Report - fixit-gh.com/asdf/ZHVzdGluLm5vZWxAdWdsLmNvbQ==

Report Overview

Visited public
2023-11-20 21:18:06
Tags
phishing microsoft outlook
Submit Tags
URL
fixit-gh.com/asdf/ZHVzdGluLm5vZWxAdWdsLmNvbQ==
Finishing URL
fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ==
IP / ASN
192.185.121.225
#46606 UNIFIEDLAYER-AS-1
Title
OmJwfgKXr1ZLwDdo8uJ5jqLRV2O94ahHihzCuTLE6WR3T
Phishing - Microsoft Outlook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fixit-gh.com	unknown	2023-07-23	2023-07-24 17:14:54	2023-11-20 16:55:17	502 B	327 B	192.185.121.225
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-11-19 18:12:10	467 B	26 kB	151.101.129.229
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20 07:02:03	2023-11-19 21:12:47	435 B	13 kB	104.17.3.184
fydtc3zin9urq8g.kyxfgpywfa.ru	unknown	2023-11-14	2023-11-16 01:11:30	2023-11-20 03:58:23	8.0 kB	281 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6lsNE1Wu35R/jq-Tj97DNYmdDSMsaa4p10Ob9HRdcywE6T9A3kCB7a893lioHUaukb9IHfWHJXXILjewu6khYaYmVdfDFWe	ScriptElement	87 kB	2023-03-07	2025-07-15
Pretty URL fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6lsNE1Wu35R/jq-Tj97DNYmdDSMsaa4p10Ob9HRdcywE6T9A3kCB7a893lioHUaukb9IHfWHJXXILjewu6khYaYmVdfDFWe IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-07-15 10:48 Times Seen59314 Hash a46fb81762396b7bf2020774a2fb4d9e fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7 d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Loading...

	fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6yyocUy7H7j/sc-iEhs7IPkAEhgoeuBFiWxxOtQFDJKHTmlM6s1aZ2eSwHlUkvKqPfJoxHdiUN5dZgZ1STmyesXJZscT6xF	ScriptElement	32 kB	2023-11-20	2023-11-20
Pretty URL fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6yyocUy7H7j/sc-iEhs7IPkAEhgoeuBFiWxxOtQFDJKHTmlM6s1aZ2eSwHlUkvKqPfJoxHdiUN5dZgZ1STmyesXJZscT6xF IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 22:18 Last Seen2023-11-20 22:18 Times Seen1 Hash 1131850fec4181a48b05e606f34a6419 7c306f0744838388875090c87476b8f7623921d2 aa519046e89091089e065ec3dcf50626d2a1141568e51e9cdfba3c48613c89e9 Loading...

	unknown	ScriptElement	31 B	2023-10-19	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-19 19:11 Last Seen2024-08-21 04:06 Times Seen26506 Hash 3d1074fb6b65f4b9536871023e610d5a 4c714779bcd18078513b46b165790086ba8dccb0 b57f451d459d16b81d0fcacdb0c79d84f114df0ec897bcbff79d72addd7cf688 Loading...

	data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoInNDRVRiS1hmT3pNTkJFUCIpLmdldEF0dHJpYnV0ZSgiRlJJbnptdmpWRWdlQ2NTIikpKSkpO0RHZFlOaXNxcHJCaERPT0xZQkt1PSJ0UmxGY0dZV1RQWUNlYnoiOw==	ScriptElement	163 B	2024-08-20	2024-08-20
Pretty URL data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoInNDRVRiS1hmT3pNTkJFUCIpLmdldEF0dHJpYnV0ZSgiRlJJbnptdmpWRWdlQ2NTIikpKSkpO0RHZFlOaXNxcHJCaERPT0xZQkt1PSJ0UmxGY0dZV1RQWUNlYnoiOw== IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 18:35 Last Seen2024-08-20 18:35 Times Seen1 Hash ee46e80dc3649fed9e67c23e9c246775 db28c8b4ea9d990246f125ea53d46471f42c27a4 b49abecd296ba3193cf8ed82894c6bf3ce1f7852e3ea098f75cb0ee47584796e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-07-15 19:48
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-07-15 19:48 Times Seen416909 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

		Size	First Seen	Last Seen
	#1 Write - e0ec1781346a82e5f1c8ab67af0537bf	1.1 kB	2024-08-20 18:35	2024-08-20 18:35
Pretty Observations First Seen2024-08-20 18:35 Last Seen2024-08-20 18:35 Times Seen1 Hash e0ec1781346a82e5f1c8ab67af0537bf 6ee97060a4b57739e7855cdff196e2e4b6ee9cca ae990afe641457a8840a8c02e068bcfb21a1637cc416e495925398ab044f44ac Loading...

