k%2B66LZA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82974d9ff92c1c06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6jVKNqp5BmC/bg-LMuwbAyF9sCmtJTsSOh98n8AVOE82QChkDhzGgFajEib9Qgxgsslv7bzPpTo53VHkKe3hyZcUllS2VmP	188.114.96.1	200 OK	16 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6jVKNqp5BmC/bg-LMuwbAyF9sCmtJTsSOh98n8AVOE82QChkDhzGgFajEib9Qgxgsslv7bzPpTo53VHkKe3hyZcUllS2VmP IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type Size 16 kB (16500 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /flga9/6jVKNqp5BmC/bg-LMuwbAyF9sCmtJTsSOh98n8AVOE82QChkDhzGgFajEib9Qgxgsslv7bzPpTo53VHkKe3hyZcUllS2VmP HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Cookie: PHPSESSID=5tvm53ck57qg0i555cepafrnms Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 21 Nov 2023 07:43:42 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rb%2FeZEW94RQVL1jjGx96qqJxXM5bm759PziH2wz%2BepJ1ivH4MqalN5CCqzALUHn5uUe5vMXPV55ZQoY4XGD%2FRm1PeGkicyi1Kww6pzk5wdO3H6uUJi%2Be6feXEpry2ZtfjpnWc5FuoG2E79Uuf9dtmQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82974da229fe1c06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/630awCwWFNu/st-ZkMIgvzTZOcPhxzjGXq6enAgWTytyYOWEoZzGzZkHsebjTksokwtcIen00MfarhIG8sG7x1DPVujsCyr	188.114.96.1	200 OK	97 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/630awCwWFNu/st-ZkMIgvzTZOcPhxzjGXq6enAgWTytyYOWEoZzGzZkHsebjTksokwtcIen00MfarhIG8sG7x1DPVujsCyr IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 97 kB (96562 bytes) Hash f7656f29b14ae7c273bd235cf39b5ed9 37e37ab418da0fa6765116a5063693225956c27b 8009de5153c413352c0a3404f01cdf23841c6fcabb55dfec295a85701b827c86 HTTP Headers GET /flga9/630awCwWFNu/st-ZkMIgvzTZOcPhxzjGXq6enAgWTytyYOWEoZzGzZkHsebjTksokwtcIen00MfarhIG8sG7x1DPVujsCyr HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Cookie: PHPSESSID=5tvm53ck57qg0i555cepafrnms Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 21 Nov 2023 07:43:42 GMT content-type: text/css;charset=UTF-8 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucjfzDxr9jjbf851Djno6lgrCDnWyuFaeKNAy4et2KM%2FrOoybQ2%2B61UWjMlNYPdhYbRHNxDalrLMM8ssYMWYHGvkmQ7SdtTBLxfkwvvAObDaYY3BrLDUiER6SQzrUUBvWDBhwPRjcLt6PiElC7u7QQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82974d9ff9241c06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/64ZYl4VRCoy/jq-3WDKWx0CHsceR6sRofwt7lErFdVyuVM1qkGHnvhqMSYU6TSxjUiOViQKbzUzD8Do5GxDYNUdfrUARFyA	188.114.96.1	200 OK	87 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/64ZYl4VRCoy/jq-3WDKWx0CHsceR6sRofwt7lErFdVyuVM1qkGHnvhqMSYU6TSxjUiOViQKbzUzD8Do5GxDYNUdfrUARFyA IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type ASCII text, with very long lines (65450), with CRLF line terminators Size 87 kB (86927 bytes) Hash a46fb81762396b7bf2020774a2fb4d9e fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7 d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d HTTP Headers GET /flga9/64ZYl4VRCoy/jq-3WDKWx0CHsceR6sRofwt7lErFdVyuVM1qkGHnvhqMSYU6TSxjUiOViQKbzUzD8Do5GxDYNUdfrUARFyA HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Cookie: PHPSESSID=5tvm53ck57qg0i555cepafrnms Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 21 Nov 2023 07:43:42 GMT content-type: text/javascript;charset=UTF-8 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNy991le6OQzUwik%2BCAxV2QF3HJ8qwaJNb5suIxYztyslqdrHCtpVsHbkYR3fWezO5HW8WY23YHkmekayPKayu2zuPh780MqwgVSH1iELhS4SaVkGxrIswivO%2BJnK2P%2F1V9GDVueW5mk13%2F0nqIMlw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82974d9ff9251c06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6wzwAiy3P70/fi-1XLuLfoGxZFm59qraeiapzCuAPoXuJjxIlaKwCBwtUTexsMb4mon1v4giALiBumxcX4OeHoMUbqAyiiN	188.114.96.1	200 OK	728 B
