atacoff.com/new/auth/sf_rand_string_lowercase6/aGlzaGFtLmtoYW5AY29tZWQuY29t
200 OK 0 B URL User Request GET HTTP/2 atacoff.com/new/auth/sf_rand_string_lowercase6/aGlzaGFtLmtoYW5AY29tZWQuY29t
IP
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subjectatacoff.com
FingerprintE6:16:BA:08:FE:D3:A5:2E:7A:16:6A:A0:61:7D:7E:49:3F:D4:D0:58
ValiditySat, 03 Jun 2023 15:16:50 GMT - Fri, 01 Sep 2023 15:16:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /new/auth/sf_rand_string_lowercase6/aGlzaGFtLmtoYW5AY29tZWQuY29t HTTP/1.1
Host: atacoff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
refresh: 0;url=https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mhisham.khan@comed.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 09 Jun 2023 04:40:06 GMT
server: Apache
X-Firefox-Spdy: h2
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d46b1cfadcfb503
42 B URL wsbmbzp6dk64254fd9a9cc4.bgglux.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d46b1cfadcfb503
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d46b1cfadcfb503 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mhisham.khan@comed.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:06 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 30 May 2023 15:20:42 GMT
etag: "6476144a-2a"
server: cloudflare
cf-ray: 7d46b1d0dddfb511-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 09 Jun 2023 06:40:06 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
aadcdn.msauthimages.net/dbd5a2dd-vtebouzhtkrzaneg-9cfezjyukcwbvlnzusmyngb-gg/logintenantbranding/0/bannerlogo?ts=637961882644490280
200 OK 2.9 kB URL GET HTTP/2 aadcdn.msauthimages.net/dbd5a2dd-vtebouzhtkrzaneg-9cfezjyukcwbvlnzusmyngb-gg/logintenantbranding/0/bannerlogo?ts=637961882644490280
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D
ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT
File type PNG image data, 117 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 012f8fa72a5c8310b5c547508499d274
0699e91ec3a069ca18ddef664b9dacca4043fa7d
1b1d6b3aa4c55656a464055193765230a59cd2eaabfdec1800bf38ddcbb3b32c
GET /dbd5a2dd-vtebouzhtkrzaneg-9cfezjyukcwbvlnzusmyngb-gg/logintenantbranding/0/bannerlogo?ts=637961882644490280 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 16569
cache-control: public, max-age=86400
content-md5: AS+PpypcgxC1xUdQhJnSdA==
content-type: image/*
date: Fri, 09 Jun 2023 04:40:13 GMT
etag: 0x8DA7EF3C3667BC5
last-modified: Mon, 15 Aug 2022 19:24:24 GMT
server: ECAcc (ska/F69C)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 3d9812b0-501e-0110-1165-9af0ea000000
x-ms-version: 2009-09-19
content-length: 2917
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/325060489:1686283658:ra6AFL9o2VLHHx4hVuTc-MbvyGSpfAO4cxbMzVEVYHI/7d46b1e7d859b4eb/de1c61dea3b4c5d
366 kB URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/325060489:1686283658:ra6AFL9o2VLHHx4hVuTc-MbvyGSpfAO4cxbMzVEVYHI/7d46b1e7d859b4eb/de1c61dea3b4c5d
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 366 kB (366269 bytes)
Hash 5bd97c34e26b98ebb4c71d7dd7e7f00b
18a63c85b092a8b39458ccda767281cf3f71bdb0
89c023ac9b74cca067a0d203a1abed490d0b766b7bf8bdde72b2ce5cc3850b90
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/325060489:1686283658:ra6AFL9o2VLHHx4hVuTc-MbvyGSpfAO4cxbMzVEVYHI/7d46b1e7d859b4eb/de1c61dea3b4c5d HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t4edt/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: de1c61dea3b4c5d
Content-Length: 3026
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:10 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: wMlcjEaj0f0y4mgQh3vUvtXGXCiH5oBPZBtzD6mStCJiJyUvqSI+B4pGCo6S6QfdC7BnvMGQJh/gKzNE9UpmJtkj4P+cjp7No+RBi388bmdhgHErpm/FEMoUwOJTJv7v6ajb6RjV7sjNU/YeyYeQhIA+5Q7S67zXsUJWFkO0/5rh7sq+EB3ODISUHppxGvMZJMXjoqLsM4weYCGozon+aECoN91BA/4d4A4R+UGISCCWN6usOQvbrs4uVTeB4SmG8Es85LDWeuMwFQvmNfxDiTq2GK+aPb5rAsXkRi3b8SR3Gj6Ru/1O9jftGRtjLPjbjZMBNXa9fZP8SLXpM06lXCp1o1IHjeB3lVef8YGHQhHjZ1fD70HBR7HIUeVfIskF$dVIHcUGkYw6Ogkl8Xhen1g==
server: cloudflare
cf-ray: 7d46b1e9e9fab4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/favicon.ico
404 Not Found 1.2 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/favicon.ico
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1276), with no line terminators
Hash 24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
GET /favicon.ico HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 09 Jun 2023 04:40:13 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmVjzpuvjbltCYb4bh5aZLe60x9vB8t0JasWNRp15xUpOPYY%2B4sUgnHjeAtmNQwB2sElCRXf0CfKynxTZAIa0vPrRGqvGRCP2Uid6%2BcRT5B0y0zcItE%2FzKLwM959d4ENbkTQYH10AiIF4syC3xX06etgQT4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d46b1f8ec68b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/jq/429a63f7836d143b81d260280e0bb6656482ad2c80211
200 OK 86 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/jq/429a63f7836d143b81d260280e0bb6656482ad2c80211
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jq/429a63f7836d143b81d260280e0bb6656482ad2c80211 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:12 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 04:40:12 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSIuGY0P8VOG9iWM9NAJINy%2B5LYWJpcDBtglqJXVoYcPzaroL%2BDKp52XfXv9Gfa73eZwLze5Hgk8xKUMJsPQwC%2FO9yDXlULwKjbuFDr5Ogrs%2BwTVWJ2iozTVh5KVmmUqnmvVIq%2FtraHZsZk%2F%2BkldUrxMorg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1f71af5b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios/dist/axios.min.js
302 Found 32 kB URL GET HTTP/2 unpkg.com/axios/dist/axios.min.js
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 09 Jun 2023 04:40:12 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.4.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H2F78PK0NPTK05C57X1Y6GZ8-fra
cf-cache-status: HIT
age: 7
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d46b1f76eceb4f9-OSL
X-Firefox-Spdy: h2
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/api-as1f?email=hisham.khan@comed.com&data=logo
200 OK 168 B URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/api-as1f?email=hisham.khan@comed.com&data=logo
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash f635d2b653c72c49fce65a110ebfc59e
6869aa7cdeaae3caa18099c7d790b73aa2f00515
4fb1e0d430e9be61ec98deeda6b9624d2339182272fe25dc2bd0267ed68a5135
GET /api-as1f?email=hisham.khan@comed.com&data=logo HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:13 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSY%2BOItH%2BiDJAmY2r8Sbgkko%2B4XqBaRrueG%2F68C%2BCygvlLkdLiW3jsPAZX%2FfXmck6AcrAbeg3KbwMJ4YVRPpPJSQpynW%2FcsXT%2BGdzTThKIzShF6Liqvx%2FG98DS4cOdtNjWTUGpHUoWwNQIISyAXubM9SBB4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1f91c90b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/ASSETS/img/BIMG-6482ad2db38bd.css
200 OK 306 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/ASSETS/img/BIMG-6482ad2db38bd.css
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 306 kB (306493 bytes)
Hash 7d07c247e8dfd5bfaf9a7169b5c402bd
392cc7836ca5418f3e65cc67f5680b2a359399dc
345f500582fb5cfc20df5426c6b54bb0bcaa62eb0249a4a661dc9716a9edc006
GET /ASSETS/img/BIMG-6482ad2db38bd.css HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:13 GMT
content-type: image/png
content-length: 306493
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 04:40:13 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgiGx6%2FeTpgKxbzJyGcAPLIzStvzo9YxxrbWSRxGPjcJ%2FpDUiGnxEd73yTAzlWyGzFFvWGY66H7YRqbq98kKIyMNA7DBz9fsRam45Oq3zavkUNwR9Lbp3oYP7FW5sa5hQmbSPsK9b2VEZoL4LtHekf7JxY8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d46b1fe2901b511-OSL
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/boot/429a63f7836d143b81d260280e0bb6656482ad2c80213
200 OK 51 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/boot/429a63f7836d143b81d260280e0bb6656482ad2c80213
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type ASCII text, with very long lines (50758)
Hash 67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /boot/429a63f7836d143b81d260280e0bb6656482ad2c80213 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:12 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 04:40:12 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qp2ZZ%2BUuAZHs1eDU6XwB%2BcxwlWwMSV0%2FqD3k9ybrJbHh4Ji%2BkXBcEWhQLhKglq97LHaWhZyZf7yik2tqr3f3ATNDMMvRYZCvdE8ee7tZaPY7ZfeAf1nBHKvsokEtmKOvzGpZJuZZeNkKxfIBfiaS6jDw8C0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1f72af7b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/jm/429a63f7836d143b81d260280e0bb6656482ad2c80214
200 OK 6.1 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/jm/429a63f7836d143b81d260280e0bb6656482ad2c80214
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type ASCII text, with very long lines (6175), with no line terminators
Hash 0b3cd9bfcbe6444742df90b00f63efc3
0c978b0541c9659215908034b6299f78135c935c
2065edfabc7924bff8e65b4b4ade30bb341d70ab350518bfbad98e1d4f35266f
GET /jm/429a63f7836d143b81d260280e0bb6656482ad2c80214 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:12 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 04:40:12 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FJGEZR60I4hqpOmc5oBV2TZxfq1NdWTagcrac1cDdan9upBAMBVy0bh0psTNgEQ1QKG8x1dvQdKrVBMDQYzQuqMz1Z1msCokAXfF1V1aRz%2F8eeqqG48p6qxs1kPFstcCj42%2BwBjW2DmN%2FriVoukw95mm1g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1f72afab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/o/429a63f7836d143b81d260280e0bb6656482ad2cdeb4f
200 OK 3.7 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/o/429a63f7836d143b81d260280e0bb6656482ad2cdeb4f
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3695), with no line terminators
Hash d633a913e6f3b1f45774b9874dfc85e0
5ba1344048578062c93cfddfdf8458477eaca476
c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714
GET /o/429a63f7836d143b81d260280e0bb6656482ad2cdeb4f HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:13 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 04:40:12 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0WkQoSJVJeo8z12upucng3e%2FXSgDuFbAUdGi1Ybn7wpXIMfRh%2BTFAmLHDBvLKYxBuBLJy%2FBQjG1hKIP8Dze2pUBpyRX23WsCyabyCNohG1ccYJU1NkUCbC2%2F2uFR3GPwTBX3zufaY8YIZ8fIs2xbU9FM24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1f90c86b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mhisham.khan@comed.com
403 Forbidden 8.2 kB URL User Request GET HTTP/2 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mhisham.khan@comed.com
IP
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8324), with no line terminators
Hash 98840737b52cb31580c7b2b93c4e1b7c
34caea99b2d482dc73e23e7253b6839a84427e9f
74f38bde198ec322acfbb5fb97167b14b6bdddb175d364624b94c505dd073dd1
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /Mhisham.khan@comed.com HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 09 Jun 2023 04:40:06 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozb42wSIcxdUAPM93wqMHV11jnlX%2BlktRNlYFoRzvYNhoF0sR7pLPO9JN%2FqYEKoPLF7iKMBaBPtt%2F9Nt%2B7KBbjJVC8zfEt1sHFpSSyZdGJCjOtDcWDpvk8wa60IDL1DRmhTlq6%2Bo7xkCXA294u4UHQgKmz8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d46b1cfadcfb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/2
200 OK 38 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/2
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:12 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iuw1gnAqz9y%2FHJbVrzxDxQsVdAL1saHZ4NiETxmwXD%2F%2B27PloDRwtmHbjQDD1pimETvRUH2D%2F%2B0%2BlOKyjUgW89R2ddUFTCqIoKJJpPcI2nlovaqv6my2QqVYntuYeqXvtCCL5SiGDGe%2FmTz9KuZqSJaDwZE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1f89c2bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/e/429a63f7836d143b81d260280e0bb6656482ad2cdeb56
200 OK 513 B URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/e/429a63f7836d143b81d260280e0bb6656482ad2cdeb56
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (529), with no line terminators
Hash adc405f5fd089662209870ca5d2106f7
3a8b776df84bf251afc6ddd802cc5bbeddfb0e36
e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49
GET /e/429a63f7836d143b81d260280e0bb6656482ad2cdeb56 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:13 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 04:40:13 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5%2FLQlpNqafPiV8sZZM2lfdosi%2B6kAL81YYaxQ7XI1M9n9Q0T9KsrgaxM7Crgac0mhdGj%2FO3RR4KmT2ZXG0dqTbIQSmP2ItX0TU43EiFOauIAjTa3LAZwjb76WR7RtgXaipnVplB8ldrcd4WqmO8btUTW8c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1f90c88b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios@1.4.0/dist/axios.min.js
200 OK 32 kB URL GET HTTP/2 unpkg.com/axios@1.4.0/dist/axios.min.js
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (31803)
Hash 6470a918ba1fd4b8d0882df0269ddb82
97814fdab64aa7d1b30f082f9eb272d4b1ce18a2
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e
GET /axios@1.4.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 04:40:12 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7c62-l4FP2rZKp9GzDwgvnrJy1LHOGKI"
via: 1.1 fly.io
fly-request-id: 01GZP8TZEXW4PFCT61FHX2WRTS-fra
cf-cache-status: HIT
age: 2984704
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d46b1f78edbb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/api-as1f?email=hisham.khan@comed.com&data=background
200 OK 109 B URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/api-as1f?email=hisham.khan@comed.com&data=background
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6e19cf0d41be1dc4f6ce173b83297f07
d7033f40d9571c2bfb09f8d049cf492d8476cb1d
5af1640697752038c3f58e1aa8fbf9ef859d8c3a567a3c2bdb41a65b8cc40227
GET /api-as1f?email=hisham.khan@comed.com&data=background HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:13 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zH1YvRFppnl3E6wtc6%2BTNMukWh7LWrFaMpJ44hiiJ1Dyny2a99HfiJzN%2B4b8iIMdmvt4crFpi65EIBA0tJm0%2FipKUHvUSJSvcWo073QA21NcJFqjUUG5AjaM5EOxDjTQHzZqk7q%2FC6JBCZLR5VPjQrdpOA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1f91c92b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/ic/429a63f7836d143b81d260280e0bb6656482ad2cdeb10
200 OK 17 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/ic/429a63f7836d143b81d260280e0bb6656482ad2cdeb10
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ic/429a63f7836d143b81d260280e0bb6656482ad2cdeb10 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:13 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 04:40:13 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDc5uoJ8N4nD4GzQMno3TAFzsLFgBQFpQk%2BT5X88JO5MXuRfW9muz9mnuVVWsgchSOuc%2Fr3Lj0Rw9oJfNAN%2F0ECIMZmUznVLpNpU5UgVjmqGGfHOSgTjNlq1XrwzKHabTi%2F1%2FW69SQ0K3hTRRG4dyc4%2FhAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1fb1e3ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mhisham.khan@comed.com
302 Found 24 kB URL User Request POST HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mhisham.khan@comed.com
IP
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
POST /Mhisham.khan@comed.com HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mhisham.khan@comed.com?__cf_chl_tk=EHH53UKFfzkQB2z7VG6b4u9ASfEzfL1ivdOYpW8KfRI-1686285606-0-gaNycGzNDXs
Content-Type: application/x-www-form-urlencoded
Content-Length: 3617
Origin: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 09 Jun 2023 04:40:12 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
set-cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; path=/; expires=Sat, 08-Jun-24 04:40:12 GMT; domain=.bgglux.ru; HttpOnly; Secure; SameSite=None
PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSdA7AXK7WCKN7j%2BhrrzwbcpES06tdge2vgOlTj8putwJfQkED5deLVlMOeqUrNscNaojcVGdNTdjqw2OiIh1tM6gmlM5qksCFHVJuAFxxSuK3Cibg5ow4lHRloimoz78Y9hsxhV5GdSP5fTQvu8l%2F0Wyo8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1f3e856b511-OSL
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
200 OK 24 kB URL User Request GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
IP
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (22448)
Hash da9f562fc6b4cb121c0b7d12616a6273
987546db5214cc0913a086779303eaf8e9f6c5a0
f6cde013d50df0da0c4ed178f4887c9da765fa14fb26a7ebd8452de9ccab6a84
GET /beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/Mhisham.khan@comed.com?__cf_chl_tk=EHH53UKFfzkQB2z7VG6b4u9ASfEzfL1ivdOYpW8KfRI-1686285606-0-gaNycGzNDXs
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:12 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efWRYE4wvWW%2BLJZSmrvVMnRKaRtgRdIWovgFZT0LtnXer7GuQ5deq79j7QljUKtcTrrpRuvXgFcPXrMmWAbf4MIrhUsT0OlMrgRc5kdJz7qjPy5FAVdOHxVzLRxQVbR9by8Y7XQa05pxrYnWKsU%2BQwNPPr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1f62a42b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
wsbmbzp6dk64254fd9a9cc4.bgglux.ru/APP-9A6DQ9/429a63f7836d143b81d260280e0bb6656482ad2cdeb15
200 OK 105 kB URL GET HTTP/3 wsbmbzp6dk64254fd9a9cc4.bgglux.ru/APP-9A6DQ9/429a63f7836d143b81d260280e0bb6656482ad2cdeb15
IP
Requested by https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Certificate IssuerLet's Encrypt
Subjectbgglux.ru
Fingerprint38:DF:32:9B:4D:C0:E5:43:FC:45:61:84:42:22:8F:72:A5:89:50:8C
ValidityTue, 30 May 2023 12:31:47 GMT - Mon, 28 Aug 2023 12:31:46 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (105369 bytes)
Hash 8e6b0f88563f9c33f78bce65cf287df7
ef7765cd2a7d64ed27dd7344702597aff6f8c397
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a
GET /APP-9A6DQ9/429a63f7836d143b81d260280e0bb6656482ad2cdeb15 HTTP/1.1
Host: wsbmbzp6dk64254fd9a9cc4.bgglux.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wsbmbzp6dk64254fd9a9cc4.bgglux.ru/beebb091955c06fa68b3eb8afc0bae516482ad2c72ed7PASbeebb091955c06fa68b3eb8afc0bae516482ad2c72eda
Cookie: cf_clearance=SSqz3ALVkOvCCDzUxdSmGwQ.nAg8x763J4s1_mCWKIw-1686285606-0-160; PHPSESSID=a0cb15e79be9a2c3fea417dfe5b7e4a1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 04:40:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 16 Jun 2023 04:40:13 GMT
last-modified: Wed, 31 May 2023 02:31:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtKpBCzzJuhGR4SHTuEMQMZq9LbaeM%2BtJgPdQp4eNrXetoI4764zerzV4R0XwvlglwzrMTOVn1C06mqQGLB4Q05FQi1Ohn2hWknfkf7g1DvUbCiJVm1VdGaZhfKB78KZhXzrDi%2BHhkHRCcilFBqR1SiCGRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d46b1f92ca1b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
192.185.75.229
104.18.6.185