	#2 Write - 27c4da948858ee025e5b2ada0640e9dc	11 kB	2024-08-20 18:35	2024-08-20 18:35
Pretty Observations First Seen2024-08-20 18:35 Last Seen2024-08-20 18:35 Times Seen1 Hash 27c4da948858ee025e5b2ada0640e9dc 15e188338dc2992d10edd7022ac53080e896e97b 048e7af4f4f19662eea7df5e2f8c63458cbe38a771918b0668ab9867e741283a Loading...

	#3 Write - 6519cd564998e8fc4d089e15005de490	3.7 kB	2024-08-20 18:35	2024-08-20 18:35
Pretty Observations First Seen2024-08-20 18:35 Last Seen2024-08-20 18:35 Times Seen1 Hash 6519cd564998e8fc4d089e15005de490 43afbddcfc5c827edd7f8c73a3fc6fb23ba9f990 048e540c6d2057057002090bb2d73561d2b0f172636d743fc353ce6921995ed3 Loading...

	#4 Write - a27c88365ce7cd8f68390c4c024e29e1	3.6 kB	2023-11-07 13:07	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:07 Last Seen2024-08-20 20:33 Times Seen72071 Hash a27c88365ce7cd8f68390c4c024e29e1 1d15a8d192608f93096ef8d9aa623c360dbb7351 0ca2b3df8f04565300bafcd6c929a1d310d2a761ff9f8dda200f3f6cffab50ce Loading...

HTTP Transactions (14)

	URL	IP	Response	Size
	fixit-gh.com/asdf/ZHVzdGluLm5vZWxAdWdsLmNvbQ==	192.185.121.225		131 B
URL fixit-gh.com/asdf/ZHVzdGluLm5vZWxAdWdsLmNvbQ== IP 192.185.121.225:0 ASN #46606 UNIFIEDLAYER-AS-1 File type HTML document, ASCII text Size 131 B (131 bytes) Hash bf65a3062ff2169e7c27deeac412254e 2aadf117437a0073427ba9233e73e34f16630f10 e376b0dd7032946df1ccb52d0be0fac85c0a73ccc094917b624180a06c8a2c07 HTTP Headers `GET /asdf/ZHVzdGluLm5vZWxAdWdsLmNvbQ== HTTP/1.1 Host: fixit-gh.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip content-length: 131 content-type: text/html; charset=UTF-8 date: Mon, 20 Nov 2023 21:17:48 GMT server: Apache X-Firefox-Spdy: h2`

	cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css	151.101.129.229		25 kB
URL cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css IP 151.101.129.229:0 ASN #54113 FASTLY File type Unicode text, UTF-8 text, with very long lines (65306) Size 25 kB (25360 bytes) Hash abe91756d18b7cd60871a2f47c1e8192 7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b HTTP Headers `GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=31536000, s-maxage=31536000, immutable cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload content-type: text/css; charset=utf-8 x-jsd-version: 5.0.2 x-jsd-version-type: version etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0" content-encoding: br accept-ranges: bytes date: Mon, 20 Nov 2023 21:17:50 GMT age: 14038312 x-served-by: cache-fra-eddf8230097-FRA, cache-bma1662-BMA x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 25360 X-Firefox-Spdy: h2

	challenges.cloudflare.com/turnstile/v0/api.js	104.17.3.184		13 kB
URL challenges.cloudflare.com/turnstile/v0/api.js IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type data Size 13 kB (12961 bytes) Hash ea2bed9abfbbaab47a5857cef708ac45 2b0e28b59e8aabf6510275b9e5ee119b38614640 4d9004b75ab009a232936a32f36fd60db7885efbf0ea7b0877c9963e619e8246 HTTP Headers `GET /turnstile/v0/api.js HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Mon, 20 Nov 2023 21:17:50 GMT access-control-allow-origin: * location: /turnstile/v0/g/9914b343/api.js vary: accept-encoding cache-control: max-age=300, public server: cloudflare cf-ray: 8293b8d87a80569c-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6pL2nZE0UX1/bg-fzpPu0HBzhjtb08HAUqI4YLk8VV9yiz7tmb46NVqeFOmPBDBU35y45fH5Y7gybdr2znkPFp8DwnKKY6N	188.114.96.1	200 OK	16 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6pL2nZE0UX1/bg-fzpPu0HBzhjtb08HAUqI4YLk8VV9yiz7tmb46NVqeFOmPBDBU35y45fH5Y7gybdr2znkPFp8DwnKKY6N IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type Size 16 kB (16500 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /flga9/6pL2nZE0UX1/bg-fzpPu0HBzhjtb08HAUqI4YLk8VV9yiz7tmb46NVqeFOmPBDBU35y45fH5Y7gybdr2znkPFp8DwnKKY6N HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Cookie: PHPSESSID=1c530j2lesphimqq1qj2apb004 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 20 Nov 2023 21:17:55 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZHkdc6gtg8VsGM7qSEKIOnC6Rj1CznxHzKaQ3C%2BNj%2BgquUzm1p19ZWb39uG7eAu1Ejmalp1Su0rmlZt%2BMqGUXktVTxO%2FcCaEPtIEo0KuyGGjecw2iWzok9JGUvEyiifUCIFqeaWLdOzK7k3%2BrMv%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8293b8f50c265684-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6NCYue5CkLg/fi-CgZApSsaYcnbmXKeZ7Z9zEP5J9STMlo4f4s1AiYQnYASjf1JqEVkBgInF8MD4Z56ohCqWG1BaVQezj0q	188.114.96.1	200 OK	728 B
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6NCYue5CkLg/fi-CgZApSsaYcnbmXKeZ7Z9zEP5J9STMlo4f4s1AiYQnYASjf1JqEVkBgInF8MD4Z56ohCqWG1BaVQezj0q IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (814), with no line terminators Size 728 B (728 bytes) Hash 14a6c611d91fc0571470eee36a581c19 14723e07ea0b46cedf97d2df157ab214b78bdb10 ab566928ffd4e91c6e23fce86a354a8a96e2127053b4e544e36698fe484b9362 HTTP Headers GET /flga9/6NCYue5CkLg/fi-CgZApSsaYcnbmXKeZ7Z9zEP5J9STMlo4f4s1AiYQnYASjf1JqEVkBgInF8MD4Z56ohCqWG1BaVQezj0q HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Cookie: PHPSESSID=1c530j2lesphimqq1qj2apb004 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 20 Nov 2023 21:17:55 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TL%2B1L%2Fg81deat%2BlSyFa87RG1w0FyQXmxme5mKOAE5keUXe4O1Mv9IwgTNaNZ8b7g0hKz1NPZKAb%2FAirAu9dZPI4lk85OtVnpAbrhvgyQBJkxLFO8td7UAYxjzBX6%2F4B5VON5INcHKgmclUjMtrS5dA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8293b8f6ad915684-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6yyocUy7H7j/sc-iEhs7IPkAEhgoeuBFiWxxOtQFDJKHTmlM6s1aZ2eSwHlUkvKqPfJoxHdiUN5dZgZ1STmyesXJZscT6xF	188.114.96.1	200 OK	32 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6yyocUy7H7j/sc-iEhs7IPkAEhgoeuBFiWxxOtQFDJKHTmlM6s1aZ2eSwHlUkvKqPfJoxHdiUN5dZgZ1STmyesXJZscT6xF IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type ASCII text, with very long lines (9001), with CRLF line terminators Size 32 kB (31498 bytes) Hash 1131850fec4181a48b05e606f34a6419 7c306f0744838388875090c87476b8f7623921d2 aa519046e89091089e065ec3dcf50626d2a1141568e51e9cdfba3c48613c89e9 HTTP Headers GET /flga9/6yyocUy7H7j/sc-iEhs7IPkAEhgoeuBFiWxxOtQFDJKHTmlM6s1aZ2eSwHlUkvKqPfJoxHdiUN5dZgZ1STmyesXJZscT6xF HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Cookie: PHPSESSID=1c530j2lesphimqq1qj2apb004 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 20 Nov 2023 21:17:55 GMT content-type: text/javascript;charset=UTF-8 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOPYj3E3yPIUiTZdlDPZ4LWbXBoY%2BuM62YG1DqtZ8phwtFMwq05dcXnLXlP7RbTR9rCWQ5jPmNR9%2BeTt2vcaxgfTwYAoSkmwbDrvVWKgi2kuWwo38J9CyY%2FS%2BT6wyyr8S4PNBIN3p84PLIfDg5vreA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8293b8f31a385684-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6D9vsw1d5rd/si-G5ck7ccrcV3I08BUOtJJNS624NSQ48EUhv5tL44PUFMDKrsVEe7ThDz5lOcAqAyoRq6aJtVxUPZ1ylSq	188.114.96.1	200 OK	2.5 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6D9vsw1d5rd/si-G5ck7ccrcV3I08BUOtJJNS624NSQ48EUhv5tL44PUFMDKrsVEe7ThDz5lOcAqAyoRq6aJtVxUPZ1ylSq IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2507), with no line terminators Size 2.5 kB (2471 bytes) Hash 438433876b3689627f41f5a2f5df2d55 03f1c5ff97b94f031c9e7d6f76e6fac5ffef3b2a 7c1ed6c506cda1dad8cced7ec801246d26c559afe9b776b1f9697bad487254ec HTTP Headers GET /flga9/6D9vsw1d5rd/si-G5ck7ccrcV3I08BUOtJJNS624NSQ48EUhv5tL44PUFMDKrsVEe7ThDz5lOcAqAyoRq6aJtVxUPZ1ylSq HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Cookie: PHPSESSID=1c530j2lesphimqq1qj2apb004 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 20 Nov 2023 21:17:55 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bj5HDyirw6R7O%2FtqTJ99YegrtPZpEtyWR%2FGCe3NEM0c05%2F%2FDJlMlnqy%2BlxAaQAcsLH3DxRzsYyKmqYPqCM0DwG29Lm9pirX1AEH3gTXACPskLjNnB7bO9ap0u8F17XNp%2Bk5LBxDsudfGkDrYxtU6Ug%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8293b8f31a365684-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	POST fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/3G0YaBOGlXE8tzR4zcphOISBkw	188.114.96.1	200 OK	75 B
URL POST HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/3G0YaBOGlXE8tzR4zcphOISBkw IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type troff or preprocessor input, ASCII text, with no line terminators Size 75 B (75 bytes) Hash 1e5373540c2a2f5dc9ba2cbb88bbb1b8 200ea845bcf89387e783768c3dda1b8757e29c13 6043aaf237677965bbe0adb0f19ee71a46f11c59f992571118d879134fe06799 HTTP Headers POST /flga9/3G0YaBOGlXE8tzR4zcphOISBkw HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 34 Origin: https://fydtc3zin9urq8g.kyxfgpywfa.ru DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Cookie: PHPSESSID=1c530j2lesphimqq1qj2apb004 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 20 Nov 2023 21:17:55 GMT content-type: text/html; charset=UTF-8 access-control-allow-origin: * expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAsk7BM7gWasSeH7x4W2w58cGfh7%2FjP5Pv9C67GtqAxKDvhdLPqIbxXE19SBQzAj2ZOevoSOqc77BShV3QKt8Kn7KWFwtNba0hr%2Bf7elLT5JjqY5iaiXzp3%2Fuw1yakL4YTHhzxrRXWF6HoN4%2FmK0wQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8293b8f58c8e5684-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6lsNE1Wu35R/jq-Tj97DNYmdDSMsaa4p10Ob9HRdcywE6T9A3kCB7a893lioHUaukb9IHfWHJXXILjewu6khYaYmVdfDFWe	188.114.96.1	200 OK	87 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6lsNE1Wu35R/jq-Tj97DNYmdDSMsaa4p10Ob9HRdcywE6T9A3kCB7a893lioHUaukb9IHfWHJXXILjewu6khYaYmVdfDFWe IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type ASCII text, with very long lines (65450), with CRLF line terminators Size 87 kB (86927 bytes) Hash a46fb81762396b7bf2020774a2fb4d9e fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7 d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d HTTP Headers GET /flga9/6lsNE1Wu35R/jq-Tj97DNYmdDSMsaa4p10Ob9HRdcywE6T9A3kCB7a893lioHUaukb9IHfWHJXXILjewu6khYaYmVdfDFWe HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Cookie: PHPSESSID=1c530j2lesphimqq1qj2apb004 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 20 Nov 2023 21:17:55 GMT content-type: text/javascript;charset=UTF-8 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpFHO0Xcf7DVFh%2B3NWhlHCNvsd1gzkQnI26W1DKT1%2BNyhWrbTQUxX%2Br9sSCxB0ukfmv8AzYoMziboSz2NLJGwVth5ntALbHAxtJht4R1%2BkVyLARRB1ZfOqdSPwtgXD%2FQ9w9bPHNAmrxoHd4CDaZ5Rg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8293b8f30a305684-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6tSkfrfqBVQ/lg-TWD1m3zDTYIRjd7zHafyKC5uxCeQf6CWZn7iRmgHDTDDnsM1PeGpZ6LC55fTDYE5zyu8JTnji1NwK486	188.114.96.1	200 OK	5.7 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6tSkfrfqBVQ/lg-TWD1m3zDTYIRjd7zHafyKC5uxCeQf6CWZn7iRmgHDTDDnsM1PeGpZ6LC55fTDYE5zyu8JTnji1NwK486 IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (5880), with no line terminators Size 5.7 kB (5747 bytes) Hash 30813bb748f23a75975fa2b52b34ddc4 72bcd9e070f8d51bec4e25f2acc76a0d23911c19 cd1841f138dc3e9a2878255cf794c8d9dc72c8f04e43a4bd799c69e4af909ccd HTTP Headers GET /flga9/6tSkfrfqBVQ/lg-TWD1m3zDTYIRjd7zHafyKC5uxCeQf6CWZn7iRmgHDTDDnsM1PeGpZ6LC55fTDYE5zyu8JTnji1NwK486 HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Cookie: PHPSESSID=1c530j2lesphimqq1qj2apb004 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 20 Nov 2023 21:17:55 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSHuwEJfvs23fUVZBXjX7Q2JvgI%2BG1DAm02GPQREtsVP1QHim1YqyW9%2Bnmvo8KyVQvgSKHrdCxWE%2F4yfhPB3QgT9AsQwsVZmcdYy06FwCnKD1tndqnbM5Z7iT1e12RjJqE908PhctfQ%2BZFdX15MFXA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8293b8f30a315684-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6SDf724XDdk/bg-9xA7D9zxOEPxbyRVZymSHxwPe6kqIE0SOTWpogOMPf6BijZoAmfETeCCvd4AwtGWhpv3gbDsaGje12kD	188.114.96.1	200 OK	16 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6SDf724XDdk/bg-9xA7D9zxOEPxbyRVZymSHxwPe6kqIE0SOTWpogOMPf6BijZoAmfETeCCvd4AwtGWhpv3gbDsaGje12kD IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type Size 16 kB (16500 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /flga9/6SDf724XDdk/bg-9xA7D9zxOEPxbyRVZymSHxwPe6kqIE0SOTWpogOMPf6BijZoAmfETeCCvd4AwtGWhpv3gbDsaGje12kD HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Cookie: PHPSESSID=1c530j2lesphimqq1qj2apb004 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 20 Nov 2023 21:17:55 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFMQOCMxx0J6UDTopSbFAYRQOQ6ylz5%2BiFiIb8Nfk275JUH%2FRyKIq7dkxFfzsbKLM%2B2c39Qo6W7hRHTZqra5HcLfCzGFB8qKTsdu92gVwAJW9zpRG%2F0MQ2TKSTEUuFUD46wPXw3HhIX1DVfLBLkLkA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8293b8f50c2a5684-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6mFx3XLWVpC/st-2HWtkGxsHmFIDbxZGlOxLCEnZFUuefTJPIJZJyw5sIPi5l5UupjFUUdZimJQQL0oLrjQcFq1MAYhObu4	188.114.96.1	200 OK	97 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6mFx3XLWVpC/st-2HWtkGxsHmFIDbxZGlOxLCEnZFUuefTJPIJZJyw5sIPi5l5UupjFUUdZimJQQL0oLrjQcFq1MAYhObu4 IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 97 kB (96562 bytes) Hash 218d360be0606d518a52bd9ef894663d a30928fc4dbbc6f2a5a7e272f7b6b01c64f7a846 19cefc3f3ec199dc5701b63d9d5ebe55af815a352f97423f6cde41f71aecc547 HTTP Headers GET /flga9/6mFx3XLWVpC/st-2HWtkGxsHmFIDbxZGlOxLCEnZFUuefTJPIJZJyw5sIPi5l5UupjFUUdZimJQQL0oLrjQcFq1MAYhObu4 HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Cookie: PHPSESSID=1c530j2lesphimqq1qj2apb004 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 20 Nov 2023 21:17:55 GMT content-type: text/css;charset=UTF-8 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITEZjYqLhuMMmCVL7lwTnSsx8zhoVqy9JbPHNmAp70Sc15qmWQQHu3wa9qFxn6OBffqVNHK89nMYNPQAapVGL56BHUEoNjrpBM8YwpRfY3nJ%2Bne4tJRMUP7Bir3LnnA1b5lOwobqwQJkhEH2HSjq2g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8293b8f30a285684-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ==	188.114.96.1	200 OK	15 kB
URL User Request GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type ASCII text, with very long lines (15405), with no line terminators Size 15 kB (15405 bytes) Hash 4ed389a5ba8cdd4a7c27ce119ac04b9c f64cea1044459e7d7406e6f10da1761fd553d680 9254ab58d23b37711f41ace1b5809a26b1c0c3e72440f0b1229b4c015b6c4df1 HTTP Headers GET /flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/ Cookie: PHPSESSID=1c530j2lesphimqq1qj2apb004 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 20 Nov 2023 21:17:54 GMT content-type: text/html; charset=UTF-8 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVitj7uDJ2toOkWcOZZw%2FfpuvTj34XS09b1Ggqw8XWNPX2iPIk1qB9tPIsMgcYdAk3WH1UVd4hQkKgdFPhXGPU61Ab4hNkeudeTydepq%2FE7INg59ej4tTYzw3GKaP1VHtXbEHFPo2%2FUzrbF5dkGnfA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8293b8f249835684-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6G6aErqzxtP/e-dxN7Z1aQIpQKNElDpC3m4SUN4FKGgZEhTW8mYppy1trPy1juV0vMA8WXn3wHqG1926CxZCKqzsYuwV8S	188.114.96.1	200 OK	1.2 kB
URL GET HTTP/3 fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/6G6aErqzxtP/e-dxN7Z1aQIpQKNElDpC3m4SUN4FKGgZEhTW8mYppy1trPy1juV0vMA8WXn3wHqG1926CxZCKqzsYuwV8S IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Certificate IssuerLet's Encrypt Subjectkyxfgpywfa.ru FingerprintC6:4A:69:0E:A3:07:F7:CC:EF:AD:8D:76:07:EA:F7:D9:6D:40:98:D0 ValidityTue, 14 Nov 2023 16:30:20 GMT - Mon, 12 Feb 2024 16:30:19 GMT File type HTML document, ASCII text, with very long lines (1223), with no line terminators Size 1.2 kB (1195 bytes) Hash 4a12250fa52a85d5342c8ab579bf225c 894f5d3bc7eaae0efcaff984240448bf6d459646 b4a92547faf88c4a3d5dcaa3229d4175cbc8ce4506b704b64efcee3b16016fba HTTP Headers GET /flga9/6G6aErqzxtP/e-dxN7Z1aQIpQKNElDpC3m4SUN4FKGgZEhTW8mYppy1trPy1juV0vMA8WXn3wHqG1926CxZCKqzsYuwV8S HTTP/1.1 Host: fydtc3zin9urq8g.kyxfgpywfa.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fydtc3zin9urq8g.kyxfgpywfa.ru/flga9/0MCXZo942lswwTvQFDHOxCxVrSUJjIkfryhX5Nqhkj3m5MQpTsBGTFTHcPxyzew9mMs4gqkyNvdw7giTPZwpMQJXrlS?id=ZHVzdGluLm5vZWxAdWdsLmNvbQ== Cookie: PHPSESSID=1c530j2lesphimqq1qj2apb004 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 20 Nov 2023 21:17:55 GMT content-type: image/svg+xml expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BW6e4YFVwvTuQPBLTR69c0ILg6q3%2BhGAjtSaAkFfaIFvpp1dtvsj3SSUk7y0Hd0aqvtm%2BNdjtF4IkYn7uXn7E5lkGRM46a90%2Frp83shGD56RarmQtf9ksKDag9rBoL7MesPizhfJCgyw%2BOFoLiST1w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8293b8f30a325684-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (14)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3