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6wzwAiy3P70/fi-1XLuLfoGxZFm59qraeiapzCuAPoXuJjxIlaKwCBwtUTexsMb4mon1v4giALiBumxcX4OeHoMUbqAyiiN IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (814), with no line terminators Size 728 B (728 bytes) Hash 086106495fcedaca451c95ff0aa9dad6 1a3e8f50da1d4ded64927e870c8020f50d9450bc 8adba1235fd9b9ff4750ecea42ac5b9313a9645fd535966018a49299d660a5d0 HTTP Headers GET /flga9/6wzwAiy3P70/fi-1XLuLfoGxZFm59qraeiapzCuAPoXuJjxIlaKwCBwtUTexsMb4mon1v4giALiBumxcX4OeHoMUbqAyiiN HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Cookie: PHPSESSID=5tvm53ck57qg0i555cepafrnms Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 21 Nov 2023 07:43:43 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAWtGs8QczSuuKZHTLTD7kS3wJqMNCgIFVwtcwBiPsAe2%2FuK29PYXgcRwb%2Fa%2BBXiLxmWNbfRcs6AOo%2FTwY5hsdefjMQzvOKq0nRdTfGxg4MFVe3IxhscGjF%2FVVWbSciNddB0l6X6CdH64YpLS%2BWYEA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82974da36a9f1c06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6gohRNfUfvn/e-wpFceaowwsJZcWQdYWhpeeWj1ARu5dlm47uyq4DrDwUcnQ2W5IXHE9oYbZqCQWR7M0v2jcU7ucnRzWek	188.114.96.1	200 OK	1.2 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6gohRNfUfvn/e-wpFceaowwsJZcWQdYWhpeeWj1ARu5dlm47uyq4DrDwUcnQ2W5IXHE9oYbZqCQWR7M0v2jcU7ucnRzWek IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type HTML document, ASCII text, with very long lines (1223), with no line terminators Size 1.2 kB (1195 bytes) Hash 6a9d5b77594db25aab4f4542ade7fc18 57341ce45a68d063af42b4017460e6ab87f41aa0 a93759e6873eaba551832fcdf1024f078441bb410f4a96cf834ad429e3d99e8c HTTP Headers GET /flga9/6gohRNfUfvn/e-wpFceaowwsJZcWQdYWhpeeWj1ARu5dlm47uyq4DrDwUcnQ2W5IXHE9oYbZqCQWR7M0v2jcU7ucnRzWek HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Cookie: PHPSESSID=5tvm53ck57qg0i555cepafrnms Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 21 Nov 2023 07:43:42 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlmU5jnNpJpMVOKMRTysTmZexNsUoB7kHl2wo6ZI8KrWPVBLi%2BC5AK1uMiFcJnwBArFISqWW7Qv3fjIQLf%2BQA%2B0g46GwuDDTfUysP8qcERyfGirauoWIBeqDghRczhHDt2Dla0MhoXpKjTHPltzeOA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82974d9ff92b1c06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	POST fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/3D1HYIliLxivO6IiBwNf1JgKhV	188.114.96.1	200 OK	75 B
URL POST HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/3D1HYIliLxivO6IiBwNf1JgKhV IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type troff or preprocessor input, ASCII text, with no line terminators Size 75 B (75 bytes) Hash 1e5373540c2a2f5dc9ba2cbb88bbb1b8 200ea845bcf89387e783768c3dda1b8757e29c13 6043aaf237677965bbe0adb0f19ee71a46f11c59f992571118d879134fe06799 HTTP Headers POST /flga9/3D1HYIliLxivO6IiBwNf1JgKhV HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 44 Origin: https://fydtc3zin9urq8g.kyxfgpywfa.ru DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0Ij2KzUrEKTV1fgptKvhpMqQ6fa78zGuTpJnykQSn5Nm7PwBtvTX3nF6cCcALIucweM70hBEKxoV4iP7MmcBQeQhFJN?id=a3lhdy5reWFyQG15YW5tYXItYnJld2VyeS5jb20= Cookie: PHPSESSID=5tvm53ck57qg0i555cepafrnms Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 21 Nov 2023 07:43:43 GMT content-type: text/html; charset=UTF-8 access-control-allow-origin: * expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuYY5W8hf1WMQyCrh%2Bz0qMsqVzJ4BoL6uSEmMAwXMF5nha9rLqoNLJJXaghk5II5OYXYvds33ZjE5NLRDxQ9%2Bkh34lBR5VHa6rWIRbQvygj6sgP4VO3K5bMxblXiJOLwmj9HplWaBWpbRu%2BFddphfA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82974da27a131c06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (13)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash